Re: OOB + signature
Hi all! 2013/2/8 Rogelio Mita rogeliom...@activitycentral.com Thanks a lot Martín!. Perfect the answer!, then... we understand that the contents manifest file that is the result of build (ussualy .toc, that is used to update method, olpc-update) will also be affected by this process, is this right?. Because we no found place to verify this assertion in some documentation, only the specification of contents manifest, but found nothing about it, only the following lines that do not answer to our question: A contents manifest is just a convenience object for bundling a number of related directory objects; it should not be directly signed. Instead, the root directory object in the contents manifest should be the element which receives a signature. http://wiki.laptop.org/go/Contents_manifest_specification Thanks again! Regards! 2013/2/8 Martin Langhoff martin.langh...@gmail.com On Thu, Feb 7, 2013 at 9:45 AM, Rafael Ortiz raf...@activitycentral.com wrote: and how its resulting files are signed (for instance the content manifest file, specifically for the upgrade files), OOB uses some method when the signature module is activated ?, you have to sing them in an special way?. If you have the signing keys in the build machine, it's really easy. Set the .ini file to use the signing modules, tell it where the keys are, and it'll do it automagically for you. Any suggestions on this =) ? Thanks! See in OOB sources, modules/signing/README. Skip the external signing section. hth, m -- martin.langh...@gmail.com mar...@laptop.org -- Software Architect - OLPC - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff -- Roger Activity Central http://activitycentral.com/ -- Roger Activity Central http://activitycentral.com/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: OOB + signature
On Thu, Feb 7, 2013 at 9:45 AM, Rafael Ortiz raf...@activitycentral.com wrote: and how its resulting files are signed (for instance the content manifest file, specifically for the upgrade files), OOB uses some method when the signature module is activated ?, you have to sing them in an special way?. If you have the signing keys in the build machine, it's really easy. Set the .ini file to use the signing modules, tell it where the keys are, and it'll do it automagically for you. See in OOB sources, modules/signing/README. Skip the external signing section. hth, m -- martin.langh...@gmail.com mar...@laptop.org -- Software Architect - OLPC - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: OOB + signature
Thanks a lot Martín!. Perfect the answer!, then... we understand that the contents manifest file that is the result of build (ussualy .toc, that is used to update method, olpc-update) will also be affected by this process, is this right?. Because we no found place to verify this assertion in some documentation, only the specification of contents manifest, but found nothing about it, only the following lines that do not answer to our question: A contents manifest is just a convenience object for bundling a number of related directory objects; it should not be directly signed. Instead, the root directory object in the contents manifest should be the element which receives a signature. http://wiki.laptop.org/go/Contents_manifest_specification Thanks again! Regards! 2013/2/8 Martin Langhoff martin.langh...@gmail.com On Thu, Feb 7, 2013 at 9:45 AM, Rafael Ortiz raf...@activitycentral.com wrote: and how its resulting files are signed (for instance the content manifest file, specifically for the upgrade files), OOB uses some method when the signature module is activated ?, you have to sing them in an special way?. If you have the signing keys in the build machine, it's really easy. Set the .ini file to use the signing modules, tell it where the keys are, and it'll do it automagically for you. See in OOB sources, modules/signing/README. Skip the external signing section. hth, m -- martin.langh...@gmail.com mar...@laptop.org -- Software Architect - OLPC - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff -- Roger Activity Central http://activitycentral.com/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel