RE: [Freeipmi-devel] Patch for SHA256 Support

freeipmi-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Freeipmi-devel] Patch for SHA256 Support

From:	Al Chu
Subject:	RE: [Freeipmi-devel] Patch for SHA256 Support
Date:	Fri, 30 Jul 2010 07:47:15 -0700

Hey Holger,

On Thu, 2010-07-29 at 23:25 -0700, Liebig, Holger wrote:
> > 
> > Hi Holger,
> > 
> > Thanks for the patch.  This was on my todo, but w/o a motherboard to
> > test on, I just let it linger.  
> 
> Freeipmi was a good counterpart for testing the BMC implementation, if
> only the turnaround times for a make cycle would be shorter ;)

LOL.  Yeah ... the build time has definitely grown in length :P

> > I think you forgot to add the
> > appropriate permutation of cipher suite/SHA256 into
> > libfreeipmi/src/debug/ and the manpages in common/man/, but no worries,
> > I can add that myself.
> > 
> > Only one question, are cipher suites 15-17 defined in the upcoming DCMI
> > 1.1?  ASAIK it hasn't been released publicly.  I have a tiny concern
> > about committing something that is not yet finalized.  Or is DCMI 1.1
> > finalized and going to be released publicly soon??
> 
> As far as I know, it is supposed to be published end of this month if
> there are no major objections from others. There is no need to commit
> the patch before, I just wanted to let you know that most of the work
> is done and if there is any other feedback it's more than welcome.

Ok.  I'll just hold off for the time being until it's published.  That
way it's sort of "official".

> Only Cipher Suite 17 in the mentioned combination (3/4/1) is mentioned
> in the latest review copy of DCMI 1.1, that's why I skipped the other
> combinations. There seem to be (strong) requests from DCMI customers
> to add a stronger authentication algorithm than HMAC_SHA1, who knows
> why. 
> 
> Too bad Intel forgot to add the Cipher Suite Numbers into the IPMI 2.0
> errata 4. 

That is interesting.  I just assumed there would be a cipher suite 15
and 16.  Given the length of time between erratas, it may take time to
find out.

Thanks,
Al

> Holger
> 
> > On Thu, 2010-07-29 at 06:07 -0700, Liebig, Holger wrote:
> > > Hi all,
> > > please find attached the required modification for SHA256 and Cipher
> > > Suite 17 support in freeipmi. SHA256 has been added in IPMI 2.0 Errata
> > > 4 and is also one of the recommended Cipher Suites of the upcoming
> > > DCMI 1.1 Specification (where the Cipher Suite number is taken from).
> > > The modifications itself are straight forward, I just had to find all
> > > the places.
> > >
> > > Comments or feedback is more than welcome, especially if it works with
> > > other vendor implementations.
> > >
> > > Thanks,
> > > Holger
> > >
> > >
> > >
> > >
> > >
> > --
> > Albert Chu
> > address@hidden
> > Computer Scientist
> > High Performance Systems Division
> > Lawrence Livermore National Laboratory
> 
-- 
Albert Chu
address@hidden
Computer Scientist
High Performance Systems Division
Lawrence Livermore National Laboratory

[Prev in Thread]

Current Thread

[Next in Thread]

[Freeipmi-devel] FreeIPMI 0.8.8 Released, Albert Chu, 2010/07/20
- [Freeipmi-devel] Patch for SHA256 Support, Liebig, Holger, 2010/07/29
  - Re: [Freeipmi-devel] Patch for SHA256 Support, Albert Chu, 2010/07/29
    - RE: [Freeipmi-devel] Patch for SHA256 Support, Liebig, Holger, 2010/07/30
    - RE: [Freeipmi-devel] Patch for SHA256 Support, Al Chu <=

Prev by Date: RE: [Freeipmi-devel] Patch for SHA256 Support
Previous by thread: RE: [Freeipmi-devel] Patch for SHA256 Support
Index(es):
- Date
- Thread