Module file parse API
Sean Mullan
sean.mullan at oracle.com
Thu Jun 21 07:11:16 PDT 2012
On 06/21/2012 09:47 AM, Chris Hegarty wrote:
> On 21/06/2012 14:00, Sean Mullan wrote:
>> ...
>>> No. Not someone but something by non-nefarious means :-) Bit rot on
>>> network transmission or on disk.
>>
>> I don't know it still seems like unnecessary overhead for an extremely
>> small likelihood. And wouldn't the entire file including the hashes be
>> suspect then?
>>
>> The hashes aren't even useful for signatures. This is because the signer
>> *must* generate the hashes itself, and then generate a signature over
>> them inside a PKCS#7 SignedData blob. It doesn't even use the existing
>> hashes, so they are just extra duplication.
>
> I guess I'd ask the question another way. Without the hashes would we
> need to circulate a separate checksum file to verify data integrity? If
> so, we wouldn't be able to verify the integrated on a per section basis
> ( unless the checksum file contained multiple hashes ). Verifying data
> integrity on a per section basis appears to be very useful.
Right, I see your point. In fact, I'm glad we revisited this and had
this discussion. I guess the only downside is that there is no "golden"
checksum file that I can double-check against when things go wrong. So
it may be a little less clear what may have caused the problem.
I've been a little bothered by the fact that the hashes aren't reusable
when generating the signatures, and maybe there is a better design, but
if nobody else is concerned for now, I'm ok with it.
--Sean
More information about the jigsaw-dev
mailing list