how to do a digest on a flashed uImage ?
Sascha Hauer
s.hauer at pengutronix.de
Wed Jul 1 22:42:08 PDT 2015
Hi Philippe,
On Wed, Jul 01, 2015 at 09:02:28AM +0200, Philippe Leduc wrote:
> Hello,
>
> I have a uImage saved in a memory partition and I am able to boot on
> it with bootm command. I would like to add a digest (like a
> hmac(sha1)) in order to check the integrity of the binary before
> booting on it.
>
> Because my partition is bigger than my uImage, I don't know how to use
> digest on it.
> In fact there are two problems that I don't know how to solve: I can't
> get the size of my file and I can't ask digest to work on COUNT bytes.
>
> For the size problem: I can extract the size of the uImage in binary
> form since this information is present in the uImage header (via
> memcpy), but I don't know how to convert it in a format compatible
> with Hush.
>
> For digest, I can copy the binary in the RAM, but I fear that it is
> longer than working on the flash: it takes 4,8s to memcpy the uImage
> in a RAM file, and less than 3s to bootm on the flash. But
>
>
> Do you know a way to get the size of a file? Or to convert a binary
> size into a "human readable format" for Hush? Or should I develop a
> kind of "stat" utility for barebox?
> Thank you in advance,
I can't think of a way on the shell to accomplish this. Something that
might come close is uImagefs. You can mount an uImage as a filesystem,
then you can run digest on the individual contents of the image, but not
of the whole image itself.
Also extracting the size from the image via memcpy and somehow convert
the value to hex, then memcpy the uImage to a file sounds fragile. I
would probably add a option to the uimage command, like -c for copy.
In C it's easy to sanity check the size you read and to verify the
header checksum before doing anything else. You can't do that in shell.
Sascha
--
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
More information about the barebox
mailing list