mirror of
https://github.com/jakcron/nstool.git
synced 2024-10-18 05:21:11 +00:00
Update libtoolchain to v0.6 & libfmt v9.0.0
This commit is contained in:
Jack
parent
fbf62a4df2
commit
591b270ed4
2
deps/libfmt
vendored
2
deps/libfmt
vendored
|
|
@ -1 +1 @@
|
||||||
Subproject commit ae6df0aead2fdaae8a0b117524a6eb036c8fa075
|
Subproject commit 22d3ddc718021809d8499913867bb9d93dfce7d0
|
||||||
2
deps/libpietendo
vendored
2
deps/libpietendo
vendored
|
|
@ -1 +1 @@
|
||||||
Subproject commit 722700675db9ca4ad6378012d05a06f4499fe828
|
Subproject commit e090b58aef89e815b53d4f2ac7d180f7ed6572c3
|
||||||
2
deps/libtoolchain
vendored
2
deps/libtoolchain
vendored
|
|
@ -1 +1 @@
|
||||||
Subproject commit 05a38e1f0b7e28d8763937f503d4ac34dc8d823d
|
Subproject commit 0bd98364bb4a253200ecd684c8e6323804321c7b
|
||||||
|
|
@ -85,8 +85,8 @@ void nstool::EsTikProcess::verifyTicket()
|
||||||
tc::crypto::GenerateSha1Hash(tik_hash.data(), mTik.getBody().getBytes().data(), mTik.getBody().getBytes().size());
|
tc::crypto::GenerateSha1Hash(tik_hash.data(), mTik.getBody().getBytes().data(), mTik.getBody().getBytes().size());
|
||||||
break;
|
break;
|
||||||
case (pie::hac::es::sign::HASH_ALGO_SHA256):
|
case (pie::hac::es::sign::HASH_ALGO_SHA256):
|
||||||
tik_hash = tc::ByteData(tc::crypto::Sha256Generator::kHashSize);
|
tik_hash = tc::ByteData(tc::crypto::Sha2256Generator::kHashSize);
|
||||||
tc::crypto::GenerateSha256Hash(tik_hash.data(), mTik.getBody().getBytes().data(), mTik.getBody().getBytes().size());
|
tc::crypto::GenerateSha2256Hash(tik_hash.data(), mTik.getBody().getBytes().data(), mTik.getBody().getBytes().size());
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -109,7 +109,7 @@ void nstool::EsTikProcess::displayTicket()
|
||||||
fmt::print("[ES Ticket]\n");
|
fmt::print("[ES Ticket]\n");
|
||||||
fmt::print(" SignType: {:s}", getSignTypeStr(mTik.getSignature().getSignType()));
|
fmt::print(" SignType: {:s}", getSignTypeStr(mTik.getSignature().getSignType()));
|
||||||
if (mCliOutputMode.show_extended_info)
|
if (mCliOutputMode.show_extended_info)
|
||||||
fmt::print(" (0x{:x})", mTik.getSignature().getSignType());
|
fmt::print(" (0x{:x})", (uint32_t)mTik.getSignature().getSignType());
|
||||||
fmt::print("\n");
|
fmt::print("\n");
|
||||||
|
|
||||||
fmt::print(" Issuer: {:s}\n", body.getIssuer());
|
fmt::print(" Issuer: {:s}\n", body.getIssuer());
|
||||||
|
|
|
||||||
|
|
@ -114,7 +114,7 @@ void nstool::GameCardProcess::importHeader()
|
||||||
pie::hac::sGcHeader_Rsa2048Signed* hdr_ptr = (pie::hac::sGcHeader_Rsa2048Signed*)(scratch.data() + mGcHeaderOffset);
|
pie::hac::sGcHeader_Rsa2048Signed* hdr_ptr = (pie::hac::sGcHeader_Rsa2048Signed*)(scratch.data() + mGcHeaderOffset);
|
||||||
|
|
||||||
// generate hash of raw header
|
// generate hash of raw header
|
||||||
tc::crypto::GenerateSha256Hash(mHdrHash.data(), (byte_t*)&hdr_ptr->header, sizeof(pie::hac::sGcHeader));
|
tc::crypto::GenerateSha2256Hash(mHdrHash.data(), (byte_t*)&hdr_ptr->header, sizeof(pie::hac::sGcHeader));
|
||||||
|
|
||||||
// save the signature
|
// save the signature
|
||||||
memcpy(mHdrSignature.data(), hdr_ptr->signature.data(), mHdrSignature.size());
|
memcpy(mHdrSignature.data(), hdr_ptr->signature.data(), mHdrSignature.size());
|
||||||
|
|
@ -225,7 +225,7 @@ bool nstool::GameCardProcess::validateRegionOfFile(int64_t offset, int64_t len,
|
||||||
mFile->read(scratch.data(), scratch.size());
|
mFile->read(scratch.data(), scratch.size());
|
||||||
|
|
||||||
// update hash
|
// update hash
|
||||||
tc::crypto::Sha256Generator sha256_gen;
|
tc::crypto::Sha2256Generator sha256_gen;
|
||||||
sha256_gen.initialize();
|
sha256_gen.initialize();
|
||||||
sha256_gen.update(scratch.data(), scratch.size());
|
sha256_gen.update(scratch.data(), scratch.size());
|
||||||
if (use_salt)
|
if (use_salt)
|
||||||
|
|
@ -247,7 +247,7 @@ void nstool::GameCardProcess::validateXciSignature()
|
||||||
{
|
{
|
||||||
if (mKeyCfg.xci_header_sign_key.isSet())
|
if (mKeyCfg.xci_header_sign_key.isSet())
|
||||||
{
|
{
|
||||||
if (tc::crypto::VerifyRsa2048Pkcs1Sha256(mHdrSignature.data(), mHdrHash.data(), mKeyCfg.xci_header_sign_key.get()) == false)
|
if (tc::crypto::VerifyRsa2048Pkcs1Sha2256(mHdrSignature.data(), mHdrHash.data(), mKeyCfg.xci_header_sign_key.get()) == false)
|
||||||
{
|
{
|
||||||
fmt::print("[WARNING] GameCard Header Signature: FAIL\n");
|
fmt::print("[WARNING] GameCard Header Signature: FAIL\n");
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -116,7 +116,7 @@ void nstool::NcaProcess::importHeader()
|
||||||
pie::hac::ContentArchiveUtil::decryptContentArchiveHeader((byte_t*)&mHdrBlock, (byte_t*)&mHdrBlock, mKeyCfg.nca_header_key.get());
|
pie::hac::ContentArchiveUtil::decryptContentArchiveHeader((byte_t*)&mHdrBlock, (byte_t*)&mHdrBlock, mKeyCfg.nca_header_key.get());
|
||||||
|
|
||||||
// generate header hash
|
// generate header hash
|
||||||
tc::crypto::GenerateSha256Hash(mHdrHash.data(), (byte_t*)&mHdrBlock.header, sizeof(pie::hac::sContentArchiveHeader));
|
tc::crypto::GenerateSha2256Hash(mHdrHash.data(), (byte_t*)&mHdrBlock.header, sizeof(pie::hac::sContentArchiveHeader));
|
||||||
|
|
||||||
// proccess main header
|
// proccess main header
|
||||||
mHdr.fromBytes((byte_t*)&mHdrBlock.header, sizeof(pie::hac::sContentArchiveHeader));
|
mHdr.fromBytes((byte_t*)&mHdrBlock.header, sizeof(pie::hac::sContentArchiveHeader));
|
||||||
|
|
@ -256,7 +256,7 @@ void nstool::NcaProcess::generatePartitionConfiguration()
|
||||||
|
|
||||||
// validate header hash
|
// validate header hash
|
||||||
pie::hac::detail::sha256_hash_t fs_header_hash;
|
pie::hac::detail::sha256_hash_t fs_header_hash;
|
||||||
tc::crypto::GenerateSha256Hash(fs_header_hash.data(), (const byte_t*)&mHdrBlock.fs_header[partition.header_index], sizeof(pie::hac::sContentArchiveFsHeader));
|
tc::crypto::GenerateSha2256Hash(fs_header_hash.data(), (const byte_t*)&mHdrBlock.fs_header[partition.header_index], sizeof(pie::hac::sContentArchiveFsHeader));
|
||||||
if (fs_header_hash != partition.fs_header_hash)
|
if (fs_header_hash != partition.fs_header_hash)
|
||||||
{
|
{
|
||||||
throw tc::Exception(mModuleName, fmt::format("NCA FS Header [{:d}] Hash: FAIL", partition.header_index));
|
throw tc::Exception(mModuleName, fmt::format("NCA FS Header [{:d}] Hash: FAIL", partition.header_index));
|
||||||
|
|
@ -412,7 +412,7 @@ void nstool::NcaProcess::validateNcaSignatures()
|
||||||
// validate signature[0]
|
// validate signature[0]
|
||||||
if (mKeyCfg.nca_header_sign0_key.find(mHdr.getSignatureKeyGeneration()) != mKeyCfg.nca_header_sign0_key.end())
|
if (mKeyCfg.nca_header_sign0_key.find(mHdr.getSignatureKeyGeneration()) != mKeyCfg.nca_header_sign0_key.end())
|
||||||
{
|
{
|
||||||
if (tc::crypto::VerifyRsa2048PssSha256(mHdrBlock.signature_main.data(), mHdrHash.data(), mKeyCfg.nca_header_sign0_key[mHdr.getSignatureKeyGeneration()]) == false)
|
if (tc::crypto::VerifyRsa2048PssSha2256(mHdrBlock.signature_main.data(), mHdrHash.data(), mKeyCfg.nca_header_sign0_key[mHdr.getSignatureKeyGeneration()]) == false)
|
||||||
{
|
{
|
||||||
fmt::print("[WARNING] NCA Header Main Signature: FAIL\n");
|
fmt::print("[WARNING] NCA Header Main Signature: FAIL\n");
|
||||||
}
|
}
|
||||||
|
|
@ -446,7 +446,7 @@ void nstool::NcaProcess::validateNcaSignatures()
|
||||||
npdm.setCliOutputMode(CliOutputMode(false, false, false, false));
|
npdm.setCliOutputMode(CliOutputMode(false, false, false, false));
|
||||||
npdm.process();
|
npdm.process();
|
||||||
|
|
||||||
if (tc::crypto::VerifyRsa2048PssSha256(mHdrBlock.signature_acid.data(), mHdrHash.data(), npdm.getMeta().getAccessControlInfoDesc().getContentArchiveHeaderSignature2Key()) == false)
|
if (tc::crypto::VerifyRsa2048PssSha2256(mHdrBlock.signature_acid.data(), mHdrHash.data(), npdm.getMeta().getAccessControlInfoDesc().getContentArchiveHeaderSignature2Key()) == false)
|
||||||
{
|
{
|
||||||
throw tc::Exception("Bad signature");
|
throw tc::Exception("Bad signature");
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -116,7 +116,7 @@ void nstool::NsoProcess::importCodeSegments()
|
||||||
}
|
}
|
||||||
if (mHdr.getTextSegmentInfo().is_hashed)
|
if (mHdr.getTextSegmentInfo().is_hashed)
|
||||||
{
|
{
|
||||||
tc::crypto::GenerateSha256Hash(calc_hash.data(), mTextBlob.data(), mTextBlob.size());
|
tc::crypto::GenerateSha2256Hash(calc_hash.data(), mTextBlob.data(), mTextBlob.size());
|
||||||
if (calc_hash != mHdr.getTextSegmentInfo().hash)
|
if (calc_hash != mHdr.getTextSegmentInfo().hash)
|
||||||
{
|
{
|
||||||
throw tc::Exception(mModuleName, "NSO text segment failed SHA256 verification");
|
throw tc::Exception(mModuleName, "NSO text segment failed SHA256 verification");
|
||||||
|
|
@ -149,7 +149,7 @@ void nstool::NsoProcess::importCodeSegments()
|
||||||
}
|
}
|
||||||
if (mHdr.getRoSegmentInfo().is_hashed)
|
if (mHdr.getRoSegmentInfo().is_hashed)
|
||||||
{
|
{
|
||||||
tc::crypto::GenerateSha256Hash(calc_hash.data(), mRoBlob.data(), mRoBlob.size());
|
tc::crypto::GenerateSha2256Hash(calc_hash.data(), mRoBlob.data(), mRoBlob.size());
|
||||||
if (calc_hash != mHdr.getRoSegmentInfo().hash)
|
if (calc_hash != mHdr.getRoSegmentInfo().hash)
|
||||||
{
|
{
|
||||||
throw tc::Exception(mModuleName, "NSO ro segment failed SHA256 verification");
|
throw tc::Exception(mModuleName, "NSO ro segment failed SHA256 verification");
|
||||||
|
|
@ -182,7 +182,7 @@ void nstool::NsoProcess::importCodeSegments()
|
||||||
}
|
}
|
||||||
if (mHdr.getDataSegmentInfo().is_hashed)
|
if (mHdr.getDataSegmentInfo().is_hashed)
|
||||||
{
|
{
|
||||||
tc::crypto::GenerateSha256Hash(calc_hash.data(), mDataBlob.data(), mDataBlob.size());
|
tc::crypto::GenerateSha2256Hash(calc_hash.data(), mDataBlob.data(), mDataBlob.size());
|
||||||
if (calc_hash != mHdr.getDataSegmentInfo().hash)
|
if (calc_hash != mHdr.getDataSegmentInfo().hash)
|
||||||
{
|
{
|
||||||
throw tc::Exception(mModuleName, "NSO data segment failed SHA256 verification");
|
throw tc::Exception(mModuleName, "NSO data segment failed SHA256 verification");
|
||||||
|
|
|
||||||
|
|
@ -62,8 +62,8 @@ void nstool::PkiValidator::addCertificate(const pie::hac::es::SignedData<pie::ha
|
||||||
tc::crypto::GenerateSha1Hash(cert_hash.data(), cert.getBody().getBytes().data(), cert.getBody().getBytes().size());
|
tc::crypto::GenerateSha1Hash(cert_hash.data(), cert.getBody().getBytes().data(), cert.getBody().getBytes().size());
|
||||||
break;
|
break;
|
||||||
case (pie::hac::es::sign::HASH_ALGO_SHA256):
|
case (pie::hac::es::sign::HASH_ALGO_SHA256):
|
||||||
cert_hash = tc::ByteData(tc::crypto::Sha256Generator::kHashSize);
|
cert_hash = tc::ByteData(tc::crypto::Sha2256Generator::kHashSize);
|
||||||
tc::crypto::GenerateSha256Hash(cert_hash.data(), cert.getBody().getBytes().data(), cert.getBody().getBytes().size());
|
tc::crypto::GenerateSha2256Hash(cert_hash.data(), cert.getBody().getBytes().data(), cert.getBody().getBytes().size());
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
throw tc::Exception(mModuleName, "Unrecognised hash type");
|
throw tc::Exception(mModuleName, "Unrecognised hash type");
|
||||||
|
|
@ -154,10 +154,10 @@ void nstool::PkiValidator::validateSignature(const std::string& issuer, pie::hac
|
||||||
sig_valid = false;
|
sig_valid = false;
|
||||||
break;
|
break;
|
||||||
case (pie::hac::es::sign::SIGN_ID_RSA4096_SHA256):
|
case (pie::hac::es::sign::SIGN_ID_RSA4096_SHA256):
|
||||||
sig_valid = tc::crypto::VerifyRsa4096Pkcs1Sha256(signature.data(), hash.data(), rsa_key);
|
sig_valid = tc::crypto::VerifyRsa4096Pkcs1Sha2256(signature.data(), hash.data(), rsa_key);
|
||||||
break;
|
break;
|
||||||
case (pie::hac::es::sign::SIGN_ID_RSA2048_SHA256):
|
case (pie::hac::es::sign::SIGN_ID_RSA2048_SHA256):
|
||||||
sig_valid = tc::crypto::VerifyRsa2048Pkcs1Sha256(signature.data(), hash.data(), rsa_key);
|
sig_valid = tc::crypto::VerifyRsa2048Pkcs1Sha2256(signature.data(), hash.data(), rsa_key);
|
||||||
break;
|
break;
|
||||||
case (pie::hac::es::sign::SIGN_ID_ECDSA240_SHA256):
|
case (pie::hac::es::sign::SIGN_ID_ECDSA240_SHA256):
|
||||||
sig_valid = false;
|
sig_valid = false;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue