Skip to content
This repository was archived by the owner on Mar 29, 2022. It is now read-only.

End to end encryption#129

Open
shikhar394 wants to merge 14 commits intouptane:developfrom
shikhar394:New_end_to_end_Encryption
Open

End to end encryption#129
shikhar394 wants to merge 14 commits intouptane:developfrom
shikhar394:New_end_to_end_Encryption

Conversation

@shikhar394
Copy link
Contributor

@shikhar394 shikhar394 commented Sep 10, 2017

Fixes #34
The director now encrypts images using AES key it randomly generates. It encrypts the AES Key using the public key of the ECU the image was meant for. Includes the encrypted hashes and encrypted length in the custom field.
The primary checks the encrypted file against the encrypted hashes and length in the custom field in the metadata. The secondary checks the encrypted hashes and lengths too, if verified, decrypts the image, verify the unencrypted image and downloads it.

Further Requirements:

  • To decide how to give option for encryption
  • To decide if more options should be given for encryption implemented.
  • ASN to support the encryption.

shikhar394 added 14 commits August 1, 2017 17:22
@shikhar394
added gitignore to include launch files
ec616e9
@shikhar394
- Changed keys to RSA
b908557 
- Hardcoded Hash Algorithms to SHA256 and SHA512
- __init__ working with JSON
- Set up new keys
@shikhar394
Changed use_new_keys to False
8fc9d8b 
Using already produced RSA Keys
@shikhar394
WIP
ecae60a 
Moving to a different branch to check key format submission with ed25519
@shikhar394
- Images are encrypted using AES - 128
151495a 
-  Keys of AES - 128 are randomly generated and are encrypted using the RSA public key of the designated ECU
- Working on adding the encrypted symmetric key and hashes of the encrypted images in the metadata that the ECUs parse
@shikhar394
- Metadata generated now reflects hashes of both encrypted and unencr…
eb31a55 
…ypted target

- Custom field includes encrypted file hashes sha256 and sha512; a boolean encrypted_image option; an encrypted symmetric key
- the encrypted image and key are both converted from binary to hex and will be needed to be converted back for decryption to work.
@shikhar394
Changed the director and its demo to make a new folder where the encr…
3376f1e 
…ypted files will be stored
@shikhar394
Changes in the demo __init__ file to have some new global constants a…
8364fb2 
…ccessed by the director for encrypted folder
@shikhar394
- Working End-to-End encryption between director and ECUs
2f40e3f 
- Director generates random AES-128 key
- Encrypts the image with the key
- Encrypts the key with the public key of the ECU image is meant for
- Primary recieves the encrypted images and checks it's encrypted hashes and encrypted length mentioned in the metadata (custom field)
- After primary approves of the file; secondary checks the encrypted hashes and lengths
- Then decrypts the key and image and checks the file against the metadata of unencrypted file
- If everything checks out, it installs the image
@shikhar394
Removed all the print statements
3e74651
@shikhar394
Changed the format back to DER
48ae82d
@shikhar394
Cleaned up code to comply with lab standards
b83368f
@shikhar394
Attempt to solve merge conflicts
725ba89
@shikhar394
Broke a >80 character line into multiple ones
c1a1e3a
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@shikhar394