On Wed, 22 Jan 2020 13:09:39 -0800 "Janaki" <janaki.kuruganti@xxxxxxxxx> wrote: Hi Janaki, > Hi Jose, > > I have signed an app and packed it using AGL tools (wgtpkg-sign & > wgtpkg-pack) on my host machine (Debian). > > Can you please tell me how and what files to be transferred (scp) to > target machine (qemu) in order to install the app.? > > I tried, > > 1. I have signed the app and packed the whole app directory and > created a .wgt file. 2. I have scp the .wgt file to target machine. > 3. afm-util install *.wgt. I see the following error. > ERROR: disconnected server hung up > > Next I tried, > 1. I have signed the app and packed the ../build/package directory > and created a .wgt file. 2. I have scp the .wgt file to target > machine. 3. afm-util install *.wgt. My app installs with no error. The content of the widget file .wgt is precise. I conclude from your experiments that the correct content is in ../build/package The content of widgets is specified by the document https://www.w3.org/TR/widgets/ Many project are using a cmake module specialized to build and pack widgets. If interested, it is in https://git.automotivelinux.org/src/cmake-apps-module/ and documented there https://docs.automotivelinux.org/docs/en/master/devguides/reference/cmakeafbtemplates/dev_guide/cmake-overview.html > In both the tries I did not send public certificate to the target > machine. Can you also please tell me without having the public > certificate information, how is the signed and packed app installing > on target machine? Widget signature is not mandatory today. I have an ongoing work to enforce it. That is the bad thing with security: if it is not here from the beginning, it is not used. So enforcing widget signature is to achieve quickly. We intend to do that after first Icefish release. When the widget is signed, it includes the certificates of the authority that signs it. That certificates has 2 main features: the public key and some authority certifications. That is enough for the framework to check and validate things based on a chain of trust. When deployed by industry, the keys and certificates have to be adapted. This is a big story... still to be written Best regards José Bollo > > Thanks, > Janaki > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#8032): https://lists.automotivelinux.org/g/agl-dev-community/message/8032 Mute This Topic: https://lists.automotivelinux.org/mt/36367811/2167316 Group Owner: agl-dev-community+owner@xxxxxxxxxxxxxxxxxxxxxxxxx Unsubscribe: https://lists.automotivelinux.org/g/agl-dev-community/leave/4543822/883735764/xyzzy [list-automotive-discussions82@xxxxxxxxxxx] -=-=-=-=-=-=-=-=-=-=-=-
Re: [agl-dev-community] Signed widgets and certificates
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: [agl-dev-community] Signed widgets and certificates
- From: "Jose Bollo" <jose.bollo@xxxxxxx>
- Date: Thu, 23 Jan 2020 12:21:20 +0100
- Cc: agl-dev-community@xxxxxxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <2168.1579727379617636716@lists.automotivelinux.org>
- Mailing-list: list agl-dev-community@xxxxxxxxxxxxxxxxxxxxxxxxx; contact agl-dev-community+owner@xxxxxxxxxxxxxxxxxxxxxxxxx
- Organization: IoT.BzH
- References: <CA+LDafBiG8RDXRtj2qCTnmVHS2-+AsFKwwbb22_s=_2U+pdMWw@mail.gmail.com> <2168.1579727379617636716@lists.automotivelinux.org>
- Reply-to: agl-dev-community@xxxxxxxxxxxxxxxxxxxxxxxxx
- References:
- Prev by Date: Re: [agl-dev-community] help requested for windowmanager service
- Next by Date: [agl-dev-community] Upcoming Events #cal-summary
- Previous by thread: Re: [agl-dev-community] Signed widgets and certificates
- Next by thread: [agl-dev-community] AGL Halibut 8.0.4 regression test report
- Index(es):
 |