[openfirmware] r1343 - cpu/x86/pc/olpc
svn at openfirmware.info
svn at openfirmware.info
Thu Sep 3 07:13:18 CEST 2009
Author: wmb
Date: 2009-09-03 07:13:18 +0200 (Thu, 03 Sep 2009)
New Revision: 1343
Modified:
cpu/x86/pc/olpc/security.fth
Log:
OLPC security.fth - commented out some words that are no longer
used now that we support key delegation.
Modified: cpu/x86/pc/olpc/security.fth
===================================================================
--- cpu/x86/pc/olpc/security.fth 2009-09-03 05:11:26 UTC (rev 1342)
+++ cpu/x86/pc/olpc/security.fth 2009-09-03 05:13:18 UTC (rev 1343)
@@ -390,22 +390,6 @@
: my-sn$ ( -- adr len ) machine-id-buf d# 11 ;
-
-\ parse-sig parses a "sig01:" format signature string, returning its
-\ hashname and signature substrings. It converts the signature
-\ substring from ASCII hex to binary bytes.
-
-: parse-sig ( sig01$ -- true | hashname$ sig$ false )
- dup d# 89 < if 2drop true exit then
- bl left-parse-string " sig01:" $= 0= if 2drop true exit then ( rem$ )
- bl left-parse-string dup d# 6 <> if 4drop true exit then 2swap ( hash$ rem$ )
- bl left-parse-string nip d# 64 <> if 4drop true exit then ( hash$ rem$ )
- newline left-parse-string 2swap nip 0<> if 4drop true exit then ( hash$ data$ )
- dup /sig 2* <> if ( ." Bad signature length" cr ) 2drop true exit then ( hash$ data$ )
-
- hex-decode if 2drop true else false then
-;
-
\ zip-extent looks inside a memory-resident ZIP archive and returns
\ the address,length of a given component of that archive. This
\ assumes that the components are "stored", not "deflated". It
@@ -446,10 +430,22 @@
true
;
-\ hashname remembers the most recently used hashname to guard against
-\ attacks based on reuse of the same (presumably compromized) hash.
-
0 [if]
+\ parse-sig parses a "sig01:" format signature string, returning its
+\ hashname and signature substrings. It converts the signature
+\ substring from ASCII hex to binary bytes.
+
+: parse-sig ( sig01$ -- true | hashname$ sig$ false )
+ dup d# 89 < if 2drop true exit then
+ bl left-parse-string " sig01:" $= 0= if 2drop true exit then ( rem$ )
+ bl left-parse-string dup d# 6 <> if 4drop true exit then 2swap ( hash$ rem$ )
+ bl left-parse-string nip d# 64 <> if 4drop true exit then ( hash$ rem$ )
+ newline left-parse-string 2swap nip 0<> if 4drop true exit then ( hash$ data$ )
+ dup /sig 2* <> if ( ." Bad signature length" cr ) 2drop true exit then ( hash$ data$ )
+
+ hex-decode if 2drop true else false then
+;
+
\ signature-invalid? checks the validity of data$ against the ASCII signature
\ record sig0N$, using the public key that thiskey$ points to.
\ It also verifies that the hashname contained in sig01$ is the
@@ -478,6 +474,9 @@
;
[then]
+\ exp-hashname$ remembers the most recently used hashname to guard against
+\ attacks based on reuse of the same (presumably compromized) hash.
+
0 0 2value exp-hashname$
0 0 2value signed-data$
@@ -621,9 +620,8 @@
;
\ Find a sig0N: line and check its sha256/rsa signature
-: sha-valid? ( data$ sig01$ -- okay? )
- next-sig-in-list$ if 2drop false exit then ( data$ rem$ sig01$ )
- \ 2nip " sha256" signature-invalid? 0=
+: sha-valid? ( data$ sig$ -- okay? )
+ next-sig-in-list$ if 2drop false exit then ( data$ rem$ sig$ )
2nip " sha256" signature-good?
;
@@ -631,12 +629,11 @@
\ and check their signatures
: fw-valid? ( data$ sig$ -- okay? )
2swap 2>r ( sig$ r: data$ )
- next-sig-in-list$ if 2r> 2drop false exit then ( rem$ sig01$ )
+ next-sig-in-list$ if 2r> 2drop false exit then ( rem$ sig$ )
2r@ 2swap sha-valid? 0= if ( rem$ r: data$ )
2r> 4drop false exit
then ( rmd-sig$ r: data$ )
- next-sig$ if 2r> 2drop false exit then ( rem$ sig01$ )
-\ 2nip 2r> 2swap " rmd160" signature-invalid? 0=
+ next-sig$ if 2r> 2drop false exit then ( rem$ sig$ )
2nip 2r> 2swap " rmd160" signature-good?
;
More information about the openfirmware
mailing list