Large diffs are not rendered by default.

@@ -4,10 +4,18 @@

#pragma once

#include <array>

#include "Common/CommonTypes.h"

void generate_ecdsa(u8* R, u8* S, const u8* k, const u8* hash);
namespace Common::ec
{
/// Generate a signature using ECDSA.
std::array<u8, 60> Sign(const u8* key, const u8* hash);

void ec_priv_to_pub(const u8* k, u8* Q);
/// Compute a shared secret from a private key (30 bytes) and public key (60 bytes).
std::array<u8, 60> ComputeSharedSecret(const u8* private_key, const u8* public_key);

void point_mul(u8* d, const u8* a, const u8* b);
/// Convert a ECC private key (30 bytes) to a public key (60 bytes).
std::array<u8, 60> PrivToPub(const u8* key);
} // namespace Common::ec
@@ -250,8 +250,8 @@ ReturnCode IOSC::ComputeSharedKey(Handle dest_handle, Handle private_handle, Han
}

// Calculate the ECC shared secret.
std::array<u8, 0x3c> shared_secret;
point_mul(shared_secret.data(), private_entry->data.data(), public_entry->data.data());
const std::array<u8, 0x3c> shared_secret =
Common::ec::ComputeSharedSecret(private_entry->data.data(), public_entry->data.data());

std::array<u8, 20> sha1;
mbedtls_sha1(shared_secret.data(), shared_secret.size() / 2, sha1.data());
@@ -425,7 +425,8 @@ static Certificate MakeBlankSigECCert(const char* signer, const char* name, cons
std::strncpy(reinterpret_cast<char*>(cert_out.data()) + 0xc4, name, 0x40);
const u32 swapped_key_id = Common::swap32(key_id);
std::memcpy(cert_out.data() + 0x104, &swapped_key_id, sizeof(swapped_key_id));
ec_priv_to_pub(private_key, cert_out.data() + 0x108);
const std::array<u8, 60> public_key = Common::ec::PrivToPub(private_key);
std::copy(public_key.cbegin(), public_key.cend(), cert_out.begin() + 0x108);
return cert_out;
}

@@ -454,11 +455,12 @@ void IOSC::Sign(u8* sig_out, u8* ap_cert_out, u64 title_id, const u8* data, u32
std::copy(cert.begin(), cert.end(), ap_cert_out);

mbedtls_sha1(ap_cert_out + 0x80, 0x100, hash.data());
generate_ecdsa(ap_cert_out + 4, ap_cert_out + 34, m_key_entries[HANDLE_CONSOLE_KEY].data.data(),
hash.data());
auto signature = Common::ec::Sign(m_key_entries[HANDLE_CONSOLE_KEY].data.data(), hash.data());
std::copy(signature.cbegin(), signature.cend(), ap_cert_out + 4);

mbedtls_sha1(data, data_size, hash.data());
generate_ecdsa(sig_out, sig_out + 30, ap_priv.data(), hash.data());
signature = Common::ec::Sign(ap_priv.data(), hash.data());
std::copy(signature.cbegin(), signature.cend(), sig_out);
}

constexpr std::array<u8, 512> ROOT_PUBLIC_KEY = {
@@ -4,6 +4,7 @@ add_dolphin_test(BitUtilsTest BitUtilsTest.cpp)
add_dolphin_test(BlockingLoopTest BlockingLoopTest.cpp)
add_dolphin_test(BusyLoopTest BusyLoopTest.cpp)
add_dolphin_test(CommonFuncsTest CommonFuncsTest.cpp)
add_dolphin_test(CryptoEcTest Crypto/EcTest.cpp)
add_dolphin_test(EventTest EventTest.cpp)
add_dolphin_test(FixedSizeQueueTest FixedSizeQueueTest.cpp)
add_dolphin_test(FlagTest FlagTest.cpp)
@@ -0,0 +1,45 @@
// Copyright 2018 Dolphin Emulator Project
// Licensed under GPLv2+
// Refer to the license.txt file included.

#include <algorithm>
#include <array>
#include <gtest/gtest.h>

#include "Common/Crypto/ec.h"

constexpr std::array<u8, 30> PRIVATE_KEY{{0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9,
0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9,
0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9}};

constexpr std::array<u8, 60> PUBLIC_KEY{
{0x00, 0x21, 0x5b, 0xf7, 0x48, 0x2a, 0x64, 0x4b, 0xda, 0x9e, 0x02, 0x87, 0xaa, 0x37, 0x7d,
0x0c, 0x5d, 0x27, 0x48, 0x72, 0xf1, 0x19, 0x45, 0x44, 0xdf, 0x74, 0x57, 0x67, 0x60, 0xcd,
0x00, 0xa8, 0x6c, 0xe8, 0x55, 0xdd, 0x52, 0x98, 0x95, 0xc5, 0xc3, 0x3f, 0x7b, 0x0f, 0xc6,
0x9f, 0x95, 0x8b, 0x3e, 0xe3, 0x33, 0x84, 0x2f, 0x32, 0xe9, 0x03, 0xe6, 0xfb, 0xc8, 0x51}};

TEST(ec, Sign)
{
static constexpr std::array<u8, 20> HASH{{0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9,
0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9}};
const std::array<u8, 60> sig = Common::ec::Sign(PRIVATE_KEY.data(), HASH.data());
// r and s must be non-null.
EXPECT_FALSE(std::all_of(sig.cbegin(), sig.cbegin() + 30, [](u8 b) { return b == 0; }));
EXPECT_FALSE(std::all_of(sig.cbegin() + 30, sig.cend(), [](u8 b) { return b == 0; }));
}

TEST(ec, PrivToPub)
{
EXPECT_EQ(Common::ec::PrivToPub(PRIVATE_KEY.data()), PUBLIC_KEY);
}

TEST(ec, GenerateSharedSecret)
{
static constexpr std::array<u8, 60> SECRET = {
{0x01, 0x20, 0x2b, 0x3b, 0x63, 0x18, 0x5b, 0x2f, 0x05, 0x4f, 0xb5, 0x2c, 0xe5, 0x46, 0xc2,
0x2d, 0x4e, 0x73, 0xf4, 0x15, 0xcb, 0xd2, 0x56, 0x7f, 0xff, 0x3f, 0x02, 0x23, 0xbe, 0xda,
0x01, 0xf3, 0x0c, 0x34, 0xb6, 0x37, 0xbf, 0x55, 0x5b, 0x04, 0x49, 0x5a, 0x07, 0xee, 0x78,
0xd2, 0x9a, 0x31, 0xce, 0x10, 0x42, 0xbf, 0x79, 0xc3, 0xcb, 0x22, 0x40, 0xe5, 0x94, 0x7f}};

EXPECT_EQ(Common::ec::ComputeSharedSecret(PRIVATE_KEY.data(), PUBLIC_KEY.data()), SECRET);
}