r1581 - cpu/x86/pc/olpc - openfirmware

11 Dec 2009

Author: wmb
Date: 2009-12-11 14:54:04 +0100 (Fri, 11 Dec 2009)
New Revision: 1581
Modified:
   cpu/x86/pc/olpc/security.fth
Log:
OLPC trac 9868 - Reinstated "Signature [in]valid" messages that
inadvertently got lost when support for delegated signatures was added.
Modified: cpu/x86/pc/olpc/security.fth
===================================================================

--- cpu/x86/pc/olpc/security.fth	2009-12-11 09:33:46 UTC (rev 1580)
+++ cpu/x86/pc/olpc/security.fth	2009-12-11 13:54:04 UTC (rev 1581)
@@ -441,50 +441,6 @@
    true
 ;
-0 [if]
-\ parse-sig parses a "sig01:" format signature string, returning its
-\ hashname and signature substrings.  It converts the signature
-\ substring from ASCII hex to binary bytes.
-
-: parse-sig  ( sig01$ -- true | hashname$ sig$ false )
-   dup d# 89 <  if  2drop true exit  then
-   bl left-parse-string  " sig01:" $=  0=  if  2drop true exit  then    ( rem$ )
-   bl left-parse-string  dup d#  6 <>  if  4drop true exit  then  2swap ( hash$ rem$ )
-   bl left-parse-string  nip d# 64 <>  if  4drop true exit  then        ( hash$ rem$ )
-   newline left-parse-string  2swap nip  0<>  if  4drop true exit  then ( hash$ data$ )
-   dup /sig 2* <>  if  ( ." Bad signature length" cr  )  2drop true  exit  then ( hash$ data$ )
-
-   hex-decode  if  2drop true  else  false  then
-;
-
-\ signature-invalid? checks the validity of data$ against the ASCII signature
-\ record sig0N$, using the public key that thiskey$ points to.
-\ It also verifies that the hashname contained in sig01$ is the
-\ expected one.
-
-: signature-invalid?  ( data$ sig0N$ exp-hashname$ -- error? )
-   2>r
-   parse-sig  if
-      ." Bad signature format"  cr
-      2r> 2drop  true exit
-   then                                     ( data$ hashname$ sig$ r: exp$ )
-
-   \ Check for duplicate hashname attacks
-   2swap 2dup 2r>  $=  0=  if               ( data$ sig$ hashname$ )
-      ." Wrong hash name" cr
-      4drop 2drop true exit
-   then                                     ( data$ sig$ hashname$ )
-
-   2>r 2>r 2>r 0 2r> 2r> 2r>                ( 0 data$ sig$ hashname$ )
-   pubkey$  2swap  signature-bad?  ( error? )
-   dup  if
-      "   Signature invalid" ?lease-error-cr
-   else
-      "   Signature valid" ?lease-debug-cr
-   then
-;
-[then]
-
 \ exp-hashname$ remembers the most recently used hashname to guard against
 \ attacks based on reuse of the same (presumably compromized) hash.
@@ -623,10 +579,12 @@
       newline left-parse-string      ( rem$' line$ )
this-sig-line-good?  if        ( rem$ )
+         "   Signature valid" ?lease-debug-cr
          2drop  true exit
       then                           ( rem$ )
repeat                            ( rem$ )
+   "   Signature invalid" ?lease-error-cr
    2drop  false                      ( good? )
 ;

    