Re: [PATCH REBASED] verify: search keyid in hashed signature subpackets

Charles Duffy writes: > Amended the test repo to apply this patch; it applies and works-as-intended > on both 2.04 and current master. > > As for the DCO assertions, my portion of the contribution was implemented > strictly on personal time/equipment, so I'm able to to make the relevant > asserti

Re: [PATCH REBASED] verify: search keyid in hashed signature subpackets

Amended the test repo to apply this patch; it applies and works-as-intended on both 2.04 and current master. As for the DCO assertions, my portion of the contribution was implemented strictly on personal time/equipment, so I'm able to to make the relevant assertions in my individual capacity; amen

[PATCH REBASED] verify: search keyid in hashed signature subpackets

Currently GRUB2 verify logic searches PGP keyid only in unhashed subpackets of PGP signature packet. As a result, signatures generated with GoLang openpgp package (https://godoc.org/golang.org/x/crypto/openpgp) could not be verified, because this package puts keyid in hashed subpackets and GRUB cod

Re: Tools for testing Grub / Go OpenPGP compatibility

Charles Duffy writes: > On Wed, May 27, 2020 at 11:42 PM Daniel Axtens wrote: > >> My team has been working on the verifier area to support appended >> signatures (used to sign Linux kernel modules, and on at least powerpc64 >> also used to sign the kernel), so I have some familiarity with the >

Re: Tools for testing Grub / Go OpenPGP compatibility

On Wed, May 27, 2020 at 11:42 PM Daniel Axtens wrote: > My team has been working on the verifier area to support appended > signatures (used to sign Linux kernel modules, and on at least powerpc64 > also used to sign the kernel), so I have some familiarity with the > area. Where would I find the

Re: [PATCH 6/6] efi/tpm: Fix typo in grub_efi_tpm2_protocol struct

On 5/25/20 9:02 PM, Daniel Kiper wrote: > Rename get_active_pcr_blanks() to get_active_pcr_banks(). > > Signed-off-by: Daniel Kiper > --- > include/grub/efi/tpm.h | 8 > 1 file changed, 4 insertions(+), 4 deletions(-) > > diff --git a/include/grub/efi/tpm.h b/include/grub/efi/tpm.h > i

Re: [PATCH 4/6] tpm: Drop unneeded code

On 5/25/20 9:02 PM, Daniel Kiper wrote: > Drop unused grub_tpm*_execute() and declaration of nonexistent > grub_tpm_init(). > > Signed-off-by: Daniel Kiper > --- [snip] > -static grub_err_t > -grub_tpm2_execute (grub_efi_handle_t tpm_handle, > - PassThroughToTPM_InputParamBlo

Re: [PATCH 5/6] i386/efi/init: Drop bogus include

On 5/25/20 9:02 PM, Daniel Kiper wrote: > Signed-off-by: Daniel Kiper > --- > grub-core/kern/i386/efi/init.c | 1 - > 1 file changed, 1 deletion(-) > > diff --git a/grub-core/kern/i386/efi/init.c b/grub-core/kern/i386/efi/init.c > index da499aba0..a28316cc6 100644 > --- a/grub-core/kern/i386/efi

Re: [PATCH 3/6] docs: Fix devicetree command description

On 5/25/20 9:02 PM, Daniel Kiper wrote: > Specifically fix the subsection and drop bogus reference to the GNU/Linux. > > Reported-by: Patrick Higgins > Signed-off-by: Daniel Kiper > --- Reviewed-by: Javier Martinez Canillas Best regards, -- Javier Martinez Canillas Software Engineer - Deskto

Re: [PATCH 2/6] net/http: Return an error on HTTP error responses

On 5/25/20 9:02 PM, Daniel Kiper wrote: > From: Olaf Hering > > A http transfer will hang if an error is returned. The error branch > returns the value GRUB_ERR_NONE which is not expected by the caller. > > Signed-off-by: Olaf Hering > Signed-off-by: Daniel Kiper > --- > grub-core/net/http.c