Reviewed-By: Vladimir Serbinenko <phco...@gmail.com>
On Wed, Dec 18, 2024 at 5:59 PM Sudhakar Kuppusamy
<sudha...@linux.ibm.com> wrote:
>
> From: Daniel Axtens <d...@axtens.net>
>
> The way gcry_rsa and friends (the asymmetric ciphers) are loaded for the
> pgp module is a bit quirky.
>
> include/grub/crypto.h contains:
> extern struct gcry_pk_spec *grub_crypto_pk_rsa;
>
> commands/pgp.c contains the actual storage:
> struct gcry_pk_spec *grub_crypto_pk_rsa;
>
> And the module itself saves to the storage in pgp.c:
> GRUB_MOD_INIT(gcry_rsa)
> {
> grub_crypto_pk_rsa = &_gcry_pubkey_spec_rsa;
> }
>
> This is annoying: gcry_rsa now has a dependency on pgp!
>
> We want to be able to bring in gcry_rsa without bringing in PGP,
> so move the storage to crypto.c.
>
> Previously, gcry_rsa depended on pgp and mpi. Now it depends on
> crypto and mpi. As pgp depends on crypto, this doesn't add any new
> module dependencies using the PGP verfier.
>
> [FWIW, the story is different for the symmetric ciphers. cryptodisk
> and friends (zfs encryption etc) use grub_crypto_lookup_cipher_by_name()
> to get a cipher handle. That depends on grub_ciphers being populated
> by people calling grub_cipher_register. import_gcry.py ensures that the
> symmetric ciphers call it.]
>
> Signed-off-by: Daniel Axtens <d...@axtens.net>
> Signed-off-by: Sudhakar Kuppusamy <sudha...@linux.ibm.com>
> ---
> grub-core/commands/pgp.c | 4 ----
> grub-core/lib/crypto.c | 4 ++++
> 2 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/grub-core/commands/pgp.c b/grub-core/commands/pgp.c
> index b084dc9a2..a45c2213c 100644
> --- a/grub-core/commands/pgp.c
> +++ b/grub-core/commands/pgp.c
> @@ -147,10 +147,6 @@ const char *hashes[] = {
> [0x0b] = "sha224"
> };
>
> -struct gcry_pk_spec *grub_crypto_pk_dsa;
> -struct gcry_pk_spec *grub_crypto_pk_ecdsa;
> -struct gcry_pk_spec *grub_crypto_pk_rsa;
> -
> static int
> dsa_pad (gcry_mpi_t *hmpi, grub_uint8_t *hval,
> const gcry_md_spec_t *hash, struct grub_public_subkey *sk);
> diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
> index 396f76410..d53ddbe2c 100644
> --- a/grub-core/lib/crypto.c
> +++ b/grub-core/lib/crypto.c
> @@ -121,6 +121,10 @@ grub_md_unregister (gcry_md_spec_t *cipher)
> }
> }
>
> +struct gcry_pk_spec *grub_crypto_pk_dsa;
> +struct gcry_pk_spec *grub_crypto_pk_ecdsa;
> +struct gcry_pk_spec *grub_crypto_pk_rsa;
> +
> void
> grub_crypto_hash (const gcry_md_spec_t *hash, void *out, const void *in,
> grub_size_t inlen)
> --
> 2.43.5
>
>
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> https://lists.gnu.org/mailman/listinfo/grub-devel
--
Regards
Vladimir 'phcoder' Serbinenko
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
