Certificates

From 3dbrew
Revision as of 04:04, 25 April 2013 by 3dsguy (talk | contribs)
Jump to navigation Jump to search

Overview

Certificates contain cryptography information for verifying Signatures. These certificates are also signed. The parent/child relationship between certificates, makes all the certificates effectively signed by 'Root', the public key for which is stored in NATIVE_FIRM.

The signature method used to sign the certificate can be determined by checking the Signature Type:

Value Signature Method Signature Size (X)
0x010000 RSA_4096 SHA1 0x200
0x010001 RSA_2048 SHA1 0x100
0x010002 Elliptic Curve 0x40
0x010003 RSA_4096 SHA256 0x200
0x010004 RSA_2048 SHA256 0x100

The SHA-256 hash for the signature is calculated over the actual certificate data(from the start of the "Issuer", to the end of the "Public Key", aligned to 0x40 bytes).

Format

Offset Size Description
0x0 0x4 Signature Type
0x4 X Signature
0x4 + X 0x3C Signature Padding(aligning signature with padding to 0x40 bytes)
0x40 + X 0x40 Issuer
0x80 + X 0x4 Key Type?
0x84 + X 0x40 Name
0xC4 + X 0x4 Unknown
0xC8 + X Public Key

Public Key

RSA

This contains the Public Key(i.e. Modulus & Public Exponent). For RSA-2048 public keys, this section is as follows:

Offset Size Description
0x0 0x100 Modulus
0x100 0x4 Public Exponent
0x104 0x34 Padding