[Ksummit-discuss] Last minute nominations: mcgrof and toshi
Jason Cooper
jason at lakedaemon.net
Mon Aug 1 22:56:38 UTC 2016
Hey Andy, Luis, Mimi,
On Mon, Aug 01, 2016 at 02:14:52PM -0700, Andy Lutomirski wrote:
> Or he could use my old suggestion instead: rather than signing the
> firmware blob itself, sign a little data structure like this:
>
> struct linux_blob_signed_data {
> unsigned char magic[8]; // "LINUXSIG" -- for domain separation in case someone messes up
> uint32_t version; // = 1
> unsigned char sha256[32]; // SHA256 hash of the blob
> uint32_t type; // what type of thing this is (firmware, etc)
> unsigned char description[]; // the remainder of the structure is "iwlwifi-whatever.ucode", etc.
> };
I would include the length of the blob in here as well.
thx,
Jason.
More information about the Ksummit-discuss
mailing list