xboxlib.c has MS rsa key in source
Closed this issue · 2 comments
To be completely sure I also dumped the rsa key from my xbox and verified that it indeed matches the one present in the code. So, is this legal from a copyright point of view? According to the readme, it shouldn't be. If it is fine instead, then close this issue.
For what is worth, I asked to the cxbx-dev team and they told me that sharing a public key is indeed fine from a copyright point of view. Also, considering that @JayFoxRox pays much attention to these kind of things, if he did it, it's probably fine. Closing
I didn't know about this key to be honest, but I'd also consider tolerating it, considering the code (including key) came from an original xbox-linux repo (added by hamptitampti).
Especially these public keys are not of much value. If we talked about bootrom keys or keys for actually signing content, then I'd consider it a problem, as it's clearly something that shouldn't even be in the users hand.
The key we are talking about right now is easily dumped from a running Xbox system anyway.