mirror of
https://github.com/DarkStore-3DS/Project_CTR.git
synced 2026-07-02 16:59:03 +00:00
Change signing errors to be warnings when they fail.
This commit is contained in:
@@ -6,8 +6,8 @@
|
||||
#include "desc/presets.h"
|
||||
#include "desc/dev_sigdata.h"
|
||||
|
||||
const int RSF_RSA_DATA_LEN = 344;
|
||||
const int RSF_DESC_DATA_LEN = 684;
|
||||
const size_t RSF_RSA_DATA_LEN = 344;
|
||||
const size_t RSF_DESC_DATA_LEN = 684;
|
||||
|
||||
|
||||
int accessdesc_SignWithKey(exheader_settings *exhdrset);
|
||||
@@ -47,12 +47,20 @@ int accessdesc_SignWithKey(exheader_settings *exhdrset)
|
||||
/* Sign AccessDesc */
|
||||
if (Rsa2048Key_CanSign(&exhdrset->keys->rsa.acex) == false)
|
||||
{
|
||||
printf("[ACEXDESC WARNING] Failed to sign access descriptor\n");
|
||||
printf("[ACEXDESC WARNING] Failed to sign access descriptor (key was incomplete)\n");
|
||||
memset(exhdrset->acexDesc->signature, 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return SignAccessDesc(exhdrset->acexDesc, exhdrset->keys);
|
||||
int rsa_ret = SignAccessDesc(exhdrset->acexDesc, exhdrset->keys);
|
||||
if (rsa_ret != 0)
|
||||
{
|
||||
printf("[ACEXDESC WARNING] Failed to sign access descriptor (mbedtls error = -0x%x)\n", -rsa_ret);
|
||||
memset(exhdrset->acexDesc->signature, 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int accessdesc_GetSignFromRsf(exheader_settings *exhdrset)
|
||||
@@ -68,7 +76,7 @@ int accessdesc_GetSignFromRsf(exheader_settings *exhdrset)
|
||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||
}
|
||||
if(b64_strlen(exhdrset->rsf->CommonHeaderKey.D) != RSF_RSA_DATA_LEN){
|
||||
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/D\" has invalid length (%d)\n",b64_strlen(exhdrset->rsf->CommonHeaderKey.D));
|
||||
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/D\" has invalid length (%d)\n", (int)b64_strlen(exhdrset->rsf->CommonHeaderKey.D));
|
||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||
}
|
||||
|
||||
@@ -77,7 +85,7 @@ int accessdesc_GetSignFromRsf(exheader_settings *exhdrset)
|
||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||
}
|
||||
if(b64_strlen(exhdrset->rsf->CommonHeaderKey.Modulus) != RSF_RSA_DATA_LEN){
|
||||
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/Modulus\" has invalid length (%d)\n",b64_strlen(exhdrset->rsf->CommonHeaderKey.Modulus));
|
||||
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/Modulus\" has invalid length (%d)\n", (int)b64_strlen(exhdrset->rsf->CommonHeaderKey.Modulus));
|
||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||
}
|
||||
|
||||
@@ -86,7 +94,7 @@ int accessdesc_GetSignFromRsf(exheader_settings *exhdrset)
|
||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||
}
|
||||
if(b64_strlen(exhdrset->rsf->CommonHeaderKey.AccCtlDescSign) != RSF_RSA_DATA_LEN){
|
||||
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/Signature\" has invalid length (%d)\n",b64_strlen(exhdrset->rsf->CommonHeaderKey.AccCtlDescSign));
|
||||
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/Signature\" has invalid length (%d)\n", (int)b64_strlen(exhdrset->rsf->CommonHeaderKey.AccCtlDescSign));
|
||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||
}
|
||||
|
||||
@@ -95,7 +103,7 @@ int accessdesc_GetSignFromRsf(exheader_settings *exhdrset)
|
||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||
}
|
||||
if(b64_strlen(exhdrset->rsf->CommonHeaderKey.AccCtlDescBin) != RSF_DESC_DATA_LEN){
|
||||
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/Descriptor\" has invalid length (%d)\n",b64_strlen(exhdrset->rsf->CommonHeaderKey.AccCtlDescBin));
|
||||
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/Descriptor\" has invalid length (%d)\n", (int)b64_strlen(exhdrset->rsf->CommonHeaderKey.AccCtlDescBin));
|
||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||
}
|
||||
|
||||
|
||||
+18
-4
@@ -38,12 +38,20 @@ int SignCFA(ncch_hdr *hdr, keys_struct *keys)
|
||||
{
|
||||
if (Rsa2048Key_CanSign(&keys->rsa.cciCfa) == false)
|
||||
{
|
||||
printf("[NCCH WARNING] Failed to sign CFA header\n");
|
||||
printf("[NCCH WARNING] Failed to sign CFA header (key was incomplete)\n");
|
||||
memset(GetNcchHdrSig(hdr), 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return RsaSignVerify(GetNcchHdrData(hdr), GetNcchHdrDataLen(hdr), GetNcchHdrSig(hdr), keys->rsa.cciCfa.pub, keys->rsa.cciCfa.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||
int rsa_ret = RsaSignVerify(GetNcchHdrData(hdr), GetNcchHdrDataLen(hdr), GetNcchHdrSig(hdr), keys->rsa.cciCfa.pub, keys->rsa.cciCfa.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||
if (rsa_ret != 0)
|
||||
{
|
||||
printf("[NCCH WARNING] Failed to sign CFA header (mbedtls error = -0x%x)\n", -rsa_ret);
|
||||
memset(GetNcchHdrSig(hdr), 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int CheckCFASignature(ncch_hdr *hdr, keys_struct *keys)
|
||||
@@ -55,12 +63,18 @@ int SignCXI(ncch_hdr *hdr, keys_struct *keys)
|
||||
{
|
||||
if (Rsa2048Key_CanSign(&keys->rsa.cxi) == false)
|
||||
{
|
||||
printf("[NCCH WARNING] Failed to sign CXI header\n");
|
||||
printf("[NCCH WARNING] Failed to sign CXI header (key was incomplete)\n");
|
||||
memset(GetNcchHdrSig(hdr), 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return RsaSignVerify(GetNcchHdrData(hdr), GetNcchHdrDataLen(hdr), GetNcchHdrSig(hdr), keys->rsa.cxi.pub, keys->rsa.cxi.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||
int rsa_ret = RsaSignVerify(GetNcchHdrData(hdr), GetNcchHdrDataLen(hdr), GetNcchHdrSig(hdr), keys->rsa.cxi.pub, keys->rsa.cxi.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||
if (rsa_ret != 0)
|
||||
{
|
||||
printf("[NCCH WARNING] Failed to sign CXI header (mbedtls error = -0x%x)\n", -rsa_ret);
|
||||
memset(GetNcchHdrSig(hdr), 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
int CheckCXISignature(ncch_hdr *hdr, u8 *pubk)
|
||||
|
||||
+10
-2
@@ -83,12 +83,20 @@ int SignTicketHeader(buffer_struct *tik, keys_struct *keys)
|
||||
|
||||
if (Rsa2048Key_CanSign(&keys->rsa.xs) == false)
|
||||
{
|
||||
printf("[TIK WARNING] Failed to sign header\n");
|
||||
printf("[TIK WARNING] Failed to sign header (key was incomplete)\n");
|
||||
memset(sig->data, 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return RsaSignVerify(data, len, sig->data, keys->rsa.xs.pub, keys->rsa.xs.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||
int rsa_ret = RsaSignVerify(data, len, sig->data, keys->rsa.xs.pub, keys->rsa.xs.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||
if (rsa_ret != 0)
|
||||
{
|
||||
printf("[TIK WARNING] Failed to sign header (mbedtls error = -0x%x)\n", -rsa_ret);
|
||||
memset(sig->data, 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int CryptTitleKey(u8 *input, u8 *output, u8 *titleId, keys_struct *keys, u8 mode)
|
||||
|
||||
+11
-3
@@ -33,7 +33,7 @@ int BuildTMD(cia_settings *ciaset)
|
||||
result = SetupTMDHeader(hdr,info_record,ciaset);
|
||||
if(result) return result;
|
||||
result = SignTMDHeader(hdr,sig,ciaset->keys);
|
||||
return 0;
|
||||
return result;
|
||||
}
|
||||
|
||||
int SetupTMDBuffer(buffer_struct *tmd)
|
||||
@@ -73,12 +73,20 @@ int SignTMDHeader(tmd_hdr *hdr, tmd_signature *sig, keys_struct *keys)
|
||||
|
||||
if (Rsa2048Key_CanSign(&keys->rsa.cp) == false)
|
||||
{
|
||||
printf("[TMD WARNING] Failed to sign header\n");
|
||||
printf("[TMD WARNING] Failed to sign header (key was incomplete)\n");
|
||||
memset(sig->data, 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return RsaSignVerify((u8*)hdr, sizeof(tmd_hdr), sig->data, keys->rsa.cp.pub, keys->rsa.cp.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||
int rsa_ret = RsaSignVerify((u8*)hdr, sizeof(tmd_hdr), sig->data, keys->rsa.cp.pub, keys->rsa.cp.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||
if (rsa_ret != 0)
|
||||
{
|
||||
printf("[TMD WARNING] Failed to sign header (mbedtls error = -0x%x)\n", -rsa_ret);
|
||||
memset(sig->data, 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int SetupTMDInfoRecord(tmd_content_info_record *info_record, u8 *content_record, u16 ContentCount)
|
||||
|
||||
Reference in New Issue
Block a user