measure: generate a more useful error in case SHA1 support is disabled by distro

Fixes: #36743
2026-04-14 00:14:32 +09:00 · 2025-06-02 11:49:33 +02:00
parent ccd2bf48b2
commit 1144f07dc6
3 changed files with 16 additions and 3 deletions
--- a/man/systemd-measure.xml
+++ b/man/systemd-measure.xml
@@ -173,6 +173,10 @@
        specified, defaults to the four banks <literal>sha1</literal>, <literal>sha256</literal>,
        <literal>sha384</literal>, <literal>sha512</literal>.</para>

+        <para>Note that some operating systems disable support for SHA1-based signatures, in which case this
+        operation will fail. Please consult your OS' documentation for details on how to override the OS
+        security policy around this.</para>
+
        <xi:include href="version-info.xml" xpointer="v252"/></listitem>
      </varlistentry>

--- a/src/measure/measure-tool.c
+++ b/src/measure/measure-tool.c
@@ -952,8 +952,10 @@ static int build_policy_digest(bool sign) {
                        size_t ss = 0;
                        if (privkey) {
                                r = digest_and_sign(p->md, privkey, pcr_policy_digest.buffer, pcr_policy_digest.size, &sig, &ss);
+                                if (r == -EADDRNOTAVAIL)
+                                        return log_error_errno(r, "Hash algorithm '%s' not available while signing. (Maybe OS security policy disables this algorithm?)", EVP_MD_name(p->md));
                                if (r < 0)
-                                        return log_error_errno(r, "Failed to sign PCR policy: %m");
+                                        return log_error_errno(r, "Failed to sign PCR policy with hash algorithm '%s': %m", EVP_MD_name(p->md));
                        }

                        _cleanup_free_ void *pubkey_fp = NULL;
--- a/src/shared/openssl-util.c
+++ b/src/shared/openssl-util.c
@@ -1082,6 +1082,8 @@ int digest_and_sign(
                const void *data, size_t size,
                void **ret, size_t *ret_size) {

+        int r;
+
        assert(privkey);
        assert(ret);
        assert(ret_size);
@@ -1099,8 +1101,13 @@ int digest_and_sign(
        if (!mdctx)
                return log_openssl_errors("Failed to create new EVP_MD_CTX");

-        if (EVP_DigestSignInit(mdctx, NULL, md, NULL, privkey) != 1)
-                return log_openssl_errors("Failed to initialize signature context");
+        if (EVP_DigestSignInit(mdctx, NULL, md, NULL, privkey) != 1) {
+                /* Distro security policies often disable support for SHA-1. Let's return a recognizable
+                 * error for that case. */
+                bool invalid_digest = ERR_GET_REASON(ERR_peek_last_error()) == EVP_R_INVALID_DIGEST;
+                r = log_openssl_errors("Failed to initialize signature context");
+                return invalid_digest ? -EADDRNOTAVAIL : r;
+}

        /* Determine signature size */
        size_t ss;