[OpenBIOS] r634 - cpu/x86/pc/olpc

svn at openbios.org svn at openbios.org
Thu Sep 20 01:58:44 CEST 2007


Author: wmb
Date: 2007-09-20 01:58:43 +0200 (Thu, 20 Sep 2007)
New Revision: 634

Modified:
   cpu/x86/pc/olpc/security.fth
Log:
OLPC security - added dispostion code to lease and devkey formats.



Modified: cpu/x86/pc/olpc/security.fth
===================================================================
--- cpu/x86/pc/olpc/security.fth	2007-09-19 23:57:43 UTC (rev 633)
+++ cpu/x86/pc/olpc/security.fth	2007-09-19 23:58:43 UTC (rev 634)
@@ -283,7 +283,7 @@
 \ including serial number, UUID, and expiration time, is place.
 \ That string is the signed object for lease and developer key verification.
 
-d# 65 buffer: machine-id-buf
+d# 67 buffer: machine-id-buf
 
 \ get-my-sn get the machine identification info including serial number
 \ and UUID from the manufacturing data, placing it into machine-id-buf
@@ -315,6 +315,8 @@
 
    [char] : machine-id-buf d# 48 + c!
 
+   [char] : machine-id-buf d# 50 + c!
+
    false
 ;
 
@@ -333,10 +335,12 @@
 
 : check-machine-signature  ( sig$ expiration$ -- -1|1 )
    0 hashname c!
-   machine-id-buf d# 49 +  swap  move  ( sig$ )
-   machine-id-buf d# 65  2swap  valid?  if  1  else  -1  then
+   machine-id-buf d# 51 +  swap  move  ( sig$ )
+   machine-id-buf d# 67  2swap  valid?  if  1  else  -1  then
 ;
 
+: set-disposition  ( adr -- )  c@  machine-id-buf d# 49 + c!  ;
+
 \ check-lease checks a lease signature record in act01: format
 
 \ -1 means lease is for this machine and is invalid
@@ -348,16 +352,23 @@
       "   Not act01:" ?lease-debug-cr
       2drop -1 exit
    then
+
    bl left-parse-string                    ( rem$ serial$ )
    my-sn$ $=  0=  if                       ( rem$ )
       " is for a different system" ?lease-debug-cr
       2drop 0 exit
    then                                    ( rem$ )
+
+   \ Disposition code
+   bl left-parse-string  1 <>  if  3drop -1 exit  then  ( rem$ disp-adr )
+   set-disposition                         ( rem$ )
+
    bl left-parse-string                    ( sig$ expiration$ )
    dup d# 16 <>  if                        ( sig$ expiration$ )
       " has bad expiration format" ?lease-debug-cr
       4drop -1 exit
    then                                    ( sig$ expiration$ )
+
    2dup expired?  if
       " expired" ?lease-debug-cr
       4drop -1 exit
@@ -535,6 +546,10 @@
    bl left-parse-string                        ( rem$ serial$ )
    my-sn$ $=  0=  if  2drop 0 exit  then       ( rem$ )
 
+   \ Disposition code
+   bl left-parse-string  1 <>  if  3drop -1 exit  then  ( rem$ disp-adr )
+   set-disposition                                      ( rem$ )
+
    develkey$ to pubkey$
    " 00000000T000000Z"  check-machine-signature
 ;




More information about the OpenBIOS mailing list