public static void TestCmacTestVectors(TestData data) { var actual = new byte[0x10]; Aes.CalculateCmac(actual, data.Message.AsSpan(data.Start, data.Length), data.Key); Assert.Equal(data.Expected, actual); }
private Validity ValidateSignature(KeySet keySet) { Span <byte> calculatedCmac = stackalloc byte[0x10]; Aes.CalculateCmac(calculatedCmac, Data.AsSpan(0x100, 0x200), keySet.DeviceUniqueSaveMacKeys[0]); return(CryptoUtil.IsSameBytes(calculatedCmac, Cmac, Aes.BlockSize) ? Validity.Valid : Validity.Invalid); }
private static void DecryptKeyBlobs(KeySet s, IProgressReport logger = null) { var cmac = new AesCmac(); for (int i = 0; i < KeySet.UsedKeyBlobCount; i++) { if (s.KeyBlobKeys[i].IsZeros() || s.KeyBlobMacKeys[i].IsZeros() || s.EncryptedKeyBlobs[i].IsZeros()) { continue; } Aes.CalculateCmac(cmac, s.EncryptedKeyBlobs[i].Bytes.Slice(0x10, 0xA0), s.KeyBlobMacKeys[i]); if (!Utilities.SpansEqual <byte>(cmac, s.EncryptedKeyBlobs[i].Cmac)) { logger?.LogMessage($"Warning: Keyblob MAC {i:x2} is invalid. Are SBK/TSEC key correct?"); } Aes.DecryptCtr128(s.EncryptedKeyBlobs[i].Bytes.Slice(0x20), s.KeyBlobs[i].Bytes, s.KeyBlobKeys[i], s.EncryptedKeyBlobs[i].Counter); } }
public Result Commit(Keyset keyset) { CoreDataIvfcStorage.Flush(); FatIvfcStorage?.Flush(); Stream headerStream = BaseStorage.AsStream(); var hashData = new byte[0x3d00]; headerStream.Position = 0x300; headerStream.Read(hashData, 0, hashData.Length); var hash = new byte[Sha256.DigestSize]; Sha256.GenerateSha256Hash(hashData, hash); headerStream.Position = 0x108; headerStream.Write(hash, 0, hash.Length); if (keyset == null || keyset.SaveMacKey.IsEmpty()) { return(ResultFs.PreconditionViolation.Log()); } var cmacData = new byte[0x200]; var cmac = new byte[0x10]; headerStream.Position = 0x100; headerStream.Read(cmacData, 0, 0x200); Aes.CalculateCmac(cmac, cmacData, keyset.SaveMacKey); headerStream.Position = 0; headerStream.Write(cmac, 0, 0x10); headerStream.Flush(); return(Result.Success); }