In email, Morgan writes: > Jameson Chema Quinn is basing his crypto code for bundle signing on > python-crypto: http://www.amk.ca/python/code/crypto.html
I personally would prefer that crypto code be based on the same algorithms and formats we use elsewhere, as documented at: http://wiki.laptop.org/go/Firmware_Key_and_Signature_Formats#Antitheft.2FActivation_Lease I took great care to ensure that the every bit in the format is documented, and traceable in most cases to best practices outlined in a standards document. This is in marked contrast to places where you'll find handwaving about "an RSA signature" (say) when there are multiple ways to use RSA to generate a signature, many of them in fact terribly bad. (For example, OpenPGP uses an RSA signature scheme vulnerable to an adaptive chosen ciphertext attack, and the known covert channels in DSA signatures became very problematic in the recent Debian/OpenSSL issues.) Python bindings are at http://dev.laptop.org/git?p=bios-crypto;a=summary and are available in the olpccontents RPM on the XO. Avoiding the need to declare additional crypto code for export is a pleasant side effect of using the existing audited codebase; Michael can tell you the extent to which that is (or is not) necessary in the case of python-crypto. I don't see anything in python-crypto which is not included in bios-crypto; most of what python-crypto provides is either out-of-date (should not be used in new applications) or duplicates functionality already provided by the standard python libraries (http://docs.python.org/lib/crypto.html). Security-sensitive code should also be reviewed on the security list. >From a software engineering standpoint, I'd be much happier if we just decided to use JAR files http://en.wikipedia.org/wiki/JAR_(file_format) which already have a well-defined signature mechanism, instead of designing our own bespoke thing yet again (see http://wiki.laptop.org/go/User:Homunq/Activity_bundles_v2 and http://wiki.laptop.org/go/Contents_manifest_specification ). --scott -- ( http://cscott.net/ ) _______________________________________________ Security mailing list [email protected] http://lists.laptop.org/listinfo/security
