Beispiel #1
0
 public static IStorage OpenStorage(this Nca nca, int index, IntegrityCheckLevel integrityCheckLevel,
                                    bool openRaw)
 {
     if (openRaw)
     {
         return(nca.OpenRawStorage(index));
     }
     return(nca.OpenStorage(index, integrityCheckLevel));
 }
Beispiel #2
0
 public static IStorage OpenStorage(this Nca nca, NcaSectionType type, IntegrityCheckLevel integrityCheckLevel,
                                    bool openRaw)
 {
     if (openRaw)
     {
         return(nca.OpenRawStorage(type));
     }
     return(nca.OpenStorage(type, integrityCheckLevel));
 }
Beispiel #3
0
        private static Validity ValidateCtrExDecryption(Nca nca, int index)
        {
            // The encryption subsection table in an AesCtrEx-encrypted partition contains the length of the entire partition.
            // The encryption table is always located immediately following the partition data, so the offset value of the encryption
            // table located in the NCA header should be the same as the size read from the encryption table.

            Debug.Assert(nca.CanOpenSection(index));

            NcaFsPatchInfo header           = nca.Header.GetFsHeader(index).GetPatchInfo();
            IStorage       decryptedStorage = nca.OpenRawStorage(index);

            Span <byte> buffer = stackalloc byte[sizeof(long)];

            decryptedStorage.Read(buffer, header.EncryptionTreeOffset + 8);
            long readDataSize = BinaryPrimitives.ReadInt64LittleEndian(buffer);

            if (header.EncryptionTreeOffset != readDataSize)
            {
                return(Validity.Invalid);
            }

            return(Validity.Valid);
        }
Beispiel #4
0
        public static Validity ValidateSectionMasterHash(this Nca nca, int index)
        {
            if (!nca.SectionExists(index))
            {
                throw new ArgumentException(nameof(index), Messages.NcaSectionMissing);
            }
            if (!nca.CanOpenSection(index))
            {
                return(Validity.MissingKey);
            }

            NcaFsHeader header = nca.Header.GetFsHeader(index);

            // The base data is needed to validate the hash, so use a trick involving the AES-CTR extended
            // encryption table to check if the decryption is invalid.
            // todo: If the patch replaces the data checked by the master hash, use that directly
            if (header.IsPatchSection())
            {
                if (header.EncryptionType != NcaEncryptionType.AesCtrEx)
                {
                    return(Validity.Unchecked);
                }

                Validity ctrExValidity = ValidateCtrExDecryption(nca, index);
                return(ctrExValidity == Validity.Invalid ? Validity.Invalid : Validity.Unchecked);
            }

            byte[] expectedHash;
            long   offset;
            long   size;

            switch (header.HashType)
            {
            case NcaHashType.Ivfc:
                NcaFsIntegrityInfoIvfc ivfcInfo = header.GetIntegrityInfoIvfc();

                expectedHash = ivfcInfo.MasterHash.ToArray();
                offset       = ivfcInfo.GetLevelOffset(0);
                size         = 1 << ivfcInfo.GetLevelBlockSize(0);

                break;

            case NcaHashType.Sha256:
                NcaFsIntegrityInfoSha256 sha256Info = header.GetIntegrityInfoSha256();
                expectedHash = sha256Info.MasterHash.ToArray();

                offset = sha256Info.GetLevelOffset(0);
                size   = sha256Info.GetLevelSize(0);

                break;

            default:
                return(Validity.Unchecked);
            }

            IStorage storage = nca.OpenRawStorage(index);

            var data = new byte[size];

            storage.Read(data, offset);

            byte[] actualHash = Crypto.ComputeSha256(data, 0, data.Length);

            if (Util.ArraysEqual(expectedHash, actualHash))
            {
                return(Validity.Valid);
            }

            return(Validity.Invalid);
        }