Re: [RFC 2/4] Add rsa support

On Di, 2015-03-17 at 13:39 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote: > > I want to understand how your image formats would be used in the larger > > context of a BSP or distribution. Please describe which image formats > > you want to support (in addition to FIT). How are they structured? How

Re: [PATCH 0/9 v4] prepare for rsa support

On Di, 2015-03-17 at 12:49 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote: > The following patch series prepare for the adding of the rsa digest > support > > This will allow to verify a rsa signature of a file > > Introduction of a new command digest to handle the digest a

Re: [RFC 2/4] Add rsa support

On 13:09 Tue 17 Mar , Jan Lübbe wrote: > Hi Jean-Christophe, > > On Di, 2015-03-17 at 11:48 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote: > > > Could you explain your image format in a bit more detail? How your > > > intend to defend against a mix-and-match attack? > > > > One of the format

Re: [RFC 2/4] Add rsa support

Hi Jean-Christophe, On Di, 2015-03-17 at 11:48 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote: > > Could you explain your image format in a bit more detail? How your > > intend to defend against a mix-and-match attack? > > One of the format we are using can only be one configure signed or/and > en

[PATCH 8/9] command: rename digest.c to hashsum.c

as I'll add a new generic command named digest Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD --- commands/Kconfig | 14 +++--- commands/Makefile| 2 +- commands/{digest.c => hashsum.c} | 0 3 files changed, 8 insertions(+), 8 deletions(-) rename comma

[PATCH 1/9] crypto: digest: digest_file_window: check every digest_xxx return

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD --- crypto/digest.c | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/crypto/digest.c b/crypto/digest.c index c06089d..2228ec7 100644 --- a/crypto/digest.c +++ b/crypto/digest.c @@ -128,7 +128,9 @@ int digest_file_window

[PATCH 4/9] digest: add digest callback

Combination of @init and @update and @final. This function effectively behaves as the entire chain of operations, @init, @update and @final issued in sequence. This is added for hardware which cannot do even the @finup, but can only do the whole transformation in one run. Signed-off-by: Jean-Chris

[PATCH 9/9] command: add generic digest command

That can be used for digest calculation and verify Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD --- commands/Kconfig| 12 +++- commands/Makefile | 1 + commands/digest.c | 204 commands/hashsum.c | 76 comm

[PATCH 6/9] crypto: add pbkdf2 hmac key generator

this will allow to generate a KEY + IV based on a password and salt for AES encryption/decryption as example or simply the key for hmac or rsa from text password Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD --- crypto/Kconfig | 5 +++ crypto/Makefile | 2 ++ crypto/pbkdf2.

[PATCH 3/9] digest: add verify callback

this will allow to compare a md with the original one When calling this do not call final For RSA_SIGN verification final does not exist only verify as final will be for signing Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD --- crypto/digest.c | 24 +++- crypto/hmac.c

[PATCH 5/9] crypto: hmac: use digest_digest and check the return of every digest_xxx

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD --- crypto/hmac.c | 49 +++-- 1 file changed, 31 insertions(+), 18 deletions(-) diff --git a/crypto/hmac.c b/crypto/hmac.c index b1c17af..c2195d9 100644 --- a/crypto/hmac.c +++ b/crypto/hmac.c @@ -62,15 +

[PATCH 2/9] crypto: digest: digest_file_window/digest_file/digest_file_by_name drop key params

expect the key to be set before calling Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD --- commands/digest.c | 10 -- crypto/digest.c | 10 ++ include/digest.h | 3 --- 3 files changed, 10 insertions(+), 13 deletions(-) diff --git a/commands/digest.c b/commands/digest.c ind

[PATCH 7/9] command: allow runtime usage

This will allow as example to list the currently supported digest. Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD --- common/command.c | 2 ++ include/command.h | 3 +++ 2 files changed, 5 insertions(+) diff --git a/common/command.c b/common/command.c index 61191c2..dc2cb88 100644 --- a/commo

[PATCH 0/9 v4] prepare for rsa support

Hi, The following patch series prepare for the adding of the rsa digest support This will allow to verify a rsa signature of a file Introduction of a new command digest to handle the digest and check The next patch series will add RSA and keystore support

Re: [RFC 2/4] Add rsa support

On 16:42 Mon 16 Mar , Jan Lübbe wrote: > On Mo, 2015-03-16 at 12:33 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote: > > I do not like and do not want to use the FTD format to store the key > > but x509. > > Yes, I think we are in agreement that we need to support both key > formats. > > > Imag

Re: [PATCH] net: ping: return an error exit code when connection fails

Hi Mirko, On Mon, Mar 16, 2015 at 05:09:17PM +0100, mirko wrote: > Il 2015-03-16 16:02 Mirko Damiani ha scritto: > >Hi, > >ping command does not always returns 1 as exit code when connection to > >host fails. > >In particular it returns the exit code of the previous run. > >This patch fixes this i