grub-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Grub verify module failed to verify a signed file

From: Wei Hu
Subject: Grub verify module failed to verify a signed file
Date: Thu, 28 Mar 2013 16:15:09 -0700 
Hi,

I am trying to use the grub verify module to verify a detached signature I 
signed using gpg on Linux. I did two different signings. Both of them failed, 
but at the different places in grub_verify_signature(). I am wonder if I did 
something wrong or the module has some bugs in it. Let me detail my procedure 
here. The text file, signature file and my public key are all attached.

Signing Approach 1
-----------------------

On my Ubuntu system, say I want to detached sign myfile.txt

> gpg --detach-sign myfile.txt

It creates the signature file myfile.txt.sig. I noticed it uses ripemd160 hash 
algorithm. Then I export my public key as

> gpg --output my.pubkey --export 'address@hidden'

The my.pubkey file contains my public key.  Then I create a grub rescue cd 
image with all these three file myfile.txt myfile.txt.sig and my.pubkey.

> grub-mkrescue -o image.iso ./myfile.txt ./myfile.txt.sig ./my.pubkey

After this, I booted the image and at the grub prompt I did

grub > verify_detached /myfile.txt /myfile.txt.sig /my.pubkey

It returns bad signature in grub_verify_signature() after following line:
   ...
    hash->final (context);
    grub_dprintf ("crypt", "alive\n");
    hval = hash->read (context);
    if (grub_file_read (sig, hash_start, sizeof (hash_start)) != sizeof 
(hash_start))
         return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad signature"));      
    if (grub_memcmp (hval, hash_start, sizeof (hash_start)) != 0)
      return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad signature"));         
<-- - failed here

My understanding is it calls ripemd160 algorithm to verify a two byte hash 
value and it failed. So I try to change the algorithm using in gpg for hashing 
as follows:

Signing Approch 2
---------------------

I just sign the myfile.txt with sha512 like this:

> gpg --digest-algo sha512 --detach-sign myfile.txt

It creates a myfile.txt.sig file. Then a created the iso image and boot just as 
in approach 1.

grub > verify_detached /myfile.txt /myfile.txt.sig /my.pubkey

This time I went much further in grub_verify_signature(). It seem failed at 
last when calling dsa verify routine:

    unsigned nbits = gcry_mpi_get_nbits (sk->mpis[1]);
    grub_dprintf ("crypt", "must be %u bits got %d bits\n", nbits,
                  (int)(8 * hash->mdlen));                                      
             <---- Here debug output is: must be 17 bits got 512 bits
   ....
    if (!grub_crypto_pk_dsa)
      return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("module `%s' isn't 
loaded"), "gcry_dsa");
    if (grub_crypto_pk_dsa->verify (0, hmpi, mpis, sk->mpis, 0, 0))             
                    <------ failed here.
      return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad signature"));          
                 

So I guess I was not doing right somewhere? Have you tested this verification 
module? The grub_dprintf() output (expecting 17bits but got 512 bits) is very 
suspicious.

For this Verify module to work, what tool and what procedure should I follow to 
sign a file?

Thanks so much,

Wei

Attachment: myfile.txt
Description: myfile.txt

Attachment: myfile.txt.sha512.sig
Description: myfile.txt.sha512.sig

Attachment: myfile.txt.ripemd160.sig
Description: myfile.txt.ripemd160.sig

Attachment: my.pubkey
Description: my.pubkey

reply via email to
[Prev in Thread] Current Thread [Next in Thread]