mirror of
https://github.com/DarkStore-3DS/Project_CTR.git
synced 2026-07-02 16:59:03 +00:00
[makerom] Fix encryption for production target.
This commit is contained in:
@@ -23,10 +23,7 @@ int set_AccessDesc(exheader_settings *exhdrset)
|
||||
return accessdesc_GetSignFromPreset(exhdrset);
|
||||
else if(exhdrset->rsf->CommonHeaderKey.Found == true) // Keydata exists in RSF
|
||||
return accessdesc_GetSignFromRsf(exhdrset);
|
||||
else if (Rsa2048Key_CanSign(&exhdrset->keys->rsa.acex) == false) // sign using rsa key
|
||||
return accessdesc_SignWithKey(exhdrset);
|
||||
|
||||
return 1;
|
||||
return accessdesc_SignWithKey(exhdrset);
|
||||
}
|
||||
|
||||
int accessdesc_SignWithKey(exheader_settings *exhdrset)
|
||||
@@ -48,13 +45,14 @@ int accessdesc_SignWithKey(exheader_settings *exhdrset)
|
||||
arm11->threadPriority /= 2;
|
||||
|
||||
/* Sign AccessDesc */
|
||||
if (SignAccessDesc(exhdrset->acexDesc, exhdrset->keys) != 0)
|
||||
if (Rsa2048Key_CanSign(&exhdrset->keys->rsa.acex) == false)
|
||||
{
|
||||
printf("[ACEXDESC WARNING] Failed to sign access descriptor\n");
|
||||
memset(exhdrset->acexDesc->signature, 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
return SignAccessDesc(exhdrset->acexDesc, exhdrset->keys);
|
||||
}
|
||||
|
||||
int accessdesc_GetSignFromRsf(exheader_settings *exhdrset)
|
||||
|
||||
+1
-1
@@ -391,5 +391,5 @@ void Rsa2048Key_Set(rsa2048_key* key, const u8* pvt, const u8* pub)
|
||||
bool Rsa2048Key_CanSign(const rsa2048_key* key)
|
||||
{
|
||||
static const u8 rsa2048[RSA_2048_KEY_SIZE] = { 0 };
|
||||
return memcmp(key->pub, rsa2048, RSA_2048_KEY_SIZE) != 0 || memcmp(key->pvt, rsa2048, RSA_2048_KEY_SIZE) != 0;
|
||||
return memcmp(key->pub, rsa2048, RSA_2048_KEY_SIZE) != 0 && memcmp(key->pvt, rsa2048, RSA_2048_KEY_SIZE) != 0;
|
||||
}
|
||||
@@ -30,7 +30,6 @@ typedef enum
|
||||
} pki_keyset;
|
||||
|
||||
// Structs
|
||||
|
||||
typedef struct
|
||||
{
|
||||
u8 *pub;
|
||||
|
||||
+10
-6
@@ -36,27 +36,31 @@ bool IsValidProductCode(char *ProductCode, bool FreeProductCode);
|
||||
// Code
|
||||
int SignCFA(ncch_hdr *hdr, keys_struct *keys)
|
||||
{
|
||||
if (RsaSignVerify(GetNcchHdrData(hdr), GetNcchHdrDataLen(hdr), GetNcchHdrSig(hdr), keys->rsa.cciCfa.pub, keys->rsa.cciCfa.pvt, RSA_2048_SHA256, CTR_RSA_SIGN) != 0)
|
||||
if (Rsa2048Key_CanSign(&keys->rsa.cciCfa) == false)
|
||||
{
|
||||
printf("[NCCH WARNING] Failed to sign CFA header\n");
|
||||
memset(GetNcchHdrSig(hdr), 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
return 0;
|
||||
|
||||
return RsaSignVerify(GetNcchHdrData(hdr), GetNcchHdrDataLen(hdr), GetNcchHdrSig(hdr), keys->rsa.cciCfa.pub, keys->rsa.cciCfa.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||
}
|
||||
|
||||
int CheckCFASignature(ncch_hdr *hdr, keys_struct *keys)
|
||||
{
|
||||
return RsaSignVerify(GetNcchHdrData(hdr),GetNcchHdrDataLen(hdr),GetNcchHdrSig(hdr),keys->rsa.cciCfa.pub,NULL,RSA_2048_SHA256,CTR_RSA_VERIFY);
|
||||
return RsaSignVerify(GetNcchHdrData(hdr),GetNcchHdrDataLen(hdr),GetNcchHdrSig(hdr), keys->rsa.cciCfa.pub, keys->rsa.cciCfa.pvt, RSA_2048_SHA256,CTR_RSA_VERIFY);
|
||||
}
|
||||
|
||||
int SignCXI(ncch_hdr *hdr, keys_struct *keys)
|
||||
{
|
||||
if (RsaSignVerify(GetNcchHdrData(hdr), GetNcchHdrDataLen(hdr), GetNcchHdrSig(hdr), keys->rsa.cxi.pub, keys->rsa.cxi.pvt, RSA_2048_SHA256, CTR_RSA_SIGN) != 0)
|
||||
if (Rsa2048Key_CanSign(&keys->rsa.cxi) == false)
|
||||
{
|
||||
printf("[NCCH WARNING] Failed to sign CXI header\n");
|
||||
memset(GetNcchHdrSig(hdr), 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
return 0;
|
||||
|
||||
return RsaSignVerify(GetNcchHdrData(hdr), GetNcchHdrDataLen(hdr), GetNcchHdrSig(hdr), keys->rsa.cxi.pub, keys->rsa.cxi.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||
}
|
||||
|
||||
int CheckCXISignature(ncch_hdr *hdr, u8 *pubk)
|
||||
@@ -1089,7 +1093,7 @@ bool SetNcchKeys(keys_struct *keys, ncch_hdr *hdr)
|
||||
return false;
|
||||
|
||||
if(keys->aes.ncchKeyX[ncch_keyx_index])
|
||||
ctr_aes_keygen(keys->aes.ncchKeyX[ncch_keyx_index], hdr->signature, keys->aes.ncchKey0);
|
||||
ctr_aes_keygen(keys->aes.ncchKeyX[ncch_keyx_index], hdr->signature, keys->aes.ncchKey1);
|
||||
else
|
||||
return false;
|
||||
|
||||
|
||||
+4
-4
@@ -579,14 +579,14 @@ int GenCciHdr(cci_settings *set)
|
||||
|
||||
|
||||
// Sign Header
|
||||
if (RsaSignVerify(&hdr->magic, sizeof(cci_hdr) - RSA_2048_KEY_SIZE, hdr->signature, set->keys->rsa.cciCfa.pub, set->keys->rsa.cciCfa.pvt, RSA_2048_SHA256, CTR_RSA_SIGN) != 0)
|
||||
if (Rsa2048Key_CanSign(&set->keys->rsa.cciCfa) == false)
|
||||
{
|
||||
printf("[NCSD WARNING] Failed to sign header\n");
|
||||
memset(hdr->signature, 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
return 0;
|
||||
|
||||
return RsaSignVerify(&hdr->magic, sizeof(cci_hdr) - RSA_2048_KEY_SIZE, hdr->signature, set->keys->rsa.cciCfa.pub, set->keys->rsa.cciCfa.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||
}
|
||||
|
||||
char* GetMediaSizeStr(u64 mediaSize)
|
||||
|
||||
+3
-2
@@ -81,13 +81,14 @@ int SignTicketHeader(buffer_struct *tik, keys_struct *keys)
|
||||
clrmem(sig,sizeof(tik_signature));
|
||||
u32_to_u8(sig->sigType,RSA_2048_SHA256,BE);
|
||||
|
||||
if (RsaSignVerify(data, len, sig->data, keys->rsa.xs.pub, keys->rsa.xs.pvt, RSA_2048_SHA256, CTR_RSA_SIGN) != 0)
|
||||
if (Rsa2048Key_CanSign(&keys->rsa.xs) == false)
|
||||
{
|
||||
printf("[TIK WARNING] Failed to sign header\n");
|
||||
memset(sig->data, 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
return RsaSignVerify(data, len, sig->data, keys->rsa.xs.pub, keys->rsa.xs.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||
}
|
||||
|
||||
int CryptTitleKey(u8 *input, u8 *output, u8 *titleId, keys_struct *keys, u8 mode)
|
||||
|
||||
+3
-2
@@ -71,13 +71,14 @@ int SignTMDHeader(tmd_hdr *hdr, tmd_signature *sig, keys_struct *keys)
|
||||
clrmem(sig,sizeof(tmd_signature));
|
||||
u32_to_u8(sig->sigType,RSA_2048_SHA256,BE);
|
||||
|
||||
if (RsaSignVerify((u8*)hdr, sizeof(tmd_hdr), sig->data, keys->rsa.cp.pub, keys->rsa.cp.pvt, RSA_2048_SHA256, CTR_RSA_SIGN) != 0)
|
||||
if (Rsa2048Key_CanSign(&keys->rsa.cp) == false)
|
||||
{
|
||||
printf("[TMD WARNING] Failed to sign header\n");
|
||||
memset(sig->data, 0xFF, 0x100);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
return RsaSignVerify((u8*)hdr, sizeof(tmd_hdr), sig->data, keys->rsa.cp.pub, keys->rsa.cp.pvt, RSA_2048_SHA256, CTR_RSA_SIGN);
|
||||
}
|
||||
|
||||
int SetupTMDInfoRecord(tmd_content_info_record *info_record, u8 *content_record, u16 ContentCount)
|
||||
|
||||
Reference in New Issue
Block a user