Am 14.08.2015 um 04:39 schrieb Yousong Zhou:
Never played with tplink's v3 header. But I found on other devices
that the RSA2048-SHA1 implementation there was flawed in that it used
pubkeys from firmwares to verifying signatures. Hmm, is it possible
that this v3 header from tplink also has such vulnerability?
Unfortunately, the pubkey isn't stored along with the signature in the
firmware update file. The pubkey is read from the file lib/libcmm.so of
the running firmware during image validation.
Mathias
_______________________________________________
openwrt-devel mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
