mirror of
https://github.com/DarkStore-3DS/Project_CTR.git
synced 2026-07-03 00:39:14 +00:00
Change signing errors to be warnings when they fail.
This commit is contained in:
@@ -6,8 +6,8 @@
|
|||||||
#include "desc/presets.h"
|
#include "desc/presets.h"
|
||||||
#include "desc/dev_sigdata.h"
|
#include "desc/dev_sigdata.h"
|
||||||
|
|
||||||
const int RSF_RSA_DATA_LEN = 344;
|
const size_t RSF_RSA_DATA_LEN = 344;
|
||||||
const int RSF_DESC_DATA_LEN = 684;
|
const size_t RSF_DESC_DATA_LEN = 684;
|
||||||
|
|
||||||
|
|
||||||
int accessdesc_SignWithKey(exheader_settings *exhdrset);
|
int accessdesc_SignWithKey(exheader_settings *exhdrset);
|
||||||
@@ -47,12 +47,20 @@ int accessdesc_SignWithKey(exheader_settings *exhdrset)
|
|||||||
/* Sign AccessDesc */
|
/* Sign AccessDesc */
|
||||||
if (Rsa2048Key_CanSign(&exhdrset->keys->rsa.acex) == false)
|
if (Rsa2048Key_CanSign(&exhdrset->keys->rsa.acex) == false)
|
||||||
{
|
{
|
||||||
printf("[ACEXDESC WARNING] Failed to sign access descriptor\n");
|
printf("[ACEXDESC WARNING] Failed to sign access descriptor (key was incomplete)\n");
|
||||||
memset(exhdrset->acexDesc->signature, 0xFF, 0x100);
|
memset(exhdrset->acexDesc->signature, 0xFF, 0x100);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
return SignAccessDesc(exhdrset->acexDesc, exhdrset->keys);
|
int rsa_ret = SignAccessDesc(exhdrset->acexDesc, exhdrset->keys);
|
||||||
|
if (rsa_ret != 0)
|
||||||
|
{
|
||||||
|
printf("[ACEXDESC WARNING] Failed to sign access descriptor (mbedtls error = -0x%x)\n", -rsa_ret);
|
||||||
|
memset(exhdrset->acexDesc->signature, 0xFF, 0x100);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int accessdesc_GetSignFromRsf(exheader_settings *exhdrset)
|
int accessdesc_GetSignFromRsf(exheader_settings *exhdrset)
|
||||||
@@ -68,7 +76,7 @@ int accessdesc_GetSignFromRsf(exheader_settings *exhdrset)
|
|||||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||||
}
|
}
|
||||||
if(b64_strlen(exhdrset->rsf->CommonHeaderKey.D) != RSF_RSA_DATA_LEN){
|
if(b64_strlen(exhdrset->rsf->CommonHeaderKey.D) != RSF_RSA_DATA_LEN){
|
||||||
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/D\" has invalid length (%d)\n",b64_strlen(exhdrset->rsf->CommonHeaderKey.D));
|
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/D\" has invalid length (%d)\n", (int)b64_strlen(exhdrset->rsf->CommonHeaderKey.D));
|
||||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -77,7 +85,7 @@ int accessdesc_GetSignFromRsf(exheader_settings *exhdrset)
|
|||||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||||
}
|
}
|
||||||
if(b64_strlen(exhdrset->rsf->CommonHeaderKey.Modulus) != RSF_RSA_DATA_LEN){
|
if(b64_strlen(exhdrset->rsf->CommonHeaderKey.Modulus) != RSF_RSA_DATA_LEN){
|
||||||
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/Modulus\" has invalid length (%d)\n",b64_strlen(exhdrset->rsf->CommonHeaderKey.Modulus));
|
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/Modulus\" has invalid length (%d)\n", (int)b64_strlen(exhdrset->rsf->CommonHeaderKey.Modulus));
|
||||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -86,7 +94,7 @@ int accessdesc_GetSignFromRsf(exheader_settings *exhdrset)
|
|||||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||||
}
|
}
|
||||||
if(b64_strlen(exhdrset->rsf->CommonHeaderKey.AccCtlDescSign) != RSF_RSA_DATA_LEN){
|
if(b64_strlen(exhdrset->rsf->CommonHeaderKey.AccCtlDescSign) != RSF_RSA_DATA_LEN){
|
||||||
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/Signature\" has invalid length (%d)\n",b64_strlen(exhdrset->rsf->CommonHeaderKey.AccCtlDescSign));
|
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/Signature\" has invalid length (%d)\n", (int)b64_strlen(exhdrset->rsf->CommonHeaderKey.AccCtlDescSign));
|
||||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -95,7 +103,7 @@ int accessdesc_GetSignFromRsf(exheader_settings *exhdrset)
|
|||||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||||
}
|
}
|
||||||
if(b64_strlen(exhdrset->rsf->CommonHeaderKey.AccCtlDescBin) != RSF_DESC_DATA_LEN){
|
if(b64_strlen(exhdrset->rsf->CommonHeaderKey.AccCtlDescBin) != RSF_DESC_DATA_LEN){
|
||||||
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/Descriptor\" has invalid length (%d)\n",b64_strlen(exhdrset->rsf->CommonHeaderKey.AccCtlDescBin));
|
fprintf(stderr,"[ACEXDESC ERROR] \"CommonHeaderKey/Descriptor\" has invalid length (%d)\n", (int)b64_strlen(exhdrset->rsf->CommonHeaderKey.AccCtlDescBin));
|
||||||
return COMMON_HEADER_KEY_NOT_FOUND;
|
return COMMON_HEADER_KEY_NOT_FOUND;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
+18
-4
@@ -38,12 +38,20 @@ int SignCFA(ncch_hdr *hdr, keys_struct *keys)
|
|||||||
{
|
{
|
||||||
if (Rsa2048Key_CanSign(&keys->rsa.cciCfa) == false)
|
if (Rsa2048Key_CanSign(&keys->rsa.cciCfa) == false)
|
||||||
{
|
{
|
||||||
printf("[NCCH WARNING] Failed to sign CFA header\n");
|
printf("[NCCH WARNING] Failed to sign CFA header (key was incomplete)\n");
|
||||||
memset(GetNcchHdrSig(hdr), 0xFF, 0x100);
|
memset(GetNcchHdrSig(hdr), 0xFF, 0x100);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
return RsaSignVerify(GetNcchHdrData(hdr), GetNcchHdrDataLen(hdr), GetNcchHdrSig(hdr), keys->rsa.cciCfa.pub, keys->rsa.cciCfa.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
int rsa_ret = RsaSignVerify(GetNcchHdrData(hdr), GetNcchHdrDataLen(hdr), GetNcchHdrSig(hdr), keys->rsa.cciCfa.pub, keys->rsa.cciCfa.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||||
|
if (rsa_ret != 0)
|
||||||
|
{
|
||||||
|
printf("[NCCH WARNING] Failed to sign CFA header (mbedtls error = -0x%x)\n", -rsa_ret);
|
||||||
|
memset(GetNcchHdrSig(hdr), 0xFF, 0x100);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int CheckCFASignature(ncch_hdr *hdr, keys_struct *keys)
|
int CheckCFASignature(ncch_hdr *hdr, keys_struct *keys)
|
||||||
@@ -55,12 +63,18 @@ int SignCXI(ncch_hdr *hdr, keys_struct *keys)
|
|||||||
{
|
{
|
||||||
if (Rsa2048Key_CanSign(&keys->rsa.cxi) == false)
|
if (Rsa2048Key_CanSign(&keys->rsa.cxi) == false)
|
||||||
{
|
{
|
||||||
printf("[NCCH WARNING] Failed to sign CXI header\n");
|
printf("[NCCH WARNING] Failed to sign CXI header (key was incomplete)\n");
|
||||||
memset(GetNcchHdrSig(hdr), 0xFF, 0x100);
|
memset(GetNcchHdrSig(hdr), 0xFF, 0x100);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
return RsaSignVerify(GetNcchHdrData(hdr), GetNcchHdrDataLen(hdr), GetNcchHdrSig(hdr), keys->rsa.cxi.pub, keys->rsa.cxi.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
int rsa_ret = RsaSignVerify(GetNcchHdrData(hdr), GetNcchHdrDataLen(hdr), GetNcchHdrSig(hdr), keys->rsa.cxi.pub, keys->rsa.cxi.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||||
|
if (rsa_ret != 0)
|
||||||
|
{
|
||||||
|
printf("[NCCH WARNING] Failed to sign CXI header (mbedtls error = -0x%x)\n", -rsa_ret);
|
||||||
|
memset(GetNcchHdrSig(hdr), 0xFF, 0x100);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
int CheckCXISignature(ncch_hdr *hdr, u8 *pubk)
|
int CheckCXISignature(ncch_hdr *hdr, u8 *pubk)
|
||||||
|
|||||||
+10
-2
@@ -83,12 +83,20 @@ int SignTicketHeader(buffer_struct *tik, keys_struct *keys)
|
|||||||
|
|
||||||
if (Rsa2048Key_CanSign(&keys->rsa.xs) == false)
|
if (Rsa2048Key_CanSign(&keys->rsa.xs) == false)
|
||||||
{
|
{
|
||||||
printf("[TIK WARNING] Failed to sign header\n");
|
printf("[TIK WARNING] Failed to sign header (key was incomplete)\n");
|
||||||
memset(sig->data, 0xFF, 0x100);
|
memset(sig->data, 0xFF, 0x100);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
return RsaSignVerify(data, len, sig->data, keys->rsa.xs.pub, keys->rsa.xs.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
int rsa_ret = RsaSignVerify(data, len, sig->data, keys->rsa.xs.pub, keys->rsa.xs.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||||
|
if (rsa_ret != 0)
|
||||||
|
{
|
||||||
|
printf("[TIK WARNING] Failed to sign header (mbedtls error = -0x%x)\n", -rsa_ret);
|
||||||
|
memset(sig->data, 0xFF, 0x100);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int CryptTitleKey(u8 *input, u8 *output, u8 *titleId, keys_struct *keys, u8 mode)
|
int CryptTitleKey(u8 *input, u8 *output, u8 *titleId, keys_struct *keys, u8 mode)
|
||||||
|
|||||||
+11
-3
@@ -33,7 +33,7 @@ int BuildTMD(cia_settings *ciaset)
|
|||||||
result = SetupTMDHeader(hdr,info_record,ciaset);
|
result = SetupTMDHeader(hdr,info_record,ciaset);
|
||||||
if(result) return result;
|
if(result) return result;
|
||||||
result = SignTMDHeader(hdr,sig,ciaset->keys);
|
result = SignTMDHeader(hdr,sig,ciaset->keys);
|
||||||
return 0;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
int SetupTMDBuffer(buffer_struct *tmd)
|
int SetupTMDBuffer(buffer_struct *tmd)
|
||||||
@@ -73,12 +73,20 @@ int SignTMDHeader(tmd_hdr *hdr, tmd_signature *sig, keys_struct *keys)
|
|||||||
|
|
||||||
if (Rsa2048Key_CanSign(&keys->rsa.cp) == false)
|
if (Rsa2048Key_CanSign(&keys->rsa.cp) == false)
|
||||||
{
|
{
|
||||||
printf("[TMD WARNING] Failed to sign header\n");
|
printf("[TMD WARNING] Failed to sign header (key was incomplete)\n");
|
||||||
memset(sig->data, 0xFF, 0x100);
|
memset(sig->data, 0xFF, 0x100);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
return RsaSignVerify((u8*)hdr, sizeof(tmd_hdr), sig->data, keys->rsa.cp.pub, keys->rsa.cp.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
int rsa_ret = RsaSignVerify((u8*)hdr, sizeof(tmd_hdr), sig->data, keys->rsa.cp.pub, keys->rsa.cp.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||||
|
if (rsa_ret != 0)
|
||||||
|
{
|
||||||
|
printf("[TMD WARNING] Failed to sign header (mbedtls error = -0x%x)\n", -rsa_ret);
|
||||||
|
memset(sig->data, 0xFF, 0x100);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int SetupTMDInfoRecord(tmd_content_info_record *info_record, u8 *content_record, u16 ContentCount)
|
int SetupTMDInfoRecord(tmd_content_info_record *info_record, u8 *content_record, u16 ContentCount)
|
||||||
|
|||||||
Reference in New Issue
Block a user