From d5ea5fbf05ab2787788247d1934224dcacafe232 Mon Sep 17 00:00:00 2001 From: CasualPokePlayer <50538166+CasualPokePlayer@users.noreply.github.com> Date: Sat, 30 Nov 2024 14:52:18 -0800 Subject: [PATCH] Optimize CIA hashing (#386) --- src/rhash/hash.c | 28 +++++++++------------------- 1 file changed, 9 insertions(+), 19 deletions(-) diff --git a/src/rhash/hash.c b/src/rhash/hash.c index 8d902b67..661301c8 100644 --- a/src/rhash/hash.c +++ b/src/rhash/hash.c @@ -1582,7 +1582,7 @@ static int rc_hash_nintendo_3ds_ncch(md5_state_t* md5, void* file_handle, uint8_ uint16_t ncch_version; uint32_t i; uint8_t primary_key_y[AES_KEYLEN], program_id[sizeof(uint64_t)]; - uint8_t iv[AES_BLOCKLEN]; + uint8_t iv[AES_BLOCKLEN], cia_iv[AES_BLOCKLEN]; uint8_t exefs_section_name[8]; uint64_t exefs_section_offset, exefs_section_size; @@ -1710,32 +1710,22 @@ static int rc_hash_nintendo_3ds_ncch(md5_state_t* md5, void* file_handle, uint8_ if (cia_aes) { - /* We have to decrypt the data between the header and the ExeFS so the CIA AES state is correct - * when we reach the ExeFS. This decrypted data is not included in the RetroAchievements hash */ + /* CBC decryption works by setting the IV to the encrypted previous block. + * Normally this means we would need to decrypt the data between the header and the ExeFS so the CIA AES state is correct. + * However, we can abuse how CBC decryption works and just set the IV to last block we would otherwise decrypt. + * We don't care about the data betweeen the header and ExeFS, so this works fine. */ - /* This should never happen in practice, but just in case */ - if (exefs_offset > MAX_BUFFER_SIZE) - return rc_hash_error("Too much data required to decrypt in order to hash"); - - hash_buffer = (uint8_t*)malloc((uint32_t)exefs_offset); - if (!hash_buffer) - { - snprintf((char*)header, 0x200, "Failed to allocate %u bytes", (unsigned)exefs_offset); - return rc_hash_error((const char*)header); - } - - if (rc_file_read(file_handle, hash_buffer, (uint32_t)exefs_offset) != (uint32_t)exefs_offset) + rc_file_seek(file_handle, (int64_t)exefs_offset - AES_BLOCKLEN, SEEK_CUR); + if (rc_file_read(file_handle, cia_iv, AES_BLOCKLEN) != AES_BLOCKLEN) { - free(hash_buffer); return rc_hash_error("Could not read NCCH data"); } - AES_CBC_decrypt_buffer(cia_aes, hash_buffer, (uint32_t)exefs_offset); - free(hash_buffer); + AES_ctx_set_iv(cia_aes, cia_iv); } else { - /* No decryption needed, just skip over the in-between data */ + /* No encryption present, just skip over the in-between data */ rc_file_seek(file_handle, (int64_t)exefs_offset, SEEK_CUR); }