You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by GitBox <gi...@apache.org> on 2018/10/10 23:25:08 UTC
[GitHub] mkiiskila commented on a change in pull request #212: Add support
for encrypted images
mkiiskila commented on a change in pull request #212: Add support for encrypted images
URL: https://github.com/apache/mynewt-newt/pull/212#discussion_r224271317
##########
File path: newt/image/image.go
##########
@@ -860,6 +870,61 @@ func (image *Image) generateV2(loader *Image) error {
}
defer imgFile.Close()
+ plainSecret := make([]byte, 16)
+ var cipherSecret []byte
+ if PubKeyFile != "" {
+ _, err = rand.Read(plainSecret)
+ if err != nil {
+ return util.NewNewtError(fmt.Sprintf("Random generation error: %s\n", err))
+ }
+
+ keyBytes, err := ioutil.ReadFile(PubKeyFile)
+ if err != nil {
+ return util.NewNewtError(fmt.Sprintf("Error reading pubkey file: %s", err))
+ }
+
+ // Try reading as PEM (asymetric key), if it fails, assume this is a
+ // base64 encoded symetric key
+ b, _ := pem.Decode(keyBytes)
+ if b == nil {
+ kek, err := base64.StdEncoding.DecodeString(string(keyBytes))
+ if err != nil || len(kek) != 16 {
+ return util.NewNewtError(fmt.Sprintf("Error decoding kek: %s", err))
Review comment:
there is no err if len(kek) != 16, so error message will be a bit confusing
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services