!aecPwabKihLwjebRfb:matrix.org

#rauc

41 Members
Robust Auto Update Controller | github.com/rauc/rauc1 Servers

Load older messages


Timestamp Message
21 Feb 2019
05:51:52@freenode_gnomengineer:matrix.org@freenode_gnomengineer:matrix.orgdid I miss the answer to my question? lost the chat history :(
06:53:17@freenode_gnomengineer:matrix.org@freenode_gnomengineer:matrix.org ejoerns: I hope you can help me with my problem. My current work task is on hold without an answer ^^'
08:07:59@freenode_ejoerns:matrix.orgejoernsgnomengineer, nope, you did not miss anything. I did not have time to look into irc, yet.
08:09:14@freenode_ejoerns:matrix.orgejoerns gnomengineer, busctl call de.pengutronix.rauc / de.pengutronix.rauc.Installer Mark ss "good" "rootfs.0"
08:10:18@freenode_ejoerns:matrix.orgejoerns gnomengineer, busctl call de.pengutronix.rauc / de.pengutronix.rauc.Installer Mark ss "good" "rootfs.0"
08:12:40@freenode_ejoerns:matrix.orgejoernsdavenull, ok. verification I did not test yet. but ca should be sufficient. you can also place intermediate certificates in the signature if that is required for completing the chain
08:19:14@freenode_ejoerns:matrix.orgejoerns davenull, ah, with "./rauc info --keyring=test-easyrsa/pki/ca.crt test.raucb" I get "signature verification failed: Verify error:unsupported certificate purpose"
08:38:37@freenode_ejoerns:matrix.orgejoernsshoragan, do you see what went wrong in https://pastebin.com/MF6zGYic ?
08:39:58@freenode_shoragan:matrix.orgshoraganejoerns: let me take a look
08:51:51@freenode_shoragan:matrix.orgshoragandavenull: could you try with easyrsa sign-req code-signing RaucCert?
08:52:09@freenode_gnomengineer:matrix.org@freenode_gnomengineer:matrix.org ejoerns: thx, it worked this way. The documentation (11.6 D-Bus API) is not clear regarding the exact usage to provide the parameters. For a newbie in d-bus it's not clear to use 'ss' in front of the 2 parameters. Maybe a usage example for each method could be added to the documentation?
08:52:29@freenode_shoragan:matrix.orgshoraganthe client type has the wrony key usage for rauc
08:53:31@freenode_shoragan:matrix.orgshoraganthe client type has the wrony key usage for rauc
09:22:55@freenode_shoragan:matrix.orgshoragandavenull: ah, sorry. you need to create a cert without extendedKeyUsage
09:23:29@freenode_shoragan:matrix.orgshoragan so copy the code-signing type file (to i.e. 'signing') and remove the "extendedKeyUsage = codeSigning" line
09:37:46@freenode_shoragan:matrix.orgshoraganthe problem is that openssl checks agains email signing for CMS
09:38:11@freenode_shoragan:matrix.orgshoraganand there is no option to configure it to use the code signing usage
09:38:20@freenode_shoragan:matrix.orgshoraganhttp://technotes.shemyak.com/posts/smimesign-extended-key-usage-extension-for-openssl-pkcs7-verification/
10:24:03@freenode_ejoerns:matrix.orgejoernsgnomengineer, I head something similar in the queue already thus I added your lines. mabye you want to have a look: https://github.com/rauc/rauc/pull/413
11:20:24@freenode_gnomengineer:matrix.org@freenode_gnomengineer:matrix.orgejoerns, thx for adding that.
15:06:24@freenode_gnomengineer:matrix.org@freenode_gnomengineer:matrix.org ejoerns: in the documentation is written "i result: return code (0 for success)" for the Completed signal. is there a encoding table for the return value? Or do I just have to accept that non-zero is failure?
15:27:00@freenode_ejoerns:matrix.orgejoernsgnomengineer, iirc there is not much more than 0 and 1 at the moment, maybe 2. but with checking for 0 you should be fine for now
15:39:31@freenode_gnomengineer:matrix.org@freenode_gnomengineer:matrix.orgok, thx for clarification.
15:39:38@freenode_gnomengineer:matrix.org@freenode_gnomengineer:matrix.org left the room.
15:39:38@freenode_davenull:matrix.orgdavenull shoragan: Yeah, that was what the hangup was. I had to pretty much read the entire doc for openssl before getting there and going "Oh..."
15:39:59@freenode_gnomengineer:matrix.org@freenode_gnomengineer:matrix.org joined the room.
15:40:04@freenode_gnomengineer:matrix.org@freenode_gnomengineer:matrix.org left the room.
15:42:21@freenode_davenull:matrix.orgdavenull If I can find some time, I am going to try and document all the little things I've found that would be great to have in the docs.
15:43:17@freenode_davenull:matrix.orgdavenullIt seems I am one of a handful using rauc with buildroot on x86_64, but it is so well-suited for the task.
15:55:59@freenode_ejoerns:matrix.orgejoernsdavenull, yes, I fear the buildroot integration in general is the most immature from the triplet yocto/ptxdist/buildroot

There are no newer messages yet.


Back to Room List