/* * Create a DiscID based on the TOC data found in the DiscId object. * The DiscID is placed in the provided string buffer. */ static void create_disc_id(mb_disc_private *d, char buf[]) { SHA_INFO sha; unsigned char digest[20], *base64; unsigned long size; char tmp[17]; /* for 8 hex digits (16 to avoid trouble) */ int i; assert( d != NULL ); sha_init(&sha); sprintf(tmp, "%02X", d->first_track_num); sha_update(&sha, (unsigned char *) tmp, strlen(tmp)); sprintf(tmp, "%02X", d->last_track_num); sha_update(&sha, (unsigned char *) tmp, strlen(tmp)); for (i = 0; i < 100; i++) { sprintf(tmp, "%08X", d->track_offsets[i]); sha_update(&sha, (unsigned char *) tmp, strlen(tmp)); } sha_final(digest, &sha); base64 = rfc822_binary(digest, sizeof(digest), &size); memcpy(buf, base64, size); buf[size] = '\0'; free(base64); }
PERROR MakeKeyMaterial( FRAME *frame, UBYTE *passphrase, struct PPTBase *PPTBase ) { ROWPTR cp, tmprow; WORD row; struct ExecBase *SysBase = PPTBase->lb_Sys; SHA_INFO sha = {0}; PERROR res = PERR_OK; sha_init( &sha ); InitProgress(frame,"Building key...", 0, frame->pix->height ); /* * First, use the passphrase for the key. */ if( strlen(passphrase) > 0 ) sha_update( &sha, passphrase, strlen(passphrase) ); if( tmprow = AllocVec( frame->pix->bytes_per_row, 0L ) ) { for( row = 0; row < frame->pix->height; row++ ) { WORD col; cp = GetPixelRow( frame, row ); if( Progress( frame, row ) ) { res = PERR_BREAK; break; } for( col = 0; col < frame->pix->bytes_per_row; col++ ) { /* Use only significant bytes */ tmprow[col] = cp[col] & 0xFE; } sha_update( &sha, tmprow, frame->pix->bytes_per_row ); } // Use the passphrase again (why?) if( strlen(passphrase) > 0 ) sha_update( &sha, passphrase, strlen(passphrase) ); FinishProgress( frame ); sha_final( &sha ); memcpy( key, &sha.digest[0], SHA_DIGESTSIZE ); D(sha_print( &sha ) ); FreeVec( tmprow ); } else { SetErrorCode( frame, PERR_OUTOFMEMORY ); res = PERR_OUTOFMEMORY; } return res; }
/* * Hash the buffer and place the result in *shaStateP. */ void sha_hash(shaState * shaStateP, const char *buffer, int bufferLen) { sha_clear(shaStateP); sha_update(shaStateP, buffer, bufferLen); sha_finish(shaStateP); }
void test_run() { sha_init(&sha_info); for(int n = 0; n < 4; ++n) { sha_update(&sha_info, data + 4 * n, 256); } sha_final(&sha_info); }
/* static bool checkFileHash(wchar_t *path, uint8_t *checkhash) { FIL fil; uint8_t *buf; uint8_t hash[32]; size_t size; mbedtls_sha256_context ctx; if (!FileOpen(&fil, path, false) || ((FileGetSize(&fil)) == 0 && (FileClose(&fil) || true))) return false; buf = __builtin_alloca(BUF_SIZE); mbedtls_sha256_init(&ctx); mbedtls_sha256_starts(&ctx, 0); while ((size = FileRead2(&fil, buf, BUF_SIZE))) mbedtls_sha256_update(&ctx, buf, size); FileClose(&fil); mbedtls_sha256_finish(&ctx, hash); return !memcmp(hash, checkhash, sizeof(hash)); } */ uint_fast8_t tmdValidateChunk(tmd_data *data, wchar_t *path, uint_fast16_t content_index, uint_fast8_t drive) { //validates loaded tmd content chunk records FIL fil; size_t size; wchar_t apppath[_MAX_LFN + 1]; uint8_t hash[SHA_256_SIZE]; uint8_t *buf = __builtin_alloca(BUF_SIZE); uint_fast16_t content_count; content_count = __builtin_bswap16(data->header.content_count); if (!data->content_chunk && (data->content_chunk = __builtin_alloca(content_count * sizeof(tmd_content_chunk))) && !tmdPreloadChunk(data, path, content_index) ) return 0; for (uint_fast16_t info_index = 0, chunk_index = 0; chunk_index < content_count; info_index++) { for (uint_fast16_t chunk_count = __builtin_bswap16(data->content_info[info_index].content_command_count); chunk_count > 0; chunk_index++, chunk_count--) { if (content_index == CONTENT_INDEX_ALL || content_index == data->content_chunk[chunk_index].content_index) { sha_start(SHA_256_MODE, NULL); swprintf(apppath, _MAX_LFN + 1, L"%.*ls/%08lx%s", wcsrchr(path, L'/') - path, path, __builtin_bswap32(data->content_chunk[chunk_index].content_id), APP_EXT); size = __builtin_bswap32(data->content_chunk[chunk_index].content_size_lo); if (FileOpen(&fil, apppath, 0) && (FileGetSize(&fil) == size || (FileClose(&fil) && 0))) { while ((size = FileRead2(&fil, buf, BUF_SIZE))) sha_update(buf, size); } else if (!(apppath[wcslen(apppath) - strlen(APP_EXT)] = 0) && FileOpen(&fil, apppath, 0) && (FileGetSize(&fil) == size || (FileClose(&fil) && 0)) ) { aes_key Key = {&(aes_key_data){{0}}, AES_CNT_INPUT_BE_NORMAL, 0x2C, NORMALKEY}; getTitleKey2(&Key, data->header.title_id, drive); aes_ctr ctr = {{{0}}, AES_CNT_INPUT_BE_NORMAL}; aes_set_key(&Key); while ((size = FileRead2(&fil, buf, BUF_SIZE))) { aes(buf, buf, size, &ctr, AES_CBC_DECRYPT_MODE | AES_CNT_INPUT_BE_NORMAL | AES_CNT_OUTPUT_BE_NORMAL); sha_update(buf, size); } } else return 0; FileClose(&fil); sha_finish(hash); if (memcmp(hash, data->content_chunk[chunk_index].content_hash, sizeof(hash))) return 0; } } } return 1; }
int ctr_nand_crypto_interface_initialize(ctr_nand_crypto_interface *crypto_io, uint8_t keySlot, ctr_nand_crypto_type crypto_type, ctr_io_interface *lower_io) { crypto_io->base = nand_crypto_base; //Get the nonces for CTRNAND and TWL decryption uint32_t mode; uint32_t NandCid[4]; alignas(4) uint8_t shasum[32]; sdmmc_get_cid(true, NandCid); uint32_t ctr[4]; switch (crypto_type) { case NAND_CTR: check_and_do_n3ds_init(); sha_init(SHA256_MODE); sha_update((uint8_t*)NandCid, 16); sha_get(shasum); memcpy(ctr, shasum, 16); mode = AES_CNT_CTRNAND_MODE; break; case NAND_TWL: check_and_do_twl_init(); sha_init(SHA1_MODE); sha_update((uint8_t*)NandCid, 16); sha_get(shasum); for(uint32_t i = 0; i < 16u; i++) // little endian and reversed order { ((uint8_t*)ctr)[i] = shasum[15-i]; } mode = AES_CNT_TWLNAND_MODE; break; default: return 1; //Unknown type } ctr_crypto_interface_initialize(&crypto_io->crypto_io, keySlot, mode, CTR_CRYPTO_ENCRYPTED, CRYPTO_CTR, (uint8_t*)ctr, lower_io); return 0; }
VOID NextBitLoc( ULONG *resx, ULONG *resy, UWORD width, UWORD height ) { ULONG x, y, hash; SHA_INFO sha = {0}; y = counter / width; x = counter % width; // First iteration sha_init(&sha); sha_update( &sha, key, SHA_DIGESTSIZE ); sha_update( &sha, (UBYTE *)&x, sizeof(x) ); sha_final( &sha ); D(sha_print( &sha )); hash = (sha.digest[0] & 0x7fffffff); // Lose the sign y = (y+hash) % height; // Second iteration sha_init(&sha); sha_update( &sha, key, SHA_DIGESTSIZE ); sha_update( &sha, (UBYTE *)&y, sizeof(y) ); sha_final( &sha ); D(sha_print( &sha )); hash = (sha.digest[0] & 0x7fffffff); // Lose the sign x = (x+hash) % width; // Third iteration sha_init(&sha); sha_update( &sha, key, SHA_DIGESTSIZE ); sha_update( &sha, (UBYTE *)&x, sizeof(x) ); sha_final( &sha ); D(sha_print( &sha )); hash = (sha.digest[0] & 0x7fffffff); // Lose the sign y = (y+hash) % height; *resx = x; *resy = y; ++counter; }
char *par_mktmpdir ( char **argv ) { int i; const char *tmpdir = NULL; const char *key = NULL , *val = NULL; /* NOTE: all arrays below are NULL terminated */ const char *temp_dirs[] = { P_tmpdir, #ifdef WIN32 "C:\\TEMP", #endif ".", NULL }; const char *temp_keys[] = { "PAR_TMPDIR", "TMPDIR", "TEMPDIR", "TEMP", "TMP", NULL }; const char *user_keys[] = { "USER", "USERNAME", NULL }; const char *subdirbuf_prefix = "par-"; const char *subdirbuf_suffix = ""; char *progname = NULL, *username = NULL; char *stmpdir = NULL, *top_tmpdir = NULL; int f, j, k, stmp_len = 0; char sha1[41]; SHA_INFO sha_info; unsigned char buf[32768]; unsigned char sha_data[20]; if ( (val = par_getenv(PAR_TEMP)) && strlen(val) ) { par_setup_libpath(val); return strdup(val); } #ifdef WIN32 { DWORD buflen = MAXPATHLEN; username = malloc(MAXPATHLEN); GetUserName((LPTSTR)username, &buflen); // FIXME this is uncondifionally overwritten below - WTF? } #endif /* Determine username */ username = get_username_from_getpwuid(); if ( !username ) { /* fall back to env vars */ for ( i = 0 ; username == NULL && (key = user_keys[i]); i++) { if ( (val = par_getenv(key)) && strlen(val) ) username = strdup(val); } } if ( username == NULL ) username = "******"; /* sanitize username: encode all bytes as 2 hex digits */ { char *hexname = malloc(2 * strlen(username) + 1); char *u, *h; for ( u = username, h = hexname ; *u != '\0' ; u++, h += 2) sprintf(h, "%02x", *(unsigned char*)u); username = hexname; } /* Try temp environment variables */ for ( i = 0 ; tmpdir == NULL && (key = temp_keys[i]); i++ ) { if ( (val = par_getenv(key)) && strlen(val) && isWritableDir(val) ) { tmpdir = strdup(val); break; } } #ifdef WIN32 /* Try the windows temp directory */ if ( tmpdir == NULL && (val = par_getenv("WinDir")) && strlen(val) ) { char* buf = malloc(strlen(val) + 5 + 1); sprintf(buf, "%s\\temp", val); if (isWritableDir(buf)) { tmpdir = buf; } else { free(buf); } } #endif /* Try default locations */ for ( i = 0 ; tmpdir == NULL && (val = temp_dirs[i]) && strlen(val) ; i++ ) { if ( isWritableDir(val) ) { tmpdir = strdup(val); } } /* "$TEMP/par-$USER" */ stmp_len = strlen(tmpdir) + strlen(subdirbuf_prefix) + strlen(username) + strlen(subdirbuf_suffix) + 1024; /* stmpdir is what we are going to return; top_tmpdir is the top $TEMP/par-$USER, needed to build stmpdir. NOTE: We need 2 buffers because snprintf() can't write to a buffer it is also reading from. */ top_tmpdir = malloc( stmp_len ); sprintf(top_tmpdir, "%s%s%s%s", tmpdir, dir_sep, subdirbuf_prefix, username); #ifdef WIN32 _mkdir(top_tmpdir); /* FIXME bail if error (other than EEXIST) */ #else { if (mkdir(top_tmpdir, 0700) == -1 && errno != EEXIST) { fprintf(stderr, "%s: creation of private subdirectory %s failed (errno=%i)\n", argv[0], top_tmpdir, errno); return NULL; } if (!isSafeDir(top_tmpdir)) { fprintf(stderr, "%s: private subdirectory %s is unsafe (please remove it and retry your operation)\n", argv[0], top_tmpdir); return NULL; } } #endif stmpdir = malloc( stmp_len ); /* Doesn't really work - XXX */ val = par_getenv( "PATH" ); if (val != NULL) progname = par_findprog(argv[0], strdup(val)); if (progname == NULL) progname = argv[0]; /* If invoked as "/usr/bin/parl foo.par myscript.pl" then progname should * be ".../parl", and we don't want to base our checksum on that, but * rather on "foo.par". */ { #ifdef WIN32 #define STREQ(a,b) (strcasecmp(a,b) == 0) #else #define STREQ(a,b) (strcmp(a,b) == 0) #endif int prog_len = strlen(progname); int parl_len = strlen(PARL_EXE); if (prog_len >= parl_len && STREQ(progname + prog_len - parl_len, PARL_EXE) && (prog_len == parl_len || progname[prog_len - parl_len - 1] == dir_sep[0]) && argv[1] && strlen(argv[1]) >= 4 && STREQ(argv[1] + strlen(argv[1]) - 4, ".par")) progname = argv[1]; #undef STREQ } if ( !par_env_clean() && (f = open( progname, O_RDONLY | OPEN_O_BINARY ))) { lseek(f, -18, 2); read(f, buf, 6); if(buf[0] == 0 && buf[1] == 'C' && buf[2] == 'A' && buf[3] == 'C' && buf[4] == 'H' && buf[5] == 'E') { /* pre-computed cache_name in this file */ /* "$TEMP/par-$USER/cache-$cache_name" */ lseek(f, -58, 2); read(f, buf, 41); sprintf( stmpdir, "%s%scache-%s%s", top_tmpdir, dir_sep, buf, subdirbuf_suffix ); } else { /* "$TEMP/par-$USER/cache-$SHA1" */ lseek(f, 0, 0); sha_init( &sha_info ); while( ( j = read( f, buf, sizeof( buf ) ) ) > 0 ) { sha_update( &sha_info, buf, j ); } close( f ); sha_final( sha_data, &sha_info ); for( k = 0; k < 20; k++ ) { sprintf( sha1+k*2, "%02x", sha_data[k] ); } sha1[40] = '\0'; sprintf( stmpdir, "%s%scache-%s%s", top_tmpdir, dir_sep, sha1, subdirbuf_suffix ); } } else { int i = 0; /* "$TEMP/par-$USER/temp-$PID" */ par_setenv("PAR_CLEAN", "1"); sprintf( stmpdir, "%s%stemp-%u%s", top_tmpdir, dir_sep, getpid(), subdirbuf_suffix ); /* Ensure we pick an unused directory each time. If the directory already exists when we try to create it, bump a counter and try "$TEMP/par-$USER/temp-$PID-$i". This will guard against cases where a prior invocation crashed leaving garbage in a temp directory that might interfere. */ while (my_mkdir(stmpdir, 0700) == -1 && errno == EEXIST) { sprintf( stmpdir, "%s%stemp-%u-%u%s", top_tmpdir, dir_sep, getpid(), ++i, subdirbuf_suffix ); } } free(top_tmpdir); /* set dynamic loading path */ par_setenv(PAR_TEMP, stmpdir); par_setup_libpath( stmpdir ); return stmpdir; }
nyx_error_t security_update_hash(nyx_device_handle_t d, const char *src, int srclen) { return sha_update(src, srclen); }