ShuriZma
/
dolphin
mirror of https://github.com/dolphin-emu/dolphin.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ES/Formats: Move sha1 calculation to SignedBlobReader

This commit is contained in:
Léo Lam 2018-05-18 21:20:43 +02:00
parent fbf79f837f
commit 90e86fa9a6
3 changed files with 29 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
Source/Core/Core/IOS/ES/ES.cpp
View File

@ -11,8 +11,6 @@
#include <utility> #include <utility>
#include <vector> #include <vector>
#include <mbedtls/sha1.h>
#include "Common/ChunkFile.h" #include "Common/ChunkFile.h"
#include "Common/Logging/Log.h" #include "Common/Logging/Log.h"
#include "Common/MsgHandler.h" #include "Common/MsgHandler.h"
@ -950,16 +948,9 @@ ReturnCode ES::VerifyContainer(VerifyContainerType type, VerifyMode mode,
return ret; return ret;
} }
// Calculate the SHA1 of the signed blob.
const size_t skip = type == VerifyContainerType::Device ? offsetof(SignatureECC, issuer) :
offsetof(SignatureRSA2048, issuer);
std::array<u8, 20> sha1;
mbedtls_sha1(signed_blob.GetBytes().data() + skip, signed_blob.GetBytes().size() - skip,
sha1.data());
// Verify the signature. // Verify the signature.
const std::vector<u8> signature = signed_blob.GetSignatureData(); const std::vector<u8> signature = signed_blob.GetSignatureData();
ret = iosc.VerifyPublicKeySign(sha1, issuer_handle, signature.data(), PID_ES); ret = iosc.VerifyPublicKeySign(signed_blob.GetSha1(), issuer_handle, signature.data(), PID_ES);
if (ret != IPC_SUCCESS) if (ret != IPC_SUCCESS)
{ {
ERROR_LOG(IOS_ES, "VerifyContainer: IOSC_VerifyPublicKeySign failed with error %d", ret); ERROR_LOG(IOS_ES, "VerifyContainer: IOSC_VerifyPublicKeySign failed with error %d", ret);

25
Source/Core/Core/IOS/ES/Formats.cpp
View File

@ -16,6 +16,8 @@
#include <utility> #include <utility>
#include <vector> #include <vector>
#include <mbedtls/sha1.h>
#include "Common/Assert.h" #include "Common/Assert.h"
#include "Common/ChunkFile.h" #include "Common/ChunkFile.h"
#include "Common/CommonTypes.h" #include "Common/CommonTypes.h"
@ -102,6 +104,29 @@ void SignedBlobReader::SetBytes(std::vector<u8>&& bytes)
m_bytes = std::move(bytes); m_bytes = std::move(bytes);
} }
static size_t GetIssuerOffset(SignatureType signature_type)
{
switch (signature_type)
{
case SignatureType::RSA2048:
return offsetof(SignatureRSA2048, issuer);
case SignatureType::RSA4096:
return offsetof(SignatureRSA4096, issuer);
case SignatureType::ECC:
return offsetof(SignatureECC, issuer);
default:
return 0;
}
}
std::array<u8, 20> SignedBlobReader::GetSha1() const
{
std::array<u8, 20> sha1;
const size_t skip = GetIssuerOffset(GetSignatureType());
mbedtls_sha1(m_bytes.data() + skip, m_bytes.size() - skip, sha1.data());
return sha1;
}
bool SignedBlobReader::IsSignatureValid() const bool SignedBlobReader::IsSignatureValid() const
{ {
// Too small for the certificate type. // Too small for the certificate type.

3
Source/Core/Core/IOS/ES/Formats.h
View File

@ -162,6 +162,9 @@ public:
void SetBytes(const std::vector<u8>& bytes); void SetBytes(const std::vector<u8>& bytes);
void SetBytes(std::vector<u8>&& bytes); void SetBytes(std::vector<u8>&& bytes);
/// Get the SHA1 hash for this signed blob (starting at the issuer).
std::array<u8, 20> GetSha1() const;
// Only checks whether the signature data could be parsed. The signature is not verified. // Only checks whether the signature data could be parsed. The signature is not verified.
bool IsSignatureValid() const; bool IsSignatureValid() const;