3
edits
Changes
Jump to navigation
Jump to search
Line 88:
Line 88: + + + + + + + + + + + + + + + + + + + + + + +
no edit summary
== ARM9 software ==
== ARM9 software ==
=== boot9 ===
{| class="wikitable" border="1"
! Summary
! Description
! Fixed with hardware model/revision
! Newest hardware model/revision this flaw was checked for
! Timeframe this was discovered
! Discovered by
|-
| Incorrect padding check
| The FIRM signature is using PKCS #1 padding, which mandates that the padding is all 0xFF bytes. This is not checked correctly, because it only checks whether none of the bytes in the padding are 0x00. This allows a signature to be crafted more easily (sighax)
| N/A
| New3DS
| Summer 2015
| derrek and/or nedwill
|-
| No bound checks inside of ASN.1 parser
| The hash inside of the signature is stored in an ASN.1 structure. However the length fields are not bounds-checked, allowing one to point the header hash to the hash the 3DS calculated before verification. This and because of the aforementioned bug, you can brute-force a signature that will always work easily, as essentially only a few bytes need to be valid.
| N/A
| New3DS
| Summer 2015
| derrek and/or nedwill
|}
=== arm9loader ===
=== arm9loader ===
{| class="wikitable" border="1"
{| class="wikitable" border="1"