[Ksummit-discuss] Last minute nominations: mcgrof and toshi

Jason Cooper jason at lakedaemon.net
Mon Aug 1 22:56:38 UTC 2016


Hey Andy, Luis, Mimi,

On Mon, Aug 01, 2016 at 02:14:52PM -0700, Andy Lutomirski wrote:
> Or he could use my old suggestion instead: rather than signing the
> firmware blob itself, sign a little data structure like this:
> 
> struct linux_blob_signed_data {
>   unsigned char magic[8];  // "LINUXSIG" -- for domain separation in case someone messes up
>   uint32_t version;  // = 1
>   unsigned char sha256[32];  // SHA256 hash of the blob
>   uint32_t type;  // what type of thing this is (firmware, etc)
>   unsigned char description[];  // the remainder of the structure is "iwlwifi-whatever.ucode", etc.
> };

I would include the length of the blob in here as well.

thx,

Jason.


More information about the Ksummit-discuss mailing list