[openfirmware] r1581 - cpu/x86/pc/olpc
svn at openfirmware.info
svn at openfirmware.info
Fri Dec 11 14:54:05 CET 2009
Author: wmb
Date: 2009-12-11 14:54:04 +0100 (Fri, 11 Dec 2009)
New Revision: 1581
Modified:
cpu/x86/pc/olpc/security.fth
Log:
OLPC trac 9868 - Reinstated "Signature [in]valid" messages that
inadvertently got lost when support for delegated signatures was added.
Modified: cpu/x86/pc/olpc/security.fth
===================================================================
--- cpu/x86/pc/olpc/security.fth 2009-12-11 09:33:46 UTC (rev 1580)
+++ cpu/x86/pc/olpc/security.fth 2009-12-11 13:54:04 UTC (rev 1581)
@@ -441,50 +441,6 @@
true
;
-0 [if]
-\ parse-sig parses a "sig01:" format signature string, returning its
-\ hashname and signature substrings. It converts the signature
-\ substring from ASCII hex to binary bytes.
-
-: parse-sig ( sig01$ -- true | hashname$ sig$ false )
- dup d# 89 < if 2drop true exit then
- bl left-parse-string " sig01:" $= 0= if 2drop true exit then ( rem$ )
- bl left-parse-string dup d# 6 <> if 4drop true exit then 2swap ( hash$ rem$ )
- bl left-parse-string nip d# 64 <> if 4drop true exit then ( hash$ rem$ )
- newline left-parse-string 2swap nip 0<> if 4drop true exit then ( hash$ data$ )
- dup /sig 2* <> if ( ." Bad signature length" cr ) 2drop true exit then ( hash$ data$ )
-
- hex-decode if 2drop true else false then
-;
-
-\ signature-invalid? checks the validity of data$ against the ASCII signature
-\ record sig0N$, using the public key that thiskey$ points to.
-\ It also verifies that the hashname contained in sig01$ is the
-\ expected one.
-
-: signature-invalid? ( data$ sig0N$ exp-hashname$ -- error? )
- 2>r
- parse-sig if
- ." Bad signature format" cr
- 2r> 2drop true exit
- then ( data$ hashname$ sig$ r: exp$ )
-
- \ Check for duplicate hashname attacks
- 2swap 2dup 2r> $= 0= if ( data$ sig$ hashname$ )
- ." Wrong hash name" cr
- 4drop 2drop true exit
- then ( data$ sig$ hashname$ )
-
- 2>r 2>r 2>r 0 2r> 2r> 2r> ( 0 data$ sig$ hashname$ )
- pubkey$ 2swap signature-bad? ( error? )
- dup if
- " Signature invalid" ?lease-error-cr
- else
- " Signature valid" ?lease-debug-cr
- then
-;
-[then]
-
\ exp-hashname$ remembers the most recently used hashname to guard against
\ attacks based on reuse of the same (presumably compromized) hash.
@@ -623,10 +579,12 @@
newline left-parse-string ( rem$' line$ )
this-sig-line-good? if ( rem$ )
+ " Signature valid" ?lease-debug-cr
2drop true exit
then ( rem$ )
repeat ( rem$ )
+ " Signature invalid" ?lease-error-cr
2drop false ( good? )
;
More information about the openfirmware
mailing list