fs: update signature for VerifySign1

libraries/libstratosphere/include/stratosphere/fssystem/fssystem_nca_file_system_driver.hpp

@@ -38,7 +38,7 @@ namespace ams::fssystem {
     using DecryptAesCtrFunction = void (*)(void *dst, size_t dst_size, u8 key_index, u8 key_generation, const void *src_key, size_t src_key_size, const void *iv, size_t iv_size, const void *src, size_t src_size);
 
     using CryptAesXtsFunction   = Result (*)(void *dst, size_t dst_size, const void *key1, const void *key2, size_t key_size, const void *iv, size_t iv_size, const void *src, size_t src_size);
-    using VerifySign1Function   = bool (*)(const void *sig, size_t sig_size, const void *data, size_t data_size, u8 generation, const NcaCryptoConfiguration &cfg);
+    using VerifySign1Function   = bool (*)(const void *sig, size_t sig_size, const void *data, size_t data_size, u8 generation);
 
     struct NcaCryptoConfiguration {
         static constexpr size_t Rsa2048KeyModulusSize         = crypto::Rsa2048PssSha256Verifier::ModulusSize;

libraries/libstratosphere/source/fs/fs_access_log.cpp

@@ -253,6 +253,8 @@ namespace ams::fs::impl {
             ADD_ENUM_CASE(AesXts);
             ADD_ENUM_CASE(AesCtr);
             ADD_ENUM_CASE(AesCtrEx);
+            ADD_ENUM_CASE(AesCtrSkipLayerHash);
+            ADD_ENUM_CASE(AesCtrExSkipLayerHash);
             default: return ToValueString(static_cast<int>(id));
         }
     }
@@ -264,6 +266,18 @@ namespace ams::fs::impl {
             ADD_ENUM_CASE(None);
             ADD_ENUM_CASE(HierarchicalSha256Hash);
             ADD_ENUM_CASE(HierarchicalIntegrityHash);
+            ADD_ENUM_CASE(AutoSha3);
+            ADD_ENUM_CASE(HierarchicalSha3256Hash);
+            ADD_ENUM_CASE(HierarchicalIntegritySha3Hash);
+            default: return ToValueString(static_cast<int>(id));
+        }
+    }
+
+    template<> const char *IdString::ToString<fssystem::NcaFsHeader::MetaDataHashType>(fssystem::NcaFsHeader::MetaDataHashType id) {
+        switch (id) {
+            using enum fssystem::NcaFsHeader::MetaDataHashType;
+            ADD_ENUM_CASE(None);
+            ADD_ENUM_CASE(HierarchicalIntegrity);
             default: return ToValueString(static_cast<int>(id));
         }
     }

libraries/libstratosphere/source/fssystem/fssystem_crypto_configuration.cpp

@@ -214,10 +214,19 @@ namespace ams::fssystem {
             ComputeCtr(dst, dst_size, accessor->GetKeySlotIndex(), src, src_size, iv, iv_size);
         }
 
-        bool VerifySign1(const void *sig, size_t sig_size, const void *data, size_t data_size, u8 generation, const NcaCryptoConfiguration &cfg) {
-            const u8 *mod         = cfg.header_1_sign_key_moduli[generation];
+        bool VerifySign1Prod(const void *sig, size_t sig_size, const void *data, size_t data_size, u8 generation) {
+            const u8 *mod         = g_nca_crypto_configuration_prod.header_1_sign_key_moduli[generation];
             const size_t mod_size = NcaCryptoConfiguration::Rsa2048KeyModulusSize;
-            const u8 *exp         = cfg.header_1_sign_key_public_exponent;
+            const u8 *exp         = g_nca_crypto_configuration_prod.header_1_sign_key_public_exponent;
+            const size_t exp_size = NcaCryptoConfiguration::Rsa2048KeyPublicExponentSize;
+
+            return crypto::VerifyRsa2048PssSha256(sig, sig_size, mod, mod_size, exp, exp_size, data, data_size);
+        }
+
+        bool VerifySign1Dev(const void *sig, size_t sig_size, const void *data, size_t data_size, u8 generation) {
+            const u8 *mod         = g_nca_crypto_configuration_dev.header_1_sign_key_moduli[generation];
+            const size_t mod_size = NcaCryptoConfiguration::Rsa2048KeyModulusSize;
+            const u8 *exp         = g_nca_crypto_configuration_dev.header_1_sign_key_public_exponent;
             const size_t exp_size = NcaCryptoConfiguration::Rsa2048KeyPublicExponentSize;
 
             return crypto::VerifyRsa2048PssSha256(sig, sig_size, mod, mod_size, exp, exp_size, data, data_size);
@@ -227,7 +236,7 @@ namespace ams::fssystem {
 
     const ::ams::fssystem::NcaCryptoConfiguration *GetNcaCryptoConfiguration(bool prod) {
         /* Decide which configuration to use. */
-        NcaCryptoConfiguration *cfg = prod ? std::addressof(g_nca_crypto_configuration_prod) : std::addressof(g_nca_crypto_configuration_dev);
+        NcaCryptoConfiguration * const cfg = prod ? std::addressof(g_nca_crypto_configuration_prod) : std::addressof(g_nca_crypto_configuration_dev);
         std::memcpy(cfg, fssrv::GetDefaultNcaCryptoConfiguration(prod), sizeof(NcaCryptoConfiguration));
 
         /* Set the key generation functions. */
@@ -236,7 +245,7 @@ namespace ams::fssystem {
         cfg->encrypt_aes_xts_external      = nullptr;
         cfg->decrypt_aes_ctr               = DecryptAesCtr;
         cfg->decrypt_aes_ctr_external      = DecryptAesCtrForPreparedKey;
-        cfg->verify_sign1                  = VerifySign1;
+        cfg->verify_sign1                  = prod ? VerifySign1Prod : VerifySign1Dev;
         cfg->is_plaintext_header_available = !prod;
         cfg->is_available_sw_key           = true;
 

libraries/libstratosphere/source/fssystem/fssystem_nca_reader.cpp

@@ -122,7 +122,7 @@ namespace ams::fssystem {
             const u8 *msg         = static_cast<const u8 *>(static_cast<const void *>(std::addressof(m_header.magic)));
             const size_t msg_size = NcaHeader::Size - NcaHeader::HeaderSignSize * NcaHeader::HeaderSignCount;
 
-            m_is_header_sign1_signature_valid = crypto_cfg.verify_sign1(sig, sig_size, msg, msg_size, m_header.header1_signature_key_generation, crypto_cfg);
+            m_is_header_sign1_signature_valid = crypto_cfg.verify_sign1(sig, sig_size, msg, msg_size, m_header.header1_signature_key_generation);
 
             #if defined(ATMOSPHERE_BOARD_NINTENDO_NX)
             R_UNLESS(m_is_header_sign1_signature_valid, fs::ResultNcaHeaderSignature1VerificationFailed());