Difference between revisions of "Certificates"

From 3dbrew
Jump to navigation Jump to search
(Created page with "== Overview == Certificates contain cryptography information for verifying Signatures. These certificates are also signed. Each certificate follows the following format: {| cla...")
 
Line 1: Line 1:
 
== Overview ==
 
== Overview ==
Certificates contain cryptography information for verifying Signatures. These certificates are also signed.
+
Certificates contain cryptography information for verifying Signatures. These certificates are also signed. The parent/child relationship between certificates, makes all the certificates effectively signed by 'Root', the public key for which is stored in NATIVE_FIRM.
  
Each certificate follows the following format:
+
The signature method used to sign the certificate can be determined by checking the Signature Type:
  
 
{| class="wikitable"
 
{| class="wikitable"
 
|-
 
|-
! Description
+
! Value
 +
! Signature Method
 +
! Signature Size (X)
 +
|-
 +
| 0x010000
 +
| RSA_4096 SHA1
 +
| 0x200
 +
|-
 +
| 0x010001
 +
| RSA_2048 SHA1
 +
| 0x100
 
|-
 
|-
| Signature Data
+
| 0x010002
 +
| Elliptic Curve
 +
| 0x40
 
|-
 
|-
| Certificate Info
+
| 0x010003
 +
| RSA_4096 SHA256
 +
| 0x200
 
|-
 
|-
| Key Data
+
| 0x010004
 +
| RSA_2048 SHA256
 +
| 0x100
 
|}
 
|}
  
== Signature Data ==
+
== Format ==
  
 
{| class="wikitable"
 
{| class="wikitable"
Line 28: Line 44:
 
|-
 
|-
 
| 0x4
 
| 0x4
| Depends on Signature Type
+
| X
 
| Signature
 
| Signature
 
|-
 
|-
| From end of Signature
+
| 0x4 + X
 
| 0x3C
 
| 0x3C
 
| Padding
 
| Padding
|}
 
 
=== Signature Type ===
 
{| class="wikitable"
 
 
|-
 
|-
! Value
+
| 0x40 + X
! Signature Method
 
|-
 
| 0x00010000
 
| RSA-4098 SHA1
 
|-
 
| 0x00010001
 
| RSA-2048 SHA1
 
|-
 
| 0x00010003
 
| RSA-4098 SHA256
 
|-
 
| 0x00010004
 
| RSA-2048 SHA256
 
|}
 
 
 
== Certificate Info ==
 
 
 
{| class="wikitable"
 
|-
 
! Offset
 
! Size
 
! Description
 
|-
 
| 0x0
 
 
| 0x40
 
| 0x40
 
| Issuer
 
| Issuer
 
|-
 
|-
| 0x40
+
| 0x80 + X
 
| 0x4
 
| 0x4
| Tag?
+
| Key Type?
 
|-
 
|-
| 0x44
+
| 0x84 + X
 
| 0x40
 
| 0x40
 
| Name
 
| Name
 
|-
 
|-
| 0x84
+
| 0xC4 + X
 
| 0x4
 
| 0x4
 
| Unknown
 
| Unknown
 +
|-
 +
| 0xC8 + X
 +
|
 +
| Public Key
 
|}
 
|}
  
== Key Data ==
+
== Public Key ==
  
 
=== RSA ===
 
=== RSA ===

Revision as of 09:17, 23 April 2013

Overview

Certificates contain cryptography information for verifying Signatures. These certificates are also signed. The parent/child relationship between certificates, makes all the certificates effectively signed by 'Root', the public key for which is stored in NATIVE_FIRM.

The signature method used to sign the certificate can be determined by checking the Signature Type:

Value Signature Method Signature Size (X)
0x010000 RSA_4096 SHA1 0x200
0x010001 RSA_2048 SHA1 0x100
0x010002 Elliptic Curve 0x40
0x010003 RSA_4096 SHA256 0x200
0x010004 RSA_2048 SHA256 0x100

Format

Offset Size Description
0x0 0x4 Signature Type
0x4 X Signature
0x4 + X 0x3C Padding
0x40 + X 0x40 Issuer
0x80 + X 0x4 Key Type?
0x84 + X 0x40 Name
0xC4 + X 0x4 Unknown
0xC8 + X Public Key

Public Key

RSA

This contains the Public Key(i.e. Modulus & Public Exponent). For RSA-2048 public keys, this section is as follows:

Offset Size Description
0x0 0x100 Modulus
0x100 0x4 Public Exponent
0x104 0x34 Padding
Retrieved from "https://www.3dbrew.org/w/index.php?title=Certificates&oldid=5701"