Hi Magnus,
On 15.05.2015 09:44, Magnus Lilja wrote:
On 8 May 2015 at 09:52, Stefan Roese <s...@denx.de> wrote:
This patch adds the feature to only stop the autobooting, and therefor
boot into the U-Boot prompt, when the input string / password matches
a values that is encypted via a SHA256 hash and saved in the environment.
This feature is enabled by defined these config options:
CONFIG_AUTOBOOT_KEYED
CONFIG_AUTOBOOT_STOP_STR_SHA256
Signed-off-by: Stefan Roese <s...@denx.de>
Cc: Simon Glass <s...@chromium.org>
Cc: Magnus Lilja <lilja.mag...@gmail.com>
---
v2:
- AUTOBOOT_STOP_STR_SHA256 is a string and not bool
- Add input key length check as suggested by Magnus
- Add "constant-length" time compare function as suggested
by Magnus
May I ask why you don't go all the way and use the salt mechanism
instead of just hashing the password?
Because its a customer requirement to implement it in this "simple" way.
Even though cracking will be easier than by using this salt mechanism.
If someone needs this stronger encryption support at some time, I
suggest to add it as an additional feature / option then.
Thanks,
Stefan
_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot
