From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from rettich.hi.pengutronix.de ([2001:67c:670:100:1d::c3] helo=rettich) by metis.ext.pengutronix.de with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1fs1de-0000Or-Qk for rauc@pengutronix.de; Tue, 21 Aug 2018 10:03:42 +0200 Received: from jlu by rettich with local (Exim 4.89) (envelope-from ) id 1fs1de-0004pN-IW for rauc@pengutronix.de; Tue, 21 Aug 2018 10:03:42 +0200 Message-ID: <1534838622.22651.84.camel@pengutronix.de> From: Jan =?ISO-8859-1?Q?L=FCbbe?= Date: Tue, 21 Aug 2018 10:03:42 +0200 In-Reply-To: References: Mime-Version: 1.0 Subject: Re: [RAUC] RAUC bundle encryption, design question List-Id: RAUC Project - Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: rauc-bounces@pengutronix.de Sender: "RAUC" To: rauc@pengutronix.de SGkgRXZhbiwKCnRoYW5rcyBmb3Igc3RhcnRpbmcgdGhpcyBkaXNjdXNzaW9uIQoKT24gTW9uLCAy MDE4LTA4LTIwIGF0IDExOjM5IC0wNzAwLCBFdmFuIEVkc3Ryb20gd3JvdGU6Cj4gSSBhbSB1c2lu ZyBSQVVDIGZvciBhIGNvbW1lcmNpYWwgcHJvZHVjdCwgYW5kIG9uZSBvZiB0aGUgdGhpbmdzIHdl Cj4gbmVlZCB0byBhY2NvbXBsaXNoIGlzIHRvIGVuY3J5cHQgb3VyIHVwZGF0ZSBidW5kbGVzLiBJ J3ZlIG1hbnVhbGx5Cj4gY3JlYXRlZCBhbiBlbmNyeXB0ZWQgcmF1YyBidW5kbGUgdXNpbmcgYSBM VUtTIGNvbnRhaW5lci4gT25jZSB0aGUKPiBjb250YWluZXIgaXMgb3BlbmVkIGl0IGNhbiBiZSBt b3VudGVkIGxpa2Ugbm9ybWFsIGFzIGEgc3F1YXNoZnMKPiBwYXJ0aXRpb24gYW5kIHVzZWQgYnkg UkFVQy4KCkEgbm9ybWFsIFJBVUMgYnVuZGxlIGxvb2tzIChtb3N0bHkpIGxpa2UgdGhpczoKWyBz cXVhc2hmcyBdWyBDTVMgc2lnbmF0dXJlIG92ZXIgaGFzaCBvZiBzcXVhc2hmcyBdCgpJIGV4cGVj dCB0aGF0IHlvdXIgTFVLUyBjb250YWluZXIgd3JhcHMgYm90aDoKWyBMVUtTIGhlYWRlciBdWyBM VUtTIGVuY3JweXRpb24gKCBSQVVDIGJ1bmRsZSApIF0KClNvIHlvdSBnZXQgc3ltbWV0cmljIGVu Y3J5cHRpb24gb2Ygd2hvbGUgYnVuZGxlIHdpdGggYSBwYXNzd29yZCAoaS5lLiBhCnNoYXJlZCBz ZWNyZXQpLCByaWdodD8KCldoaWxlIHRoaXMgc2V0dXAgaXMgcHJldHR5IHN0cmFpZ2h0IGZvcndh cmQsIEkgc2VlIHNvbWUgZG93bnNpZGVzOgotIFJBVUMgY2Fubm90IHJlYWQgYW55IGluZm9ybWF0 aW9uIGFib3V0IHRoZSBidW5kbGUgYmVmb3JlIGRlY3J5cHRpb24KLSBXaXRoIGEgc2luZ2xlIHNo YXJlZCBzZWNyZXQsIHRoZXJlIGlzIG5vIHdheSB0byByZXZva2UgYSBjb21wcm9taXNlZAprZXkg KGZvciBleGFtcGxlIGV4dHJhY3RlZCBmcm9tIGEgc2luZ2xlIGRldmljZSBpbiB0aGUgZmllbGQp Cgo+IFRoaXMgc2VlbXMgZ2VuZXJhbGx5IHVzZWZ1bDsgaWYgdGhpcyBpcyBzb21ldGhpbmcgeW91 J2QgbGlrZSB0byBzZWUgaW4KPiB0aGUgcHJvamVjdCBJJ2QgYmUgaGFwcHkgdG8gY29udHJpYnV0 ZSBhbmQgc3VibWl0IGEgcHVsbCByZXF1ZXN0LiBJCj4gd2FudGVkIHRvIHNlZWsgeW91ciBpbnB1 dCBiZWZvcmUgSSBiZWdpbiBhYm91dCB0aGUgcHJvcGVyIHNjb3BlIGZvcgo+IHRoaXMsIGFzIGl0 IGNvdWxkIGJlIGFjaGlldmVkIGluIG1hbnkgZGlmZmVyZW50IHdheXMuIEhlcmUgYXJlIHRoZSB0 d28KPiBtZXRob2RzIEkndmUgbmFycm93ZWQgaW4gb24uCj4gCj4gKiBPcHRpb24gMToKPiBQcm92 aWRlIGFuIG9wdGlvbmFsICJkZWNyeXB0aW9uIGhhbmRsZXIiIGZvciB0aGUgdXNlciB0byBpbXBs ZW1lbnQKPiB3aGljaCBwcm92aWRlcyB0aGUgYnVuZGxlIHBhdGggYW5kIG1vdW50IHBvaW50LiBB IHVzZXIgd291bGQgaW1wbGVtZW50Cj4gdGhlaXIgZGVjcnlwdCBhbmQgbW91bnQgc3RlcHMgYXMg bmVlZGVkLiBJZiB0aGUgY29uZmlnIGZpbGUgZGVmaW5lcwo+IHRoaXMgaGFuZGxlciwgdGhlIHVw ZGF0ZSBwcm9jZXNzIHdvdWxkIGVzc2VudGlhbGx5IHJ1biB0aGUgaGFuZGxlcgo+IGluc3RlYWQg b2Ygcl9tb3VudF9sb29wKCkgaW4gYnVuZGxlLmMuCgpyX21vdW50X2xvb3AoKSBvbmx5IHJ1bnMg YWZ0ZXIgcmVhZGluZyBhbmQgdmVyaWZ5aW5nIHRoZSBidW5kbGUKc2lnbmF0dXJlLCBzbyBpdCB3 b3VsZCBuZWVkIGEgZGlmZmVyZW50IGxheW91dCB0aGFuIHRoZSBvbmUgYWJvdmUuClNvbWV0aGlu ZyBsaWtlOgpbIExVS1MgaGVhZGVyIF1bIExVS1MgZW5jcnB5dGlvbiAoIHNxdWFzaGZzICkgXSBD TVMgc2lnbmF0dXJlIG92ZXIgaGFzaApvZiBMVUtTIGhlYWRlcitlbmNyeXB0ZWQgZGF0YSBdCgo+ IFRoaXMgZ2l2ZXMgYSB1c2VyIHRoZSBtb3N0IGZsZXhpYmlsaXR5IGFzIHRoZXkncmUgbm90IGxv Y2tlZCBpbnRvIGFueQo+IHBhcnRpY3VsYXIgZW5jcnlwdGlvbiBtZXRob2Qgb3IgZXZlbiBidW5k bGUgZm9ybWF0LiBCdW5kbGUgY3JlYXRpb24gZ2V0cwo+IGEgbGl0dGxlIG1vcmUgdHJpY2t5IGFz IHRoZXJlIGlzbid0IGEgY29uY2VwdCBvZiBoYW5kbGVycyBidWlsdCBpbi4gQ291bGQgaGF2ZQo+ IGFuIG9wdGlvbmFsIGFyZ3VtZW50IHdoaWNoIHByb3ZpZGVzIGEgbW91bnRlZCBhbmQgZW1wdHkg YnVuZGxlLgoKQSBzcXVhc2hmcyBpcyBnZW5lcmF0ZWQgYnkgdXNpbmcgbWtzcXVhc2hmcy4gVGhl IHJlc3VsdCB3b3VsZCB0aGVuIGJlCmNvcGllZCBpbnRvIGEgZnJlc2ggTFVLUyBjb250YWluZXIu IFNvIGNyZWF0aW5nIGVuY3J5cHRlZCBidW5kbGVzIHdvdWxkCnJlcXVpcmVkIHJvb3QuCgo+ICog T3B0aW9uIDI6Cj4gSW1wbGVtZW50IGVuY3J5cHRpb24gc3VwcG9ydCBkaXJlY3RseSBpbnRvIFJB VUMgYXMgYSBjb21waWxlIG9wdGlvbi4KPiBUaGlzIGNvdWxkIGNyZWF0ZSBhbiBlbmNyeXB0ZWQg YnVuZGxlIGFuZCBkZWNyeXB0IGFuZCBtb3VudCBkdXJpbmcKPiBpbnN0YWxsIHRpbWUuCj4gCj4g VGhpcyBpcyBtdWNoIGVhc2llciB0byB1c2UgYW5kIGFsbG93cyBlYXN5IGVuY3J5cHRlZCBidW5k bGUgY3JlYXRpb24sCj4gYnV0IGlzIHF1aXRlIGEgYml0IGxlc3MgZmxleGlibGUuIEl0IGFsc28g YWRkcyBhIGRlcGVuZGVuY3ksIGxpa2UKPiBjcnlwdHNldHVwLCB0byB0aGUgcHJvamVjdC4KCkkn ZCBkZWZpbml0ZWx5IHByZWZlciBidWlsdC1pbiBlbmNyeXB0aW9uIHN1cHBvcnQuIE1haW5seSBi ZWNhdXNlOgotIEl0IGNhbiBiZSBpbnRlZ3JhdGVkIHdpdGggdGhlIGV4aXN0aW5nIENNUy1iYXNl ZCBzaWduYXR1cmVzLCBzbyB3ZQpnZXQgc3VwcG9ydCBmb3IgbXVsdGlwbGUgcmVjaXBpZW50IGRl dmljZXMgd2l0aCBpbmRpdmlkdWFsIHByaXZhdGUKa2V5cy4KLSBJdCdzIGVhc2llciB0byB1c2Ug KHlvdSBkb24ndCBuZWVkIHRvIHdyaXRlIGEgaGFuZGxlcikuCi0gQnkgdXNpbmcgZG0tY3J5cHQg d2l0aG91dCBMVUtTLCB3ZSBjYW4gZ2VuZXJhdGUgdGhlIGVuY3J5cHRlZCBidW5kbGUKd2l0aG91 dCByZXF1aXJpbmcgcm9vdCBwcml2aWxlZ2VzICh2aWEgT3BlblNTTCkuCi0gV2hlbiB1c2luZyBw ZXIgZGV2aWNlIHByaXZhdGUga2V5cywgd2UgY2FuIGFsc28gc3RvcmUgdGhlbSBpbiBhIFRQTQpv ciBhIFBLQ1MjMTEgdG9rZW4vc21hcnRjYXJkLCBzbyB0aGV5IGNhbid0IGJlIGVhc2lseSBleHRy YWN0ZWQuCgo+IEZvciBlaXRoZXIgb3B0aW9uLCB0aGVyZSBpcyB0aGUgcG9zc2liaWxpdHkgb2Yg aW5zcGVjdGluZyBhIGJ1bmRsZQo+IGZpbGUncyBoZWFkZXIgYW5kIGtub3dpbmcgd2hldGhlciB0 byBydW4gdGhlIGRlZmF1bHQgbW91bnQgZnVuY3Rpb24gb3IKPiB0aGUgaGFuZGxlci4gVGhpcyB3 b3VsZCBiZSB1c2VmdWwgaWYgeW91IHRob3VnaHQgY2xpZW50cyBzaG91bGQgYmUKPiBhYmxlIHRv IGFjY2VwdCBlaXRoZXIgZW5jcnlwdGVkIG9yIHVuZW5jcnlwdGVkIGJ1bmRsZXMuClllcy4gV2Un ZCBhbHNvIG5lZWQgYW4gb3B0aW9uIGluIHRoZSBzeXN0ZW0uY29uZiB0byBjb25maWd1cmUgd2hp Y2gga2V5CnRvIHVzZSBmb3IgZGVjcnlwdGlvbi4KCj4gUGVyaGFwcyB0aGVyZSBpcyBhIG11Y2gg YmV0dGVyIHdheSB0byBkbyB0aGlzIHRoYW4gSSd2ZSB0aG91Z2h0IG9mLgo+IEknZCBsb3ZlIHRv IGhlYXIgeW91ciB0aG91Z2h0cyBvbiB0aGlzLgoKQXMgd2UgdXNlIENNUyBbMV0gZm9yIHNpZ25p bmcsIHdlIGNhbiBwb3RlbnRpYWxseSBzdXBwb3J0IGV2ZXJ5dGhpbmcKdGhlIE9wZW5TU0wgY21z IHRvb2wgKHNlZSAnbWFuIGNtcycpIHN1cHBvcnRzIChOLW9mLU0gc2lnbmF0dXJlcywKZW5jcnlw dGlvbiB3aXRoIHNoYXJlZCBzZWNyZXRzIGFuZC9vciBwdWJsaWMvcHJpdmF0ZSBrZXlzKS4KClNv IG15IGN1cnJlbnQgY29uY2VwdCB3b3VsZCBiZSB0byB1c2UgYSBkaWZmZXJlbXQgcGF5bG9hZCBp biB0aGUgQ01TCm1lc3NhZ2UgKGluc3RlYWQgb2YgYSBoYXNoIG92ZXIgdGhlIHNxdWFzaGZzKSwg Y29uc2lzdGluZyBvZgppbmZvcm1hdGlvbiBhYm91dCB0aGUgZW5jcnlwdGlvbiAoYWxnb3JpdGht LCBwYXJhbWV0ZXJzIGFuZCBwYXlsb2FkCmtleSkgYW5kIHRoZSBwYXlsb2FkIGhhc2ggKG9yIGRt LXZlcml0eSByb290IGhhc2gpLiBUaGUgQ01TIG1lc3NhZ2UKd291bGQgdGhlbiBiZSBlbmNyeXB0 ZWQgaW4gYWRkaXRpb24gdG8gYmVpbmcgc2lnbmVkLgoKV2hlbiBvcGVuaW5nIHRoZSBidW5kbGUs IE9wZW5TU0wgd291bGQgZGV0ZWN0IHRoYXQgdGhlIENNUyBtZXNzYWdlIGlzCmVuY3J5cHRlZCwg bG9vayBmb3IgdGhlIG1hdGNoaW5nIHByaXZhdGUga2V5IGFuZCBkZWNyeXB0LiBUaGVuIHdlIGhh dmUKdGhlIGluZm9ybWF0aW9uIHRvIGNvbmZpZ3VyZSBkbS1jcnlwdCBhbmQvb3IgZG0tdmVyaXR5 IG9uIHRvcCBvZiB0aGUKbG9vcCBkZXZpY2UuIFRoZSByZXN0IG9mIHRoZSBpbnN0YWxsYXRpb24g d291bGQgcHJvY2VlZCBhcyB1c3VhbC4KClNvIHRoZSBvbmx5IHBsYWNlcyB0aGF0IHdvdWxkIG5l ZWQgdG8gY2hhbmdlIGFyZSBidW5kbGUgb3BlbmluZyAoc2V0dXAKT3BlblNTTCBmb3IgZGVjcnlw dGlvbiBhbmQgY29uZmlndXJlIGRldmljZSBtYXBwZXIgdGFyZ2V0cykgYW5kIGJ1bmRsZQpjcmVh dGlvbiAob3B0aW9uYWxseSBlbmNyeXB0LCBvcHRpb25hbGx5IHVzZSB2ZXJpdHlzZXR1cCBhbmQg dXNlCk9wZW5TU0wgZm9yIENNUyBlbmN5cHRpb24pLgoKV2hhdCBkbyB5b3UgdGhpbmsgYWJvdXQg dGhpcyBhcHBvcmFjaD8KClsxXSBodHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvcmZjNTY1Mgot LSAKUGVuZ3V0cm9uaXggZS5LLiAgICAgICAgICAgICAgICAgICAgICAgICAgIHwgICAgICAgICAg ICAgICAgICAgICAgICAgICAgIHwKSW5kdXN0cmlhbCBMaW51eCBTb2x1dGlvbnMgICAgICAgICAg ICAgICAgIHwgaHR0cDovL3d3dy5wZW5ndXRyb25peC5kZS8gIHwKUGVpbmVyIFN0ci4gNi04LCAz MTEzNyBIaWxkZXNoZWltLCBHZXJtYW55IHwgUGhvbmU6ICs0OS01MTIxLTIwNjkxNy0wICAgIHwK QW10c2dlcmljaHQgSGlsZGVzaGVpbSwgSFJBIDI2ODYgICAgICAgICAgIHwgRmF4OiAgICs0OS01 MTIxLTIwNjkxNy01NTU1IHwKCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fClJBVUMgbWFpbGluZyBsaXN0