> On 24 Jul 2025, at 2:25 PM, Gary Lin <g...@suse.com> wrote: > > On Wed, Jul 09, 2025 at 05:15:21PM +0530, Sudhakar Kuppusamy wrote: >> From: Daniel Axtens <d...@axtens.net> >> >> rsa_pad does the PKCS#1 v1.5 padding for the RSA signature scheme. >> We want to use it in other RSA signature verification applications. >> >> I considered and rejected putting it in lib/crypto.c. That file doesn't >> currently require any MPI functions, but rsa_pad does. That's not so >> much of a problem for the grub kernel and modules, but crypto.c also >> gets built into all the grub utilities. So - despite the utils not >> using any asymmetric ciphers - we would need to built the entire MPI >> infrastructure in to them. >> >> A better and simpler solution is just to spin rsa_pad out into its own >> PKCS#1 v1.5 module. >> > > The libgcrypt 1.11.0 patches were merged recently, and it seems not > necessary to factor out rsa_pad anymore. The verification can be done > with S-expression like this: > > _gcry_sexp_build (&s_sig, NULL, "(sig-val(rsa(s %M)))", si->sig_mpi); > _gcry_sexp_build (&s_data, NULL, "(data (flags pkcs1)(hash %s %b))", > si->hash->name, si->hash->mdlen, hash); > _gcry_sexp_build (&s_key, NULL, "(public-key(rsa(n%M)(e%M)))", cert->mpis[0], > cert->mpis[1]); > _gcry_pubkey_spec_rsa.verify (s_sig, s_data, s_key); > > Gary Lin
Hi Gary Lin, Thanks for pointing this out. Updated the patch to reflect this change on v5 (https://lists.gnu.org/archive/html/grub-devel/2025-07/msg00137.html). And also recently posted v6. Appreciate the heads-up! V6: https://lists.gnu.org/archive/html/grub-devel/2025-07/msg00255.html Thanks, Sudhakar > >> Signed-off-by: Daniel Axtens <d...@axtens.net> >> Signed-off-by: Sudhakar Kuppusamy <sudha...@linux.ibm.com> >> Reviewed-by: Stefan Berger <stef...@linux.ibm.com> >> Reviewed-by: Avnish Chouhan <avn...@linux.ibm.com> >> Reviewed-by: Daniel Kiper <daniel.ki...@oracle.com> >> --- >> grub-core/Makefile.core.def | 9 ++++++ >> grub-core/commands/pgp.c | 28 ++-------------- >> grub-core/lib/pkcs1_v15.c | 64 +++++++++++++++++++++++++++++++++++++ >> include/grub/pkcs1_v15.h | 27 ++++++++++++++++ >> 4 files changed, 102 insertions(+), 26 deletions(-) >> create mode 100644 grub-core/lib/pkcs1_v15.c >> create mode 100644 include/grub/pkcs1_v15.h >> >> diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def >> index 24e8c8437..f19071e22 100644 >> --- a/grub-core/Makefile.core.def >> +++ b/grub-core/Makefile.core.def >> @@ -2545,6 +2545,15 @@ module = { >> cppflags = '$(CPPFLAGS_GCRY)'; >> }; >> >> +module = { >> + name = pkcs1_v15; >> + common = lib/pkcs1_v15.c; >> + >> + cflags = '$(CFLAGS_GCRY) -Wno-redundant-decls -Wno-sign-compare'; >> + cppflags = '$(CPPFLAGS_GCRY)'; >> + depends = mpi; >> +}; >> + >> module = { >> name = all_video; >> common = lib/fake_module.c; >> diff --git a/grub-core/commands/pgp.c b/grub-core/commands/pgp.c >> index 5fadc33c4..c80f6cbad 100644 >> --- a/grub-core/commands/pgp.c >> +++ b/grub-core/commands/pgp.c >> @@ -24,6 +24,7 @@ >> #include <grub/file.h> >> #include <grub/command.h> >> #include <grub/crypto.h> >> +#include <grub/pkcs1_v15.h> >> #include <grub/i18n.h> >> #include <grub/gcrypt/gcrypt.h> >> #include <grub/pubkey.h> >> @@ -411,32 +412,7 @@ static int >> rsa_pad (gcry_mpi_t *hmpi, grub_uint8_t *hval, >> const gcry_md_spec_t *hash, struct grub_public_subkey *sk) >> { >> - grub_size_t tlen, emlen, fflen; >> - grub_uint8_t *em, *emptr; >> - unsigned nbits = gcry_mpi_get_nbits (sk->mpis[0]); >> - int ret; >> - tlen = hash->mdlen + hash->asnlen; >> - emlen = (nbits + 7) / 8; >> - if (emlen < tlen + 11) >> - return 1; >> - >> - em = grub_malloc (emlen); >> - if (!em) >> - return 1; >> - >> - em[0] = 0x00; >> - em[1] = 0x01; >> - fflen = emlen - tlen - 3; >> - for (emptr = em + 2; emptr < em + 2 + fflen; emptr++) >> - *emptr = 0xff; >> - *emptr++ = 0x00; >> - grub_memcpy (emptr, hash->asnoid, hash->asnlen); >> - emptr += hash->asnlen; >> - grub_memcpy (emptr, hval, hash->mdlen); >> - >> - ret = gcry_mpi_scan (hmpi, GCRYMPI_FMT_USG, em, emlen, 0); >> - grub_free (em); >> - return ret; >> + return grub_crypto_rsa_pad (hmpi, hval, hash, sk->mpis[0]); >> } >> >> struct grub_pubkey_context >> diff --git a/grub-core/lib/pkcs1_v15.c b/grub-core/lib/pkcs1_v15.c >> new file mode 100644 >> index 000000000..6680f8866 >> --- /dev/null >> +++ b/grub-core/lib/pkcs1_v15.c >> @@ -0,0 +1,64 @@ >> +/* >> + * GRUB -- GRand Unified Bootloader >> + * Copyright (C) 2013 Free Software Foundation, Inc. >> + * >> + * GRUB is free software: you can redistribute it and/or modify >> + * it under the terms of the GNU General Public License as published by >> + * the Free Software Foundation, either version 3 of the License, or >> + * (at your option) any later version. >> + * >> + * GRUB is distributed in the hope that it will be useful, >> + * but WITHOUT ANY WARRANTY; without even the implied warranty of >> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >> + * GNU General Public License for more details. >> + * >> + * You should have received a copy of the GNU General Public License >> + * along with GRUB. If not, see <http://www.gnu.org/licenses/>. >> + */ >> + >> +#include <grub/dl.h> >> +#include <grub/gcrypt/gcrypt.h> >> +#include <grub/pkcs1_v15.h> >> + >> +GRUB_MOD_LICENSE ("GPLv3+"); >> + >> +/* >> + * Given a hash value 'hval', of hash specification 'hash', perform >> + * the EMSA-PKCS1-v1_5 padding suitable for a key with modulus 'mod' >> + * (see RFC 8017 s 9.2) and place the result in 'hmpi'. >> + */ >> +gcry_err_code_t >> +grub_crypto_rsa_pad (gcry_mpi_t *hmpi, grub_uint8_t *hval, >> + const gcry_md_spec_t *hash, gcry_mpi_t mod) >> +{ >> + grub_size_t tlen, emlen, fflen; >> + grub_uint8_t *em, *emptr; >> + unsigned nbits = gcry_mpi_get_nbits (mod); >> + int ret; >> + >> + tlen = hash->mdlen + hash->asnlen; >> + emlen = (nbits + 7) / 8; >> + if (emlen < tlen + 11) >> + return GPG_ERR_TOO_SHORT; >> + >> + em = grub_malloc (emlen); >> + if (em == NULL) >> + return GPG_ERR_OUT_OF_MEMORY; >> + >> + em[0] = 0x00; >> + em[1] = 0x01; >> + fflen = emlen - tlen - 3; >> + >> + for (emptr = em + 2; emptr < em + 2 + fflen; emptr++) >> + *emptr = 0xff; >> + >> + *emptr++ = 0x00; >> + grub_memcpy (emptr, hash->asnoid, hash->asnlen); >> + emptr += hash->asnlen; >> + grub_memcpy (emptr, hval, hash->mdlen); >> + >> + ret = gcry_mpi_scan (hmpi, GCRYMPI_FMT_USG, em, emlen, 0); >> + grub_free (em); >> + >> + return ret; >> +} >> diff --git a/include/grub/pkcs1_v15.h b/include/grub/pkcs1_v15.h >> new file mode 100644 >> index 000000000..84452b0e3 >> --- /dev/null >> +++ b/include/grub/pkcs1_v15.h >> @@ -0,0 +1,27 @@ >> +/* >> + * GRUB -- GRand Unified Bootloader >> + * Copyright (C) 2013 Free Software Foundation, Inc. >> + * >> + * GRUB is free software: you can redistribute it and/or modify >> + * it under the terms of the GNU General Public License as published by >> + * the Free Software Foundation, either version 3 of the License, or >> + * (at your option) any later version. >> + * >> + * GRUB is distributed in the hope that it will be useful, >> + * but WITHOUT ANY WARRANTY; without even the implied warranty of >> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >> + * GNU General Public License for more details. >> + * >> + * You should have received a copy of the GNU General Public License >> + * along with GRUB. If not, see <http://www.gnu.org/licenses/>. >> + */ >> + >> +/* >> + * Given a hash value 'hval', of hash specification 'hash', perform >> + * the EMSA-PKCS1-v1_5 padding suitable for a key with modulus 'mod' >> + * (See RFC 8017 s 9.2). >> + */ >> +extern gcry_err_code_t >> +grub_crypto_rsa_pad (gcry_mpi_t *hmpi, grub_uint8_t *hval, >> + const gcry_md_spec_t *hash, gcry_mpi_t mod); >> + >> -- >> 2.39.5 (Apple Git-154) >> >> >> _______________________________________________ >> Grub-devel mailing list >> Grub-devel@gnu.org >> https://lists.gnu.org/mailman/listinfo/grub-devel _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
