Author Topic: Signing Programatically  (Read 8027 times)

0 Members and 1 Guest are viewing this topic.

Offline FloppusMaximus

  • LV5 Advanced (Next: 300)
  • *****
  • Posts: 290
  • Rating: +57/-5
    • View Profile
Re: Signing Programatically
« Reply #15 on: January 01, 2011, 06:37:28 pm »
To be clear: RabbitSign implements both application and OS signing, which work somewhat differently, both in terms of the file formats, and in terms of the algorithms used (Rabin for Z80 applications; RSA for 68k apps and both Z80 and 68k OSes.)  Are you interested in signing apps, or OSes, or both?

You may want to read up on the Rabin and RSA algorithms before trying to understand how TI's system works.

Offline jnesselr

  • King Graphmastur
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2270
  • Rating: +81/-20
  • TAO == epic
    • View Profile
Re: Signing Programatically
« Reply #16 on: January 01, 2011, 06:42:32 pm »
He's probably interested in signing OSes, for KOS.

EDIT: or this is for tiDE, in which case, both.
« Last Edit: January 01, 2011, 06:42:57 pm by graphmastur »

Offline FloppusMaximus

  • LV5 Advanced (Next: 300)
  • *****
  • Posts: 290
  • Rating: +57/-5
    • View Profile
Re: Signing Programatically
« Reply #17 on: January 01, 2011, 07:38:36 pm »
Well, to compute an OS signature, you take the MD5 hash of the complete OS (the OS header followed by each of the pages, in the order they're listed in the 8xu file), and sign that number using RSA, with a validation exponent of 17 decimal (if x is the MD5 hash, you want to find s such that s17x mod n.)

The signature, then, consists of the bytes 02 0D, followed by the length of s (in bytes), followed by the bytes of s in little-endian order (least significant first.)  Look at the OS files from TI to see how it's stored in the 8xu file.

Offline jnesselr

  • King Graphmastur
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2270
  • Rating: +81/-20
  • TAO == epic
    • View Profile
Re: Signing Programatically
« Reply #18 on: January 01, 2011, 07:48:52 pm »
Well, to compute an OS signature, you take the MD5 hash of the complete OS (the OS header followed by each of the pages, in the order they're listed in the 8xu file), and sign that number using RSA, with a validation exponent of 17 decimal (if x is the MD5 hash, you want to find s such that s17x mod n.)

The signature, then, consists of the bytes 02 0D, followed by the length of s (in bytes), followed by the bytes of s in little-endian order (least significant first.)  Look at the OS files from TI to see how it's stored in the 8xu file.
the "=" in "s17x mod n" is supposed to be congruence, correct?

Offline FloppusMaximus

  • LV5 Advanced (Next: 300)
  • *****
  • Posts: 290
  • Rating: +57/-5
    • View Profile
Re: Signing Programatically
« Reply #19 on: January 01, 2011, 09:13:07 pm »
That's right.