help-grub
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: custom Authentication module

From: Buckeyne, Thomas
Subject: RE: custom Authentication module
Date: Mon, 2 Jun 2014 16:08:10 +0000 
On the:

"""
> Do I need to request a module to be included when I run 
> grub-mkstandalone / grub-mkimage

Not sure I understand this question. Do you mean - module that you are going to 
build?
"""

My custom module is being included; I thought perhaps I needed to include some 
module (other than cipher) to get the ecc support
        But your other answers explain why it is not being included (it is not 
because it is not in the module include list; but because it is deliberately 
excluded)

As information; I removed the exclusion of ecc.c and it compiled correctly but 
it did not link
     => it seems to need some function is a misc.c ; I removed the exclusion 
for misc.c 
        but it does not compile for a variety of reasons (the 
util/import_gcry.py does not seem to "filter" it at all comes across unchanged 
=> therefor it does not compile)

With the expanding usage of ECDSA for authentication do you know if there are 
any plans to include the ecc module in grub build (if or when)?

Thomas Buckeyne

-----Original Message-----
From: Andrey Borzenkov [mailto:address@hidden 
Sent: Sunday, June 01, 2014 7:58 AM
To: Buckeyne, Thomas
Cc: address@hidden
Subject: Re: custom Authentication module

В Fri, 23 May 2014 16:32:57 +0000
"Buckeyne, Thomas" <address@hidden> пишет:

> I am creating for my company a custom Authentication module (required to meet 
> regulatory requirements)
>                 Generally it locates file(s) on an SSD; authenticates 
> them with ECDSA; determines if/where to boot from
> 
> I have most of the module complete but I need to access the
> 
> 1)      gcry_pk_verify in grub-core/lib/libgcrypt/ciper/pubkey.c
> 
> 2)      fill_in_curve in grub-core/lib/libgcrypt/cipher/ecc.c
> 
> However neither of these seem to be built when grub is compiled Nor 
> have I been able to find an option to cause them to be built
> 

Those files are explicitly excluded when importing libgcrypt. See 
util/import_gcry.py. I do not know the reason.


> Am I missing / overlooking a configuration option

No, you will need to patch util/import_gcry.py; you may need to extend it to 
fix any build problems with these files in grub environment.

> Is there a patch or setup required to have these built

Not that I'm aware of.

> Are these supported for x86 32-bit computers

That's probably more for libgcrypt community. I do not see why not.

> Do I need to request a module to be included when I run 
> grub-mkstandalone / grub-mkimage

Not sure I understand this question. Do you mean - module that you are going to 
build?
reply via email to
[Prev in Thread] Current Thread [Next in Thread]