t-hack.com

mikeprotts · 10. Mar 2008, 22:37

Quote

in theory it might be possible to use other certificates, but I think the root certificate is also stored in the cpu itself.

I'm not entirely sure. The host name makes sense, but why have a certificate in this file is there is already even a minimal cert chain available - or is this simple a signature? If the root cert is in rom then it will expire at some stage. It may be that there is some non or semi volatile storage under the white gunk (I need to put some pictures on the wiki) that holds this. If I can work out the bootstrap format I'll have a go and see what I get.

Cheers
Mike

mikeprotts · 10. Mar 2008, 22:40

Quote

From DiscoverBootstrap...
Code: [Select]
num5 := ((reader.ReadByte shl 8) or reader.ReadByte); message := New(array[num5] of Byte); message := reader.ReadBytes(num5); num6 := ((reader.ReadByte shl 8) or reader.ReadByte); signature := New(array[num6] of Byte); signature := reader.ReadBytes(num6); num7 := ((reader.ReadByte shl 8) or reader.ReadByte); chain := New(array[num7] of Byte); chain := reader.ReadBytes(num7);

I'll see how this breaks down the file.

Cheers
Mike

robert_s · 11. Mar 2008, 03:45

Quote from: mikeprotts on 10. Mar 2008, 22:40

I'll see how this breaks down the file.

For Deutsche Telekom's "bootstrap:"

message = "cgbf01001.iptv.t-online.de" (Bootstrap server's DNS name)
signature = 256 bytes (1024-Bit signature)
certificate chain = 3990 bytes

The certificate chain also seems to made up of multiple parts...

redband · 11. Mar 2008, 15:42

...from the couple of lines that follow this in the code the public key from the cert is used to validate the signature against the "message".

The chain appears to contain all but the top level CA cert

Sniff login/update/desaster recovery