From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from emagii.se (www.emagii.com [185.133.207.17]) by sourceware.org (Postfix) with ESMTPS id 1C89B3858D28 for ; Wed, 15 Feb 2023 22:08:17 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 1C89B3858D28 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=emagii.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=emagii.com Received: from smtpclient.apple (84-55-68-216.customers.ownit.se [84.55.68.216]) by emagii.se (Postfix) with ESMTPSA id 6BA02120189; Wed, 15 Feb 2023 23:08:15 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=emagii.com; s=default; t=1676498895; bh=OFLZMsWCB4IUab1arH4LKQEfYSpPHf4vFVPQ/71+7gg=; h=From:Subject:To; b=2ZKgXCSXW4PYT/qSRUzhV6ZIHR6++Fxc98a3PdT0uHhv9gvjd6IC5EDNM81LrJag1 wMsbTlcMULqhB8ojADhVV57vRyiASGvbwCbTQr3hTvmiBPY/bNLFtSDlUXK6KDejIM gCycy/lbrpe1xJPreivcZyrnGvH1b/5nK56GJpsA= Authentication-Results: emagii.beebytevps.io; spf=pass (sender IP is 84.55.68.216) smtp.mailfrom=binutils@emagii.com smtp.helo=smtpclient.apple Received-SPF: pass (emagii.beebytevps.io: connection is authenticated) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable From: Ulf Samuelsson Mime-Version: 1.0 (1.0) Subject: Re: RFC: generating a header using the linker (CRC calculation) Date: Wed, 15 Feb 2023 23:08:15 +0100 Message-Id: <3D8C014D-966D-4129-82AC-AA04593A1F6B@emagii.com> References: <8511B960-E529-47FB-9B17-55F666B58EE7@comcast.net> Cc: Nick Clifton , binutils@sourceware.org In-Reply-To: <8511B960-E529-47FB-9B17-55F666B58EE7@comcast.net> To: Paul Koning X-Mailer: iPad Mail (19F77) X-PPP-Message-ID: <167649889564.3855253.1172837670730507397@localhost.localdomain> X-PPP-Vhost: emagii.com X-Spam-Status: No, score=-5.5 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_FAIL,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: The AUTOSARS says CRC-64 ECMA. It is also popular in Linux. I have not seen anyone using SHA algorithms or MD5 in any embedded project I= have worked with to verify the flash contents. My proposed implementation would make it easy to use the ISO or ECMA variant= s, but also allow a user defined polynom. Best Regards Ulf Samuelsson >=20 > 15 feb. 2023 kl. 22:29 skrev Paul Koning : >=20 > =EF=BB=BF >=20 >> On Feb 15, 2023, at 4:01 PM, Ulf Samuelsson via Binutils wrote: >>=20 >> Some argument for including CRC support in the linker. >>=20 >> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >>=20 >> The AUTOSAR organisation publishes requirement for developing code for th= e Automotive industry. >>=20 >> Protecting your code with a CRC is mandatory, and the chosen algorithm is= CRC64 ECMA. >> ... >> You cannot get a Functional Safety device qualified, if the firmware is n= ot protected by a CRC. >> ... >> So there is a significant part of the embedded industry that relies on CR= C calculations for ensuring that their systems are not broken. >>=20 >> What is important here is the "Hamming distance" which measures the quali= ty of detection. >>=20 >> The width of the CRC needs to grow as the program size grows. >=20 > Indeed; CRC32 is not suitable for that reason. >=20 > But what about other options? CRC64 is certainly one reasonable integrity= check (if the assumption is that errors are unintentional as opposed to the= result of active attack). But SHA-1, SHA-2, or even MD-5 are at least as g= ood. Digital signatures provide protection against intentional modification= . Does the standard recognize that those other options are also suitable? >=20 > paul >=20