mirror of
https://github.com/jakcron/nstool
synced 2024-12-26 22:51:11 +00:00
Add initial support for NCA signature key generations.
This commit is contained in:
parent
74de59f6dd
commit
3851ee66c5
4 changed files with 21 additions and 6 deletions
|
@ -225,9 +225,21 @@ bool KeyConfiguration::getContentArchiveHeaderKey(fnd::aes::sAesXts128Key& key)
|
|||
return copyOutKeyResourceIfExists(mContentArchiveHeaderKey, key, kNullAesXtsKey);
|
||||
}
|
||||
|
||||
bool KeyConfiguration::getContentArchiveHeader0SignKey(fnd::rsa::sRsa2048Key& key) const
|
||||
bool KeyConfiguration::getContentArchiveHeader0SignKey(fnd::rsa::sRsa2048Key& key, byte_t key_generation) const
|
||||
{
|
||||
return copyOutKeyResourceIfExists(mContentArchiveHeader0SignKey, key, kNullRsa2048Key);
|
||||
// TODO: This needs to be changed to support multiple keys
|
||||
|
||||
bool keyIsFound = false;
|
||||
switch (key_generation)
|
||||
{
|
||||
case (0x00):
|
||||
keyIsFound = copyOutKeyResourceIfExists(mContentArchiveHeader0SignKey, key, kNullRsa2048Key);
|
||||
break;
|
||||
default:
|
||||
keyIsFound = false;
|
||||
}
|
||||
|
||||
return keyIsFound;
|
||||
}
|
||||
|
||||
bool KeyConfiguration::getAcidSignKey(fnd::rsa::sRsa2048Key& key, byte_t key_generation) const
|
||||
|
|
|
@ -25,7 +25,7 @@ public:
|
|||
|
||||
// nca keys
|
||||
bool getContentArchiveHeaderKey(fnd::aes::sAesXts128Key& key) const;
|
||||
bool getContentArchiveHeader0SignKey(fnd::rsa::sRsa2048Key& key) const;
|
||||
bool getContentArchiveHeader0SignKey(fnd::rsa::sRsa2048Key& key, byte_t key_generation) const;
|
||||
bool getAcidSignKey(fnd::rsa::sRsa2048Key& key, byte_t key_generation) const;
|
||||
bool getNcaKeyAreaEncryptionKey(byte_t masterkey_index, byte_t keak_type, fnd::aes::sAes128Key& key) const;
|
||||
bool getNcaKeyAreaEncryptionKeyHw(byte_t masterkey_index, byte_t keak_type, fnd::aes::sAes128Key& key) const;
|
||||
|
|
|
@ -392,7 +392,7 @@ void NcaProcess::validateNcaSignatures()
|
|||
{
|
||||
// validate signature[0]
|
||||
fnd::rsa::sRsa2048Key sign0_key;
|
||||
mKeyCfg.getContentArchiveHeader0SignKey(sign0_key);
|
||||
mKeyCfg.getContentArchiveHeader0SignKey(sign0_key, mHdr.getSignatureKeyGeneration());
|
||||
if (fnd::rsa::pss::rsaVerify(sign0_key, fnd::sha::HASH_SHA256, mHdrHash.bytes, mHdrBlock.signature_main) != 0)
|
||||
{
|
||||
std::cout << "[WARNING] NCA Header Main Signature: FAIL" << std::endl;
|
||||
|
@ -417,10 +417,12 @@ void NcaProcess::validateNcaSignatures()
|
|||
|
||||
MetaProcess npdm;
|
||||
npdm.setInputFile(new fnd::OffsetAdjustedIFile(mPartitions[nn::hac::nca::PARTITION_CODE].reader, file.offset, file.size));
|
||||
npdm.setKeyCfg(mKeyCfg);
|
||||
npdm.setVerifyMode(true);
|
||||
npdm.setCliOutputMode(0);
|
||||
npdm.process();
|
||||
|
||||
if (fnd::rsa::pss::rsaVerify(npdm.getMeta().getAcid().getContentArchiveHeaderSignature2Key(), fnd::sha::HASH_SHA256, mHdrHash.bytes, mHdrBlock.signature_acid) != 0)
|
||||
if (fnd::rsa::pss::rsaVerify(npdm.getMeta().getAccessControlInfoDesc().getContentArchiveHeaderSignature2Key(), fnd::sha::HASH_SHA256, mHdrHash.bytes, mHdrBlock.signature_acid) != 0)
|
||||
{
|
||||
std::cout << "[WARNING] NCA Header ACID Signature: FAIL" << std::endl;
|
||||
}
|
||||
|
@ -450,6 +452,7 @@ void NcaProcess::displayHeader()
|
|||
std::cout << " Dist. Type: " << nn::hac::ContentArchiveUtil::getDistributionTypeAsString(mHdr.getDistributionType()) << std::endl;
|
||||
std::cout << " Content Type: " << nn::hac::ContentArchiveUtil::getContentTypeAsString(mHdr.getContentType()) << std::endl;
|
||||
std::cout << " Key Generation: " << std::dec << (uint32_t)mHdr.getKeyGeneration() << std::endl;
|
||||
std::cout << " Sig. Generation: " << std::dec << (uint32_t)mHdr.getSignatureKeyGeneration() << std::endl;
|
||||
std::cout << " Kaek Index: " << nn::hac::ContentArchiveUtil::getKeyAreaEncryptionKeyIndexAsString((nn::hac::nca::KeyAreaEncryptionKeyIndex)mHdr.getKeyAreaEncryptionKeyIndex()) << " (" << std::dec << (uint32_t)mHdr.getKeyAreaEncryptionKeyIndex() << ")" << std::endl;
|
||||
std::cout << " Size: 0x" << std::hex << mHdr.getContentSize() << std::endl;
|
||||
std::cout << " ProgID: 0x" << std::hex << std::setw(16) << std::setfill('0') << mHdr.getProgramId() << std::endl;
|
||||
|
|
|
@ -912,7 +912,7 @@ void UserSettings::dumpKeyConfig() const
|
|||
|
||||
std::cout << "[KeyConfiguration]" << std::endl;
|
||||
std::cout << " NCA Keys:" << std::endl;
|
||||
if (mKeyCfg.getContentArchiveHeader0SignKey(rsa2048_key) == true)
|
||||
if (mKeyCfg.getContentArchiveHeader0SignKey(rsa2048_key, 0x00) == true)
|
||||
dumpRsa2048Key(rsa2048_key, "Header Signature[0] Key", 2);
|
||||
if (mKeyCfg.getContentArchiveHeaderKey(aesxts_key) == true)
|
||||
dumpAesXtsKey(aesxts_key, "Header Encryption Key", 2);
|
||||
|
|
Loading…
Reference in a new issue