From 1deed39c53b53896f001da2c8b18401ea7dc725d Mon Sep 17 00:00:00 2001
From: N2614 <N2614@385bec56-5757-e545-9c3a-d8741f4650f1>
Date: Fri, 15 Jul 2011 06:00:28 +0000
Subject: [PATCH] =?UTF-8?q?trunk=20r387=E3=82=92=E3=83=9E=E3=83=BC?=
 =?UTF-8?q?=E3=82=B8?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-05-23%20-%20ctr.7z%20+%20svn_v1.068.zip/ctr/svn/ctr_Repair@388 385bec56-5757-e545-9c3a-d8741f4650f1
---
 .../RW_Aging/sources/common/FileTransfer.cpp  | 81 ++++++++++++++++++-
 1 file changed, 79 insertions(+), 2 deletions(-)

diff --git a/branches/work/RW_Aging/sources/common/FileTransfer.cpp b/branches/work/RW_Aging/sources/common/FileTransfer.cpp
index cc76f83..cd2c86a 100644
--- a/branches/work/RW_Aging/sources/common/FileTransfer.cpp
+++ b/branches/work/RW_Aging/sources/common/FileTransfer.cpp
@@ -39,6 +39,8 @@ u64 s_Progress = 0;
 
 }
 
+bool VerifySdMac(const wchar_t* fileName, s64 nandFileSize,
+        const wchar_t* nandPath, const bit8* const calculatedCmac, void* buf, size_t bufSize);
 bool VerifyMac(nn::fs::FileInputStream* sdFile, nn::fs::FileStream* nandFile, s64 sdFileSize, s64 nandFileSize,
         const wchar_t* nandPath, void* buf, size_t bufSize);
 bool ConfirmFile(nn::fs::FileInputStream* from_file, nn::fs::FileStream* to_file, s64 sdFileSize, s64 nandFileSize,
@@ -218,6 +220,13 @@ bool ExportTwlSaveFile(const wchar_t* from_path, const wchar_t* to_path, void* b
             result = to_file.TryFlush();
             COMMON_LOGGER_RETURN_FALSE_IF_FAILED(result);
 
+            // 出力時にCMACを検証する
+            if (!VerifySdMac(to_path, filesize, from_path, cmac, buf, bufSize))
+            {
+                return false;
+            }
+
+
             break;
         }
         else
@@ -447,6 +456,12 @@ bool CopyDirectory(ImportDataList* fileList, const wchar_t * from_path, const wc
 
                         result = to_file.TryWrite(&writesize, cmac, sizeof(cmac));
                         COMMON_LOGGER_RETURN_FALSE_IF_FAILED(result);
+
+                        // 出力時にCMACを検証する
+                        if(!VerifySdMac(target_tmp.str().c_str(), filesize, target_from.str().c_str(), cmac, buf, bufSize))
+                        {
+                            return false;
+                        }
                     }
 
                     result = to_file.TryFlush();
@@ -557,7 +572,7 @@ void InitializeTransferProgress(u64 totalSize)
     s_FinishedFileSize = 0;
 }
 
-bool CalculateAndCompareCmac(nn::crypto::Sha256Context* context, bit8* sdCmac)
+bool CalculateAndCompareCmac(nn::crypto::Sha256Context* context, const bit8* const sdCmac)
 {
     nn::Result result;
     bit8 sha256Hash[nn::crypto::Sha256Context::HASH_SIZE];
@@ -661,6 +676,68 @@ bool VerifyMac(nn::fs::FileInputStream* sdFile, nn::fs::FileStream* nandFile, s6
     return retValue;
 }
 
+bool VerifySdMac(const wchar_t* fileName, s64 nandFileSize,
+        const wchar_t* nandPath, const bit8* const calculatedCmac, void* buf, size_t bufSize)
+{
+    nn::Result result;
+    nn::fs::FileInputStream sdFile;
+
+    result = sdFile.TryInitialize(fileName);
+    COMMON_LOGGER_RETURN_FALSE_IF_FAILED(result);
+
+    s64 nandFileSizeforSha = nandFileSize + sizeof(BackupDataHeader);
+    if(nandFileSize % AES_BLOCK_SIZE != 0)
+    {
+        nandFileSizeforSha += AES_BLOCK_SIZE - nandFileSize % AES_BLOCK_SIZE;
+    }
+
+    // ハッシュが付加されていないとエラー
+    if(nandFileSizeforSha < nn::crypto::AES_CMAC_MAC_SIZE)
+    {
+        return false;
+    }
+
+    s32 readSize;
+
+    sdFile.SetPosition(0);
+
+    nn::crypto::Sha256Context context;
+    context.Initialize();
+
+    // NAND上のフルパスをハッシュに含めている
+    context.Update(nandPath, std::wcslen(nandPath) * sizeof(wchar_t));
+
+    bool retValue = false;
+
+    size_t totalReadSize = 0;
+
+    while (1)
+    {
+        result = sdFile.TryRead(&readSize, buf, bufSize);
+        COMMON_LOGGER_RETURN_FALSE_IF_FAILED(result);
+
+        totalReadSize += readSize;
+        if (nandFileSizeforSha < totalReadSize)
+        {
+            // パディングを超えてAES-CMAC領域まで読み込んだのでサイズを減らす
+            readSize -= totalReadSize - nandFileSizeforSha;
+
+            context.Update(buf, readSize);
+
+            retValue = CalculateAndCompareCmac(&context, calculatedCmac);
+            break;
+        }
+        else
+        {
+            context.Update(buf, readSize);
+        }
+    }
+    nn::crypto::Finalize();
+    sdFile.Finalize();
+
+    return retValue;
+}
+
 bool ConfirmFile(nn::fs::FileInputStream* from_file, nn::fs::FileStream* to_file, s64 sdFileSize, s64 nandFileSize,
         void* buf, size_t bufSize, const wchar_t* sdPath, const wchar_t* tmpPath, const wchar_t* truePath)
 {
@@ -703,7 +780,7 @@ bool ConfirmFile(nn::fs::FileInputStream* from_file, nn::fs::FileStream* to_file
 
 //! @brief 入力データの末尾16バイトをPKCS5で必要バイト数パディングする
 //! @param[out]      paddingSize    パディングしたバイト数
-//! @param[in]       buf            入力データの入ったバッファ
+//! @param[in]       buf            入力データの入った16バイトアラインメントされたバッファ
 //! @param[in]       bufSize        バッファサイズ
 //! @param[inout]    readSize       バッファに読み込んだバイト数。書き込み時に参照するためパディングしたら増加させる
 void AddPkcsPadding(u8* paddingSize, void* buf, size_t bufSize, s32* readSize)