[Ksummit-discuss] [TECH TOPIC] Firmware signing

David Howells dhowells at redhat.com
Wed Aug 12 22:39:58 UTC 2015


Andy Lutomirski <luto at amacapital.net> wrote:

> 1.5K?  I'm talking about an actual raw public key, which is 65 bytes
> or less in reasonable implementations.  (64 or 65 bytes for P-256
> depending on encoding and 32 bytes for compressed schemes like EdDSA.)

Various bodies that define security criteria with which one must comply to be
able to supply software mandate key lengths of at least 2048 bits - that is
min 256 bytes.

But yes, we could even take a raw public key and just fill in a public_key
structure for it and then use it.

David


More information about the Ksummit-discuss mailing list