sigcheck.c 3.43 KB
#include <openssl/rsa.h>
#include <openssl/bn.h>
#include <stdlib.h>
#include <string.h>
#include <sha1.h>
#include <PR/bbmetadata.h>
#include <PR/bbcert.h>
#include <stdlib.h>
#include <bb_nn.h>
#include <PR/bbcrl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <netinet/in.h>
#include <algorithms.h>
/*
#define DEBUG
*/
   
typedef struct {
    char name[12];
    BbEccSig sig;
} sig_entry_t;

#define BB_INODE16_NAMELEN 11      /* maximum name length */

void
__osBbFsFormatName(char fname[BB_INODE16_NAMELEN], const char* name) {
    int i, j;
    /* reformat name to XXXXXXXXYYY filling with 0s */
    for(i = 0; name[i] && name[i] != '.' && i < BB_INODE16_NAMELEN-3; i++)
        fname[i] = name[i];
    for(j = i; j < BB_INODE16_NAMELEN-3; j++) fname[j] = '\0';
    if (name[i] == '.') {
        i++;
        while(name[i] && j < BB_INODE16_NAMELEN)
            fname[j++] = name[i++];
    }
    while(j < BB_INODE16_NAMELEN)
        fname[j++] = '\0';
}

/* return zero if state file name not found */
int lookupSig(FILE *sigptr, char *statename, BbEccSig sig){
  int i;
  sig_entry_t sigentry;
  char fname[BB_INODE16_NAMELEN];
  __osBbFsFormatName(fname, statename);
  while(fread((void *) &sigentry, sizeof(sig_entry_t), 1, sigptr) ==1){
    
    if(bcmp(fname, sigentry.name, BB_INODE16_NAMELEN) == 0) {
      printf("state found = %s\n", sigentry.name);
      memcpy(sig, sigentry.sig, sizeof(BbEccSig));
      for(i=0; i< sizeof(BbEccSig)/4; i++){
	sig[i] = ntohl(sig[i]);
      }
      return 1;
    }
  }
  return 0;
}

   
   
     
int main(int argc, char **argv){
  int i;
  unsigned char hash_data[20];  
  SHA1Context sha;
  u8 *stateBlob;
  FILE *statedataptr;
  FILE *sigptr;
        
  struct stat statbuf;
  int state_size;
  BbEccCert bbcert;
  FILE *bbcertptr;
  BbEccPublicKey publickey;
  BbEccSig sig;
  boolean res;
  BbShaHash hash_word;
  
   
  if(argc != 4){
    fprintf(stderr,"usage: %s  statefile signaturefile bbcertfile\n", argv[0]);
    exit(1);
  }

  /* pull state data from file */
  statedataptr = fopen(argv[1], "r");
  if(statedataptr ==0){
    fprintf(stderr,"couldnt find your state data in local directory\n");
    exit(1);
  }
     

  /* read in state data */
  stat(argv[1], &statbuf);
  state_size = (long) statbuf.st_size;
  stateBlob= malloc(state_size);
  fread(stateBlob, state_size, 1, statedataptr);

  /* compute hash */
  SHA1Reset(&sha);
  SHA1Input(&sha, ((u8 *)(stateBlob)),state_size);
  SHA1Result(&sha, hash_data);  

  if(statedataptr) fclose(statedataptr);

  /* verify a sign from a BB: assumed BBs cert is ecccert.bin */
  if((bbcertptr = fopen(argv[3], "r")) == 0){
    fprintf(stderr,"cant open bb cert file \n");
    exit(1);
  }
  fread((void *) &bbcert, sizeof(BbEccCert), 1, bbcertptr);
  for(i=0; i< sizeof(BbEccPublicKey)/4; i++){
    publickey[i] = ntohl(bbcert.publicKey[i]);
  }
    
  if((sigptr = fopen(argv[2], "r")) == 0){
    fprintf(stderr,"cant open bb sig file\n");
    exit(1);
  }
  /* look up signature corresponding to the file */
  if( lookupSig(sigptr, argv[1], sig) ==0){
    fprintf(stderr, "Lookup failed: no signature\n");
    exit(1);
  }

#define API_IDENTITY (0x00000001)
  for(i=0; i< 5; i++){
    hash_word[i] = *((u32 *)(hash_data + (4*i)));
  }
  bsl_verify_ecc_sig((u8 *)hash_word, sizeof(BbShaHash), publickey, 
		       sig, &res, API_IDENTITY);
  if(res != BSL_TRUE){
    printf("Ecc sign verify FAIL\n");
  }
  else{
    printf("Ecc sign verify PASS\n");
  }
			   
  return 0;
}