Configuration signing

Overview

To ensure that config files are valid and unchanged they can be signed with a private key. The signature is added to the config files (only possible with the download format Indel image). This signature can then be verified in the running system. The user application needs to provide the corresponding public key to be used in the verification.

Please see the complete description how to setup the project in https://doc.indel.ch/doku.php?id=software:embedded:indel_image

Setup in short

• Create a private/public pair with create_signature_keys.py.
• Set the path to the private key in the iDev project options.
• Optionally set the info used in signing/verifying.
• Enable indel image signing support in the inos features.

Adjusting the application

In the user application a function has to be implemented which will be called by the running system if an image needs to be verified. The function should return the public key and optionally the additional info as entered in the iDev options.

#include <cinosimage.h>
 
const char* pPublicKey = "-----BEGIN PUBLIC KEY-----"
        "MIIBIjA...CgKCAQEAzebi4JHsVpUe6O27d86z"
        "-----END PUBLIC KEY-----";
 
uint32 GetImageKeyAndInfo(const char* apImageName, char* apKeyBuffer,
        uint32 auKeyBufferSize, char* apInfoBuffer, uint32 auInfoBufferSize)
{
    inos_strncpy(apKeyBuffer, pPublicKey, auKeyBufferSize);
    inos_strncpy(apInfoBuffer, "Info as in iDev options", auInfoBufferSize);
    return 0;
}

If the key obfuscation was used during creation of the private/public key pair then the public key needs to be unobfuscated first. This function is available in the inos system. The provided secret can be used as string in the source code in the simplest form. To get more secrecy this string could also be created in the code dynamically so it is only available in RAM and not in the source code.

#include <cinosimage.h>
 
const char* pObfPublicKey = "RkhUWkIwISwsN1c/JyYnLDpXJDc9RkhUWkJ4KSIsOz4FMyopAhI"
        "GBxkNLFwORy...kJfSUZIcw==";
 
uint32 GetImageKeyAndInfo(const char* apImageName, char* apKeyBuffer,
        uint32 auKeyBufferSize, char* apInfoBuffer, uint32 auInfoBufferSize)
{
    uint32 uError = CINOSImage::UnobfuscateKey(pObfPublicKey, "public key secret",
            apKeyBuffer, auKeyBufferSize);
    inos_strncpy(apInfoBuffer, "Info as in iDev options", auInfoBufferSize);
    return uError;
}

Custom image type

Every image has a Content-Type describing the content. This string is used in the system to know how to handle the image, whether it's a config file, a kernel system, a resource or anything else. It's also possible to use a custom type to implement your own processing. However to handle custom types the system needs also a handler for this type. In the Indel installation directory are templates for a handler that can be adjusted to your own needs.

%INDEL_ROOT%\share\examples\indelimage\cuserimagehandler.cpp/.h

• Copy the files cuserimagehandler.cpp/.h to your own project.
• Adjust the type string used for the image: IMAGE_HEADER_VENDOR_USAGE. This string needs to be the same as the Content-Type in the image.
• Implement the processing of the image at the end of CUserImageHandler::iEvtImageCreated