Uploaded image for project: 'Mender'
  1. Mender
  2. MEN-1016

Modify artifact format to support secure signing of images

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Done
    • Priority: Medium
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Labels:

      Description

      This is only the format documentation, implementation is separate.

      Acceptance criteria:

      • The signature(s) must be able to verify everything inside the artifact except itself, including the version header (but see point about data below).
      • The above point implies that the signatures must be moved out of header.tar.gz in order to be able to verify the signatures of the other components. Most probable is that it will be a separate signatures.tar.gz files which signs the header.tar.gz and version.
      • The new signatures.tar.gz file must come after version, but before all of data, in order to fail early if header.tar.gz fails verification.
      • Files inside data should not be directly verified, but indirectly by verifying the header.tar.gz file and its checksums.
      • An artifact with a signature file, but no checksums, is an invalid artifact, since checksums are needed to verify the data files.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                a10053 Marcin Pasinski
                Reporter:
                a10040 Kristian Amlie
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Summary Panel