ayaan/Custom-Operating-System
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Squash commits for public release

Browse Source
This commit is contained in:
Ayaan Tunio
2025-02-12 09:54:05 -05:00
commit 7118adc514
1108 changed files with 80873 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

149
boot/libboot/crypto/sha256.c Normal file
View File

@@ -0,0 +1,149 @@
#include "sha256.h"
#include <libboot/log/log.h>
#include <libboot/mem/mem.h>
const static sha256_word_t sha256_consts[64] = {
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
};
const static sha256_word_t sha256_state_init[8] = {
0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
};
#define ROTLEFT(a, b) (((a) << (b)) | ((a) >> (32 - (b))))
#define ROTRIGHT(a, b) (((a) >> (b)) | ((a) << (32 - (b))))
#define CH(x, y, z) (((x) & (y)) ^ (~(x) & (z)))
#define MAJ(x, y, z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
#define EP0(x) (ROTRIGHT(x, 2) ^ ROTRIGHT(x, 13) ^ ROTRIGHT(x, 22))
#define EP1(x) (ROTRIGHT(x, 6) ^ ROTRIGHT(x, 11) ^ ROTRIGHT(x, 25))
#define SIG0(x) (ROTRIGHT(x, 7) ^ ROTRIGHT(x, 18) ^ ((x) >> 3))
#define SIG1(x) (ROTRIGHT(x, 17) ^ ROTRIGHT(x, 19) ^ ((x) >> 10))
static void sha256_transform(sha256_ctx_t* ctx, const void* vdata)
{
sha256_byte_t* data = (sha256_byte_t*)vdata;
sha256_word_t m[64];
size_t i = 0;
for (sha256_word_t j = 0; i < 16; i++, j += 4) {
m[i] = (data[j] << 24) | (data[j + 1] << 16) | (data[j + 2] << 8) | (data[j + 3]);
}
for (; i < 64; i++) {
m[i] = SIG1(m[i - 2]) + m[i - 7] + SIG0(m[i - 15]) + m[i - 16];
}
sha256_word_t a = ctx->state[0];
sha256_word_t b = ctx->state[1];
sha256_word_t c = ctx->state[2];
sha256_word_t d = ctx->state[3];
sha256_word_t e = ctx->state[4];
sha256_word_t f = ctx->state[5];
sha256_word_t g = ctx->state[6];
sha256_word_t h = ctx->state[7];
for (i = 0; i < 64; i++) {
sha256_word_t t1 = h + EP1(e) + CH(e, f, g) + sha256_consts[i] + m[i];
sha256_word_t t2 = EP0(a) + MAJ(a, b, c);
h = g;
g = f;
f = e;
e = d + t1;
d = c;
c = b;
b = a;
a = t1 + t2;
}
ctx->state[0] += a;
ctx->state[1] += b;
ctx->state[2] += c;
ctx->state[3] += d;
ctx->state[4] += e;
ctx->state[5] += f;
ctx->state[6] += g;
ctx->state[7] += h;
}
void sha256_init(sha256_ctx_t* ctx)
{
ctx->bufnxt = 0;
ctx->bits_count = 0;
memcpy(ctx->state, sha256_state_init, sizeof(sha256_state_init));
}
void sha256_update(sha256_ctx_t* ctx, const void* vdata, size_t len)
{
sha256_byte_t* data = (sha256_byte_t*)vdata;
for (size_t i = 0; i < len; i++) {
ctx->buf[ctx->bufnxt] = data[i];
ctx->bufnxt++;
if (ctx->bufnxt == 64) {
sha256_transform(ctx, ctx->buf);
ctx->bits_count += 512;
ctx->bufnxt = 0;
}
}
}
void sha256_hash(sha256_ctx_t* ctx, char* hash)
{
size_t i = ctx->bufnxt;
if (ctx->bufnxt < 56) {
ctx->buf[i++] = 0x80;
} else {
ctx->buf[i++] = 0x80;
while (i < 64) {
ctx->buf[i++] = 0x00;
}
sha256_transform(ctx, ctx->buf);
i = 0;
}
while (i < 56) {
ctx->buf[i++] = 0x00;
}
ctx->bits_count += ctx->bufnxt * 8;
ctx->buf[56] = ctx->bits_count >> 56;
ctx->buf[57] = ctx->bits_count >> 48;
ctx->buf[58] = ctx->bits_count >> 40;
ctx->buf[59] = ctx->bits_count >> 32;
ctx->buf[60] = ctx->bits_count >> 24;
ctx->buf[61] = ctx->bits_count >> 16;
ctx->buf[62] = ctx->bits_count >> 8;
ctx->buf[63] = ctx->bits_count >> 0;
sha256_transform(ctx, ctx->buf);
// Making hash big endian.
for (i = 0; i < 4; i++) {
hash[i] = (ctx->state[0] >> (24 - i * 8)) & 0x000000ff;
hash[i + 4] = (ctx->state[1] >> (24 - i * 8)) & 0x000000ff;
hash[i + 8] = (ctx->state[2] >> (24 - i * 8)) & 0x000000ff;
hash[i + 12] = (ctx->state[3] >> (24 - i * 8)) & 0x000000ff;
hash[i + 16] = (ctx->state[4] >> (24 - i * 8)) & 0x000000ff;
hash[i + 20] = (ctx->state[5] >> (24 - i * 8)) & 0x000000ff;
hash[i + 24] = (ctx->state[6] >> (24 - i * 8)) & 0x000000ff;
hash[i + 28] = (ctx->state[7] >> (24 - i * 8)) & 0x000000ff;
}
}

22
boot/libboot/crypto/sha256.h Normal file
View File

@@ -0,0 +1,22 @@
#ifndef _BOOT_LIBBOOT_CRYPTO_SHA256_H
#define _BOOT_LIBBOOT_CRYPTO_SHA256_H
#include <libboot/mem/mem.h>
#include <libboot/types.h>
typedef uint8_t sha256_byte_t;
typedef uint32_t sha256_word_t;
struct sha256_ctx {
uint64_t bits_count;
sha256_word_t state[8];
sha256_word_t bufnxt;
sha256_byte_t buf[64];
};
typedef struct sha256_ctx sha256_ctx_t;
void sha256_init(sha256_ctx_t* ctx);
void sha256_update(sha256_ctx_t* ctx, const void* data, size_t len);
void sha256_hash(sha256_ctx_t* ctx, char* hash);
#endif // #define _BOOT_LIBBOOT_CRYPTO_SHA256_H

136
boot/libboot/crypto/signature.c Normal file
View File

@@ -0,0 +1,136 @@
const char pub_xos_key_e[] = {
(char)0x1,
(char)0x0,
(char)0x1,
};
const char pub_xos_key_n[] = {
(char)0x1d,
(char)0x7e,
(char)0x51,
(char)0xed,
(char)0xdc,
(char)0x86,
(char)0x89,
(char)0x86,
(char)0xb1,
(char)0xa4,
(char)0x84,
(char)0x87,
(char)0xc9,
(char)0x35,
(char)0xe7,
(char)0x7f,
(char)0x8a,
(char)0xea,
(char)0xcb,
(char)0xda,
(char)0xdf,
(char)0xec,
(char)0x7a,
(char)0xa5,
(char)0x2a,
(char)0x60,
(char)0x15,
(char)0x91,
(char)0x14,
(char)0xd5,
(char)0x2c,
(char)0xbb,
(char)0x8f,
(char)0x8f,
(char)0xad,
(char)0x17,
(char)0x5b,
(char)0xd7,
(char)0xda,
(char)0x4d,
(char)0x4b,
(char)0xe3,
(char)0x3e,
(char)0x83,
(char)0xb5,
(char)0xb4,
(char)0x38,
(char)0x60,
(char)0x59,
(char)0x94,
(char)0xef,
(char)0xad,
(char)0x39,
(char)0x72,
(char)0x9d,
(char)0x7d,
(char)0xc6,
(char)0x1b,
(char)0xcf,
(char)0x4e,
(char)0x6f,
(char)0xee,
(char)0xf7,
(char)0xd3,
(char)0xbc,
(char)0xcf,
(char)0xe9,
(char)0xb9,
(char)0xf1,
(char)0x21,
(char)0xef,
(char)0x9a,
(char)0x6,
(char)0x75,
(char)0xc8,
(char)0xc2,
(char)0x6e,
(char)0x99,
(char)0x28,
(char)0xa6,
(char)0x3,
(char)0xe6,
(char)0xc6,
(char)0x4d,
(char)0x2,
(char)0x83,
(char)0xe4,
(char)0xe0,
(char)0x21,
(char)0xd9,
(char)0x19,
(char)0x11,
(char)0x29,
(char)0xe8,
(char)0xff,
(char)0x11,
(char)0x7,
(char)0x23,
(char)0x44,
(char)0x7f,
(char)0xfb,
(char)0x76,
(char)0xb1,
(char)0x7,
(char)0xe7,
(char)0xab,
(char)0x83,
(char)0x7e,
(char)0xa6,
(char)0xd9,
(char)0x7a,
(char)0x50,
(char)0x36,
(char)0xf,
(char)0xb3,
(char)0xc0,
(char)0xb7,
(char)0x4f,
(char)0x17,
(char)0xc7,
(char)0xb5,
(char)0x50,
(char)0xe8,
(char)0xe6,
(char)0xc1,
(char)0x3f,
(char)0x5f,
(char)0xa6,
};

10
boot/libboot/crypto/signature.h Normal file
View File

@@ -0,0 +1,10 @@
#ifndef _BOOT_LIBBOOT_CRYPTO_SIGNATURE_H
#define _BOOT_LIBBOOT_CRYPTO_SIGNATURE_H
#define pub_xos_key_e_len (3)
extern const char pub_xos_key_e[];
#define pub_xos_key_n_len (128)
extern const char pub_xos_key_n[];
#endif // _BOOT_LIBBOOT_CRYPTO_SIGNATURE_H

299
boot/libboot/crypto/uint2048.c Normal file
View File

@@ -0,0 +1,299 @@
#include "uint2048.h"
#include <libboot/log/log.h>
#include <libboot/mem/mem.h>
#define EOVERFLOW 75
int uint2048_init(uint2048_t* d, uint32_t n)
{
int i = 0;
d->bucket[i++] = n;
while (i < N_UINT2048) {
d->bucket[i++] = 0;
}
return 0;
}
int uint2048_init_bytes(uint2048_t* d, const char* f, size_t n)
{
if (n > sizeof(uint2048_t)) {
return -1;
}
memset(d->bucket, 0, sizeof(uint2048_t));
memcpy(d->bucket, f, n);
return 0;
}
static inline uint32_t char_to_u32_safe_convert(char x)
{
return x >= 0 ? x : 256 + x;
}
int uint2048_init_bytes_be(uint2048_t* d, const char* f, size_t n)
{
if (n > sizeof(uint2048_t)) {
return -1;
}
size_t i = 0;
uint32_t bytes4 = 0;
size_t dd = (n / 4) * 4;
size_t dr = n - dd;
for (int fi = n - 4; fi >= 0; fi -= 4) {
bytes4 = 0;
bytes4 |= char_to_u32_safe_convert(f[fi]) << 24;
bytes4 |= char_to_u32_safe_convert(f[fi + 1]) << 16;
bytes4 |= char_to_u32_safe_convert(f[fi + 2]) << 8;
bytes4 |= char_to_u32_safe_convert(f[fi + 3]) << 0;
d->bucket[i++] = bytes4;
}
bytes4 = 0;
for (int remi = dr - 1; remi >= 0; remi--) {
bytes4 |= char_to_u32_safe_convert(f[dd + remi]) << (remi * 8);
}
d->bucket[i++] = bytes4;
while (i < N_UINT2048) {
d->bucket[i++] = 0;
}
return 0;
}
int uint2048_copy(uint2048_t* dest, uint2048_t* src)
{
memcpy(dest, src, sizeof(uint2048_bucket_t) * N_UINT2048);
return 0;
}
int uint2048_add(uint2048_t* a, uint2048_t* b, uint2048_t* c)
{
uint64_t carry = 0;
uint64_t sum = 0;
for (int i = 0; i < N_UINT2048; i++) {
uint64_t ab = a->bucket[i];
uint64_t bb = b->bucket[i];
sum = ab + bb + carry;
if (sum >= BASE_UINT2048U) {
carry = 1;
sum -= BASE_UINT2048U;
} else {
carry = 0;
}
c->bucket[i] = (uint2048_bucket_t)sum;
}
return carry ? -EOVERFLOW : 0;
}
int uint2048_sub(uint2048_t* a, uint2048_t* b, uint2048_t* c)
{
uint32_t carry = 0;
uint64_t sum = 0;
for (int i = 0; i < N_UINT2048; i++) {
uint64_t ab = a->bucket[i];
uint64_t bb = b->bucket[i];
sum = carry + bb;
if (ab >= sum) {
ab = ab - (sum);
carry = 0;
} else {
ab = ab + BASE_UINT2048U - (sum);
carry = 1;
}
c->bucket[i] = (uint2048_bucket_t)ab;
}
if (carry) {
uint2048_init(c, 0);
}
return carry ? -EOVERFLOW : 0;
}
int uint2048_shl(uint2048_t* a, int n)
{
int i;
for (i = N_UINT2048 - 1; i >= n; i--) {
a->bucket[i] = a->bucket[i - n];
}
while (i >= 0) {
a->bucket[i--] = 0;
}
return 0;
}
int uint2048_shr(uint2048_t* a, int n)
{
int i;
for (i = 0; i < N_UINT2048 - n; i++) {
a->bucket[i] = a->bucket[i + n];
}
while (i < N_UINT2048) {
a->bucket[i++] = 0;
}
return 0;
}
int uint2048_mult_by_digit(uint2048_t* a, uint2048_t* b, uint2048_bucket_t un)
{
uint64_t carry = 0;
uint64_t tmp;
uint64_t n = (uint64_t)un;
for (int i = 0; i < N_UINT2048; i++) {
uint64_t ab = a->bucket[i];
tmp = n * ab + carry;
if (tmp >= BASE_UINT2048U) {
carry = tmp / BASE_UINT2048U;
tmp %= BASE_UINT2048U;
} else {
carry = 0;
}
b->bucket[i] = (uint2048_bucket_t)tmp;
}
return carry ? -EOVERFLOW : 0;
}
int uint2048_mult(uint2048_t* a, uint2048_t* b, uint2048_t* c)
{
uint2048_t p;
uint2048_init(c, 0);
for (int i = 0; i < N_UINT2048; i++) {
if (!a->bucket[i]) {
continue;
}
uint2048_mult_by_digit(b, &p, a->bucket[i]);
uint2048_shl(&p, i);
uint2048_add(c, &p, c);
}
return 0;
}
int uint2048_div(uint2048_t* a, uint2048_t* b, uint2048_t* dividend, uint2048_t* reminder)
{
uint2048_t tmp;
if (dividend) {
uint2048_init(dividend, 0);
}
uint2048_init(reminder, 0);
for (int i = N_UINT2048 - 1; i >= 0; i--) {
uint2048_shl(reminder, 1);
reminder->bucket[0] = a->bucket[i];
uint64_t l = 0, r = BASE_UINT2048U;
while (r - l > 1) {
uint64_t m = (l + r) / 2;
uint2048_mult_by_digit(b, &tmp, (uint2048_bucket_t)m);
if (uint2048_less_equal(&tmp, reminder)) {
l = m;
} else {
r = m;
}
}
if (dividend) {
dividend->bucket[i] = (uint2048_bucket_t)l;
}
uint2048_mult_by_digit(b, &tmp, (uint2048_bucket_t)l);
uint2048_sub(reminder, &tmp, reminder);
}
return 0;
}
int uint2048_pow(uint2048_t* ua, uint2048_t* up, uint2048_t* mod, uint2048_t* ans)
{
uint2048_t tmp1;
uint2048_t tmp2;
uint2048_t const2;
uint2048_t a;
uint2048_t p;
uint2048_copy(&a, ua);
uint2048_copy(&p, up);
uint2048_init(ans, 1);
uint2048_init(&const2, 2);
while (uint2048_is_not_zero(&p)) {
if (uint2048_is_odd(&p)) {
uint2048_mult(ans, &a, &tmp1);
uint2048_div(&tmp1, mod, NULL, &tmp2);
uint2048_copy(ans, &tmp2);
}
uint2048_mult(&a, &a, &tmp1);
uint2048_div(&tmp1, mod, NULL, &tmp2);
uint2048_copy(&a, &tmp2);
uint2048_div(&p, &const2, &tmp1, &tmp2);
uint2048_copy(&p, &tmp1);
}
return 0;
}
bool uint2048_less(uint2048_t* a, uint2048_t* b)
{
for (int i = N_UINT2048 - 1; i >= 0; i--) {
if (a->bucket[i] < b->bucket[i]) {
return true;
}
if (a->bucket[i] > b->bucket[i]) {
return false;
}
}
return false;
}
bool uint2048_less_equal(uint2048_t* a, uint2048_t* b)
{
for (int i = N_UINT2048 - 1; i >= 0; i--) {
if (a->bucket[i] < b->bucket[i]) {
return true;
}
if (a->bucket[i] > b->bucket[i]) {
return false;
}
}
return true;
}
bool uint2048_equal(uint2048_t* a, uint2048_t* b)
{
for (int i = 0; i < N_UINT2048; i++) {
if (a->bucket[i] != b->bucket[i]) {
return false;
}
}
return true;
}
bool uint2048_is_not_zero(uint2048_t* a)
{
for (int i = 0; i < N_UINT2048; i++) {
if (a->bucket[i] != 0) {
return true;
}
}
return false;
}
bool uint2048_is_odd(uint2048_t* a)
{
return (a->bucket[0] % 2) == 1;
}
int uint2048_dump(uint2048_t* a)
{
log("dumping");
for (int i = N_UINT2048 - 1; i >= 0; i--) {
log(" %x", a->bucket[i]);
}
return 0;
}

43
boot/libboot/crypto/uint2048.h Normal file
View File

@@ -0,0 +1,43 @@
#ifndef _BOOT_LIBBOOT_CRYPTO_UINT2048_H
#define _BOOT_LIBBOOT_CRYPTO_UINT2048_H
#include <libboot/mem/mem.h>
#include <libboot/types.h>
#define N_UINT2048 (64)
#define BITS_IN_BASE_UINT2048 (32)
#define BASE_UINT2048 ((uint64_t)((uint64_t)1 << BITS_IN_BASE_UINT2048))
#define BASE_UINT2048U ((uint64_t)((uint64_t)1 << (uint64_t)BITS_IN_BASE_UINT2048))
typedef uint32_t uint2048_bucket_t;
struct uint2048 {
uint2048_bucket_t bucket[N_UINT2048];
};
typedef struct uint2048 uint2048_t;
int uint2048_init(uint2048_t* d, uint32_t n);
int uint2048_init_bytes(uint2048_t* d, const char* f, size_t n);
int uint2048_init_bytes_be(uint2048_t* d, const char* f, size_t n);
int uint2048_copy(uint2048_t* dest, uint2048_t* src);
int uint2048_add(uint2048_t* a, uint2048_t* b, uint2048_t* c);
int uint2048_sub(uint2048_t* a, uint2048_t* b, uint2048_t* c);
int uint2048_shl(uint2048_t* a, int n);
int uint2048_shr(uint2048_t* a, int n);
int uint2048_mult_by_digit(uint2048_t* a, uint2048_t* b, uint2048_bucket_t un);
int uint2048_mult(uint2048_t* a, uint2048_t* b, uint2048_t* c);
int uint2048_div(uint2048_t* a, uint2048_t* b, uint2048_t* ans, uint2048_t* rem);
int uint2048_pow(uint2048_t* ua, uint2048_t* up, uint2048_t* mod, uint2048_t* ans);
bool uint2048_equal(uint2048_t* a, uint2048_t* b);
bool uint2048_less(uint2048_t* a, uint2048_t* b);
bool uint2048_less_equal(uint2048_t* a, uint2048_t* b);
bool uint2048_is_not_zero(uint2048_t* a);
bool uint2048_is_odd(uint2048_t* a);
int uint2048_dump(uint2048_t* a);
#endif // _BOOT_LIBBOOT_CRYPTO_UINT2048_H

103
boot/libboot/crypto/validate.c Normal file
View File

@@ -0,0 +1,103 @@
#include <libboot/crypto/sha256.h>
#include <libboot/crypto/signature.h>
#include <libboot/crypto/uint2048.h>
#include <libboot/crypto/validate.h>
#include <libboot/elf/elf_lite.h>
#include <libboot/fs/ext2_lite.h>
#include <libboot/log/log.h>
#define tmp_buf_size (4096)
char tmp_buf[tmp_buf_size];
static int get_elf_signature(elfctx_t* elfctx, void* signature_buffer)
{
elf_section_header_32_t shstrtab_section_header;
elf_read_section_header(elfctx, elfctx->header.e_shstrndx, &shstrtab_section_header);
uintptr_t shstrtab_offset = shstrtab_section_header.sh_offset;
for (uint32_t i = 0; i < elfctx->header.e_shnum; i++) {
elf_section_header_32_t section_header;
elf_read_section_header(elfctx, i, &section_header);
char tmp_name_buffer[32];
uintptr_t name_offset_abs = shstrtab_offset + section_header.sh_name;
elfctx->fs_desc->read_from_inode(elfctx->drive_desc, &elfctx->file_inode, (void*)tmp_name_buffer, name_offset_abs, 32);
size_t len = strnlen(tmp_name_buffer, 32);
if (len != sizeof("._signature") - 1) {
continue;
}
if (memcmp(tmp_name_buffer, "._signature", len)) {
continue;
}
elfctx->fs_desc->read_from_inode(elfctx->drive_desc, &elfctx->file_inode, signature_buffer, section_header.sh_offset, 128);
return 0;
}
return -1;
}
static int calc_elf_hash(elfctx_t* elfctx, char* hash)
{
sha256_ctx_t shactx;
sha256_init(&shactx);
for (uint32_t i = 0; i < elfctx->header.e_phnum; i++) {
elf_program_header_32_t program_header;
elf_read_program_header(elfctx, i, &program_header);
if (program_header.p_type != PT_LOAD) {
continue;
}
size_t from = program_header.p_offset;
size_t rem_to_read = program_header.p_filesz;
while (rem_to_read) {
size_t will_read = min(tmp_buf_size, rem_to_read);
int rd = elfctx->fs_desc->read_from_inode(elfctx->drive_desc, &elfctx->file_inode, (void*)tmp_buf, from, will_read);
from += will_read;
sha256_update(&shactx, tmp_buf, will_read);
rem_to_read -= will_read;
}
}
sha256_hash(&shactx, hash);
return 0;
}
bool validate_elf(const char* path, drive_desc_t* drive_desc, fs_desc_t* fs_desc)
{
elfctx_t elfctx;
char hash[32];
int err = elf_init_ctx(drive_desc, fs_desc, path, &elfctx);
if (err) {
return false;
}
err = get_elf_signature(&elfctx, tmp_buf);
if (err) {
return false;
}
uint2048_t signature;
uint2048_init_bytes(&signature, tmp_buf, 128);
err = calc_elf_hash(&elfctx, hash);
if (err) {
return false;
}
uint2048_t ihash;
uint2048_init_bytes_be(&ihash, hash, 32);
uint2048_t public_e;
uint2048_init_bytes(&public_e, pub_xos_key_e, pub_xos_key_e_len);
uint2048_t public_n;
uint2048_init_bytes(&public_n, pub_xos_key_n, pub_xos_key_n_len);
uint2048_t signed_ihash;
uint2048_pow(&signature, &public_e, &public_n, &signed_ihash);
return uint2048_equal(&signed_ihash, &ihash);
}

11
boot/libboot/crypto/validate.h Normal file
View File

@@ -0,0 +1,11 @@
#ifndef STAGE2_SECURITY_VALIDATE_H
#define STAGE2_SECURITY_VALIDATE_H
#include <libboot/abi/drivers.h>
#include <libboot/abi/memory.h>
#include <libboot/types.h>
bool validate_file(const char* path, const char* signature_path, drive_desc_t* drive_desc, fs_desc_t* fs_desc);
bool validate_elf(const char* path, drive_desc_t* drive_desc, fs_desc_t* fs_desc);
#endif // STAGE2_SECURITY_VALIDATE_H