Re: Signature verification in GRUB

[Geoffrey Thomas]

On Sat, 13 Oct 2012, Vladimir 'φ-coder/phcoder' Serbinenko wrote:

> > First, does GRUB has a mechanism for me to validate a digitally-signed
> > file of some sort? This could be e.g. a PGP-signed file or something
> > from `openssl dgst -sign`. I see that GRUB has all the relevant crypto
> > primitives to do this, but I can't find a command to invoke them. (As
> > far as I can tell, gcrypt is only used for PBKDF2 and cryptodisk support?)
>
> I have some code dating from about a year ago but because of my current
> personal situation it's put on hold for some time.

Do you have something I can start from that you could drop somewhere? I 
haven't begun implementing this yet, and I suspect that starting from your 
code would be helpful for getting this done faster and also doing it in a 
style compatible with upstream.

Also, a slightly more generic question -- what's a reasonable format here? 
I'm kind of surprised to find that openssl has no generic command to sign 
a file or verify it's signatures. I could use PGP, but we're already using 
SSL-style certificates for Authenticode, so I'd prefer not generate 
another key with a completely different format. That said, if more people 
will find PGP verification useful, I can implement that.

> Is there some doc on dm-verify? It may be interesting.

http://code.google.com/p/cryptsetup/wiki/DMVerity
is the official documentation.

Briefly, you generate a salted hash tree of each block (and in turn of the 
blocks containing the hashes) until you get a root hash. So with a trusted 
way to get the root hash, the original device, and a device/file 
containing the hashes, you can generate a new (read-only) device that 
validates hashes up to the root, and throws an IO error if the data has 
been tampered with.

The "veritysetup" command in sbin in recent cryptsetup versions can 
generate the hash tree and print out the root hash.

--
Geoffrey Thomas
address@hidden