* Michael Richardson <m...@sandelman.ca> [24.02.2017 09:03]: > > large random primenumbers. On the serverside, we store the product > > (aka: solution) of these 2 numbers. This is repeated for each generated > > image. (sorry, it breaks reproducable builds for now) > > Anyone can multiply two large prime numbers to get the solution.
oh, i was thinking that when you have a large number, e.g. 11542007683190179498670464887074061547264589525228033835453784092033868174972196125349942808504088511053804942426194431961451801392254016733776993893835781 you can not easily say what the 2 prime factors are to get this result? Or is this really a "fast" cumputation? > So I can't understand what you are doing. > You can't hide things in binaries. That's total snake oil. It is, it's only about having a proof, that the image runs. If several people "say" that the image runs, other routers start to automatically flash it. I want to make sure, that nobody can fake that information it easily. > I thought from the subject line and explanation that it was to permit a > firmware image to be validated as being uncorrupted/tained. One might do > this before flashing a device with it. how should this be done before flashing? if there is a mistake (e.g. forgotten package during build) the image itself is fine, but not "good". > Now I get the impression that the idea for a user to be able to prove > which firmware image they actually used? yes, if the image boots fine the user/a script will send the 'secret' and an sha256_signature if the image-hash. These hashes are added to the info.json: http://intercity-vpn.de/networks/liszt28/firmware/models/Buffalo%20WZR-HP-AG300H/testing/Standard,DSLR,fotobox,kalua/info.json (see: 'bittorf'). Other users have installed my public.key and can so check the signature. Also to flag "firmware_manually_checked" is changed to 'true'. bye, bastian _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
