Show a warning if potentially incomplete key setup detected

source/crypto/keydb.c

@@ -261,3 +261,21 @@ u32 InitKeyDb(const char* path)
     
     return 0;
 }
+
+u32 CheckRecommendedKeyDb(const char* path)
+{
+    // SHA-256 of the reommended aeskeydb.bin file
+    // equals MD5 A5B28945A7C051D7A0CD18AF0E580D1B
+    const u8 recommended_sha[0x20] = {
+        0x40, 0x76, 0x54, 0x3D, 0xA3, 0xFF, 0x91, 0x1C, 0xE1, 0xCC, 0x4E, 0xC7, 0x2F, 0x92, 0xE4, 0xB7,
+        0x2B, 0x24, 0x00, 0x15, 0xBE, 0x9B, 0xFC, 0xDE, 0x7F, 0xED, 0x95, 0x1D, 0xD5, 0xAB, 0x2D, 0xCB
+    };
+    
+    // try to load aeskeydb.bin file
+    AesKeyInfo* keydb = (AesKeyInfo*) (void*) TEMP_BUFFER;
+    u32 nkeys = LoadKeyDb(path, keydb, TEMP_BUFFER_SIZE);
+    if (!nkeys) return 1;
+    
+    // compare with recommended SHA
+    return sha_cmp(recommended_sha, keydb, nkeys * sizeof(AesKeyInfo), SHA256_MODE);
+}

source/crypto/keydb.h

@@ -22,3 +22,4 @@ u32 GetUnitKeysType(void);
 void CryptAesKeyInfo(AesKeyInfo* info);
 u32 LoadKeyFromFile(void* key, u32 keyslot, char type, char* id);
 u32 InitKeyDb(const char* path);
+u32 CheckRecommendedKeyDb(const char* path);

source/godmode.c

@@ -1501,6 +1501,11 @@ u32 GodMode(bool is_b9s) {
         }
     }
     
+    // check aeskeydb.bin / key state
+    if (!is_b9s && (CheckRecommendedKeyDb(NULL) != 0)) {
+        ShowPrompt(false, "WARNING:\nNot running from a boot9strap\ncompatible entrypoint. Not\neverything may work as expected.\n \nProvide the recommended\naeskeydb.bin file to make this\nwarning go away.");
+    }
+    
     while (CheckButton(BUTTON_A)); // don't continue while A is held
     while (timer_msec( timer ) < 500); // show splash for at least 0.5 sec
     ClearScreenF(true, true, COLOR_STD_BG); // clear splash