diff --git a/Source/Core/Core/IOS/IOSC.cpp b/Source/Core/Core/IOS/IOSC.cpp index 2e473f136a..08faa1debb 100644 --- a/Source/Core/Core/IOS/IOSC.cpp +++ b/Source/Core/Core/IOS/IOSC.cpp @@ -6,6 +6,7 @@ #include #include +#include #include #include #include @@ -477,6 +478,29 @@ Certificate IOSC::GetDeviceCertificate() const return cert; } +void IOSC::Sign(u8* sig_out, u8* ap_cert_out, u64 title_id, const u8* data, u32 data_size) const +{ + std::array hash{}; + std::array ap_priv{}; + + ap_priv[0x1d] = 1; + // setup random ap_priv here if desired + // get_rand_bytes(ap_priv, 0x1e); + // ap_priv[0] &= 1; + + const std::string signer = StringFromFormat("Root-CA00000001-MS00000002-NG%08x", GetDeviceId()); + const std::string name = StringFromFormat("AP%016" PRIx64, title_id); + const auto cert = MakeBlankSigECCert(signer.c_str(), name.c_str(), ap_priv.data(), 0); + std::copy(cert.begin(), cert.end(), ap_cert_out); + + mbedtls_sha1(ap_cert_out + 0x80, 0x100, hash.data()); + generate_ecdsa(ap_cert_out + 4, ap_cert_out + 34, m_key_entries[HANDLE_CONSOLE_KEY].data.data(), + hash.data()); + + mbedtls_sha1(data, data_size, hash.data()); + generate_ecdsa(sig_out, sig_out + 30, ap_priv.data(), hash.data()); +} + constexpr std::array ROOT_PUBLIC_KEY = { {0xF8, 0x24, 0x6C, 0x58, 0xBA, 0xE7, 0x50, 0x03, 0x01, 0xFB, 0xB7, 0xC2, 0xEB, 0xE0, 0x01, 0x05, 0x71, 0xDA, 0x92, 0x23, 0x78, 0xF0, 0x51, 0x4E, 0xC0, 0x03, 0x1D, 0xD0, 0xD2, 0x1E, diff --git a/Source/Core/Core/IOS/IOSC.h b/Source/Core/Core/IOS/IOSC.h index c640e401b0..4fc8d2189a 100644 --- a/Source/Core/Core/IOS/IOSC.h +++ b/Source/Core/Core/IOS/IOSC.h @@ -8,6 +8,7 @@ #include #include +#include #include #include "Common/CommonTypes.h" @@ -201,6 +202,7 @@ public: u32 GetDeviceId() const; Certificate GetDeviceCertificate() const; + void Sign(u8* sig_out, u8* ap_cert_out, u64 title_id, const u8* data, u32 data_size) const; void DoState(PointerWrap& p);