On Mon, 07 Aug 2000, OKUJI Yoshinori <[EMAIL PROTECTED]> wrote:
> From: "Jochen Hoenicke" <[EMAIL PROTECTED]>
> Subject: Re: Image decryption support in GRUB?
> Date: Thu, 3 Aug 2000 13:07:45 +0200 (MET DST)
>
>> What about "kernel [blowfish,12345678]/tftproot/kernel.image"
>>
>> One could concatenate filters like this:
>> [gunzip][blowfish,12345678]/tftproot/kernel.image
>
> For me, that looks very ugly. Anyway, is it really necessary to
> decrypt a file with any other command than "kernel", "module" or
> "chainloader"?
Actually, for me it is necessary only with the 'kernel' and 'initrd'
commands. I will, for the sake of completeness, add it to the others,
though. No sense in doing the job half way. :)
> I think it would be great to seek for a general way to filter multiple
> files, but I don't like to modify GRUB so much at the moment, since
> the code has already been like spaghetti and it should be redesigned
> from scratch.
I had a poke inside, to look at the cost of adding a generic filter
thingy. It looked... difficult.
> Therefore, if you want the decryption feature soon, I suggest the
> following interface:
>
> # Give both the decryption type and the key.
> grub> kernel --decrypt=twofish --key=abcdefg /kernel-image
> # Give only the decryption type. You will have to input the key.
> grub> module --decrypt=blowfish /module-image
> Key: *******
Cool. I am less sure that the user input of the key is that useful, but
if it's not too hard to do...
> To implement this, you will not have any difficulty, while neither
> idea by Gordon nor by Jochen is easy to add into GRUB. However, you
> will need to find out a good way to share the same code among several
> commands. Maybe you should implement a helper funtion for analysing
> command-line arguments (options).
Yes, I think that is the way to do it. Then there is not much code
needed in each of the supported commands.
Thanks,
Daniel
--
You may be a geek, you may have geek written all over you; you should aim to
be one geek they'll never forget. Don't aim to be civilized.
-- Bruce Sterling
