18 Jan
2022
18 Jan
'22
3:03 p.m.
Hi Heinrich,
info.checksum = image_get_checksum_algo("sha256,rsa2048");
[...]
info.name = "sha256,rsa2048";- } else {
pr_warn("unknown msg digest algo: %s\n", sig->hash_algo);
- if (strcmp(sig->pkey_algo, "rsa")) {
pr_err("Encryption is not RSA: %s\n", sig->pkey_algo);- ret = snprintf(algo, sizeof(algo), "%s,%s%d", sig->hash_algo,
sig->pkey_algo, sig->s_size * 8);How do we ensure that the unsafe SHA1 algorithm is not used?
We don't, but the current code allows it as well. Should we enforce this from U-Boot though? The spec doesn't forbid it as far as I remember
Regards /Ilias
Best regards
Heinrich
I'm not sure that this naming rule, in particular the latter part, will always hold in the future while all the existing algo's observe it. (Maybe we need some note somewhere?)
The if a few lines below will shield us and return -EINVAL. How about adding an error message there?
Cheers /Ilias
-Takahiro Akashi
- if (ret >= sizeof(algo))
return -EINVAL;- info.checksum = image_get_checksum_algo((const char *)algo);
- info.name = (const char *)algo; info.crypto = image_get_crypto_algo(info.name);
- if (IS_ERR(info.checksum) || IS_ERR(info.crypto))
if (!info.checksum || !info.crypto) return -ENOPKG;
info.key = pkey->key;
-- 2.30.2