Bug #6242
sha512 is broken in grub
Start date:
2015-09-17
Due date:
% Done:
100%
Estimated time:
Difficulty:
Medium
Tags:
needs-triage
Gerrit CR:
Description
so, i did decide to test out sha512 implementation and got "checksum verification failed" error after having enabled sha512 on pool root dataset. while investigating, I did decide to test the sha512 implementation in grub against test in usr/src/test/zfs-tests/tests/functional/checksum/sha2 and sha512_256.
here is printout of digests, first line for generated, second for baseline; first test for msg0, second for msg2:
f91e9481268e0453 ab7d4c6bb7292e9b 466dfc34c6d0c2e4 23afe70731f1e2e0
53048e2681941ef9 9b2e29b76b4c7dab e4c2d0c634fc6d46 e0e2f13107e7af23
FAILED!
4a7cdaf275d96dac a17d7d7becfff77e 7a1625c9bb1d554c 6d0ee9c80e3a281c
3928e184fb8690f8 40da3988121d31be 65cb9d3ef83ee614 6feac861e19b563a
FAILED!
Updated by Toomas Soome over 5 years ago
- Status changed from New to In Progress
- Assignee set to Toomas Soome
The current SHA512 implementation in grub has 2 major issues - missing type casts of uint8_t data are causing data loss from left shift operation and resulting checksum has wrong byte order. Those two issues are causing immediate failure from reading zfs.
Updated by Electric Monk over 5 years ago
- Status changed from In Progress to Closed
- % Done changed from 0 to 100
git commit 9ce6e318fecae800270f382ed76162508c5d525b
commit 9ce6e318fecae800270f382ed76162508c5d525b
Author: Toomas Soome <tsoome@me.com>
Date: 2015-10-09T19:27:38.000Z
6242 sha512 is broken in grub
Reviewed by: Hans Rosenfeld <rosenfeld@grumpf.hope-2000.org>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Sašo Kiselkov <skiselkov.ml@gmail.com>
Approved by: Robert Mustacchi <rm@joyent.com>