Changes

DSi system flaws (view source)

Revision as of 20:34, 19 December 2022

37 bytes added , 20:34, 19 December 2022

no edit summary

Line 48: Line 48:

|-

| [[Stage2]] header RSA signature padding not checked properly

−

| [[Stage1]] uses the SWI RSA_Decrypt_Unpad routine to verify the RSA signature of the [[stage2]] header. However, it does not check the return value of this function. This will make stage1 use zero-initialized memory as the plaintext RSA message. However, due to the specific structure of this RSA message, this will quickly be caught by stage1.

+

| [[Stage1]] uses the SWI RSA_Decrypt_Unpad routine to verify the RSA signature of the [[stage2]] header. However, it does not check the return value of this function. This will make stage1 use zero-initialized memory as the plaintext RSA message for signatures with improper padding. However, due to the specific structure of this RSA message, this will quickly be caught by stage1.

|

PoroCYon

75

edits

Changes

DSi system flaws (view source)

Revision as of 20:34, 19 December 2022

Navigation menu

Search