Difference between revisions of "Talk:Boot.efi Information"

From AwkwardTV
Jump to: navigation, search
(RSA 1024bit signed?)
m (RSA 1024bit signed?)
Line 8: Line 8:
  
 
  boot.efi(appletv)
 
  boot.efi(appletv)
  0x23de8-0x23e07 thumbnail of public key?
+
  0x23de8-0x23e07 thumbnail of public key (sha-256 of public key?)
 
  0x23e08-0x23f07 public key, 1024 bit, little-endian => n
 
  0x23e08-0x23f07 public key, 1024 bit, little-endian => n
 
  0x23f08-0x24007 signature,  1024 bit, little-endian => a
 
  0x23f08-0x24007 signature,  1024 bit, little-endian => a
Line 37: Line 37:
 
  30 31 30 00 ff ff ff ff ff ff ff ff ff ff ff ff ....
 
  30 31 30 00 ff ff ff ff ff ff ff ff ff ff ff ff ....
  
I think this represents SHA-1 checksum of PE executables.
+
I think this represents SHA-256 checksum of PE executables.
  
 
Zoroyoshi
 
Zoroyoshi

Revision as of 08:10, 30 April 2007

So, has any effort been made to decypher the checksum? That seems to be the missing link to a lot of stuff (Patchstick, Linux, etc) being made freely available without concern of copyright issues. Timdorr

RSA 1024bit signed?

(sorry for my poor English)

I found that each section have 32+256+256 bytes optional data, from 0x23de8.

boot.efi(appletv)
0x23de8-0x23e07 thumbnail of public key (sha-256 of public key?)
0x23e08-0x23f07 public key, 1024 bit, little-endian => n
0x23f08-0x24007 signature,  1024 bit, little-endian => a

I calculated RSA b= a^65537 mod n, it generates

b= (little endian)
70 fa 16 88 f7 26 d4 3c cd fe 9d 86 99 d8 65 b6
21 98 5b 0d 7a 3f b7 53 38 0b f9 31 91 56 21 bb
20 04 00 05 01 02 04 03 65 01 48 86 60 09 06 0d
30 31 30 00 ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff 01
b= (from 0x48e30-, second section)
9f 88 ad cf ca e5 91 dc 9e 87 c4 90 64 4e c2 29
ad 4f 13 7e 00 02 64 bb 1a 43 ca cc 6a 2e 8a 37
20 04 00 05 01 02 04 03 65 01 48 86 60 09 06 0d
30 31 30 00 ff ff ff ff ff ff ff ff ff ff ff ff ....

I think this represents SHA-256 checksum of PE executables.

Zoroyoshi