Signing data applet (dropbearsign)

Matt Johnston matt at ucc.asn.au
Tue Oct 5 13:01:06 WST 2004


On Sun, Oct 03, 2004 at 04:38:30PM +0200, Arne Bernin wrote:
> Hi,
> 
> i just finished my patch for dropbear. It adds a tool called
> dropbearsign which can be used to create a signature on
> data provided via stdin. So it can be used to verify file
> content in an embedded environment without having to use
> large tools as gnupg etc. This could be easily used
> to verify lists of md5sums (something i think we
> definetly need for bering-uclibc).
...
> Unfortunatly the signature is just a base64 encoded signature buffer from
> dropbear, so it is not compatible to anything else out there (I did not
> have the time to look deeply how gpg creates it signatures , not even
> sure there "asci armor" in nothing completly different than base64 encoding).
> 
> I am not sure if this tool will ever be included in standard dropbear, but
> i hope so (of course) to make maintainance easier (Matt ??). I am sure
> that this code is not perfect and will need a review before even thinking
> about to include it...And if not, well a review would be nice, too.
> Anyway i am interested in what you think,

Sounds useful for package signature checking, I'll take a
look over it. I'm fairly sure it'd be a lot more work to get
it close to GPG compatible, so I guess this simple way works
for now. 

Matt


More information about the Dropbear mailing list