thinkpad-shahash: validates firmware integrity of some Lenovo ThinkPads

~ hucktech

Re: https://firmwaresecurity.com/2020/06/23/thinkpad-uefi-sign-tools-to-check-and-cryptographically-sign-uefi-firmware-images-found-in-thinkpads/

see this Comment on that post:

https://firmwaresecurity.com/2020/06/23/thinkpad-uefi-sign-tools-to-check-and-cryptographically-sign-uefi-firmware-images-found-in-thinkpads/#comment-3953

This is the original codebase:

This is a small utility which checks and recomputes sha1 hashes used to validate Lenovo ThinkPad X220/T420 (and probably other Sandy Bridge ThinkPads) firmware integrity. You can hear 5 beeps twice if the firmware fails validation and you have TPM (security chip) turned on, which is pretty common for modified firmwares.[…]

https://github.com/ValdikSS/thinkpad-shahash/

But the one in the previous blog post has had a recent checkin, whereas this one has had no changes in a long time, so the new branch still may be of interest. Change is in this file:

https://github.com/thrimbor/thinkpad-uefi-sign/commit/83ca863d593becc8ea8ba3a9a6a699c922549b0a#diff-9f4286b8580d8928becab03e268e59f5

 

Published by hucktech

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s