| Message ID | 20200525205432.310304-1-ebiggers@kernel.org (mailing list archive) |
|---|---|
| Headers | show |
| Series | fsverity-utils: introduce libfsverity | expand |
On 5/25/20 4:54 PM, Eric Biggers wrote: > From the 'fsverity' program, split out a library 'libfsverity'. > Currently it supports computing file measurements ("digests"), and > signing those file measurements for use with the fs-verity builtin > signature verification feature. > > Rewritten from patches by Jes Sorensen <jsorensen@fb.com>. > I made a lot of improvements; see patch 2 for details. > > This patchset can also be found at branch "libfsverity" of > https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git/ > > Changes v1 => v2: > - Fold in the Makefile fixes from Jes > - Rename libfsverity_digest_size() and libfsverity_hash_name() > - Improve the documentation slightly > - If a memory allocation fails, print the allocation size > - Use EBADMSG for invalid cert or keyfile, not EINVAL > - Make libfsverity_find_hash_alg_by_name() handle NULL > - Avoid introducing compiler warnings with AOSP's default cflags > - Don't assume that BIO_new_file() sets errno > - Other small cleanups > > Eric Biggers (3): > Split up cmd_sign.c > Introduce libfsverity > Add some basic test programs for libfsverity Hi Eric, Assuming you didn't make any big changes since the previous rev. I have tested this here, and I can build an fsverity-utils RPM from it, and build my RPM support with this version, so looks all good from my side. One feature I would like to have, and this is what I confused in my previous comments. In addition to a get_digset_size() function, it would be really useful to also have a get_signature_size() function. This would be really useful when trying to pre-allocate space for an array of signatures, or is there no way to get that info from openssl without creating an actual signature? Cheers, Jes
On Tue, May 26, 2020 at 06:25:22PM -0400, Jes Sorensen wrote: > > One feature I would like to have, and this is what I confused in my > previous comments. In addition to a get_digset_size() function, it would > be really useful to also have a get_signature_size() function. This > would be really useful when trying to pre-allocate space for an array of > signatures, or is there no way to get that info from openssl without > creating an actual signature? > I don't think that's possible. It's also not fixed for each hash algorithm, but rather it depends on the key and certificate used. - Eric
On Mon, May 25, 2020 at 01:54:29PM -0700, Eric Biggers wrote: > From the 'fsverity' program, split out a library 'libfsverity'. > Currently it supports computing file measurements ("digests"), and > signing those file measurements for use with the fs-verity builtin > signature verification feature. > > Rewritten from patches by Jes Sorensen <jsorensen@fb.com>. > I made a lot of improvements; see patch 2 for details. > > This patchset can also be found at branch "libfsverity" of > https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git/ > > Changes v1 => v2: > - Fold in the Makefile fixes from Jes > - Rename libfsverity_digest_size() and libfsverity_hash_name() > - Improve the documentation slightly > - If a memory allocation fails, print the allocation size > - Use EBADMSG for invalid cert or keyfile, not EINVAL > - Make libfsverity_find_hash_alg_by_name() handle NULL > - Avoid introducing compiler warnings with AOSP's default cflags > - Don't assume that BIO_new_file() sets errno > - Other small cleanups > > Eric Biggers (3): > Split up cmd_sign.c > Introduce libfsverity > Add some basic test programs for libfsverity > Applied and pushed out to the 'master' branch. - Eric
On 5/27/20 5:15 PM, Eric Biggers wrote: > On Mon, May 25, 2020 at 01:54:29PM -0700, Eric Biggers wrote: >> From the 'fsverity' program, split out a library 'libfsverity'. >> Currently it supports computing file measurements ("digests"), and >> signing those file measurements for use with the fs-verity builtin >> signature verification feature. >> >> Rewritten from patches by Jes Sorensen <jsorensen@fb.com>. >> I made a lot of improvements; see patch 2 for details. >> >> This patchset can also be found at branch "libfsverity" of >> https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git/ >> >> Changes v1 => v2: >> - Fold in the Makefile fixes from Jes >> - Rename libfsverity_digest_size() and libfsverity_hash_name() >> - Improve the documentation slightly >> - If a memory allocation fails, print the allocation size >> - Use EBADMSG for invalid cert or keyfile, not EINVAL >> - Make libfsverity_find_hash_alg_by_name() handle NULL >> - Avoid introducing compiler warnings with AOSP's default cflags >> - Don't assume that BIO_new_file() sets errno >> - Other small cleanups >> >> Eric Biggers (3): >> Split up cmd_sign.c >> Introduce libfsverity >> Add some basic test programs for libfsverity >> > > Applied and pushed out to the 'master' branch. Awesome, any idea when you'll be able to tag a new official release? Thanks, Jes
On 5/28/20 9:22 AM, Jes Sorensen wrote: > On 5/27/20 5:15 PM, Eric Biggers wrote: >> On Mon, May 25, 2020 at 01:54:29PM -0700, Eric Biggers wrote: >>> From the 'fsverity' program, split out a library 'libfsverity'. >>> Currently it supports computing file measurements ("digests"), and >>> signing those file measurements for use with the fs-verity builtin >>> signature verification feature. >>> >>> Rewritten from patches by Jes Sorensen <jsorensen@fb.com>. >>> I made a lot of improvements; see patch 2 for details. >>> >>> This patchset can also be found at branch "libfsverity" of >>> https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git/ >>> >>> Changes v1 => v2: >>> - Fold in the Makefile fixes from Jes >>> - Rename libfsverity_digest_size() and libfsverity_hash_name() >>> - Improve the documentation slightly >>> - If a memory allocation fails, print the allocation size >>> - Use EBADMSG for invalid cert or keyfile, not EINVAL >>> - Make libfsverity_find_hash_alg_by_name() handle NULL >>> - Avoid introducing compiler warnings with AOSP's default cflags >>> - Don't assume that BIO_new_file() sets errno >>> - Other small cleanups >>> >>> Eric Biggers (3): >>> Split up cmd_sign.c >>> Introduce libfsverity >>> Add some basic test programs for libfsverity >>> >> >> Applied and pushed out to the 'master' branch. > > Awesome, any idea when you'll be able to tag a new official release? Hi Eric, Ping, anything holding up the release at this point? Sorry for nagging, I would really like to push an updated version to Rawhide that can be distributed as a prerequisite for the RPM changes. Thanks, Jes
On Fri, Jun 05, 2020 at 12:44:21PM -0400, Jes Sorensen wrote: > On 5/28/20 9:22 AM, Jes Sorensen wrote: > > On 5/27/20 5:15 PM, Eric Biggers wrote: > >> On Mon, May 25, 2020 at 01:54:29PM -0700, Eric Biggers wrote: > >>> From the 'fsverity' program, split out a library 'libfsverity'. > >>> Currently it supports computing file measurements ("digests"), and > >>> signing those file measurements for use with the fs-verity builtin > >>> signature verification feature. > >>> > >>> Rewritten from patches by Jes Sorensen <jsorensen@fb.com>. > >>> I made a lot of improvements; see patch 2 for details. > >>> > >>> This patchset can also be found at branch "libfsverity" of > >>> https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git/ > >>> > >>> Changes v1 => v2: > >>> - Fold in the Makefile fixes from Jes > >>> - Rename libfsverity_digest_size() and libfsverity_hash_name() > >>> - Improve the documentation slightly > >>> - If a memory allocation fails, print the allocation size > >>> - Use EBADMSG for invalid cert or keyfile, not EINVAL > >>> - Make libfsverity_find_hash_alg_by_name() handle NULL > >>> - Avoid introducing compiler warnings with AOSP's default cflags > >>> - Don't assume that BIO_new_file() sets errno > >>> - Other small cleanups > >>> > >>> Eric Biggers (3): > >>> Split up cmd_sign.c > >>> Introduce libfsverity > >>> Add some basic test programs for libfsverity > >>> > >> > >> Applied and pushed out to the 'master' branch. > > > > Awesome, any idea when you'll be able to tag a new official release? > > Hi Eric, > > Ping, anything holding up the release at this point? > > Sorry for nagging, I would really like to push an updated version to > Rawhide that can be distributed as a prerequisite for the RPM changes. > I might do it this weekend, but I've been working on a test script and some other improvements first. Also, please feel free to contribute more test programs or extend the existing ones. We could use more test coverage of the library. - Eric
From the 'fsverity' program, split out a library 'libfsverity'. Currently it supports computing file measurements ("digests"), and signing those file measurements for use with the fs-verity builtin signature verification feature. Rewritten from patches by Jes Sorensen <jsorensen@fb.com>. I made a lot of improvements; see patch 2 for details. This patchset can also be found at branch "libfsverity" of https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git/ Changes v1 => v2: - Fold in the Makefile fixes from Jes - Rename libfsverity_digest_size() and libfsverity_hash_name() - Improve the documentation slightly - If a memory allocation fails, print the allocation size - Use EBADMSG for invalid cert or keyfile, not EINVAL - Make libfsverity_find_hash_alg_by_name() handle NULL - Avoid introducing compiler warnings with AOSP's default cflags - Don't assume that BIO_new_file() sets errno - Other small cleanups Eric Biggers (3): Split up cmd_sign.c Introduce libfsverity Add some basic test programs for libfsverity .gitignore | 10 +- Makefile | 191 ++++++- cmd_sign.c | 633 ---------------------- commands.h | 24 - util.h => common/common_defs.h | 47 +- fsverity_uapi.h => common/fsverity_uapi.h | 0 common/libfsverity.h | 132 +++++ hash_algs.h | 68 --- lib/compute_digest.c | 240 ++++++++ hash_algs.c => lib/hash_algs.c | 129 +++-- lib/lib_private.h | 83 +++ lib/sign_digest.c | 399 ++++++++++++++ lib/utils.c | 109 ++++ cmd_enable.c => programs/cmd_enable.c | 32 +- cmd_measure.c => programs/cmd_measure.c | 12 +- programs/cmd_sign.c | 163 ++++++ fsverity.c => programs/fsverity.c | 52 +- programs/fsverity.h | 43 ++ programs/test_compute_digest.c | 61 +++ programs/test_hash_algs.c | 38 ++ programs/test_sign_digest.c | 50 ++ util.c => programs/utils.c | 7 +- programs/utils.h | 44 ++ testdata/cert.pem | 31 ++ testdata/file.sig | Bin 0 -> 708 bytes testdata/key.pem | 52 ++ 26 files changed, 1770 insertions(+), 880 deletions(-) delete mode 100644 cmd_sign.c delete mode 100644 commands.h rename util.h => common/common_defs.h (56%) rename fsverity_uapi.h => common/fsverity_uapi.h (100%) create mode 100644 common/libfsverity.h delete mode 100644 hash_algs.h create mode 100644 lib/compute_digest.c rename hash_algs.c => lib/hash_algs.c (53%) create mode 100644 lib/lib_private.h create mode 100644 lib/sign_digest.c create mode 100644 lib/utils.c rename cmd_enable.c => programs/cmd_enable.c (81%) rename cmd_measure.c => programs/cmd_measure.c (83%) create mode 100644 programs/cmd_sign.c rename fsverity.c => programs/fsverity.c (82%) create mode 100644 programs/fsverity.h create mode 100644 programs/test_compute_digest.c create mode 100644 programs/test_hash_algs.c create mode 100644 programs/test_sign_digest.c rename util.c => programs/utils.c (96%) create mode 100644 programs/utils.h create mode 100644 testdata/cert.pem create mode 100644 testdata/file.sig create mode 100644 testdata/key.pem