MirrorBackup/GodMode9
1
0
Fork 0
forked from Mirror/GodMode9
Code Pull Requests Activity

Just search both nands for certs on callee

Browse Source 
Since in all cases that LoadCertFromCertDb is called
is always twice, one for sysnand and another for emunand
just make it a single call and quit early when cert found.
This commit is contained in:
luigoalma 2021-05-06 16:02:27 +01:00 committed by d0k3
parent 3bfb9ef6ec
commit be289b4c55
4 changed files with 38 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
arm9/source/game/cert.c
View File

@ -530,7 +530,7 @@ static u32 _ProcessNextCertDbEntry(const char* path, DisaDiffRWInfo* info, Certi
return 0; return 0;
} }
u32 LoadCertFromCertDb(bool emunand, Certificate* cert, const char* issuer) { u32 LoadCertFromCertDb(Certificate* cert, const char* issuer) {
if (!issuer || !cert) return 1; if (!issuer || !cert) return 1;
u32 _ident = _Issuer_To_StorageIdent(issuer); u32 _ident = _Issuer_To_StorageIdent(issuer);
@ -538,6 +538,9 @@ u32 LoadCertFromCertDb(bool emunand, Certificate* cert, const char* issuer) {
return 0; return 0;
} }
int ret = 1;
for (int i = 0; i < 2 && ret; ++i) {
Certificate cert_local = {NULL, NULL}; Certificate cert_local = {NULL, NULL};
char path[16]; char path[16];
@ -546,11 +549,9 @@ u32 LoadCertFromCertDb(bool emunand, Certificate* cert, const char* issuer) {
u32 offset, max_offset; u32 offset, max_offset;
if (_DisaOpenCertDb(&path, emunand, &info, &cache, &offset, &max_offset)) if (_DisaOpenCertDb(&path, i ? true : false, &info, &cache, &offset, &max_offset))
return 1; return 1;
u32 ret = 1;
// certs.db has no filesystem.. its pretty plain, certificates after another // certs.db has no filesystem.. its pretty plain, certificates after another
// but also, certificates are not equally sized // but also, certificates are not equally sized
// so most cases of bad data, leads to giving up // so most cases of bad data, leads to giving up
@ -574,12 +575,13 @@ u32 LoadCertFromCertDb(bool emunand, Certificate* cert, const char* issuer) {
if (ret) { if (ret) {
_Certificate_CleanupImpl(&cert_local); _Certificate_CleanupImpl(&cert_local);
} else { } else {
*cert = cert_local;
_SaveToCertStorage(&cert_local, _ident); _SaveToCertStorage(&cert_local, _ident);
} }
*cert = cert_local;
free(cache); free(cache);
}
return ret; return ret;
} }

2
arm9/source/game/cert.h
View File

@ -47,5 +47,5 @@ u32 Certificate_AllocCopyOut(const Certificate* cert, Certificate* out_cert);
u32 Certificate_RawCopy(const Certificate* cert, void* raw); u32 Certificate_RawCopy(const Certificate* cert, void* raw);
u32 Certificate_Cleanup(Certificate* cert); u32 Certificate_Cleanup(Certificate* cert);
u32 LoadCertFromCertDb(bool emunand, Certificate* cert, const char* issuer); u32 LoadCertFromCertDb(Certificate* cert, const char* issuer);
u32 BuildRawCertBundleFromCertDb(void* rawout, size_t* size, const char* const* cert_issuers, int count); u32 BuildRawCertBundleFromCertDb(void* rawout, size_t* size, const char* const* cert_issuers, int count);

4
arm9/source/game/ticket.c
View File

@ -32,8 +32,8 @@ u32 ValidateTicketSignature(Ticket* ticket) {
u32 mod[2048/8]; u32 mod[2048/8];
u32 exp = 0; u32 exp = 0;
// grab mod/exp from cert from cert.db // grab cert from certs.db
if (LoadCertFromCertDb(false, &cert, (char*)(ticket->issuer)) != 0 && LoadCertFromCertDb(true, &cert, (char*)(ticket->issuer)) != 0) if (LoadCertFromCertDb(&cert, (char*)(ticket->issuer)) != 0)
return 1; return 1;
// current code only expects RSA2048 // current code only expects RSA2048

4
arm9/source/game/tmd.c
View File

@ -28,8 +28,8 @@ u32 ValidateTmdSignature(TitleMetaData* tmd) {
u32 mod[2048/8]; u32 mod[2048/8];
u32 exp = 0; u32 exp = 0;
// grab mod/exp from cert from cert.db // grab cert from certs.db
if (LoadCertFromCertDb(false, &cert, (char*)(tmd->issuer)) != 0 && LoadCertFromCertDb(true, &cert, (char*)(tmd->issuer)) != 0) if (LoadCertFromCertDb(&cert, (char*)(tmd->issuer)) != 0)
return 1; return 1;
// current code only expects RSA2048 // current code only expects RSA2048