AES: fix bug where CCM-encrypt MAC could be obliterated, by attempting to write it while the output FIFO was full

2024-11-14 21:37:42 -07:00 · 2020-08-25 00:17:22 +02:00 · 2020-08-25 00:17:22 +02:00 · e5dd692d32
commit e5dd692d32
parent 2ee6145fd7
1 changed files with 20 additions and 7 deletions
--- a/src/DSi_AES.cpp
+++ b/src/DSi_AES.cpp
@ -52,6 +52,10 @@ u8 KeyY[4][16];
 u8 CurKey[16];
 u8 CurMAC[16];
 // output MAC for CCM encrypt
 u8 OutputMAC[16];
 bool OutputMACDue;
 AES_ctx Ctx;
@ -129,6 +133,9 @@ void Reset()
    memset(CurKey, 0, sizeof(CurKey));
    memset(CurMAC, 0, sizeof(CurMAC));
    memset(OutputMAC, 0, sizeof(OutputMAC));
    OutputMACDue = false;
    // initialize keys
    // slot 0: modcrypt
@ -272,6 +279,8 @@ void WriteCnt(u32 val)
        // transfer start (checkme)
        RemBlocks = BlkCnt >> 16;
        OutputMACDue = false;
        if (AESMode == 0 && (!(val & (1<<20)))) printf("AES: CCM-DECRYPT MAC FROM WRFIFO, TODO\n");
        if (RemBlocks > 0)
@ -347,6 +356,15 @@ u32 ReadOutputFIFO()
            DSi::CheckNDMAs(1, 0x2B);
        else
            DSi::StopNDMAs(1, 0x2B);
        if (OutputMACDue && OutputFIFO->Level() <= 12)
        {
            OutputFIFO->Write(*(u32*)&OutputMAC[0]);
            OutputFIFO->Write(*(u32*)&OutputMAC[4]);
            OutputFIFO->Write(*(u32*)&OutputMAC[8]);
            OutputFIFO->Write(*(u32*)&OutputMAC[12]);
            OutputMACDue = false;
        }
    }
    return ret;
@ -429,13 +447,8 @@ void Update()
            Ctx.Iv[15] = 0x00;
            AES_CTR_xcrypt_buffer(&Ctx, CurMAC, 16);
-            u8 finalmac[16];
+            Swap16(OutputMAC, CurMAC);
-            Swap16(finalmac, CurMAC);
+            OutputMACDue = true;
            OutputFIFO->Write(*(u32*)&finalmac[0]);
            OutputFIFO->Write(*(u32*)&finalmac[4]);
            OutputFIFO->Write(*(u32*)&finalmac[8]);
            OutputFIFO->Write(*(u32*)&finalmac[12]);
            // CHECKME
            Cnt &= ~(1<<21);