signature file format

[bushing]

While I'm waiting for my serial cable to come so I can dump the boot rom, anyone want to help me take a crack at the format for the .sig files?

Here's a sample one:

Code: [Select]


phatd.sig:
000: 52 07 00 00 5f 6a 45 2a a9 06 04 16 44 a6 54 25
010: 50 18 04 16 56 04 12 64 55 59 15 59 00 52 84 45
020: 94 44 21 44 60 10 25 41 24 01 62 45 52 40 46 80
030: 14 49 15 19 45 09 41 08 14 58 41 58 50 49 41 46
040: 81 45 42 40 52 80 01 64 46 55 02 85 14 84 50 65
050: 54 a1 51 24 41 42 11 16 00 16 25 01 61 85 54 20
060: 14 25 10 46 01 06 55 06 50 56 14 06 94 11 91 11
070: 90 14 21 24 55 49 05 49 14 18 80 55 61 54 42 24
080: 40 60 80 44 85 00 08 91 05 59 01 12 61 51 20 41
090: 59 91 54 65 04 65 54 65 81 41 81 11 91 54 91 45
0a0: 94 54 85 11 85 45 48 41 49 51 06 50 06 44 12 15
0b0: 06 54 42 06 19 10 19 00 58 11 08 45 09 50 19 54
0c0: 59 14 48 64 24 50 49 11 58 05 12 59 15 48 41 56
0d0: 25 00 64 10 60 50 20 15 58 00 16 21 41 49 05 19
0e0: 54 16 04 52 81 14 84 40 42 95 52 65 00 a0 02



Here's what I can tease out of this:

The sig files all vary slightly in length, but it does not seem to depend on anything obvious like the size of the signed file.

The first two bytes seem to be a length of the signature, in bits: 52 07 = x0752 = 1874 bits = 234.25 bytes. The next 3 bytes always seem to be 00 00 5f.

With that in mind, that gives us the following for that file:

Code: [Select]


phatd.sig:
000: 52 07 00 00 5f [skip 1874 bits...]
a0 02




Any thoughts?

-b

[para]

What's the purpose of doing this? I don't think there's a feasible way of cracking the signature. The mathematical trapdoor problem behind public key encryption/signing is too complex to be solved in a reasonable amount of time given the fact a 1024-bit (or greater) key is used...
If they (RSA, DES) would use crackable/patchable signature files it would be a VERY weak point in the security chain which would render the whole thing useless - and the contrary has been proven...

Para

[sulaco]

It would be useful to know the format of the sig files if all the keys were to be replaced e.t.c

[bushing]

What's the purpose of doing this? I don't think there's a feasible way of cracking the signature. The mathematical trapdoor problem behind public key encryption/signing is too complex to be solved in a reasonable amount of time given the fact a 1024-bit (or greater) key is used...

Yes, it's a 1024-bit (0x400 bit) key -- see the header.

I know that we can't crack it.  However, as sulaco points out, this would be helpful in trying to replace some / all of the keys.

Plus, there are 100 keys in pkeys2.e and 100 keys hidden before the first partition on the drive (unknown if there are any duplicates).  It would be interesting to know why there are so many keys ...

Besides, I'm just trying to keep busy until my serial cable arrives from Canada.  Unless I can get someone to dump that BIOS rom for me!

Ben

[para]

Besides, I'm just trying to keep busy until my serial cable arrives from Canada.  Unless I can get someone to dump that BIOS rom for me!

LOL, I won't stop ya
How do you know about the amount of keys? I mean maybe I'm too dumb but is a 1024 bit key stored in 1024 bit, so just dividing a file's relevant content by the key's size tells you the number?

Para

[bushing]

*sigh*

Okay, so the signature files are created by taking an MD5 hash of the file and using an 1024-bit private RSA key.  Yes, this is what we thought, but now I can be certain of it.

However, the !$!@$ thing then applies some bizzarro bit-scrambling function to it; this may be what inflates the sizeof the sig files, I don't know.

Google wasn't much help ... it involves the constants 0, 0x40100401, 0x80200802, 0xC0300C03 and 0x3FCFF3FC.  Oh. and there's some sort of debug function (that's never called) in phatd that uses these numbers and spits out the letters "Z", "O", "P", "M" along with some numbers.

I need to go to sleep now, it's someone else's turn.

-b

PS - Oh, and Para -- sorry I missed your question before.  If you yank any of the keys out of any of the binaries, the first 16 bits of the key reads 0x0400 -- for 1024 bits.

-b

[sbingner]

in the /tmp directory you find "drive.id" and "pkeysa.tmp" my contents are as follows:

drive.id

Code: [Select]

PhatNoise DMS 10GB                      Y15A0400T          
HEX:

Code: [Select]

0000000 6850 7461 6f4e 7369 2065 4d44 2053 3031
0000010 4247 2020 2020 2020 2020 2020 2020 2020
0000020 2020 2020 2020 2020 3159 4135 3430 3030
0000030 2054 2020 2020 2020 2020 2020          
000003c


pkeysa.tmp

Code: [Select]


0000000 0200 0000 0000 0000 0000 0000 0000 0000
0000010 0000 0000 0000 0000 0000 0000 0000 0000
*
0000040 0000 26a5 de4c b653 4776 9312 ecd6 f64d
0000050 60ab 0005 ecff 4a97 5173 8748 1b82 37c0
0000060 5294 e459 a1ca 10ab bb72 3bf4 4320 ae24
0000070 e667 3988 c7cf 5fb2 1ffb 34d5 53cb b4c9
0000080 1ddc 0000 0000 0000 0000 0000 0000 0000
0000090 0000 0000 0000 0000 0000 0000 0000 0000
*
00000f0 0000 0000 0000 0000 0000 0000 0000 0100
0000100 0100 0000 0000 0000 0000 0000 0000 0000
0000110 0000 0000 0000 0000 0000 0000 0000 0000
*
0000140 0000 a287 25d2 f912 60db e879 ee83 05e6
0000150 313e 4b09 e60d 4701 387b ea79 3819 80b3
0000160 46b2 8332 47a0 ae6a 31f9 bb08 ec90 5d2e
0000170 210e cf85 8d04 4572 1596 f123 bdc7 5b39
0000180 fd5a 0000 0000 0000 0000 0000 0000 0000
0000190 0000 0000 0000 0000 0000 0000 0000 0000
00001a0 0000 07d3 2f4d a72e 44d6 3ef3 3b7a f55a
00001b0 f134 9f36 5dca 9b48 75cd 8890 6088 6fb7
00001c0 cf88 0000 0000 0000 0000 0000 0000 0000
00001d0 0000 0000 0000 0000 0000 0000 0000 0000
00001e0 0000 58c8 0d11 83e3 75f4 cc5b cb4d b2a2
00001f0 5db4 52a0 20ac b84d 9718 2c86 bfce 1a43
0000200 53af 0000 0000 0000 0000 0000 0000 0000
0000210 0000 0000 0000 0000 0000 0000 0000 0000
0000220 0000 450d 4ad6 6af3 0547 2ecb cdd0 e94e
0000230 4d41 9c32 4456 bf0b eb10 0e26 5510 f3d4
0000240 edc4 0000 0000 0000 0000 0000 0000 0000
0000250 0000 0000 0000 0000 0000 0000 0000 0000
0000260 0000 b0ae c6a3 8141 d258 4650 fb17 159d
0000270 d247 ae6f aa46 3a30 2e7b 6efc a3eb 66b8
0000280 4377 0000 0000 0000 0000 0000 0000 0000
0000290 0000 0000 0000 0000 0000 0000 0000 0000
00002a0 0000 2586 c414 8a03 9faa 855d 19f9 6dfc
00002b0 ae8a ab6e 454e 2797 7f72 ea34 6bfa d713
00002c0 51d1 b9c6                              
00002c4