diff options
| author |  Lioncash | 2020-08-15 08:33:16 -0400 |
|---|---|---|
| committer | Lioncash | 2020-08-16 06:52:40 -0400 |
| commit | c4ed791164df7e3e74042a37a62077b4dc4ade91 (patch) | |
| tree | 12bbcc09d0db32a0b6b5dc1bc49245964486da63 /src/core/crypto/key_manager.cpp | |
| parent | Merge pull request #4528 from lioncash/discard (diff) | |
| download | yuzu-c4ed791164df7e3e74042a37a62077b4dc4ade91.tar.gz yuzu-c4ed791164df7e3e74042a37a62077b4dc4ade91.tar.xz yuzu-c4ed791164df7e3e74042a37a62077b4dc4ade91.zip | |
common/fileutil: Convert namespace to Common::FS
Migrates a remaining common file over to the Common namespace, making it
consistent with the rest of common files.
This also allows for high-traffic FS related code to alias the
filesystem function namespace as
namespace FS = Common::FS;
for more concise typing.
Diffstat (limited to 'src/core/crypto/key_manager.cpp')
| -rw-r--r-- | src/core/crypto/key_manager.cpp | 286 |
1 files changed, 176 insertions, 110 deletions
diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index c09f7ad41..8783d1ac2 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp | |||
| @@ -96,13 +96,13 @@ u64 GetSignatureTypePaddingSize(SignatureType type) { | |||
| 96 | } | 96 | } |
| 97 | 97 | ||
| 98 | SignatureType Ticket::GetSignatureType() const { | 98 | SignatureType Ticket::GetSignatureType() const { |
| 99 | if (auto ticket = std::get_if<RSA4096Ticket>(&data)) { | 99 | if (const auto* ticket = std::get_if<RSA4096Ticket>(&data)) { |
| 100 | return ticket->sig_type; | 100 | return ticket->sig_type; |
| 101 | } | 101 | } |
| 102 | if (auto ticket = std::get_if<RSA2048Ticket>(&data)) { | 102 | if (const auto* ticket = std::get_if<RSA2048Ticket>(&data)) { |
| 103 | return ticket->sig_type; | 103 | return ticket->sig_type; |
| 104 | } | 104 | } |
| 105 | if (auto ticket = std::get_if<ECDSATicket>(&data)) { | 105 | if (const auto* ticket = std::get_if<ECDSATicket>(&data)) { |
| 106 | return ticket->sig_type; | 106 | return ticket->sig_type; |
| 107 | } | 107 | } |
| 108 | 108 | ||
| @@ -110,13 +110,13 @@ SignatureType Ticket::GetSignatureType() const { | |||
| 110 | } | 110 | } |
| 111 | 111 | ||
| 112 | TicketData& Ticket::GetData() { | 112 | TicketData& Ticket::GetData() { |
| 113 | if (auto ticket = std::get_if<RSA4096Ticket>(&data)) { | 113 | if (auto* ticket = std::get_if<RSA4096Ticket>(&data)) { |
| 114 | return ticket->data; | 114 | return ticket->data; |
| 115 | } | 115 | } |
| 116 | if (auto ticket = std::get_if<RSA2048Ticket>(&data)) { | 116 | if (auto* ticket = std::get_if<RSA2048Ticket>(&data)) { |
| 117 | return ticket->data; | 117 | return ticket->data; |
| 118 | } | 118 | } |
| 119 | if (auto ticket = std::get_if<ECDSATicket>(&data)) { | 119 | if (auto* ticket = std::get_if<ECDSATicket>(&data)) { |
| 120 | return ticket->data; | 120 | return ticket->data; |
| 121 | } | 121 | } |
| 122 | 122 | ||
| @@ -124,13 +124,13 @@ TicketData& Ticket::GetData() { | |||
| 124 | } | 124 | } |
| 125 | 125 | ||
| 126 | const TicketData& Ticket::GetData() const { | 126 | const TicketData& Ticket::GetData() const { |
| 127 | if (auto ticket = std::get_if<RSA4096Ticket>(&data)) { | 127 | if (const auto* ticket = std::get_if<RSA4096Ticket>(&data)) { |
| 128 | return ticket->data; | 128 | return ticket->data; |
| 129 | } | 129 | } |
| 130 | if (auto ticket = std::get_if<RSA2048Ticket>(&data)) { | 130 | if (const auto* ticket = std::get_if<RSA2048Ticket>(&data)) { |
| 131 | return ticket->data; | 131 | return ticket->data; |
| 132 | } | 132 | } |
| 133 | if (auto ticket = std::get_if<ECDSATicket>(&data)) { | 133 | if (const auto* ticket = std::get_if<ECDSATicket>(&data)) { |
| 134 | return ticket->data; | 134 | return ticket->data; |
| 135 | } | 135 | } |
| 136 | 136 | ||
| @@ -233,8 +233,9 @@ void KeyManager::DeriveGeneralPurposeKeys(std::size_t crypto_revision) { | |||
| 233 | } | 233 | } |
| 234 | 234 | ||
| 235 | RSAKeyPair<2048> KeyManager::GetETicketRSAKey() const { | 235 | RSAKeyPair<2048> KeyManager::GetETicketRSAKey() const { |
| 236 | if (IsAllZeroArray(eticket_extended_kek) || !HasKey(S128KeyType::ETicketRSAKek)) | 236 | if (IsAllZeroArray(eticket_extended_kek) || !HasKey(S128KeyType::ETicketRSAKek)) { |
| 237 | return {}; | 237 | return {}; |
| 238 | } | ||
| 238 | 239 | ||
| 239 | const auto eticket_final = GetKey(S128KeyType::ETicketRSAKek); | 240 | const auto eticket_final = GetKey(S128KeyType::ETicketRSAKek); |
| 240 | 241 | ||
| @@ -261,27 +262,30 @@ Key128 DeriveKeyblobMACKey(const Key128& keyblob_key, const Key128& mac_source) | |||
| 261 | } | 262 | } |
| 262 | 263 | ||
| 263 | std::optional<Key128> DeriveSDSeed() { | 264 | std::optional<Key128> DeriveSDSeed() { |
| 264 | const FileUtil::IOFile save_43(FileUtil::GetUserPath(FileUtil::UserPath::NANDDir) + | 265 | const Common::FS::IOFile save_43(Common::FS::GetUserPath(Common::FS::UserPath::NANDDir) + |
| 265 | "/system/save/8000000000000043", | 266 | "/system/save/8000000000000043", |
| 266 | "rb+"); | 267 | "rb+"); |
| 267 | if (!save_43.IsOpen()) | 268 | if (!save_43.IsOpen()) { |
| 268 | return {}; | 269 | return std::nullopt; |
| 270 | } | ||
| 269 | 271 | ||
| 270 | const FileUtil::IOFile sd_private( | 272 | const Common::FS::IOFile sd_private(Common::FS::GetUserPath(Common::FS::UserPath::SDMCDir) + |
| 271 | FileUtil::GetUserPath(FileUtil::UserPath::SDMCDir) + "/Nintendo/Contents/private", "rb+"); | 273 | "/Nintendo/Contents/private", |
| 272 | if (!sd_private.IsOpen()) | 274 | "rb+"); |
| 273 | return {}; | 275 | if (!sd_private.IsOpen()) { |
| 276 | return std::nullopt; | ||
| 277 | } | ||
| 274 | 278 | ||
| 275 | std::array<u8, 0x10> private_seed{}; | 279 | std::array<u8, 0x10> private_seed{}; |
| 276 | if (sd_private.ReadBytes(private_seed.data(), private_seed.size()) != private_seed.size()) { | 280 | if (sd_private.ReadBytes(private_seed.data(), private_seed.size()) != private_seed.size()) { |
| 277 | return {}; | 281 | return std::nullopt; |
| 278 | } | 282 | } |
| 279 | 283 | ||
| 280 | std::array<u8, 0x10> buffer{}; | 284 | std::array<u8, 0x10> buffer{}; |
| 281 | std::size_t offset = 0; | 285 | std::size_t offset = 0; |
| 282 | for (; offset + 0x10 < save_43.GetSize(); ++offset) { | 286 | for (; offset + 0x10 < save_43.GetSize(); ++offset) { |
| 283 | if (!save_43.Seek(offset, SEEK_SET)) { | 287 | if (!save_43.Seek(offset, SEEK_SET)) { |
| 284 | return {}; | 288 | return std::nullopt; |
| 285 | } | 289 | } |
| 286 | 290 | ||
| 287 | save_43.ReadBytes(buffer.data(), buffer.size()); | 291 | save_43.ReadBytes(buffer.data(), buffer.size()); |
| @@ -291,23 +295,26 @@ std::optional<Key128> DeriveSDSeed() { | |||
| 291 | } | 295 | } |
| 292 | 296 | ||
| 293 | if (!save_43.Seek(offset + 0x10, SEEK_SET)) { | 297 | if (!save_43.Seek(offset + 0x10, SEEK_SET)) { |
| 294 | return {}; | 298 | return std::nullopt; |
| 295 | } | 299 | } |
| 296 | 300 | ||
| 297 | Key128 seed{}; | 301 | Key128 seed{}; |
| 298 | if (save_43.ReadBytes(seed.data(), seed.size()) != seed.size()) { | 302 | if (save_43.ReadBytes(seed.data(), seed.size()) != seed.size()) { |
| 299 | return {}; | 303 | return std::nullopt; |
| 300 | } | 304 | } |
| 301 | return seed; | 305 | return seed; |
| 302 | } | 306 | } |
| 303 | 307 | ||
| 304 | Loader::ResultStatus DeriveSDKeys(std::array<Key256, 2>& sd_keys, KeyManager& keys) { | 308 | Loader::ResultStatus DeriveSDKeys(std::array<Key256, 2>& sd_keys, KeyManager& keys) { |
| 305 | if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::SDKek))) | 309 | if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::SDKek))) { |
| 306 | return Loader::ResultStatus::ErrorMissingSDKEKSource; | 310 | return Loader::ResultStatus::ErrorMissingSDKEKSource; |
| 307 | if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKekGeneration))) | 311 | } |
| 312 | if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKekGeneration))) { | ||
| 308 | return Loader::ResultStatus::ErrorMissingAESKEKGenerationSource; | 313 | return Loader::ResultStatus::ErrorMissingAESKEKGenerationSource; |
| 309 | if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKeyGeneration))) | 314 | } |
| 315 | if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKeyGeneration))) { | ||
| 310 | return Loader::ResultStatus::ErrorMissingAESKeyGenerationSource; | 316 | return Loader::ResultStatus::ErrorMissingAESKeyGenerationSource; |
| 317 | } | ||
| 311 | 318 | ||
| 312 | const auto sd_kek_source = | 319 | const auto sd_kek_source = |
| 313 | keys.GetKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::SDKek)); | 320 | keys.GetKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::SDKek)); |
| @@ -320,14 +327,17 @@ Loader::ResultStatus DeriveSDKeys(std::array<Key256, 2>& sd_keys, KeyManager& ke | |||
| 320 | GenerateKeyEncryptionKey(sd_kek_source, master_00, aes_kek_gen, aes_key_gen); | 327 | GenerateKeyEncryptionKey(sd_kek_source, master_00, aes_kek_gen, aes_key_gen); |
| 321 | keys.SetKey(S128KeyType::SDKek, sd_kek); | 328 | keys.SetKey(S128KeyType::SDKek, sd_kek); |
| 322 | 329 | ||
| 323 | if (!keys.HasKey(S128KeyType::SDSeed)) | 330 | if (!keys.HasKey(S128KeyType::SDSeed)) { |
| 324 | return Loader::ResultStatus::ErrorMissingSDSeed; | 331 | return Loader::ResultStatus::ErrorMissingSDSeed; |
| 332 | } | ||
| 325 | const auto sd_seed = keys.GetKey(S128KeyType::SDSeed); | 333 | const auto sd_seed = keys.GetKey(S128KeyType::SDSeed); |
| 326 | 334 | ||
| 327 | if (!keys.HasKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::Save))) | 335 | if (!keys.HasKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::Save))) { |
| 328 | return Loader::ResultStatus::ErrorMissingSDSaveKeySource; | 336 | return Loader::ResultStatus::ErrorMissingSDSaveKeySource; |
| 329 | if (!keys.HasKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::NCA))) | 337 | } |
| 338 | if (!keys.HasKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::NCA))) { | ||
| 330 | return Loader::ResultStatus::ErrorMissingSDNCAKeySource; | 339 | return Loader::ResultStatus::ErrorMissingSDNCAKeySource; |
| 340 | } | ||
| 331 | 341 | ||
| 332 | std::array<Key256, 2> sd_key_sources{ | 342 | std::array<Key256, 2> sd_key_sources{ |
| 333 | keys.GetKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::Save)), | 343 | keys.GetKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::Save)), |
| @@ -336,8 +346,9 @@ Loader::ResultStatus DeriveSDKeys(std::array<Key256, 2>& sd_keys, KeyManager& ke | |||
| 336 | 346 | ||
| 337 | // Combine sources and seed | 347 | // Combine sources and seed |
| 338 | for (auto& source : sd_key_sources) { | 348 | for (auto& source : sd_key_sources) { |
| 339 | for (std::size_t i = 0; i < source.size(); ++i) | 349 | for (std::size_t i = 0; i < source.size(); ++i) { |
| 340 | source[i] ^= sd_seed[i & 0xF]; | 350 | source[i] ^= sd_seed[i & 0xF]; |
| 351 | } | ||
| 341 | } | 352 | } |
| 342 | 353 | ||
| 343 | AESCipher<Key128> cipher(sd_kek, Mode::ECB); | 354 | AESCipher<Key128> cipher(sd_kek, Mode::ECB); |
| @@ -355,9 +366,10 @@ Loader::ResultStatus DeriveSDKeys(std::array<Key256, 2>& sd_keys, KeyManager& ke | |||
| 355 | return Loader::ResultStatus::Success; | 366 | return Loader::ResultStatus::Success; |
| 356 | } | 367 | } |
| 357 | 368 | ||
| 358 | std::vector<Ticket> GetTicketblob(const FileUtil::IOFile& ticket_save) { | 369 | std::vector<Ticket> GetTicketblob(const Common::FS::IOFile& ticket_save) { |
| 359 | if (!ticket_save.IsOpen()) | 370 | if (!ticket_save.IsOpen()) { |
| 360 | return {}; | 371 | return {}; |
| 372 | } | ||
| 361 | 373 | ||
| 362 | std::vector<u8> buffer(ticket_save.GetSize()); | 374 | std::vector<u8> buffer(ticket_save.GetSize()); |
| 363 | if (ticket_save.ReadBytes(buffer.data(), buffer.size()) != buffer.size()) { | 375 | if (ticket_save.ReadBytes(buffer.data(), buffer.size()) != buffer.size()) { |
| @@ -417,7 +429,7 @@ static std::optional<u64> FindTicketOffset(const std::array<u8, size>& data) { | |||
| 417 | offset = i + 1; | 429 | offset = i + 1; |
| 418 | break; | 430 | break; |
| 419 | } else if (data[i] != 0x0) { | 431 | } else if (data[i] != 0x0) { |
| 420 | return {}; | 432 | return std::nullopt; |
| 421 | } | 433 | } |
| 422 | } | 434 | } |
| 423 | 435 | ||
| @@ -427,16 +439,18 @@ static std::optional<u64> FindTicketOffset(const std::array<u8, size>& data) { | |||
| 427 | std::optional<std::pair<Key128, Key128>> ParseTicket(const Ticket& ticket, | 439 | std::optional<std::pair<Key128, Key128>> ParseTicket(const Ticket& ticket, |
| 428 | const RSAKeyPair<2048>& key) { | 440 | const RSAKeyPair<2048>& key) { |
| 429 | const auto issuer = ticket.GetData().issuer; | 441 | const auto issuer = ticket.GetData().issuer; |
| 430 | if (IsAllZeroArray(issuer)) | 442 | if (IsAllZeroArray(issuer)) { |
| 431 | return {}; | 443 | return std::nullopt; |
| 444 | } | ||
| 432 | if (issuer[0] != 'R' || issuer[1] != 'o' || issuer[2] != 'o' || issuer[3] != 't') { | 445 | if (issuer[0] != 'R' || issuer[1] != 'o' || issuer[2] != 'o' || issuer[3] != 't') { |
| 433 | LOG_INFO(Crypto, "Attempting to parse ticket with non-standard certificate authority."); | 446 | LOG_INFO(Crypto, "Attempting to parse ticket with non-standard certificate authority."); |
| 434 | } | 447 | } |
| 435 | 448 | ||
| 436 | Key128 rights_id = ticket.GetData().rights_id; | 449 | Key128 rights_id = ticket.GetData().rights_id; |
| 437 | 450 | ||
| 438 | if (rights_id == Key128{}) | 451 | if (rights_id == Key128{}) { |
| 439 | return {}; | 452 | return std::nullopt; |
| 453 | } | ||
| 440 | 454 | ||
| 441 | if (!std::any_of(ticket.GetData().title_key_common_pad.begin(), | 455 | if (!std::any_of(ticket.GetData().title_key_common_pad.begin(), |
| 442 | ticket.GetData().title_key_common_pad.end(), [](u8 b) { return b != 0; })) { | 456 | ticket.GetData().title_key_common_pad.end(), [](u8 b) { return b != 0; })) { |
| @@ -468,15 +482,17 @@ std::optional<std::pair<Key128, Key128>> ParseTicket(const Ticket& ticket, | |||
| 468 | std::array<u8, 0xDF> m_2; | 482 | std::array<u8, 0xDF> m_2; |
| 469 | std::memcpy(m_2.data(), rsa_step.data() + 0x21, m_2.size()); | 483 | std::memcpy(m_2.data(), rsa_step.data() + 0x21, m_2.size()); |
| 470 | 484 | ||
| 471 | if (m_0 != 0) | 485 | if (m_0 != 0) { |
| 472 | return {}; | 486 | return std::nullopt; |
| 487 | } | ||
| 473 | 488 | ||
| 474 | m_1 = m_1 ^ MGF1<0x20>(m_2); | 489 | m_1 = m_1 ^ MGF1<0x20>(m_2); |
| 475 | m_2 = m_2 ^ MGF1<0xDF>(m_1); | 490 | m_2 = m_2 ^ MGF1<0xDF>(m_1); |
| 476 | 491 | ||
| 477 | const auto offset = FindTicketOffset(m_2); | 492 | const auto offset = FindTicketOffset(m_2); |
| 478 | if (!offset) | 493 | if (!offset) { |
| 479 | return {}; | 494 | return std::nullopt; |
| 495 | } | ||
| 480 | ASSERT(*offset > 0); | 496 | ASSERT(*offset > 0); |
| 481 | 497 | ||
| 482 | Key128 key_temp{}; | 498 | Key128 key_temp{}; |
| @@ -487,8 +503,8 @@ std::optional<std::pair<Key128, Key128>> ParseTicket(const Ticket& ticket, | |||
| 487 | 503 | ||
| 488 | KeyManager::KeyManager() { | 504 | KeyManager::KeyManager() { |
| 489 | // Initialize keys | 505 | // Initialize keys |
| 490 | const std::string hactool_keys_dir = FileUtil::GetHactoolConfigurationPath(); | 506 | const std::string hactool_keys_dir = Common::FS::GetHactoolConfigurationPath(); |
| 491 | const std::string yuzu_keys_dir = FileUtil::GetUserPath(FileUtil::UserPath::KeysDir); | 507 | const std::string yuzu_keys_dir = Common::FS::GetUserPath(Common::FS::UserPath::KeysDir); |
| 492 | if (Settings::values.use_dev_keys) { | 508 | if (Settings::values.use_dev_keys) { |
| 493 | dev_mode = true; | 509 | dev_mode = true; |
| 494 | AttemptLoadKeyFile(yuzu_keys_dir, hactool_keys_dir, "dev.keys", false); | 510 | AttemptLoadKeyFile(yuzu_keys_dir, hactool_keys_dir, "dev.keys", false); |
| @@ -506,34 +522,39 @@ KeyManager::KeyManager() { | |||
| 506 | } | 522 | } |
| 507 | 523 | ||
| 508 | static bool ValidCryptoRevisionString(std::string_view base, size_t begin, size_t length) { | 524 | static bool ValidCryptoRevisionString(std::string_view base, size_t begin, size_t length) { |
| 509 | if (base.size() < begin + length) | 525 | if (base.size() < begin + length) { |
| 510 | return false; | 526 | return false; |
| 527 | } | ||
| 511 | return std::all_of(base.begin() + begin, base.begin() + begin + length, | 528 | return std::all_of(base.begin() + begin, base.begin() + begin + length, |
| 512 | [](u8 c) { return std::isxdigit(c); }); | 529 | [](u8 c) { return std::isxdigit(c); }); |
| 513 | } | 530 | } |
| 514 | 531 | ||
| 515 | void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { | 532 | void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { |
| 516 | std::ifstream file; | 533 | std::ifstream file; |
| 517 | OpenFStream(file, filename, std::ios_base::in); | 534 | Common::FS::OpenFStream(file, filename, std::ios_base::in); |
| 518 | if (!file.is_open()) | 535 | if (!file.is_open()) { |
| 519 | return; | 536 | return; |
| 537 | } | ||
| 520 | 538 | ||
| 521 | std::string line; | 539 | std::string line; |
| 522 | while (std::getline(file, line)) { | 540 | while (std::getline(file, line)) { |
| 523 | std::vector<std::string> out; | 541 | std::vector<std::string> out; |
| 524 | std::stringstream stream(line); | 542 | std::stringstream stream(line); |
| 525 | std::string item; | 543 | std::string item; |
| 526 | while (std::getline(stream, item, '=')) | 544 | while (std::getline(stream, item, '=')) { |
| 527 | out.push_back(std::move(item)); | 545 | out.push_back(std::move(item)); |
| 546 | } | ||
| 528 | 547 | ||
| 529 | if (out.size() != 2) | 548 | if (out.size() != 2) { |
| 530 | continue; | 549 | continue; |
| 550 | } | ||
| 531 | 551 | ||
| 532 | out[0].erase(std::remove(out[0].begin(), out[0].end(), ' '), out[0].end()); | 552 | out[0].erase(std::remove(out[0].begin(), out[0].end(), ' '), out[0].end()); |
| 533 | out[1].erase(std::remove(out[1].begin(), out[1].end(), ' '), out[1].end()); | 553 | out[1].erase(std::remove(out[1].begin(), out[1].end(), ' '), out[1].end()); |
| 534 | 554 | ||
| 535 | if (out[0].compare(0, 1, "#") == 0) | 555 | if (out[0].compare(0, 1, "#") == 0) { |
| 536 | continue; | 556 | continue; |
| 557 | } | ||
| 537 | 558 | ||
| 538 | if (is_title_keys) { | 559 | if (is_title_keys) { |
| 539 | auto rights_id_raw = Common::HexStringToArray<16>(out[0]); | 560 | auto rights_id_raw = Common::HexStringToArray<16>(out[0]); |
| @@ -553,14 +574,16 @@ void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { | |||
| 553 | s256_keys[{index.type, index.field1, index.field2}] = key; | 574 | s256_keys[{index.type, index.field1, index.field2}] = key; |
| 554 | } else if (out[0].compare(0, 8, "keyblob_") == 0 && | 575 | } else if (out[0].compare(0, 8, "keyblob_") == 0 && |
| 555 | out[0].compare(0, 9, "keyblob_k") != 0) { | 576 | out[0].compare(0, 9, "keyblob_k") != 0) { |
| 556 | if (!ValidCryptoRevisionString(out[0], 8, 2)) | 577 | if (!ValidCryptoRevisionString(out[0], 8, 2)) { |
| 557 | continue; | 578 | continue; |
| 579 | } | ||
| 558 | 580 | ||
| 559 | const auto index = std::stoul(out[0].substr(8, 2), nullptr, 16); | 581 | const auto index = std::stoul(out[0].substr(8, 2), nullptr, 16); |
| 560 | keyblobs[index] = Common::HexStringToArray<0x90>(out[1]); | 582 | keyblobs[index] = Common::HexStringToArray<0x90>(out[1]); |
| 561 | } else if (out[0].compare(0, 18, "encrypted_keyblob_") == 0) { | 583 | } else if (out[0].compare(0, 18, "encrypted_keyblob_") == 0) { |
| 562 | if (!ValidCryptoRevisionString(out[0], 18, 2)) | 584 | if (!ValidCryptoRevisionString(out[0], 18, 2)) { |
| 563 | continue; | 585 | continue; |
| 586 | } | ||
| 564 | 587 | ||
| 565 | const auto index = std::stoul(out[0].substr(18, 2), nullptr, 16); | 588 | const auto index = std::stoul(out[0].substr(18, 2), nullptr, 16); |
| 566 | encrypted_keyblobs[index] = Common::HexStringToArray<0xB0>(out[1]); | 589 | encrypted_keyblobs[index] = Common::HexStringToArray<0xB0>(out[1]); |
| @@ -568,8 +591,9 @@ void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { | |||
| 568 | eticket_extended_kek = Common::HexStringToArray<576>(out[1]); | 591 | eticket_extended_kek = Common::HexStringToArray<576>(out[1]); |
| 569 | } else { | 592 | } else { |
| 570 | for (const auto& kv : KEYS_VARIABLE_LENGTH) { | 593 | for (const auto& kv : KEYS_VARIABLE_LENGTH) { |
| 571 | if (!ValidCryptoRevisionString(out[0], kv.second.size(), 2)) | 594 | if (!ValidCryptoRevisionString(out[0], kv.second.size(), 2)) { |
| 572 | continue; | 595 | continue; |
| 596 | } | ||
| 573 | if (out[0].compare(0, kv.second.size(), kv.second) == 0) { | 597 | if (out[0].compare(0, kv.second.size(), kv.second) == 0) { |
| 574 | const auto index = | 598 | const auto index = |
| 575 | std::stoul(out[0].substr(kv.second.size(), 2), nullptr, 16); | 599 | std::stoul(out[0].substr(kv.second.size(), 2), nullptr, 16); |
| @@ -604,10 +628,11 @@ void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { | |||
| 604 | 628 | ||
| 605 | void KeyManager::AttemptLoadKeyFile(const std::string& dir1, const std::string& dir2, | 629 | void KeyManager::AttemptLoadKeyFile(const std::string& dir1, const std::string& dir2, |
| 606 | const std::string& filename, bool title) { | 630 | const std::string& filename, bool title) { |
| 607 | if (FileUtil::Exists(dir1 + DIR_SEP + filename)) | 631 | if (Common::FS::Exists(dir1 + DIR_SEP + filename)) { |
| 608 | LoadFromFile(dir1 + DIR_SEP + filename, title); | 632 | LoadFromFile(dir1 + DIR_SEP + filename, title); |
| 609 | else if (FileUtil::Exists(dir2 + DIR_SEP + filename)) | 633 | } else if (Common::FS::Exists(dir2 + DIR_SEP + filename)) { |
| 610 | LoadFromFile(dir2 + DIR_SEP + filename, title); | 634 | LoadFromFile(dir2 + DIR_SEP + filename, title); |
| 635 | } | ||
| 611 | } | 636 | } |
| 612 | 637 | ||
| 613 | bool KeyManager::BaseDeriveNecessary() const { | 638 | bool KeyManager::BaseDeriveNecessary() const { |
| @@ -615,8 +640,9 @@ bool KeyManager::BaseDeriveNecessary() const { | |||
| 615 | return !HasKey(key_type, index1, index2); | 640 | return !HasKey(key_type, index1, index2); |
| 616 | }; | 641 | }; |
| 617 | 642 | ||
| 618 | if (check_key_existence(S256KeyType::Header)) | 643 | if (check_key_existence(S256KeyType::Header)) { |
| 619 | return true; | 644 | return true; |
| 645 | } | ||
| 620 | 646 | ||
| 621 | for (size_t i = 0; i < CURRENT_CRYPTO_REVISION; ++i) { | 647 | for (size_t i = 0; i < CURRENT_CRYPTO_REVISION; ++i) { |
| 622 | if (check_key_existence(S128KeyType::Master, i) || | 648 | if (check_key_existence(S128KeyType::Master, i) || |
| @@ -641,14 +667,16 @@ bool KeyManager::HasKey(S256KeyType id, u64 field1, u64 field2) const { | |||
| 641 | } | 667 | } |
| 642 | 668 | ||
| 643 | Key128 KeyManager::GetKey(S128KeyType id, u64 field1, u64 field2) const { | 669 | Key128 KeyManager::GetKey(S128KeyType id, u64 field1, u64 field2) const { |
| 644 | if (!HasKey(id, field1, field2)) | 670 | if (!HasKey(id, field1, field2)) { |
| 645 | return {}; | 671 | return {}; |
| 672 | } | ||
| 646 | return s128_keys.at({id, field1, field2}); | 673 | return s128_keys.at({id, field1, field2}); |
| 647 | } | 674 | } |
| 648 | 675 | ||
| 649 | Key256 KeyManager::GetKey(S256KeyType id, u64 field1, u64 field2) const { | 676 | Key256 KeyManager::GetKey(S256KeyType id, u64 field1, u64 field2) const { |
| 650 | if (!HasKey(id, field1, field2)) | 677 | if (!HasKey(id, field1, field2)) { |
| 651 | return {}; | 678 | return {}; |
| 679 | } | ||
| 652 | return s256_keys.at({id, field1, field2}); | 680 | return s256_keys.at({id, field1, field2}); |
| 653 | } | 681 | } |
| 654 | 682 | ||
| @@ -670,7 +698,7 @@ Key256 KeyManager::GetBISKey(u8 partition_id) const { | |||
| 670 | template <size_t Size> | 698 | template <size_t Size> |
| 671 | void KeyManager::WriteKeyToFile(KeyCategory category, std::string_view keyname, | 699 | void KeyManager::WriteKeyToFile(KeyCategory category, std::string_view keyname, |
| 672 | const std::array<u8, Size>& key) { | 700 | const std::array<u8, Size>& key) { |
| 673 | const std::string yuzu_keys_dir = FileUtil::GetUserPath(FileUtil::UserPath::KeysDir); | 701 | const std::string yuzu_keys_dir = Common::FS::GetUserPath(Common::FS::UserPath::KeysDir); |
| 674 | std::string filename = "title.keys_autogenerated"; | 702 | std::string filename = "title.keys_autogenerated"; |
| 675 | if (category == KeyCategory::Standard) { | 703 | if (category == KeyCategory::Standard) { |
| 676 | filename = dev_mode ? "dev.keys_autogenerated" : "prod.keys_autogenerated"; | 704 | filename = dev_mode ? "dev.keys_autogenerated" : "prod.keys_autogenerated"; |
| @@ -679,9 +707,9 @@ void KeyManager::WriteKeyToFile(KeyCategory category, std::string_view keyname, | |||
| 679 | } | 707 | } |
| 680 | 708 | ||
| 681 | const auto path = yuzu_keys_dir + DIR_SEP + filename; | 709 | const auto path = yuzu_keys_dir + DIR_SEP + filename; |
| 682 | const auto add_info_text = !FileUtil::Exists(path); | 710 | const auto add_info_text = !Common::FS::Exists(path); |
| 683 | FileUtil::CreateFullPath(path); | 711 | Common::FS::CreateFullPath(path); |
| 684 | FileUtil::IOFile file{path, "a"}; | 712 | Common::FS::IOFile file{path, "a"}; |
| 685 | if (!file.IsOpen()) { | 713 | if (!file.IsOpen()) { |
| 686 | return; | 714 | return; |
| 687 | } | 715 | } |
| @@ -765,29 +793,31 @@ void KeyManager::SetKey(S256KeyType id, Key256 key, u64 field1, u64 field2) { | |||
| 765 | } | 793 | } |
| 766 | 794 | ||
| 767 | bool KeyManager::KeyFileExists(bool title) { | 795 | bool KeyManager::KeyFileExists(bool title) { |
| 768 | const std::string hactool_keys_dir = FileUtil::GetHactoolConfigurationPath(); | 796 | const std::string hactool_keys_dir = Common::FS::GetHactoolConfigurationPath(); |
| 769 | const std::string yuzu_keys_dir = FileUtil::GetUserPath(FileUtil::UserPath::KeysDir); | 797 | const std::string yuzu_keys_dir = Common::FS::GetUserPath(Common::FS::UserPath::KeysDir); |
| 770 | if (title) { | 798 | if (title) { |
| 771 | return FileUtil::Exists(hactool_keys_dir + DIR_SEP + "title.keys") || | 799 | return Common::FS::Exists(hactool_keys_dir + DIR_SEP + "title.keys") || |
| 772 | FileUtil::Exists(yuzu_keys_dir + DIR_SEP + "title.keys"); | 800 | Common::FS::Exists(yuzu_keys_dir + DIR_SEP + "title.keys"); |
| 773 | } | 801 | } |
| 774 | 802 | ||
| 775 | if (Settings::values.use_dev_keys) { | 803 | if (Settings::values.use_dev_keys) { |
| 776 | return FileUtil::Exists(hactool_keys_dir + DIR_SEP + "dev.keys") || | 804 | return Common::FS::Exists(hactool_keys_dir + DIR_SEP + "dev.keys") || |
| 777 | FileUtil::Exists(yuzu_keys_dir + DIR_SEP + "dev.keys"); | 805 | Common::FS::Exists(yuzu_keys_dir + DIR_SEP + "dev.keys"); |
| 778 | } | 806 | } |
| 779 | 807 | ||
| 780 | return FileUtil::Exists(hactool_keys_dir + DIR_SEP + "prod.keys") || | 808 | return Common::FS::Exists(hactool_keys_dir + DIR_SEP + "prod.keys") || |
| 781 | FileUtil::Exists(yuzu_keys_dir + DIR_SEP + "prod.keys"); | 809 | Common::FS::Exists(yuzu_keys_dir + DIR_SEP + "prod.keys"); |
| 782 | } | 810 | } |
| 783 | 811 | ||
| 784 | void KeyManager::DeriveSDSeedLazy() { | 812 | void KeyManager::DeriveSDSeedLazy() { |
| 785 | if (HasKey(S128KeyType::SDSeed)) | 813 | if (HasKey(S128KeyType::SDSeed)) { |
| 786 | return; | 814 | return; |
| 815 | } | ||
| 787 | 816 | ||
| 788 | const auto res = DeriveSDSeed(); | 817 | const auto res = DeriveSDSeed(); |
| 789 | if (res) | 818 | if (res) { |
| 790 | SetKey(S128KeyType::SDSeed, *res); | 819 | SetKey(S128KeyType::SDSeed, *res); |
| 820 | } | ||
| 791 | } | 821 | } |
| 792 | 822 | ||
| 793 | static Key128 CalculateCMAC(const u8* source, size_t size, const Key128& key) { | 823 | static Key128 CalculateCMAC(const u8* source, size_t size, const Key128& key) { |
| @@ -799,11 +829,13 @@ static Key128 CalculateCMAC(const u8* source, size_t size, const Key128& key) { | |||
| 799 | } | 829 | } |
| 800 | 830 | ||
| 801 | void KeyManager::DeriveBase() { | 831 | void KeyManager::DeriveBase() { |
| 802 | if (!BaseDeriveNecessary()) | 832 | if (!BaseDeriveNecessary()) { |
| 803 | return; | 833 | return; |
| 834 | } | ||
| 804 | 835 | ||
| 805 | if (!HasKey(S128KeyType::SecureBoot) || !HasKey(S128KeyType::TSEC)) | 836 | if (!HasKey(S128KeyType::SecureBoot) || !HasKey(S128KeyType::TSEC)) { |
| 806 | return; | 837 | return; |
| 838 | } | ||
| 807 | 839 | ||
| 808 | const auto has_bis = [this](u64 id) { | 840 | const auto has_bis = [this](u64 id) { |
| 809 | return HasKey(S128KeyType::BIS, id, static_cast<u64>(BISKeyType::Crypto)) && | 841 | return HasKey(S128KeyType::BIS, id, static_cast<u64>(BISKeyType::Crypto)) && |
| @@ -820,10 +852,11 @@ void KeyManager::DeriveBase() { | |||
| 820 | static_cast<u64>(BISKeyType::Tweak)); | 852 | static_cast<u64>(BISKeyType::Tweak)); |
| 821 | }; | 853 | }; |
| 822 | 854 | ||
| 823 | if (has_bis(2) && !has_bis(3)) | 855 | if (has_bis(2) && !has_bis(3)) { |
| 824 | copy_bis(2, 3); | 856 | copy_bis(2, 3); |
| 825 | else if (has_bis(3) && !has_bis(2)) | 857 | } else if (has_bis(3) && !has_bis(2)) { |
| 826 | copy_bis(3, 2); | 858 | copy_bis(3, 2); |
| 859 | } | ||
| 827 | 860 | ||
| 828 | std::bitset<32> revisions(0xFFFFFFFF); | 861 | std::bitset<32> revisions(0xFFFFFFFF); |
| 829 | for (size_t i = 0; i < revisions.size(); ++i) { | 862 | for (size_t i = 0; i < revisions.size(); ++i) { |
| @@ -833,15 +866,17 @@ void KeyManager::DeriveBase() { | |||
| 833 | } | 866 | } |
| 834 | } | 867 | } |
| 835 | 868 | ||
| 836 | if (!revisions.any()) | 869 | if (!revisions.any()) { |
| 837 | return; | 870 | return; |
| 871 | } | ||
| 838 | 872 | ||
| 839 | const auto sbk = GetKey(S128KeyType::SecureBoot); | 873 | const auto sbk = GetKey(S128KeyType::SecureBoot); |
| 840 | const auto tsec = GetKey(S128KeyType::TSEC); | 874 | const auto tsec = GetKey(S128KeyType::TSEC); |
| 841 | 875 | ||
| 842 | for (size_t i = 0; i < revisions.size(); ++i) { | 876 | for (size_t i = 0; i < revisions.size(); ++i) { |
| 843 | if (!revisions[i]) | 877 | if (!revisions[i]) { |
| 844 | continue; | 878 | continue; |
| 879 | } | ||
| 845 | 880 | ||
| 846 | // Derive keyblob key | 881 | // Derive keyblob key |
| 847 | const auto key = DeriveKeyblobKey( | 882 | const auto key = DeriveKeyblobKey( |
| @@ -850,16 +885,18 @@ void KeyManager::DeriveBase() { | |||
| 850 | SetKey(S128KeyType::Keyblob, key, i); | 885 | SetKey(S128KeyType::Keyblob, key, i); |
| 851 | 886 | ||
| 852 | // Derive keyblob MAC key | 887 | // Derive keyblob MAC key |
| 853 | if (!HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyblobMAC))) | 888 | if (!HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyblobMAC))) { |
| 854 | continue; | 889 | continue; |
| 890 | } | ||
| 855 | 891 | ||
| 856 | const auto mac_key = DeriveKeyblobMACKey( | 892 | const auto mac_key = DeriveKeyblobMACKey( |
| 857 | key, GetKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyblobMAC))); | 893 | key, GetKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyblobMAC))); |
| 858 | SetKey(S128KeyType::KeyblobMAC, mac_key, i); | 894 | SetKey(S128KeyType::KeyblobMAC, mac_key, i); |
| 859 | 895 | ||
| 860 | Key128 cmac = CalculateCMAC(encrypted_keyblobs[i].data() + 0x10, 0xA0, mac_key); | 896 | Key128 cmac = CalculateCMAC(encrypted_keyblobs[i].data() + 0x10, 0xA0, mac_key); |
| 861 | if (std::memcmp(cmac.data(), encrypted_keyblobs[i].data(), cmac.size()) != 0) | 897 | if (std::memcmp(cmac.data(), encrypted_keyblobs[i].data(), cmac.size()) != 0) { |
| 862 | continue; | 898 | continue; |
| 899 | } | ||
| 863 | 900 | ||
| 864 | // Decrypt keyblob | 901 | // Decrypt keyblob |
| 865 | if (keyblobs[i] == std::array<u8, 0x90>{}) { | 902 | if (keyblobs[i] == std::array<u8, 0x90>{}) { |
| @@ -883,16 +920,19 @@ void KeyManager::DeriveBase() { | |||
| 883 | 920 | ||
| 884 | revisions.set(); | 921 | revisions.set(); |
| 885 | for (size_t i = 0; i < revisions.size(); ++i) { | 922 | for (size_t i = 0; i < revisions.size(); ++i) { |
| 886 | if (!HasKey(S128KeyType::Master, i)) | 923 | if (!HasKey(S128KeyType::Master, i)) { |
| 887 | revisions.reset(i); | 924 | revisions.reset(i); |
| 925 | } | ||
| 888 | } | 926 | } |
| 889 | 927 | ||
| 890 | if (!revisions.any()) | 928 | if (!revisions.any()) { |
| 891 | return; | 929 | return; |
| 930 | } | ||
| 892 | 931 | ||
| 893 | for (size_t i = 0; i < revisions.size(); ++i) { | 932 | for (size_t i = 0; i < revisions.size(); ++i) { |
| 894 | if (!revisions[i]) | 933 | if (!revisions[i]) { |
| 895 | continue; | 934 | continue; |
| 935 | } | ||
| 896 | 936 | ||
| 897 | // Derive general purpose keys | 937 | // Derive general purpose keys |
| 898 | DeriveGeneralPurposeKeys(i); | 938 | DeriveGeneralPurposeKeys(i); |
| @@ -922,16 +962,19 @@ void KeyManager::DeriveETicket(PartitionDataManager& data) { | |||
| 922 | const auto es = Core::System::GetInstance().GetContentProvider().GetEntry( | 962 | const auto es = Core::System::GetInstance().GetContentProvider().GetEntry( |
| 923 | 0x0100000000000033, FileSys::ContentRecordType::Program); | 963 | 0x0100000000000033, FileSys::ContentRecordType::Program); |
| 924 | 964 | ||
| 925 | if (es == nullptr) | 965 | if (es == nullptr) { |
| 926 | return; | 966 | return; |
| 967 | } | ||
| 927 | 968 | ||
| 928 | const auto exefs = es->GetExeFS(); | 969 | const auto exefs = es->GetExeFS(); |
| 929 | if (exefs == nullptr) | 970 | if (exefs == nullptr) { |
| 930 | return; | 971 | return; |
| 972 | } | ||
| 931 | 973 | ||
| 932 | const auto main = exefs->GetFile("main"); | 974 | const auto main = exefs->GetFile("main"); |
| 933 | if (main == nullptr) | 975 | if (main == nullptr) { |
| 934 | return; | 976 | return; |
| 977 | } | ||
| 935 | 978 | ||
| 936 | const auto bytes = main->ReadAllBytes(); | 979 | const auto bytes = main->ReadAllBytes(); |
| 937 | 980 | ||
| @@ -941,16 +984,19 @@ void KeyManager::DeriveETicket(PartitionDataManager& data) { | |||
| 941 | const auto seed3 = data.GetRSAKekSeed3(); | 984 | const auto seed3 = data.GetRSAKekSeed3(); |
| 942 | const auto mask0 = data.GetRSAKekMask0(); | 985 | const auto mask0 = data.GetRSAKekMask0(); |
| 943 | 986 | ||
| 944 | if (eticket_kek != Key128{}) | 987 | if (eticket_kek != Key128{}) { |
| 945 | SetKey(S128KeyType::Source, eticket_kek, static_cast<size_t>(SourceKeyType::ETicketKek)); | 988 | SetKey(S128KeyType::Source, eticket_kek, static_cast<size_t>(SourceKeyType::ETicketKek)); |
| 989 | } | ||
| 946 | if (eticket_kekek != Key128{}) { | 990 | if (eticket_kekek != Key128{}) { |
| 947 | SetKey(S128KeyType::Source, eticket_kekek, | 991 | SetKey(S128KeyType::Source, eticket_kekek, |
| 948 | static_cast<size_t>(SourceKeyType::ETicketKekek)); | 992 | static_cast<size_t>(SourceKeyType::ETicketKekek)); |
| 949 | } | 993 | } |
| 950 | if (seed3 != Key128{}) | 994 | if (seed3 != Key128{}) { |
| 951 | SetKey(S128KeyType::RSAKek, seed3, static_cast<size_t>(RSAKekType::Seed3)); | 995 | SetKey(S128KeyType::RSAKek, seed3, static_cast<size_t>(RSAKekType::Seed3)); |
| 952 | if (mask0 != Key128{}) | 996 | } |
| 997 | if (mask0 != Key128{}) { | ||
| 953 | SetKey(S128KeyType::RSAKek, mask0, static_cast<size_t>(RSAKekType::Mask0)); | 998 | SetKey(S128KeyType::RSAKek, mask0, static_cast<size_t>(RSAKekType::Mask0)); |
| 999 | } | ||
| 954 | if (eticket_kek == Key128{} || eticket_kekek == Key128{} || seed3 == Key128{} || | 1000 | if (eticket_kek == Key128{} || eticket_kekek == Key128{} || seed3 == Key128{} || |
| 955 | mask0 == Key128{}) { | 1001 | mask0 == Key128{}) { |
| 956 | return; | 1002 | return; |
| @@ -976,8 +1022,9 @@ void KeyManager::DeriveETicket(PartitionDataManager& data) { | |||
| 976 | AESCipher<Key128> es_kek(temp_kekek, Mode::ECB); | 1022 | AESCipher<Key128> es_kek(temp_kekek, Mode::ECB); |
| 977 | es_kek.Transcode(eticket_kek.data(), eticket_kek.size(), eticket_final.data(), Op::Decrypt); | 1023 | es_kek.Transcode(eticket_kek.data(), eticket_kek.size(), eticket_final.data(), Op::Decrypt); |
| 978 | 1024 | ||
| 979 | if (eticket_final == Key128{}) | 1025 | if (eticket_final == Key128{}) { |
| 980 | return; | 1026 | return; |
| 1027 | } | ||
| 981 | 1028 | ||
| 982 | SetKey(S128KeyType::ETicketRSAKek, eticket_final); | 1029 | SetKey(S128KeyType::ETicketRSAKek, eticket_final); |
| 983 | 1030 | ||
| @@ -992,18 +1039,20 @@ void KeyManager::DeriveETicket(PartitionDataManager& data) { | |||
| 992 | void KeyManager::PopulateTickets() { | 1039 | void KeyManager::PopulateTickets() { |
| 993 | const auto rsa_key = GetETicketRSAKey(); | 1040 | const auto rsa_key = GetETicketRSAKey(); |
| 994 | 1041 | ||
| 995 | if (rsa_key == RSAKeyPair<2048>{}) | 1042 | if (rsa_key == RSAKeyPair<2048>{}) { |
| 996 | return; | 1043 | return; |
| 1044 | } | ||
| 997 | 1045 | ||
| 998 | if (!common_tickets.empty() && !personal_tickets.empty()) | 1046 | if (!common_tickets.empty() && !personal_tickets.empty()) { |
| 999 | return; | 1047 | return; |
| 1048 | } | ||
| 1000 | 1049 | ||
| 1001 | const FileUtil::IOFile save1(FileUtil::GetUserPath(FileUtil::UserPath::NANDDir) + | 1050 | const Common::FS::IOFile save1(Common::FS::GetUserPath(Common::FS::UserPath::NANDDir) + |
| 1002 | "/system/save/80000000000000e1", | 1051 | "/system/save/80000000000000e1", |
| 1003 | "rb+"); | 1052 | "rb+"); |
| 1004 | const FileUtil::IOFile save2(FileUtil::GetUserPath(FileUtil::UserPath::NANDDir) + | 1053 | const Common::FS::IOFile save2(Common::FS::GetUserPath(Common::FS::UserPath::NANDDir) + |
| 1005 | "/system/save/80000000000000e2", | 1054 | "/system/save/80000000000000e2", |
| 1006 | "rb+"); | 1055 | "rb+"); |
| 1007 | 1056 | ||
| 1008 | const auto blob2 = GetTicketblob(save2); | 1057 | const auto blob2 = GetTicketblob(save2); |
| 1009 | auto res = GetTicketblob(save1); | 1058 | auto res = GetTicketblob(save1); |
| @@ -1013,8 +1062,10 @@ void KeyManager::PopulateTickets() { | |||
| 1013 | for (std::size_t i = 0; i < res.size(); ++i) { | 1062 | for (std::size_t i = 0; i < res.size(); ++i) { |
| 1014 | const auto common = i < idx; | 1063 | const auto common = i < idx; |
| 1015 | const auto pair = ParseTicket(res[i], rsa_key); | 1064 | const auto pair = ParseTicket(res[i], rsa_key); |
| 1016 | if (!pair) | 1065 | if (!pair) { |
| 1017 | continue; | 1066 | continue; |
| 1067 | } | ||
| 1068 | |||
| 1018 | const auto& [rid, key] = *pair; | 1069 | const auto& [rid, key] = *pair; |
| 1019 | u128 rights_id; | 1070 | u128 rights_id; |
| 1020 | std::memcpy(rights_id.data(), rid.data(), rid.size()); | 1071 | std::memcpy(rights_id.data(), rid.data(), rid.size()); |
| @@ -1043,27 +1094,33 @@ void KeyManager::SynthesizeTickets() { | |||
| 1043 | } | 1094 | } |
| 1044 | 1095 | ||
| 1045 | void KeyManager::SetKeyWrapped(S128KeyType id, Key128 key, u64 field1, u64 field2) { | 1096 | void KeyManager::SetKeyWrapped(S128KeyType id, Key128 key, u64 field1, u64 field2) { |
| 1046 | if (key == Key128{}) | 1097 | if (key == Key128{}) { |
| 1047 | return; | 1098 | return; |
| 1099 | } | ||
| 1048 | SetKey(id, key, field1, field2); | 1100 | SetKey(id, key, field1, field2); |
| 1049 | } | 1101 | } |
| 1050 | 1102 | ||
| 1051 | void KeyManager::SetKeyWrapped(S256KeyType id, Key256 key, u64 field1, u64 field2) { | 1103 | void KeyManager::SetKeyWrapped(S256KeyType id, Key256 key, u64 field1, u64 field2) { |
| 1052 | if (key == Key256{}) | 1104 | if (key == Key256{}) { |
| 1053 | return; | 1105 | return; |
| 1106 | } | ||
| 1107 | |||
| 1054 | SetKey(id, key, field1, field2); | 1108 | SetKey(id, key, field1, field2); |
| 1055 | } | 1109 | } |
| 1056 | 1110 | ||
| 1057 | void KeyManager::PopulateFromPartitionData(PartitionDataManager& data) { | 1111 | void KeyManager::PopulateFromPartitionData(PartitionDataManager& data) { |
| 1058 | if (!BaseDeriveNecessary()) | 1112 | if (!BaseDeriveNecessary()) { |
| 1059 | return; | 1113 | return; |
| 1114 | } | ||
| 1060 | 1115 | ||
| 1061 | if (!data.HasBoot0()) | 1116 | if (!data.HasBoot0()) { |
| 1062 | return; | 1117 | return; |
| 1118 | } | ||
| 1063 | 1119 | ||
| 1064 | for (size_t i = 0; i < encrypted_keyblobs.size(); ++i) { | 1120 | for (size_t i = 0; i < encrypted_keyblobs.size(); ++i) { |
| 1065 | if (encrypted_keyblobs[i] != std::array<u8, 0xB0>{}) | 1121 | if (encrypted_keyblobs[i] != std::array<u8, 0xB0>{}) { |
| 1066 | continue; | 1122 | continue; |
| 1123 | } | ||
| 1067 | encrypted_keyblobs[i] = data.GetEncryptedKeyblob(i); | 1124 | encrypted_keyblobs[i] = data.GetEncryptedKeyblob(i); |
| 1068 | WriteKeyToFile<0xB0>(KeyCategory::Console, fmt::format("encrypted_keyblob_{:02X}", i), | 1125 | WriteKeyToFile<0xB0>(KeyCategory::Console, fmt::format("encrypted_keyblob_{:02X}", i), |
| 1069 | encrypted_keyblobs[i]); | 1126 | encrypted_keyblobs[i]); |
| @@ -1085,8 +1142,9 @@ void KeyManager::PopulateFromPartitionData(PartitionDataManager& data) { | |||
| 1085 | static_cast<u64>(SourceKeyType::Keyblob), i); | 1142 | static_cast<u64>(SourceKeyType::Keyblob), i); |
| 1086 | } | 1143 | } |
| 1087 | 1144 | ||
| 1088 | if (data.HasFuses()) | 1145 | if (data.HasFuses()) { |
| 1089 | SetKeyWrapped(S128KeyType::SecureBoot, data.GetSecureBootKey()); | 1146 | SetKeyWrapped(S128KeyType::SecureBoot, data.GetSecureBootKey()); |
| 1147 | } | ||
| 1090 | 1148 | ||
| 1091 | DeriveBase(); | 1149 | DeriveBase(); |
| 1092 | 1150 | ||
| @@ -1100,8 +1158,9 @@ void KeyManager::PopulateFromPartitionData(PartitionDataManager& data) { | |||
| 1100 | 1158 | ||
| 1101 | const auto masters = data.GetTZMasterKeys(latest_master); | 1159 | const auto masters = data.GetTZMasterKeys(latest_master); |
| 1102 | for (size_t i = 0; i < masters.size(); ++i) { | 1160 | for (size_t i = 0; i < masters.size(); ++i) { |
| 1103 | if (masters[i] != Key128{} && !HasKey(S128KeyType::Master, i)) | 1161 | if (masters[i] != Key128{} && !HasKey(S128KeyType::Master, i)) { |
| 1104 | SetKey(S128KeyType::Master, masters[i], i); | 1162 | SetKey(S128KeyType::Master, masters[i], i); |
| 1163 | } | ||
| 1105 | } | 1164 | } |
| 1106 | 1165 | ||
| 1107 | DeriveBase(); | 1166 | DeriveBase(); |
| @@ -1111,8 +1170,9 @@ void KeyManager::PopulateFromPartitionData(PartitionDataManager& data) { | |||
| 1111 | 1170 | ||
| 1112 | std::array<Key128, 0x20> package2_keys{}; | 1171 | std::array<Key128, 0x20> package2_keys{}; |
| 1113 | for (size_t i = 0; i < package2_keys.size(); ++i) { | 1172 | for (size_t i = 0; i < package2_keys.size(); ++i) { |
| 1114 | if (HasKey(S128KeyType::Package2, i)) | 1173 | if (HasKey(S128KeyType::Package2, i)) { |
| 1115 | package2_keys[i] = GetKey(S128KeyType::Package2, i); | 1174 | package2_keys[i] = GetKey(S128KeyType::Package2, i); |
| 1175 | } | ||
| 1116 | } | 1176 | } |
| 1117 | data.DecryptPackage2(package2_keys, Package2Type::NormalMain); | 1177 | data.DecryptPackage2(package2_keys, Package2Type::NormalMain); |
| 1118 | 1178 | ||
| @@ -1150,12 +1210,15 @@ const std::map<u128, Ticket>& KeyManager::GetPersonalizedTickets() const { | |||
| 1150 | 1210 | ||
| 1151 | bool KeyManager::AddTicketCommon(Ticket raw) { | 1211 | bool KeyManager::AddTicketCommon(Ticket raw) { |
| 1152 | const auto rsa_key = GetETicketRSAKey(); | 1212 | const auto rsa_key = GetETicketRSAKey(); |
| 1153 | if (rsa_key == RSAKeyPair<2048>{}) | 1213 | if (rsa_key == RSAKeyPair<2048>{}) { |
| 1154 | return false; | 1214 | return false; |
| 1215 | } | ||
| 1155 | 1216 | ||
| 1156 | const auto pair = ParseTicket(raw, rsa_key); | 1217 | const auto pair = ParseTicket(raw, rsa_key); |
| 1157 | if (!pair) | 1218 | if (!pair) { |
| 1158 | return false; | 1219 | return false; |
| 1220 | } | ||
| 1221 | |||
| 1159 | const auto& [rid, key] = *pair; | 1222 | const auto& [rid, key] = *pair; |
| 1160 | u128 rights_id; | 1223 | u128 rights_id; |
| 1161 | std::memcpy(rights_id.data(), rid.data(), rid.size()); | 1224 | std::memcpy(rights_id.data(), rid.data(), rid.size()); |
| @@ -1166,12 +1229,15 @@ bool KeyManager::AddTicketCommon(Ticket raw) { | |||
| 1166 | 1229 | ||
| 1167 | bool KeyManager::AddTicketPersonalized(Ticket raw) { | 1230 | bool KeyManager::AddTicketPersonalized(Ticket raw) { |
| 1168 | const auto rsa_key = GetETicketRSAKey(); | 1231 | const auto rsa_key = GetETicketRSAKey(); |
| 1169 | if (rsa_key == RSAKeyPair<2048>{}) | 1232 | if (rsa_key == RSAKeyPair<2048>{}) { |
| 1170 | return false; | 1233 | return false; |
| 1234 | } | ||
| 1171 | 1235 | ||
| 1172 | const auto pair = ParseTicket(raw, rsa_key); | 1236 | const auto pair = ParseTicket(raw, rsa_key); |
| 1173 | if (!pair) | 1237 | if (!pair) { |
| 1174 | return false; | 1238 | return false; |
| 1239 | } | ||
| 1240 | |||
| 1175 | const auto& [rid, key] = *pair; | 1241 | const auto& [rid, key] = *pair; |
| 1176 | u128 rights_id; | 1242 | u128 rights_id; |
| 1177 | std::memcpy(rights_id.data(), rid.data(), rid.size()); | 1243 | std::memcpy(rights_id.data(), rid.data(), rid.size()); |