[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: custom Authentication module
From: |
Buckeyne, Thomas |
Subject: |
RE: custom Authentication module |
Date: |
Mon, 2 Jun 2014 16:08:10 +0000 |
On the:
"""
> Do I need to request a module to be included when I run
> grub-mkstandalone / grub-mkimage
Not sure I understand this question. Do you mean - module that you are going to
build?
"""
My custom module is being included; I thought perhaps I needed to include some
module (other than cipher) to get the ecc support
But your other answers explain why it is not being included (it is not
because it is not in the module include list; but because it is deliberately
excluded)
As information; I removed the exclusion of ecc.c and it compiled correctly but
it did not link
=> it seems to need some function is a misc.c ; I removed the exclusion
for misc.c
but it does not compile for a variety of reasons (the
util/import_gcry.py does not seem to "filter" it at all comes across unchanged
=> therefor it does not compile)
With the expanding usage of ECDSA for authentication do you know if there are
any plans to include the ecc module in grub build (if or when)?
Thomas Buckeyne
-----Original Message-----
From: Andrey Borzenkov [mailto:address@hidden
Sent: Sunday, June 01, 2014 7:58 AM
To: Buckeyne, Thomas
Cc: address@hidden
Subject: Re: custom Authentication module
В Fri, 23 May 2014 16:32:57 +0000
"Buckeyne, Thomas" <address@hidden> пишет:
> I am creating for my company a custom Authentication module (required to meet
> regulatory requirements)
> Generally it locates file(s) on an SSD; authenticates
> them with ECDSA; determines if/where to boot from
>
> I have most of the module complete but I need to access the
>
> 1) gcry_pk_verify in grub-core/lib/libgcrypt/ciper/pubkey.c
>
> 2) fill_in_curve in grub-core/lib/libgcrypt/cipher/ecc.c
>
> However neither of these seem to be built when grub is compiled Nor
> have I been able to find an option to cause them to be built
>
Those files are explicitly excluded when importing libgcrypt. See
util/import_gcry.py. I do not know the reason.
> Am I missing / overlooking a configuration option
No, you will need to patch util/import_gcry.py; you may need to extend it to
fix any build problems with these files in grub environment.
> Is there a patch or setup required to have these built
Not that I'm aware of.
> Are these supported for x86 32-bit computers
That's probably more for libgcrypt community. I do not see why not.
> Do I need to request a module to be included when I run
> grub-mkstandalone / grub-mkimage
Not sure I understand this question. Do you mean - module that you are going to
build?