Hi Andrew,
On 27.04.21 01:22, Mulbrook, Andrew wrote:
> Hi Stefano,
>
>
> We were looking at utilizing swupdate in a project, but have some use
> cases where supporting a package signed multiple ways may be necessary.
> I've attached a patch to show a potential solution we were looking at
> (patch compiles but hasn't been tested).
The first thing to understand is not the implementation, but which are
the goals and the use cases. Having multiple signature let me think to
some use cases, that are already solved in other ways. One common use
case is the OEM: manufacturer sends device and software to OEM, an dhe
shouuld be able to sign it as well. However, this is solved using a PKI
and certificates, and manufacturer is the CA and delivers certificates
to his OEMs. SWUpdate is already able to work with it.
I do not find a use case where all signatures must be verified at once -
please explain which is the use case and what is thought to be solved
adding multiple signatures.
>
>
> Apologies for the direct email, I'm still looking at sending mails to
> the public google group
Forwarded to ML
> but wanted to make sure there weren't any strong
> objections that would lead to another approach being required.
Nevertheless, there is a weak dependency with the file type of the
signature, even if it is today hard-coded as sw-descriuption.sig. The
hard dependency is that signature is the second file in the stream,
while sw-description must be the first.
Best regards,
Stefano Babic
>
>
> Thanks for your time!
>
>
> Best Regards,
>
> Andrew
>
>
> ------------------------------------------------------------------------
>
> CONFIDENTIALITY NOTICE: This email and any attachments are for the sole
> use of the intended recipient(s) and contain information that may be
> Garmin confidential and/or Garmin legally privileged. If you have
> received this email in error, please notify the sender by reply email
> and delete the message. Any disclosure, copying, distribution or use of
> this communication (including attachments) by someone other than the
> intended recipient is prohibited. Thank you.
--
=====================================================================
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone:
+49-8142-66989-53 Fax:
+49-8142-66989-80 Email:
sba...@denx.de
=====================================================================