The aboot binary has a section of 0x100 bytes which contains a signature. This section is clearly identified in the header. Unless I'm mistaken, this is the pcks 1.5 padded sha 256 signature of the aboot binary file itself (thanks ryanbg). But I'm assuming the signature is generated prior to adding it into the binary, so what is the signature of exactly? Is it the entire aboot file with 0's in place of the signature? I noticed that one of the first things aboot does while executing is write 0's over of its own signature, but it writes 0's over the cert chain and beyond as well.
So I have these specific questions above. I'll answer them myself if enough time passes before someone else chimes in. If you have the answers already or any other information on the signing process that you feel might be helpful or interesting, feel free to reply.
So I have these specific questions above. I'll answer them myself if enough time passes before someone else chimes in. If you have the answers already or any other information on the signing process that you feel might be helpful or interesting, feel free to reply.
Aucun commentaire:
Enregistrer un commentaire