Ivan Krstić wrote: > On Jul 10, 2007, at 8:46 AM, C. Scott Ananian wrote: >> Can't we just SHA1 the kernel+initrd bundle and sign the hash? SHA1 >> should be fast enough... > > The hashes we have available in OFW through the LTC code are Whirlpool > and SHA-512. It's non-trivial to amend the list at this time. The > current crypto code uses a slow(ish) and paranoid combination of the > two hashes with two signature systems because it was designed to > verify BIOS updates, where maximal paranoia is justified. We will want > to adjust the system to drop down to a single hash algorithm and > signature system for the normal boot integrity verification, which > should make it quite a bit faster.
In particular, the current code does: Hashes file data with whirlpool Hashes file data with SHA-512 Verifies RSA signature against whirlpool hash Verifies RSA signature against SHA-512 hash Verifies ECC signature against whirlpool hash Verifies ECC signature against SHA-512 hash If we want to use an abbreviated test for the kernel, I will need to change the packaging of the crypto code so the firmware has finer-grained access to the piece-parts. _______________________________________________ Devel mailing list [email protected] http://lists.laptop.org/listinfo/devel
