RSA Signed Image

Discussion in 'BIOS Mods' started by netwave, Jan 5, 2012.

  1. zuvieltext

    zuvieltext MDL Junior Member

    Jun 11, 2011
    62
    25
    0
    No that's not enough... In fact that's not it at all. The .DEC .SIG files are only
    necessary if you want/have to use the original insydeflash.exe (or the UEFI flasher
    for recovery). If you really want to know if your bios image itself is signed you have
    to look decompose the bios (with andy's tool) and look for a rsa-sha1 signature.
     
  2. LatinMcG

    LatinMcG Bios Borker

    Feb 27, 2011
    5,686
    1,579
    180
    #142 LatinMcG, Sep 11, 2012
    Last edited: Sep 11, 2012
    really ? ok then use hexedit on the .fd not DEC.. then use it on the fd.DEC
    notice a BIG DIFFERENCE ???
    also why is RSA.sig made if "its NOT it at all" ?
     
  3. zuvieltext

    zuvieltext MDL Junior Member

    Jun 11, 2011
    62
    25
    0
    #143 zuvieltext, Sep 11, 2012
    Last edited: Sep 12, 2012
    Hey, I wrote the part that makes the .DEC and .SIG from the .FD files :D. You can ask Andy, if you don't take my word for it.

    Seriously: The .SIG and .DEC are great to look at the bios without flashing the thing.
    But the .DEC image is composed of two more RSA-SHA1 protected images (PEI and DxE).
    And if you want to try to modify something in there (like the rsa keys, wlan whitelist,
    protection check, or bios menu) the old, unmodified PEI code will notice that something
    is wrong and you get the famous 'semi-bricked'.
     
  4. blaas

    blaas MDL Novice

    Jan 19, 2010
    3
    0
    0
    #144 blaas, Sep 13, 2012
    Last edited: Sep 13, 2012
    Thanks LatinMcG and Zuvieltext!

    I checked opened the sp57901.exe with Winrar.

    These files are in the executable
    sp57901.jpg

    In the Rom.cab file there is just the Bios files
    sp57901 rom cab.jpg

    In the BiosUpdate folder however I see this o_O
    sp57901 biosupdate folder.jpg

    So it seems signed
    The file structure however is different from what is mentioned in this thread as I cant locate any *.fd files

    Unfortunately I'm not that experienced with BIOS files but the ROM.bin file is readable in Andy's tool without issues

    Thanks for your input!
     
  5. suzumiyaharuhide

    suzumiyaharuhide MDL Novice

    Nov 4, 2011
    9
    2
    0
    RSA signed bios information(HP DV7-7000)

    HP DV7-7000

    I can't encrtpt and decrypt HP Insyde bios...

    sorry no power....
     

    Attached Files:

  6. zuvieltext

    zuvieltext MDL Junior Member

    Jun 11, 2011
    62
    25
    0
    #146 zuvieltext, Sep 13, 2012
    Last edited: Sep 13, 2012
    Thanks for your post! Looks like HP is replacing one RSA key... Maybe
    one key was leaked? Has anyone scouted any russian or chinese message
    boards lately and seen something in this regard?

    EDIT: the *.FD files we are talking about is called "68SSU.BIN" in your case...
    Yeah it's confusing, however we didn't invent the terminology.
     
  7. suzumiyaharuhide

    suzumiyaharuhide MDL Novice

    Nov 4, 2011
    9
    2
    0
    forum.ixbt.com/topic.cgi?id=17:38124:920#920
    forum.ixbt.com/topic.cgi?id=17:38124-2
    sorry,it's russian but successfull.
     
  8. zuvieltext

    zuvieltext MDL Junior Member

    Jun 11, 2011
    62
    25
    0
    #148 zuvieltext, Sep 14, 2012
    Last edited: Sep 14, 2012
    Looks like all they just replaced the VBIOS... but nothing more? Is this correct? :confused:
    It's well known that for the DV6-60/1xx series the protection only triggers once
    in a while (e.g.: when toggling VT support in the bios). In fact Camilio did a
    number of adv. menu+wlanwhiltelist+vbios-mod for several models. However, ever
    since we started writing about the subject HP has "improved" the checks so it's
    not possible to do these mods with the current line of laptops without an instant
    semi-brick. :(
     
  9. LatinMcG

    LatinMcG Bios Borker

    Feb 27, 2011
    5,686
    1,579
    180
    i hate HP the most.
     
  10. suzumiyaharuhide

    suzumiyaharuhide MDL Novice

    Nov 4, 2011
    9
    2
    0
    Hi, all.
    I won't mod HP Insyde bios(UEFI).
    But... it has [RSA.SIG]file.
    I tryed "hewprsa -e 01818.bin.DEC -o 01818.bin -k ???
    But, I ??? address do not understand.
    Which address should be specified?
    Please let me know.
    thanks.
     
  11. zuvieltext

    zuvieltext MDL Junior Member

    Jun 11, 2011
    62
    25
    0
    The ??? is the index of the rsa key. You can get the index
    from decrypting the original .BIN file. Just look for the string:
    "Signature was signed with key: X".

    However, because the private HP keys are not known to
    the public, you can not generate a valid signature. And without
    a valid signature you can't flash it successfully because the
    flasher in the old PEI will detect the invalid/missing signature
    and abort the process (= semi-brick).
     
  12. suzumiyaharuhide

    suzumiyaharuhide MDL Novice

    Nov 4, 2011
    9
    2
    0
    RSA signed bios Image(public key get)

    Hi,all I try Universal Bios Back up tool overget bios (16MiB) original is 8MiB.
    so, appear two public key how to use it ?
    yea, is it useful ?

    -----BEGIN PUBLIC KEY-----
    MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUSPQR7g5eULOQ73rNvN
    dhdhnsrwcgIbGtFGDH/haoQq8egw7YhSvTYXmUuKFqMk7WH1PlfpGmyNW9J1WNqD
    ZSylIjzkZsUBJfdcFgn3rK7ZmniP0fj7zXat9wDyfCwDk8U/U914L9H8WiF/Fe/M
    0G4raRoQKOlrQGd6rw6WribGcJc42BHxrLwiISvHNPpnxV41JhpPIYXpDLAdv0KP
    t40bA7dGknrs9WDYNo/nkvSWRX5a0b3w5ofm+dXU/wZffkBO2J56GHCPY/0gvibU
    3oS6q81i8dxBjrgKU75bmlD0GxVKrQXj8kaAeOLjGOHAVA6/xDLQmOssVu7GnFiO
    iQIDAQAB
    -----END PUBLIC KEY-----




    -----BEGIN PUBLIC KEY-----
    MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmY8vjGL4wxg7WQqCWTZS
    uZXj2Y/OKeDr/YKza3UciMQnIeoOU8NMlTvv6UqZ5yBgck97bldWG68Iyx9hX9ZZ
    T9GYjJpc2A8jScwlMnnZ7y8FEpMvnse9dp1WMbJv6QDsplzkpQ1S44n/nrWoXtb7
    lfu949fB1rfiLssc+/DSt3L0VBSVt0JhhgPQM/G0ZhjxqSCQ7krujtn29ozZdUve
    j2tOiKZVEf0CFtCRUTe4iDurGrR9/rTzQbISxYlQLVLfIjpoR2OGPnFJI+d32803
    CRtVT/RuQbyZx1PzAUleMKrEzSE94vb9tb6rB5a3J3oY49tEoAhmT/lU0iKroQp0
    jwIDAQAB
    -----END PUBLIC KEY-----
     
  13. zuvieltext

    zuvieltext MDL Junior Member

    Jun 11, 2011
    62
    25
    0
  14. Boyfriend

    Boyfriend MDL Senior Member

    Feb 10, 2010
    362
    112
    10
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,708
    16,004
    340
  16. Boyfriend

    Boyfriend MDL Senior Member

    Feb 10, 2010
    362
    112
    10
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  17. billbab

    billbab MDL Novice

    Dec 7, 2012
    5
    0
    0
    Yen thank for the information you gave me on zd8000 modded bios. i finaly got it. it took some time but i did get it Thank You so much
     
  18. lightknight1977

    lightknight1977 MDL Novice

    Dec 3, 2012
    4
    0
    0
  19. xplodzs

    xplodzs MDL Novice

    Feb 6, 2013
    2
    0
    0