On Mon, Nov 21, 2016 at 6:56 PM, Jon McCune <jonmcc...@google.com> wrote: > On Mon, Nov 21, 2016 at 6:45 AM, Daniel Kiper <dki...@net-space.pl> wrote: >> >> On Fri, Nov 18, 2016 at 12:00:08PM +0000, Ignat Korchagin wrote: >> > Reposting this, as requested by Daniel and rebasing on current tree. >> > >> > Currently GRUB2 verify logic searches PGP keyid only in unhashed >> > subpackets of PGP signature packet. As a result, signatures generated with >> > GoLang openpgp package (https://godoc.org/golang.org/x/crypto/openpgp) >> > could >> > not be verified, because this package puts keyid in hashed subpackets and >> > GRUB code never initializes the keyid variable, therefore is not able to >> > find "verification key" with id 0x0. > > > I think it would be wise to include a brief argument citing the OpenPGP RFC > that this change is compliant. Compatibility with an existing implementation > is valuable, but let's make sure the appropriate code is being changed. (I > haven't looked carefully myself.) > > Thanks, > -Jon > >
This change is compliant with RFC 4880. According to p 5.2.3 only "Signature Creation Time" subpacket "MUST be present in the hashed area". All other subpacket types may be present either in hashed or unhashed areas. Currently, GRUB assumes, that the "Issuer" subpacket is in unhashed area (by default put there by gpg tool), but other PGP implementations like (https://godoc.org/golang.org/x/crypto/openpgp) may put it in the hashed area. _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel