public static IStorage OpenStorage(this Nca nca, int index, IntegrityCheckLevel integrityCheckLevel, bool openRaw) { if (openRaw) { return(nca.OpenRawStorage(index)); } return(nca.OpenStorage(index, integrityCheckLevel)); }
public static IStorage OpenStorage(this Nca nca, NcaSectionType type, IntegrityCheckLevel integrityCheckLevel, bool openRaw) { if (openRaw) { return(nca.OpenRawStorage(type)); } return(nca.OpenStorage(type, integrityCheckLevel)); }
private static Validity ValidateCtrExDecryption(Nca nca, int index) { // The encryption subsection table in an AesCtrEx-encrypted partition contains the length of the entire partition. // The encryption table is always located immediately following the partition data, so the offset value of the encryption // table located in the NCA header should be the same as the size read from the encryption table. Debug.Assert(nca.CanOpenSection(index)); NcaFsPatchInfo header = nca.Header.GetFsHeader(index).GetPatchInfo(); IStorage decryptedStorage = nca.OpenRawStorage(index); Span <byte> buffer = stackalloc byte[sizeof(long)]; decryptedStorage.Read(buffer, header.EncryptionTreeOffset + 8); long readDataSize = BinaryPrimitives.ReadInt64LittleEndian(buffer); if (header.EncryptionTreeOffset != readDataSize) { return(Validity.Invalid); } return(Validity.Valid); }
public static Validity ValidateSectionMasterHash(this Nca nca, int index) { if (!nca.SectionExists(index)) { throw new ArgumentException(nameof(index), Messages.NcaSectionMissing); } if (!nca.CanOpenSection(index)) { return(Validity.MissingKey); } NcaFsHeader header = nca.Header.GetFsHeader(index); // The base data is needed to validate the hash, so use a trick involving the AES-CTR extended // encryption table to check if the decryption is invalid. // todo: If the patch replaces the data checked by the master hash, use that directly if (header.IsPatchSection()) { if (header.EncryptionType != NcaEncryptionType.AesCtrEx) { return(Validity.Unchecked); } Validity ctrExValidity = ValidateCtrExDecryption(nca, index); return(ctrExValidity == Validity.Invalid ? Validity.Invalid : Validity.Unchecked); } byte[] expectedHash; long offset; long size; switch (header.HashType) { case NcaHashType.Ivfc: NcaFsIntegrityInfoIvfc ivfcInfo = header.GetIntegrityInfoIvfc(); expectedHash = ivfcInfo.MasterHash.ToArray(); offset = ivfcInfo.GetLevelOffset(0); size = 1 << ivfcInfo.GetLevelBlockSize(0); break; case NcaHashType.Sha256: NcaFsIntegrityInfoSha256 sha256Info = header.GetIntegrityInfoSha256(); expectedHash = sha256Info.MasterHash.ToArray(); offset = sha256Info.GetLevelOffset(0); size = sha256Info.GetLevelSize(0); break; default: return(Validity.Unchecked); } IStorage storage = nca.OpenRawStorage(index); var data = new byte[size]; storage.Read(data, offset); byte[] actualHash = Crypto.ComputeSha256(data, 0, data.Length); if (Util.ArraysEqual(expectedHash, actualHash)) { return(Validity.Valid); } return(Validity.Invalid); }