3dbrew

Changes

Certificates (edit)

Revision as of 20:34, 6 August 2020

506 bytes added ,  20:34, 6 August 2020
Unknown parameter has use on CTCert Certificates
Line 1: Line 1:  
== Overview ==
 
== Overview ==
 
Certificates contain cryptography information for verifying Signatures. These certificates are also signed. The parent/child relationship between certificates, makes all the certificates effectively signed by 'Root', the public key for which is stored in NATIVE_FIRM.
 
Certificates contain cryptography information for verifying Signatures. These certificates are also signed. The parent/child relationship between certificates, makes all the certificates effectively signed by 'Root', the public key for which is stored in NATIVE_FIRM.
  −
The signature method used to sign the certificate can be determined by checking the Signature Type:
  −
  −
{| class="wikitable"
  −
|-
  −
! Value
  −
! Signature Method
  −
! Signature Size (X)
  −
|-
  −
| 0x010000
  −
| RSA_4096 SHA1
  −
| 0x200
  −
|-
  −
| 0x010001
  −
| RSA_2048 SHA1
  −
| 0x100
  −
|-
  −
| 0x010002
  −
| Elliptic Curve
  −
| 0x40
  −
|-
  −
| 0x010003
  −
| RSA_4096 SHA256
  −
| 0x200
  −
|-
  −
| 0x010004
  −
| RSA_2048 SHA256
  −
| 0x100
  −
|}
      
== Format ==
 
== Format ==
Line 45: Line 16:  
| 0x4
 
| 0x4
 
| X
 
| X
| Signature
+
| Signature with Padding (aligning next data to 0x40 bytes)
 
|-
 
|-
 
| 0x4 + X
 
| 0x4 + X
| 0x3C
  −
| Padding
  −
|-
  −
| 0x40 + X
   
| 0x40
 
| 0x40
 
| Issuer
 
| Issuer
 
|-
 
|-
| 0x80 + X
+
| 0x44 + X
 
| 0x4
 
| 0x4
| Key Type?
+
| Key Type
 
|-
 
|-
| 0x84 + X
+
| 0x48 + X
 
| 0x40
 
| 0x40
 
| Name
 
| Name
 
|-
 
|-
| 0xC4 + X
+
| 0x88 + X
 
| 0x4
 
| 0x4
| Unknown
+
| Expiration time as UNIX Timestamp, used at least for [[CTCert]]
 
|-
 
|-
| 0xC8 + X
+
| 0x8C + X
|  
+
| *
 
| Public Key
 
| Public Key
 
|}
 
|}
 +
 +
== Signature ==
 +
 +
The signature method used to sign the certificate can be determined by checking the Signature Type:
 +
{{Signature Types}}
 +
 +
The hash for the signature is calculated over the actual certificate data(from the start of the "Issuer", to the end of the "Public Key", aligned to 0x40 bytes).
    
== Public Key ==
 
== Public Key ==
    +
Determining the type of public key stored, is done by checking the key type:
 +
 +
{| class="wikitable"
 +
|-
 +
! Value
 +
! Key Type
 +
|-
 +
| 0x0
 +
| RSA_4096
 +
|-
 +
| 0x1
 +
| RSA_2048
 +
|-
 +
| 0x2
 +
| Elliptic Curve
 +
|}
 
=== RSA ===
 
=== RSA ===
This contains the Public Key(i.e. Modulus & Public Exponent). For RSA-2048 public keys, this section is as follows:
+
This contains the Public Key(i.e. Modulus & Public Exponent)
    +
==== 4096 Bit ====
 +
{| class="wikitable"
 +
|-
 +
! Offset
 +
! Size
 +
! Description
 +
|-
 +
| 0x0
 +
| 0x200
 +
| Modulus
 +
|-
 +
| 0x200
 +
| 0x4
 +
| Public Exponent
 +
|-
 +
| 0x204
 +
| 0x34
 +
| Padding
 +
|}
 +
 +
==== 2048 Bit ====
 
{| class="wikitable"
 
{| class="wikitable"
 
|-
 
|-
Line 93: Line 104:  
| 0x104
 
| 0x104
 
| 0x34
 
| 0x34
 +
| Padding
 +
|}
 +
 +
=== ECC ===
 +
This contains the ECC public key, and is as follows:
 +
 +
{| class="wikitable"
 +
|-
 +
! Offset
 +
! Size
 +
! Description
 +
|-
 +
| 0x0
 +
| 0x3C
 +
| Public Key
 +
|-
 +
| 0x3C
 +
| 0x3C
 
| Padding
 
| Padding
 
|}
 
|}
Luigoalma
26

edits

Retrieved from "https://www.3dbrew.org/wiki/Special:MobileDiff/5701...21325"