sigcheck.c
3.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
#include <openssl/rsa.h>
#include <openssl/bn.h>
#include <stdlib.h>
#include <string.h>
#include <sha1.h>
#include <PR/bbmetadata.h>
#include <PR/bbcert.h>
#include <stdlib.h>
#include <bb_nn.h>
#include <PR/bbcrl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <netinet/in.h>
#include <algorithms.h>
/*
#define DEBUG
*/
typedef struct {
char name[12];
BbEccSig sig;
} sig_entry_t;
#define BB_INODE16_NAMELEN 11 /* maximum name length */
void
__osBbFsFormatName(char fname[BB_INODE16_NAMELEN], const char* name) {
int i, j;
/* reformat name to XXXXXXXXYYY filling with 0s */
for(i = 0; name[i] && name[i] != '.' && i < BB_INODE16_NAMELEN-3; i++)
fname[i] = name[i];
for(j = i; j < BB_INODE16_NAMELEN-3; j++) fname[j] = '\0';
if (name[i] == '.') {
i++;
while(name[i] && j < BB_INODE16_NAMELEN)
fname[j++] = name[i++];
}
while(j < BB_INODE16_NAMELEN)
fname[j++] = '\0';
}
/* return zero if state file name not found */
int lookupSig(FILE *sigptr, char *statename, BbEccSig sig){
int i;
sig_entry_t sigentry;
char fname[BB_INODE16_NAMELEN];
__osBbFsFormatName(fname, statename);
while(fread((void *) &sigentry, sizeof(sig_entry_t), 1, sigptr) ==1){
if(bcmp(fname, sigentry.name, BB_INODE16_NAMELEN) == 0) {
printf("state found = %s\n", sigentry.name);
memcpy(sig, sigentry.sig, sizeof(BbEccSig));
for(i=0; i< sizeof(BbEccSig)/4; i++){
sig[i] = ntohl(sig[i]);
}
return 1;
}
}
return 0;
}
int main(int argc, char **argv){
int i;
unsigned char hash_data[20];
SHA1Context sha;
u8 *stateBlob;
FILE *statedataptr;
FILE *sigptr;
struct stat statbuf;
int state_size;
BbEccCert bbcert;
FILE *bbcertptr;
BbEccPublicKey publickey;
BbEccSig sig;
boolean res;
BbShaHash hash_word;
if(argc != 4){
fprintf(stderr,"usage: %s statefile signaturefile bbcertfile\n", argv[0]);
exit(1);
}
/* pull state data from file */
statedataptr = fopen(argv[1], "r");
if(statedataptr ==0){
fprintf(stderr,"couldnt find your state data in local directory\n");
exit(1);
}
/* read in state data */
stat(argv[1], &statbuf);
state_size = (long) statbuf.st_size;
stateBlob= malloc(state_size);
fread(stateBlob, state_size, 1, statedataptr);
/* compute hash */
SHA1Reset(&sha);
SHA1Input(&sha, ((u8 *)(stateBlob)),state_size);
SHA1Result(&sha, hash_data);
if(statedataptr) fclose(statedataptr);
/* verify a sign from a BB: assumed BBs cert is ecccert.bin */
if((bbcertptr = fopen(argv[3], "r")) == 0){
fprintf(stderr,"cant open bb cert file \n");
exit(1);
}
fread((void *) &bbcert, sizeof(BbEccCert), 1, bbcertptr);
for(i=0; i< sizeof(BbEccPublicKey)/4; i++){
publickey[i] = ntohl(bbcert.publicKey[i]);
}
if((sigptr = fopen(argv[2], "r")) == 0){
fprintf(stderr,"cant open bb sig file\n");
exit(1);
}
/* look up signature corresponding to the file */
if( lookupSig(sigptr, argv[1], sig) ==0){
fprintf(stderr, "Lookup failed: no signature\n");
exit(1);
}
#define API_IDENTITY (0x00000001)
for(i=0; i< 5; i++){
hash_word[i] = *((u32 *)(hash_data + (4*i)));
}
bsl_verify_ecc_sig((u8 *)hash_word, sizeof(BbShaHash), publickey,
sig, &res, API_IDENTITY);
if(res != BSL_TRUE){
printf("Ecc sign verify FAIL\n");
}
else{
printf("Ecc sign verify PASS\n");
}
return 0;
}