1 files changed, 95 insertions, 0 deletions
diff --git a/src/core/hw/aes/ccm.cpp b/src/core/hw/aes/ccm.cpp
new file mode 100644
index 000000000..dc7035ab6
--- /dev/null
+++ b/src/core/hw/aes/ccm.cpp
@@ -0,0 +1,95 @@
+// Copyright 2017 Citra Emulator Project
+// Licensed under GPLv2 or any later version
+// Refer to the license.txt file included.
+#include <algorithm>
+#include <cryptopp/aes.h>
+#include <cryptopp/ccm.h>
+#include <cryptopp/cryptlib.h>
+#include <cryptopp/filters.h>
+#include "common/alignment.h"
+#include "common/logging/log.h"
+#include "core/hw/aes/ccm.h"
+#include "core/hw/aes/key.h"
+namespace HW {
+namespace AES {
+namespace {
+// 3DS uses a non-standard AES-CCM algorithm, so we need to derive a sub class from the standard one
+// and override with the non-standard part.
+using CryptoPP::lword;
+using CryptoPP::AES;
+using CryptoPP::CCM_Final;
+using CryptoPP::CCM_Base;
+template <bool T_IsEncryption>
+class CCM_3DSVariant_Final : public CCM_Final<AES, CCM_MAC_SIZE, T_IsEncryption> {
+public:
+    void UncheckedSpecifyDataLengths(lword header_length, lword message_length,
+                                     lword footer_length) override {
+        // 3DS uses the aligned size to generate B0 for authentication, instead of the original size
+        lword aligned_message_length = Common::AlignUp(message_length, AES_BLOCK_SIZE);
+        CCM_Base::UncheckedSpecifyDataLengths(header_length, aligned_message_length, footer_length);
+        CCM_Base::m_messageLength = message_length; // restore the actual message size
+    }
+};
+class CCM_3DSVariant {
+public:
+    using Encryption = CCM_3DSVariant_Final<true>;
+    using Decryption = CCM_3DSVariant_Final<false>;
+};
+} // namespace
+std::vector<u8> EncryptSignCCM(const std::vector<u8>& pdata, const CCMNonce& nonce,
+                               size_t slot_id) {
+    if (!IsNormalKeyAvailable(slot_id)) {
+        LOG_ERROR(HW_AES, "Key slot %d not available. Will use zero key.", slot_id);
+    }
+    const AESKey normal = GetNormalKey(slot_id);
+    std::vector<u8> cipher(pdata.size() + CCM_MAC_SIZE);
+    try {
+        CCM_3DSVariant::Encryption e;
+        e.SetKeyWithIV(normal.data(), AES_BLOCK_SIZE, nonce.data(), CCM_NONCE_SIZE);
+        e.SpecifyDataLengths(0, pdata.size(), 0);
+        CryptoPP::ArraySource as(pdata.data(), pdata.size(), true,
+                                 new CryptoPP::AuthenticatedEncryptionFilter(
+                                     e, new CryptoPP::ArraySink(cipher.data(), cipher.size())));
+    } catch (const CryptoPP::Exception& e) {
+        LOG_ERROR(HW_AES, "FAILED with: %s", e.what());
+    }
+    return cipher;
+}
+std::vector<u8> DecryptVerifyCCM(const std::vector<u8>& cipher, const CCMNonce& nonce,
+                                 size_t slot_id) {
+    if (!IsNormalKeyAvailable(slot_id)) {
+        LOG_ERROR(HW_AES, "Key slot %d not available. Will use zero key.", slot_id);
+    }
+    const AESKey normal = GetNormalKey(slot_id);
+    const std::size_t pdata_size = cipher.size() - CCM_MAC_SIZE;
+    std::vector<u8> pdata(pdata_size);
+    try {
+        CCM_3DSVariant::Decryption d;
+        d.SetKeyWithIV(normal.data(), AES_BLOCK_SIZE, nonce.data(), CCM_NONCE_SIZE);
+        d.SpecifyDataLengths(0, pdata_size, 0);
+        CryptoPP::AuthenticatedDecryptionFilter df(
+            d, new CryptoPP::ArraySink(pdata.data(), pdata_size));
+        CryptoPP::ArraySource as(cipher.data(), cipher.size(), true, new CryptoPP::Redirector(df));
+        if (!df.GetLastResult()) {
+            LOG_ERROR(HW_AES, "FAILED");
+            return {};
+        }
+    } catch (const CryptoPP::Exception& e) {
+        LOG_ERROR(HW_AES, "FAILED with: %s", e.what());
+        return {};
+    }
+    return pdata;
+}
+} // namespace AES
+} // namespace HW

diff --git a/src/core/hw/aes/ccm.cpp b/src/core/hw/aes/ccm.cpp new file mode 100644 index 000000000..dc7035ab6 --- /dev/null +++ b/src/core/hw/aes/ccm.cpp
@@ -0,0 +1,95 @@
	1	// Copyright 2017 Citra Emulator Project
	2	// Licensed under GPLv2 or any later version
	3	// Refer to the license.txt file included.
	4
	5	#include <algorithm>
	6	#include <cryptopp/aes.h>
	7	#include <cryptopp/ccm.h>
	8	#include <cryptopp/cryptlib.h>
	9	#include <cryptopp/filters.h>
	10	#include "common/alignment.h"
	11	#include "common/logging/log.h"
	12	#include "core/hw/aes/ccm.h"
	13	#include "core/hw/aes/key.h"
	14
	15	namespace HW {
	16	namespace AES {
	17
	18	namespace {
	19
	20	// 3DS uses a non-standard AES-CCM algorithm, so we need to derive a sub class from the standard one
	21	// and override with the non-standard part.
	22	using CryptoPP::lword;
	23	using CryptoPP::AES;
	24	using CryptoPP::CCM_Final;
	25	using CryptoPP::CCM_Base;
	26	template <bool T_IsEncryption>
	27	class CCM_3DSVariant_Final : public CCM_Final<AES, CCM_MAC_SIZE, T_IsEncryption> {
	28	public:
	29	void UncheckedSpecifyDataLengths(lword header_length, lword message_length,
	30	lword footer_length) override {
	31	// 3DS uses the aligned size to generate B0 for authentication, instead of the original size
	32	lword aligned_message_length = Common::AlignUp(message_length, AES_BLOCK_SIZE);
	33	CCM_Base::UncheckedSpecifyDataLengths(header_length, aligned_message_length, footer_length);
	34	CCM_Base::m_messageLength = message_length; // restore the actual message size
	35	}
	36	};
	37
	38	class CCM_3DSVariant {
	39	public:
	40	using Encryption = CCM_3DSVariant_Final<true>;
	41	using Decryption = CCM_3DSVariant_Final<false>;
	42	};
	43
	44	} // namespace
	45
	46	std::vector<u8> EncryptSignCCM(const std::vector<u8>& pdata, const CCMNonce& nonce,
	47	size_t slot_id) {
	48	if (!IsNormalKeyAvailable(slot_id)) {
	49	LOG_ERROR(HW_AES, "Key slot %d not available. Will use zero key.", slot_id);
	50	}
	51	const AESKey normal = GetNormalKey(slot_id);
	52	std::vector<u8> cipher(pdata.size() + CCM_MAC_SIZE);
	53
	54	try {
	55	CCM_3DSVariant::Encryption e;
	56	e.SetKeyWithIV(normal.data(), AES_BLOCK_SIZE, nonce.data(), CCM_NONCE_SIZE);
	57	e.SpecifyDataLengths(0, pdata.size(), 0);
	58	CryptoPP::ArraySource as(pdata.data(), pdata.size(), true,
	59	new CryptoPP::AuthenticatedEncryptionFilter(
	60	e, new CryptoPP::ArraySink(cipher.data(), cipher.size())));
	61	} catch (const CryptoPP::Exception& e) {
	62	LOG_ERROR(HW_AES, "FAILED with: %s", e.what());
	63	}
	64	return cipher;
	65	}
	66
	67	std::vector<u8> DecryptVerifyCCM(const std::vector<u8>& cipher, const CCMNonce& nonce,
	68	size_t slot_id) {
	69	if (!IsNormalKeyAvailable(slot_id)) {
	70	LOG_ERROR(HW_AES, "Key slot %d not available. Will use zero key.", slot_id);
	71	}
	72	const AESKey normal = GetNormalKey(slot_id);
	73	const std::size_t pdata_size = cipher.size() - CCM_MAC_SIZE;
	74	std::vector<u8> pdata(pdata_size);
	75
	76	try {
	77	CCM_3DSVariant::Decryption d;
	78	d.SetKeyWithIV(normal.data(), AES_BLOCK_SIZE, nonce.data(), CCM_NONCE_SIZE);
	79	d.SpecifyDataLengths(0, pdata_size, 0);
	80	CryptoPP::AuthenticatedDecryptionFilter df(
	81	d, new CryptoPP::ArraySink(pdata.data(), pdata_size));
	82	CryptoPP::ArraySource as(cipher.data(), cipher.size(), true, new CryptoPP::Redirector(df));
	83	if (!df.GetLastResult()) {
	84	LOG_ERROR(HW_AES, "FAILED");
	85	return {};
	86	}
	87	} catch (const CryptoPP::Exception& e) {
	88	LOG_ERROR(HW_AES, "FAILED with: %s", e.what());
	89	return {};
	90	}
	91	return pdata;
	92	}
	93
	94	} // namespace AES
	95	} // namespace HW