diff --git a/source/crypto/keydb.c b/source/crypto/keydb.c index f49c0e8..0d1462a 100644 --- a/source/crypto/keydb.c +++ b/source/crypto/keydb.c @@ -261,3 +261,21 @@ u32 InitKeyDb(const char* path) return 0; } + +u32 CheckRecommendedKeyDb(const char* path) +{ + // SHA-256 of the reommended aeskeydb.bin file + // equals MD5 A5B28945A7C051D7A0CD18AF0E580D1B + const u8 recommended_sha[0x20] = { + 0x40, 0x76, 0x54, 0x3D, 0xA3, 0xFF, 0x91, 0x1C, 0xE1, 0xCC, 0x4E, 0xC7, 0x2F, 0x92, 0xE4, 0xB7, + 0x2B, 0x24, 0x00, 0x15, 0xBE, 0x9B, 0xFC, 0xDE, 0x7F, 0xED, 0x95, 0x1D, 0xD5, 0xAB, 0x2D, 0xCB + }; + + // try to load aeskeydb.bin file + AesKeyInfo* keydb = (AesKeyInfo*) (void*) TEMP_BUFFER; + u32 nkeys = LoadKeyDb(path, keydb, TEMP_BUFFER_SIZE); + if (!nkeys) return 1; + + // compare with recommended SHA + return sha_cmp(recommended_sha, keydb, nkeys * sizeof(AesKeyInfo), SHA256_MODE); +} diff --git a/source/crypto/keydb.h b/source/crypto/keydb.h index 862d523..c9bcc0d 100644 --- a/source/crypto/keydb.h +++ b/source/crypto/keydb.h @@ -22,3 +22,4 @@ u32 GetUnitKeysType(void); void CryptAesKeyInfo(AesKeyInfo* info); u32 LoadKeyFromFile(void* key, u32 keyslot, char type, char* id); u32 InitKeyDb(const char* path); +u32 CheckRecommendedKeyDb(const char* path); diff --git a/source/godmode.c b/source/godmode.c index 1dace8c..6768024 100644 --- a/source/godmode.c +++ b/source/godmode.c @@ -1501,6 +1501,11 @@ u32 GodMode(bool is_b9s) { } } + // check aeskeydb.bin / key state + if (!is_b9s && (CheckRecommendedKeyDb(NULL) != 0)) { + ShowPrompt(false, "WARNING:\nNot running from a boot9strap\ncompatible entrypoint. Not\neverything may work as expected.\n \nProvide the recommended\naeskeydb.bin file to make this\nwarning go away."); + } + while (CheckButton(BUTTON_A)); // don't continue while A is held while (timer_msec( timer ) < 500); // show splash for at least 0.5 sec ClearScreenF(true, true, COLOR_STD_BG); // clear splash