sysupdate: Support alternative signature methods #32819
Comments
|
yeah, sounds great. has been on the todo list for a while. either something with pkcs7 or maybe something compatible with openbsd signify would be great. Patches welcome! |
|
I don’t think I will be able to get around to this anytime soon, unfortunately. PKCS#7 is roughly as bad as OpenPGP in terms of parsing requirements. It happens that OpenSSH signatures (as generated by Another consideration is that images should be verified before being decompressed. Since images can be very large, this requires being able to verify them incrementally. signify(1) supports this by having a list of hashes (hex encoded, newline separated, and signed with ed25519) as a comment in the gzip header. If one can assume that a 1MiB chunk can fit in memory and that binary SHA512/SHA-3/Blake2b hashes are used, this means that a 64GiB compressed image takes 216 chunks, or 2MiB of hashes. More complex schemes are possible, but a system needing 64GiB OS images to be downloaded yet not having 2MiB of free RAM does not seem realistic to me 1, and less code means less attack surface. Footnotes
|
Component
No response
Is your feature request related to a problem? Please describe
systemd-sysupdatecurrently uses GnuPG for signature verification of downloaded files. This is annoying because GnuPG has extra attack surface that isn’t needed here. Metadata can and should be provided included in the signed hashes file.Describe the solution you'd like
Support for ed25519 signatures.
Describe alternatives you've considered
None
The systemd version you checked that didn't have the feature you are asking for
No response
The text was updated successfully, but these errors were encountered: