On 8/27/24 11:14 AM, 'Eric Biggers' via trenchboot-devel wrote:
On Thu, May 30, 2024 at 07:16:56PM -0700, Eric Biggers wrote:
On Thu, May 30, 2024 at 06:03:18PM -0700, Ross Philipson wrote:
From: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
For better or worse, Secure Launch needs SHA-1 and SHA-256. The
choice of hashes used lie with the platform firmware, not with
software, and is often outside of the users control.
Even if we'd prefer to use SHA-256-only, if firmware elected to start us
with the SHA-1 and SHA-256 backs active, we still need SHA-1 to parse
the TPM event log thus far, and deliberately cap the SHA-1 PCRs in order
to safely use SHA-256 for everything else.
The SHA-1 code here has its origins in the code from the main kernel:
commit c4d5b9ffa31f ("crypto: sha1 - implement base layer for SHA-1")
A modified version of this code was introduced to the lib/crypto/sha1.c
to bring it in line with the SHA-256 code and allow it to be pulled into the
setup kernel in the same manner as SHA-256 is.
Signed-off-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Ross Philipson <ross.philipson@xxxxxxxxxx>
Thanks. This explanation doesn't seem to have made it into the actual code or
documentation. Can you please get it into a more permanent location?
I see that a new version of the patchset was sent out but this suggestion was
not taken. Are you planning to address it?
Sorry we sort of overlooked that part of the request. We will take the
latest commit message, clean it up a little and put it in
boot/compressed/sha1.c file as a comment. I believe that is what you
would like us to do.
Thanks
Ross
- Eric