From 721632fe6602c18cc7e143b62020cbf436ced606 Mon Sep 17 00:00:00 2001 From: Zach Hilman Date: Sun, 23 Sep 2018 20:31:00 -0400 Subject: key_manager: Rename KEK to Kek --- src/core/crypto/key_manager.cpp | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'src/core/crypto/key_manager.cpp') diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index bf3a70944..467eb423e 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp @@ -71,23 +71,24 @@ boost::optional DeriveSDSeed() { return seed; } -Loader::ResultStatus DeriveSDKeys(std::array& sd_keys, const KeyManager& keys) { - if (!keys.HasKey(S128KeyType::Source, static_cast(SourceKeyType::SDKEK))) +Loader::ResultStatus DeriveSDKeys(std::array& sd_keys, KeyManager& keys) { + if (!keys.HasKey(S128KeyType::Source, static_cast(SourceKeyType::SDKek))) return Loader::ResultStatus::ErrorMissingSDKEKSource; - if (!keys.HasKey(S128KeyType::Source, static_cast(SourceKeyType::AESKEKGeneration))) + if (!keys.HasKey(S128KeyType::Source, static_cast(SourceKeyType::AESKekGeneration))) return Loader::ResultStatus::ErrorMissingAESKEKGenerationSource; if (!keys.HasKey(S128KeyType::Source, static_cast(SourceKeyType::AESKeyGeneration))) return Loader::ResultStatus::ErrorMissingAESKeyGenerationSource; const auto sd_kek_source = - keys.GetKey(S128KeyType::Source, static_cast(SourceKeyType::SDKEK)); + keys.GetKey(S128KeyType::Source, static_cast(SourceKeyType::SDKek)); const auto aes_kek_gen = - keys.GetKey(S128KeyType::Source, static_cast(SourceKeyType::AESKEKGeneration)); + keys.GetKey(S128KeyType::Source, static_cast(SourceKeyType::AESKekGeneration)); const auto aes_key_gen = keys.GetKey(S128KeyType::Source, static_cast(SourceKeyType::AESKeyGeneration)); const auto master_00 = keys.GetKey(S128KeyType::Master); const auto sd_kek = GenerateKeyEncryptionKey(sd_kek_source, master_00, aes_kek_gen, aes_key_gen); + keys.SetKey(S128KeyType::SDKek, sd_kek); if (!keys.HasKey(S128KeyType::SDSeed)) return Loader::ResultStatus::ErrorMissingSDSeed; -- cgit v1.2.3 From ce05df0a6dea513cf3f32a582535ccff61f6bcee Mon Sep 17 00:00:00 2001 From: Zach Hilman Date: Sun, 23 Sep 2018 20:37:27 -0400 Subject: key_manager: Add support for console-specific keyfile --- src/core/crypto/key_manager.cpp | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'src/core/crypto/key_manager.cpp') diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index 467eb423e..9f47536d1 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp @@ -138,6 +138,8 @@ KeyManager::KeyManager() { AttemptLoadKeyFile(yuzu_keys_dir, hactool_keys_dir, "title.keys", true); AttemptLoadKeyFile(yuzu_keys_dir, yuzu_keys_dir, "title.keys_autogenerated", true); + AttemptLoadKeyFile(yuzu_keys_dir, hactool_keys_dir, "console.keys", false); + AttemptLoadKeyFile(yuzu_keys_dir, yuzu_keys_dir, "console.keys_autogenerated", false); } void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { @@ -213,8 +215,10 @@ void KeyManager::WriteKeyToFile(bool title_key, std::string_view keyname, const std::array& key) { const std::string yuzu_keys_dir = FileUtil::GetUserPath(FileUtil::UserPath::KeysDir); std::string filename = "title.keys_autogenerated"; - if (!title_key) + if (category == KeyCategory::Standard) filename = dev_mode ? "dev.keys_autogenerated" : "prod.keys_autogenerated"; + else if (category == KeyCategory::Console) + filename = "console.keys_autogenerated"; const auto add_info_text = !FileUtil::Exists(yuzu_keys_dir + DIR_SEP + filename); FileUtil::CreateFullPath(yuzu_keys_dir + DIR_SEP + filename); std::ofstream file(yuzu_keys_dir + DIR_SEP + filename, std::ios::app); @@ -228,7 +232,7 @@ void KeyManager::WriteKeyToFile(bool title_key, std::string_view keyname, } file << fmt::format("\n{} = {}", keyname, Common::HexArrayToString(key)); - AttemptLoadKeyFile(yuzu_keys_dir, yuzu_keys_dir, filename, title_key); + AttemptLoadKeyFile(yuzu_keys_dir, yuzu_keys_dir, filename, category == KeyCategory::Title); } void KeyManager::SetKey(S128KeyType id, Key128 key, u64 field1, u64 field2) { @@ -261,7 +265,7 @@ void KeyManager::SetKey(S256KeyType id, Key256 key, u64 field1, u64 field2) { std::tie(id, field1, field2); }); if (iter != s256_file_id.end()) - WriteKeyToFile(false, iter->first, key); + WriteKeyToFile(KeyCategory::Standard, iter->first, key); s256_keys[{id, field1, field2}] = key; } -- cgit v1.2.3 From 9e34303fb98e2e11d164bf92064f17f349097134 Mon Sep 17 00:00:00 2001 From: Zach Hilman Date: Sun, 23 Sep 2018 20:42:37 -0400 Subject: key_manager: Add support for comments in keyfiles --- src/core/crypto/key_manager.cpp | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/core/crypto/key_manager.cpp') diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index 9f47536d1..6b93aee04 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp @@ -161,6 +161,9 @@ void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { out[0].erase(std::remove(out[0].begin(), out[0].end(), ' '), out[0].end()); out[1].erase(std::remove(out[1].begin(), out[1].end(), ' '), out[1].end()); + if (out[0].compare(0, 1, "#") == 0) + continue; + if (is_title_keys) { auto rights_id_raw = Common::HexStringToArray<16>(out[0]); u128 rights_id{}; -- cgit v1.2.3 From e4602748d6a7ba1a9bed95205e4f806cb2653af1 Mon Sep 17 00:00:00 2001 From: Zach Hilman Date: Sun, 23 Sep 2018 20:44:39 -0400 Subject: key_manager: Add support for crypto revisions past 04 --- src/core/crypto/key_manager.cpp | 106 ++++++++++++++++++++++++---------------- 1 file changed, 63 insertions(+), 43 deletions(-) (limited to 'src/core/crypto/key_manager.cpp') diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index 6b93aee04..85776cdcb 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp @@ -254,7 +254,30 @@ void KeyManager::SetKey(S128KeyType id, Key128 key, u64 field1, u64 field2) { std::tie(id, field1, field2); }); if (iter2 != s128_file_id.end()) - WriteKeyToFile(false, iter2->first, key); + WriteKeyToFile(category, iter2->first, key); + + // Variable cases + if (id == S128KeyType::KeyArea) { + const static std::array kak_names = {"key_area_key_application_{:02X}", + "key_area_key_ocean_{:02X}", + "key_area_key_system_{:02X}"}; + WriteKeyToFile(category, fmt::format(kak_names.at(field2), field1), key); + } else if (id == S128KeyType::Master) { + WriteKeyToFile(category, fmt::format("master_key_{:02X}", field1), key); + } else if (id == S128KeyType::Package1) { + WriteKeyToFile(category, fmt::format("package1_key_{:02X}", field1), key); + } else if (id == S128KeyType::Package2) { + WriteKeyToFile(category, fmt::format("package2_key_{:02X}", field1), key); + } else if (id == S128KeyType::Titlekek) { + WriteKeyToFile(category, fmt::format("titlekek_{:02X}", field1), key); + } else if (id == S128KeyType::Keyblob) { + WriteKeyToFile(category, fmt::format("keyblob_key_{:02X}", field1), key); + } else if (id == S128KeyType::KeyblobMAC) { + WriteKeyToFile(category, fmt::format("keyblob_mac_key_{:02X}", field1), key); + } else if (id == S128KeyType::Source && field1 == static_cast(SourceKeyType::Keyblob)) { + WriteKeyToFile(category, fmt::format("keyblob_key_source_{:02X}", field2), key); + } + s128_keys[{id, field1, field2}] = key; } @@ -299,58 +322,55 @@ void KeyManager::DeriveSDSeedLazy() { } const boost::container::flat_map> KeyManager::s128_file_id = { - {"master_key_00", {S128KeyType::Master, 0, 0}}, - {"master_key_01", {S128KeyType::Master, 1, 0}}, - {"master_key_02", {S128KeyType::Master, 2, 0}}, - {"master_key_03", {S128KeyType::Master, 3, 0}}, - {"master_key_04", {S128KeyType::Master, 4, 0}}, - {"package1_key_00", {S128KeyType::Package1, 0, 0}}, - {"package1_key_01", {S128KeyType::Package1, 1, 0}}, - {"package1_key_02", {S128KeyType::Package1, 2, 0}}, - {"package1_key_03", {S128KeyType::Package1, 3, 0}}, - {"package1_key_04", {S128KeyType::Package1, 4, 0}}, - {"package2_key_00", {S128KeyType::Package2, 0, 0}}, - {"package2_key_01", {S128KeyType::Package2, 1, 0}}, - {"package2_key_02", {S128KeyType::Package2, 2, 0}}, - {"package2_key_03", {S128KeyType::Package2, 3, 0}}, - {"package2_key_04", {S128KeyType::Package2, 4, 0}}, - {"titlekek_00", {S128KeyType::Titlekek, 0, 0}}, - {"titlekek_01", {S128KeyType::Titlekek, 1, 0}}, - {"titlekek_02", {S128KeyType::Titlekek, 2, 0}}, - {"titlekek_03", {S128KeyType::Titlekek, 3, 0}}, - {"titlekek_04", {S128KeyType::Titlekek, 4, 0}}, {"eticket_rsa_kek", {S128KeyType::ETicketRSAKek, 0, 0}}, - {"key_area_key_application_00", - {S128KeyType::KeyArea, 0, static_cast(KeyAreaKeyType::Application)}}, - {"key_area_key_application_01", - {S128KeyType::KeyArea, 1, static_cast(KeyAreaKeyType::Application)}}, - {"key_area_key_application_02", - {S128KeyType::KeyArea, 2, static_cast(KeyAreaKeyType::Application)}}, - {"key_area_key_application_03", - {S128KeyType::KeyArea, 3, static_cast(KeyAreaKeyType::Application)}}, - {"key_area_key_application_04", - {S128KeyType::KeyArea, 4, static_cast(KeyAreaKeyType::Application)}}, - {"key_area_key_ocean_00", {S128KeyType::KeyArea, 0, static_cast(KeyAreaKeyType::Ocean)}}, - {"key_area_key_ocean_01", {S128KeyType::KeyArea, 1, static_cast(KeyAreaKeyType::Ocean)}}, - {"key_area_key_ocean_02", {S128KeyType::KeyArea, 2, static_cast(KeyAreaKeyType::Ocean)}}, - {"key_area_key_ocean_03", {S128KeyType::KeyArea, 3, static_cast(KeyAreaKeyType::Ocean)}}, - {"key_area_key_ocean_04", {S128KeyType::KeyArea, 4, static_cast(KeyAreaKeyType::Ocean)}}, - {"key_area_key_system_00", {S128KeyType::KeyArea, 0, static_cast(KeyAreaKeyType::System)}}, - {"key_area_key_system_01", {S128KeyType::KeyArea, 1, static_cast(KeyAreaKeyType::System)}}, - {"key_area_key_system_02", {S128KeyType::KeyArea, 2, static_cast(KeyAreaKeyType::System)}}, - {"key_area_key_system_03", {S128KeyType::KeyArea, 3, static_cast(KeyAreaKeyType::System)}}, - {"key_area_key_system_04", {S128KeyType::KeyArea, 4, static_cast(KeyAreaKeyType::System)}}, - {"sd_card_kek_source", {S128KeyType::Source, static_cast(SourceKeyType::SDKEK), 0}}, + {"eticket_rsa_kek_source", + {S128KeyType::Source, static_cast(SourceKeyType::ETicketKek), 0}}, + {"eticket_rsa_kekek_source", + {S128KeyType::Source, static_cast(SourceKeyType::ETicketKekek), 0}}, + {"rsa_kek_mask_0", {S128KeyType::RSAKek, static_cast(RSAKekType::Mask0), 0}}, + {"rsa_kek_seed_3", {S128KeyType::RSAKek, static_cast(RSAKekType::Seed3), 0}}, + {"rsa_oaep_kek_generation_source", + {S128KeyType::Source, static_cast(SourceKeyType::RSAOaepKekGeneration), 0}}, + {"sd_card_kek_source", {S128KeyType::Source, static_cast(SourceKeyType::SDKek), 0}}, {"aes_kek_generation_source", - {S128KeyType::Source, static_cast(SourceKeyType::AESKEKGeneration), 0}}, + {S128KeyType::Source, static_cast(SourceKeyType::AESKekGeneration), 0}}, {"aes_key_generation_source", {S128KeyType::Source, static_cast(SourceKeyType::AESKeyGeneration), 0}}, + {"package2_key_source", {S128KeyType::Source, static_cast(SourceKeyType::Package2), 0}}, + {"master_key_source", {S128KeyType::Source, static_cast(SourceKeyType::Master), 0}}, + {"header_kek_source", {S128KeyType::Source, static_cast(SourceKeyType::HeaderKek), 0}}, + {"key_area_key_application_source", + {S128KeyType::Source, static_cast(SourceKeyType::KeyAreaKey), + static_cast(KeyAreaKeyType::Application)}}, + {"key_area_key_ocean_source", + {S128KeyType::Source, static_cast(SourceKeyType::KeyAreaKey), + static_cast(KeyAreaKeyType::Ocean)}}, + {"key_area_key_system_source", + {S128KeyType::Source, static_cast(SourceKeyType::KeyAreaKey), + static_cast(KeyAreaKeyType::System)}}, + {"titlekek_source", {S128KeyType::Source, static_cast(SourceKeyType::Titlekek), 0}}, + {"keyblob_mac_key_source", {S128KeyType::Source, static_cast(SourceKeyType::KeyblobMAC)}}, + {"tsec_key", {S128KeyType::TSEC, 0, 0}}, + {"secure_boot_key", {S128KeyType::SecureBoot, 0, 0}}, {"sd_seed", {S128KeyType::SDSeed, 0, 0}}, + {"bis_key_0_crypt", {S128KeyType::BIS, 0, static_cast(BISKeyType::Crypto)}}, + {"bis_key_0_tweak", {S128KeyType::BIS, 0, static_cast(BISKeyType::Tweak)}}, + {"bis_key_1_crypt", {S128KeyType::BIS, 1, static_cast(BISKeyType::Crypto)}}, + {"bis_key_1_tweak", {S128KeyType::BIS, 1, static_cast(BISKeyType::Tweak)}}, + {"bis_key_2_crypt", {S128KeyType::BIS, 2, static_cast(BISKeyType::Crypto)}}, + {"bis_key_2_tweak", {S128KeyType::BIS, 2, static_cast(BISKeyType::Tweak)}}, + {"bis_key_3_crypt", {S128KeyType::BIS, 3, static_cast(BISKeyType::Crypto)}}, + {"bis_key_3_tweak", {S128KeyType::BIS, 3, static_cast(BISKeyType::Tweak)}}, + {"header_kek", {S128KeyType::HeaderKek, 0, 0}}, + {"sd_card_kek", {S128KeyType::SDKek, 0, 0}}, }; const boost::container::flat_map> KeyManager::s256_file_id = { {"header_key", {S256KeyType::Header, 0, 0}}, {"sd_card_save_key_source", {S256KeyType::SDKeySource, static_cast(SDKeyType::Save), 0}}, {"sd_card_nca_key_source", {S256KeyType::SDKeySource, static_cast(SDKeyType::NCA), 0}}, + {"header_key_source", {S256KeyType::HeaderSource, 0, 0}}, + {"sd_card_save_key", {S256KeyType::SDKey, static_cast(SDKeyType::Save), 0}}, + {"sd_card_nca_key", {S256KeyType::SDKey, static_cast(SDKeyType::NCA), 0}}, }; } // namespace Core::Crypto -- cgit v1.2.3 From c79d2ca6cf076bb5704ad221ff2a500cb8a94b84 Mon Sep 17 00:00:00 2001 From: Zach Hilman Date: Sun, 23 Sep 2018 20:51:44 -0400 Subject: key_manager: Add keyblob support --- src/core/crypto/key_manager.cpp | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'src/core/crypto/key_manager.cpp') diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index 85776cdcb..0f1a86d1e 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp @@ -21,6 +21,8 @@ namespace Core::Crypto { +constexpr u64 CURRENT_CRYPTO_REVISION = 0x5; + Key128 GenerateKeyEncryptionKey(Key128 source, Key128 master, Key128 kek_seed, Key128 key_seed) { Key128 out{}; @@ -37,6 +39,14 @@ Key128 GenerateKeyEncryptionKey(Key128 source, Key128 master, Key128 kek_seed, K return out; } +Key128 DeriveKeyblobKey(Key128 sbk, Key128 tsec, Key128 source) { + AESCipher sbk_cipher(sbk, Mode::ECB); + AESCipher tsec_cipher(tsec, Mode::ECB); + tsec_cipher.Transcode(source.data(), source.size(), source.data(), Op::Decrypt); + sbk_cipher.Transcode(source.data(), source.size(), source.data(), Op::Decrypt); + return source; +} + boost::optional DeriveSDSeed() { const FileUtil::IOFile save_43(FileUtil::GetUserPath(FileUtil::UserPath::NANDDir) + "/system/save/8000000000000043", -- cgit v1.2.3 From d6a0d5d43263be84959ab74e8e6570c1b9a28693 Mon Sep 17 00:00:00 2001 From: Zach Hilman Date: Sun, 23 Sep 2018 20:56:02 -0400 Subject: key_manager: Add support for more keys TSEC, SBK, BIS, and other Sources for proper derivation --- src/core/crypto/key_manager.cpp | 68 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 67 insertions(+), 1 deletion(-) (limited to 'src/core/crypto/key_manager.cpp') diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index 0f1a86d1e..2a0b0b574 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp @@ -152,6 +152,12 @@ KeyManager::KeyManager() { AttemptLoadKeyFile(yuzu_keys_dir, yuzu_keys_dir, "console.keys_autogenerated", false); } +static bool ValidCryptoRevisionString(const std::string& base, size_t begin, size_t length) { + if (base.size() < begin + length) + return false; + return std::all_of(base.begin() + begin, base.begin() + begin + length, ::isdigit); +} + void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { std::ifstream file(filename); if (!file.is_open()) @@ -190,6 +196,59 @@ void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { const auto index = s256_file_id.at(out[0]); Key256 key = Common::HexStringToArray<32>(out[1]); s256_keys[{index.type, index.field1, index.field2}] = key; + } else if (out[0].compare(0, 8, "keyblob_") == 0 && + out[0].compare(0, 9, "keyblob_k") != 0) { + if (!ValidCryptoRevisionString(out[0], 8, 2)) + continue; + + const auto index = std::stoul(out[0].substr(8, 2), nullptr, 16); + keyblobs[index] = Common::HexStringToArray<0x90>(out[1]); + } else if (out[0].compare(0, 18, "encrypted_keyblob_") == 0) { + if (!ValidCryptoRevisionString(out[0], 18, 2)) + continue; + + const auto index = std::stoul(out[0].substr(18, 2), nullptr, 16); + encrypted_keyblobs[index] = Common::HexStringToArray<0xB0>(out[1]); + } else { + for (const auto& kv : std::map, std::string>{ + {{S128KeyType::Master, 0}, "master_key_"}, + {{S128KeyType::Package1, 0}, "package1_key_"}, + {{S128KeyType::Package2, 0}, "package2_key_"}, + {{S128KeyType::Titlekek, 0}, "titlekek_"}, + {{S128KeyType::Source, static_cast(SourceKeyType::Keyblob)}, + "keyblob_key_source_"}, + {{S128KeyType::Keyblob, 0}, "keyblob_key_"}, + {{S128KeyType::KeyblobMAC, 0}, "keyblob_mac_key_"}, + }) { + if (!ValidCryptoRevisionString(out[0], kv.second.size(), 2)) + continue; + if (out[0].compare(0, kv.second.size(), kv.second) == 0) { + const auto index = + std::stoul(out[0].substr(kv.second.size(), 2), nullptr, 16); + const auto sub = kv.first.second; + if (sub == 0) { + s128_keys[{kv.first.first, index, 0}] = + Common::HexStringToArray<16>(out[1]); + } else { + s128_keys[{kv.first.first, kv.first.second, index}] = + Common::HexStringToArray<16>(out[1]); + } + + break; + } + } + + const static std::array kak_names = { + "key_area_key_application_", "key_area_key_ocean_", "key_area_key_system_"}; + for (size_t j = 0; j < 3; ++j) { + const auto& match = kak_names[j]; + if (out[0].compare(0, std::strlen(match), match) == 0) { + const auto index = + std::stoul(out[0].substr(std::strlen(match), 2), nullptr, 16); + s128_keys[{S128KeyType::KeyArea, index, j}] = + Common::HexStringToArray<16>(out[1]); + } + } } } } @@ -255,8 +314,15 @@ void KeyManager::SetKey(S128KeyType id, Key128 key, u64 field1, u64 field2) { Key128 rights_id; std::memcpy(rights_id.data(), &field2, sizeof(u64)); std::memcpy(rights_id.data() + sizeof(u64), &field1, sizeof(u64)); - WriteKeyToFile(true, Common::HexArrayToString(rights_id), key); + WriteKeyToFile(KeyCategory::Title, Common::HexArrayToString(rights_id), key); } + + auto category = KeyCategory::Standard; + if (id == S128KeyType::Keyblob || id == S128KeyType::KeyblobMAC || id == S128KeyType::TSEC || + id == S128KeyType::SecureBoot || id == S128KeyType::SDSeed || id == S128KeyType::BIS) { + category = KeyCategory::Console; + } + const auto iter2 = std::find_if( s128_file_id.begin(), s128_file_id.end(), [&id, &field1, &field2](const std::pair> elem) { -- cgit v1.2.3 From d7398283e3cab47bac3571c0a56903415ffa44e6 Mon Sep 17 00:00:00 2001 From: Zach Hilman Date: Sun, 23 Sep 2018 20:57:20 -0400 Subject: key_manager: Add BIS key getter --- src/core/crypto/key_manager.cpp | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) (limited to 'src/core/crypto/key_manager.cpp') diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index 2a0b0b574..9cb7124d2 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp @@ -282,8 +282,23 @@ Key256 KeyManager::GetKey(S256KeyType id, u64 field1, u64 field2) const { return s256_keys.at({id, field1, field2}); } -template -void KeyManager::WriteKeyToFile(bool title_key, std::string_view keyname, +Key256 KeyManager::GetBISKey(u8 partition_id) const { + Key256 out{}; + + for (const auto& bis_type : {BISKeyType::Crypto, BISKeyType::Tweak}) { + if (HasKey(S128KeyType::BIS, partition_id, static_cast(bis_type))) { + std::memcpy( + out.data() + sizeof(Key128) * static_cast(bis_type), + s128_keys.at({S128KeyType::BIS, partition_id, static_cast(bis_type)}).data(), + sizeof(Key128)); + } + } + + return out; +} + +template +void KeyManager::WriteKeyToFile(KeyCategory category, std::string_view keyname, const std::array& key) { const std::string yuzu_keys_dir = FileUtil::GetUserPath(FileUtil::UserPath::KeysDir); std::string filename = "title.keys_autogenerated"; -- cgit v1.2.3 From a57aac5772bc4cfde06faa68c75e7d8ef546dbee Mon Sep 17 00:00:00 2001 From: Zach Hilman Date: Sun, 23 Sep 2018 21:03:00 -0400 Subject: key_manager: Add base key derivation Derives master keys, game encryption keys, and package1/2 keys --- src/core/crypto/key_manager.cpp | 209 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 209 insertions(+) (limited to 'src/core/crypto/key_manager.cpp') diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index 9cb7124d2..b37b09772 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp @@ -262,6 +262,28 @@ void KeyManager::AttemptLoadKeyFile(const std::string& dir1, const std::string& LoadFromFile(dir2 + DIR_SEP + filename, title); } +bool KeyManager::BaseDeriveNecessary() { + const auto check_key_existence = [this](auto key_type, u64 index1 = 0, u64 index2 = 0) { + return !HasKey(key_type, index1, index2); + }; + + if (check_key_existence(S256KeyType::Header)) + return true; + + for (size_t i = 0; i < CURRENT_CRYPTO_REVISION; ++i) { + if (check_key_existence(S128KeyType::Master, i) || + check_key_existence(S128KeyType::KeyArea, i, + static_cast(KeyAreaKeyType::Application)) || + check_key_existence(S128KeyType::KeyArea, i, static_cast(KeyAreaKeyType::Ocean)) || + check_key_existence(S128KeyType::KeyArea, i, + static_cast(KeyAreaKeyType::System)) || + check_key_existence(S128KeyType::Titlekek, i)) + return true; + } + + return false; +} + bool KeyManager::HasKey(S128KeyType id, u64 field1, u64 field2) const { return s128_keys.find({id, field1, field2}) != s128_keys.end(); } @@ -412,6 +434,193 @@ void KeyManager::DeriveSDSeedLazy() { SetKey(S128KeyType::SDSeed, res.get()); } +static Key128 CalculateCMAC(const u8* source, size_t size, Key128 key) { + Key128 out{}; + + mbedtls_cipher_cmac(mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB), key.data(), 0x80, + source, size, out.data()); + return out; +} + +void KeyManager::DeriveBase() { + if (!BaseDeriveNecessary()) + return; + + if (!HasKey(S128KeyType::SecureBoot) || !HasKey(S128KeyType::TSEC)) + return; + + const auto has_bis = [this](u64 id) { + return HasKey(S128KeyType::BIS, id, static_cast(BISKeyType::Crypto)) && + HasKey(S128KeyType::BIS, id, static_cast(BISKeyType::Tweak)); + }; + + const auto copy_bis = [this](u64 id_from, u64 id_to) { + SetKey(S128KeyType::BIS, + GetKey(S128KeyType::BIS, id_from, static_cast(BISKeyType::Crypto)), id_to, + static_cast(BISKeyType::Crypto)); + + SetKey(S128KeyType::BIS, + GetKey(S128KeyType::BIS, id_from, static_cast(BISKeyType::Tweak)), id_to, + static_cast(BISKeyType::Tweak)); + }; + + if (has_bis(2) && !has_bis(3)) + copy_bis(2, 3); + else if (has_bis(3) && !has_bis(2)) + copy_bis(3, 2); + + std::bitset<32> revisions{}; + revisions.set(); + for (size_t i = 0; i < 32; ++i) { + if (!HasKey(S128KeyType::Source, static_cast(SourceKeyType::Keyblob), i) || + encrypted_keyblobs[i] == std::array{}) + revisions.reset(i); + } + + if (!revisions.any()) + return; + + const auto sbk = GetKey(S128KeyType::SecureBoot); + const auto tsec = GetKey(S128KeyType::TSEC); + const auto master_source = GetKey(S128KeyType::Source, static_cast(SourceKeyType::Master)); + const auto kek_generation_source = + GetKey(S128KeyType::Source, static_cast(SourceKeyType::AESKekGeneration)); + const auto key_generation_source = + GetKey(S128KeyType::Source, static_cast(SourceKeyType::AESKeyGeneration)); + + for (size_t i = 0; i < 32; ++i) { + if (!revisions[i]) + continue; + + // Derive keyblob key + const auto key = DeriveKeyblobKey( + sbk, tsec, GetKey(S128KeyType::Source, static_cast(SourceKeyType::Keyblob), i)); + + SetKey(S128KeyType::Keyblob, key, i); + + // Derive keyblob MAC key + if (!HasKey(S128KeyType::Source, static_cast(SourceKeyType::KeyblobMAC))) + continue; + + const auto mac_source = + GetKey(S128KeyType::Source, static_cast(SourceKeyType::KeyblobMAC)); + + AESCipher mac_cipher(key, Mode::ECB); + Key128 mac_key{}; + mac_cipher.Transcode(mac_source.data(), mac_key.size(), mac_key.data(), Op::Decrypt); + + SetKey(S128KeyType::KeyblobMAC, mac_key, i); + + Key128 cmac = CalculateCMAC(encrypted_keyblobs[i].data() + 0x10, 0xA0, mac_key); + if (std::memcmp(cmac.data(), encrypted_keyblobs[i].data(), cmac.size()) != 0) + continue; + + // Decrypt keyblob + bool has_keyblob = keyblobs[i] != std::array{}; + + AESCipher cipher(key, Mode::CTR); + cipher.SetIV(std::vector(encrypted_keyblobs[i].data() + 0x10, + encrypted_keyblobs[i].data() + 0x20)); + cipher.Transcode(encrypted_keyblobs[i].data() + 0x20, keyblobs[i].size(), + keyblobs[i].data(), Op::Decrypt); + + if (!has_keyblob) { + WriteKeyToFile<0x90>(KeyCategory::Console, fmt::format("keyblob_{:02X}", i), + keyblobs[i]); + } + + Key128 package1{}; + std::memcpy(package1.data(), keyblobs[i].data() + 0x80, sizeof(Key128)); + SetKey(S128KeyType::Package1, package1, i); + + // Derive master key + if (HasKey(S128KeyType::Source, static_cast(SourceKeyType::Master))) { + Key128 master_root{}; + std::memcpy(master_root.data(), keyblobs[i].data(), sizeof(Key128)); + + AESCipher master_cipher(master_root, Mode::ECB); + + Key128 master{}; + master_cipher.Transcode(master_source.data(), master_source.size(), master.data(), + Op::Decrypt); + SetKey(S128KeyType::Master, master, i); + } + } + + revisions.set(); + for (size_t i = 0; i < 32; ++i) { + if (!HasKey(S128KeyType::Master, i)) + revisions.reset(i); + } + + if (!revisions.any()) + return; + + for (size_t i = 0; i < 32; ++i) { + if (!revisions[i]) + continue; + + // Derive general purpose keys + if (HasKey(S128KeyType::Master, i)) { + for (auto kak_type : + {KeyAreaKeyType::Application, KeyAreaKeyType::Ocean, KeyAreaKeyType::System}) { + if (HasKey(S128KeyType::Source, static_cast(SourceKeyType::KeyAreaKey), + static_cast(kak_type))) { + const auto source = + GetKey(S128KeyType::Source, static_cast(SourceKeyType::KeyAreaKey), + static_cast(kak_type)); + const auto kek = + GenerateKeyEncryptionKey(source, GetKey(S128KeyType::Master, i), + kek_generation_source, key_generation_source); + SetKey(S128KeyType::KeyArea, kek, i, static_cast(kak_type)); + } + } + + AESCipher master_cipher(GetKey(S128KeyType::Master, i), Mode::ECB); + for (auto key_type : {SourceKeyType::Titlekek, SourceKeyType::Package2}) { + if (HasKey(S128KeyType::Source, static_cast(key_type))) { + Key128 key{}; + master_cipher.Transcode( + GetKey(S128KeyType::Source, static_cast(key_type)).data(), key.size(), + key.data(), Op::Decrypt); + SetKey(key_type == SourceKeyType::Titlekek ? S128KeyType::Titlekek + : S128KeyType::Package2, + key, i); + } + } + } + } + + if (HasKey(S128KeyType::Master, 0) && + HasKey(S128KeyType::Source, static_cast(SourceKeyType::AESKeyGeneration)) && + HasKey(S128KeyType::Source, static_cast(SourceKeyType::AESKekGeneration)) && + HasKey(S128KeyType::Source, static_cast(SourceKeyType::HeaderKek)) && + HasKey(S256KeyType::HeaderSource)) { + const auto header_kek = GenerateKeyEncryptionKey( + GetKey(S128KeyType::Source, static_cast(SourceKeyType::HeaderKek)), + GetKey(S128KeyType::Master, 0), + GetKey(S128KeyType::Source, static_cast(SourceKeyType::AESKekGeneration)), + GetKey(S128KeyType::Source, static_cast(SourceKeyType::AESKeyGeneration))); + SetKey(S128KeyType::HeaderKek, header_kek); + + AESCipher header_cipher(header_kek, Mode::ECB); + Key256 out = GetKey(S256KeyType::HeaderSource); + header_cipher.Transcode(out.data(), out.size(), out.data(), Op::Decrypt); + SetKey(S256KeyType::Header, out); + } +} +void KeyManager::SetKeyWrapped(S128KeyType id, Key128 key, u64 field1, u64 field2) { + if (key == Key128{}) + return; + SetKey(id, key, field1, field2); +} + +void KeyManager::SetKeyWrapped(S256KeyType id, Key256 key, u64 field1, u64 field2) { + if (key == Key256{}) + return; + SetKey(id, key, field1, field2); +} + const boost::container::flat_map> KeyManager::s128_file_id = { {"eticket_rsa_kek", {S128KeyType::ETicketRSAKek, 0, 0}}, {"eticket_rsa_kek_source", -- cgit v1.2.3 From d041d6231c97ea0c8af788da251ae019ee560e6a Mon Sep 17 00:00:00 2001 From: Zach Hilman Date: Sun, 23 Sep 2018 21:04:13 -0400 Subject: key_manager: Add ETicket key derivation Derives titlekeys --- src/core/crypto/key_manager.cpp | 249 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 249 insertions(+) (limited to 'src/core/crypto/key_manager.cpp') diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index b37b09772..1328cdd47 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp @@ -4,18 +4,30 @@ #include #include +#include #include #include +#include #include #include #include #include +#include +#include +#include +#include +#include "common/common_funcs.h" #include "common/common_paths.h" #include "common/file_util.h" #include "common/hex_util.h" #include "common/logging/log.h" #include "core/crypto/aes_util.h" #include "core/crypto/key_manager.h" +#include "core/file_sys/content_archive.h" +#include "core/file_sys/nca_metadata.h" +#include "core/file_sys/partition_filesystem.h" +#include "core/file_sys/registered_cache.h" +#include "core/hle/service/filesystem/filesystem.h" #include "core/loader/loader.h" #include "core/settings.h" @@ -23,6 +35,13 @@ namespace Core::Crypto { constexpr u64 CURRENT_CRYPTO_REVISION = 0x5; +using namespace Common; + +const static std::array eticket_source_hashes{ + "B71DB271DC338DF380AA2C4335EF8873B1AFD408E80B3582D8719FC81C5E511C"_array32, // eticket_rsa_kek_source + "E8965A187D30E57869F562D04383C996DE487BBA5761363D2D4D32391866A85C"_array32, // eticket_rsa_kekek_source +}; + Key128 GenerateKeyEncryptionKey(Key128 source, Key128 master, Key128 kek_seed, Key128 key_seed) { Key128 out{}; @@ -129,9 +148,131 @@ Loader::ResultStatus DeriveSDKeys(std::array& sd_keys, KeyManager& ke return source; ///< Return unaltered source to satisfy output requirement. }); + keys.SetKey(S256KeyType::SDKey, sd_keys[0], static_cast(SDKeyType::Save)); + keys.SetKey(S256KeyType::SDKey, sd_keys[1], static_cast(SDKeyType::NCA)); + return Loader::ResultStatus::Success; } +std::vector GetTicketblob(const FileUtil::IOFile& ticket_save) { + if (!ticket_save.IsOpen()) + return {}; + + std::vector buffer(ticket_save.GetSize()); + ticket_save.ReadBytes(buffer.data(), buffer.size()); + + std::vector out; + u32 magic{}; + for (std::size_t offset = 0; offset + 0x4 < buffer.size(); ++offset) { + if (buffer[offset] == 0x4 && buffer[offset + 1] == 0x0 && buffer[offset + 2] == 0x1 && + buffer[offset + 3] == 0x0) { + TicketRaw next{}; + std::memcpy(&next, buffer.data() + offset, sizeof(TicketRaw)); + offset += next.size(); + out.push_back(next); + } + } + + return out; +} + +template +static std::array operator^(const std::array& lhs, + const std::array& rhs) { + std::array out{}; + for (size_t i = 0; i < size; ++i) + out[i] = lhs[i] ^ rhs[i]; + return out; +} + +template +static std::array MGF1(const std::array& seed) { + std::array seed_exp{}; + std::memcpy(seed_exp.data(), seed.data(), in_size); + + std::vector out; + size_t i = 0; + while (out.size() < target_size) { + out.resize(out.size() + 0x20, 0); + seed_exp[in_size + 3] = i; + mbedtls_sha256(seed_exp.data(), seed_exp.size(), out.data() + out.size() - 0x20, 0); + ++i; + } + + std::array target{}; + std::memcpy(target.data(), out.data(), target_size); + return target; +} + +boost::optional> ParseTicket(const TicketRaw& ticket, + const RSAKeyPair<2048>& key) { + u32 cert_authority; + std::memcpy(&cert_authority, ticket.data() + 0x140, sizeof(cert_authority)); + if (cert_authority == 0) + return boost::none; + if (cert_authority != Common::MakeMagic('R', 'o', 'o', 't')) + LOG_INFO(Crypto, + "Attempting to parse ticket with non-standard certificate authority {:08X}.", + cert_authority); + + Key128 rights_id{}; + std::memcpy(rights_id.data(), ticket.data() + 0x2A0, sizeof(Key128)); + + Key128 key_temp{}; + + if (!std::any_of(ticket.begin() + 0x190, ticket.begin() + 0x280, [](u8 b) { return b != 0; })) { + std::memcpy(key_temp.data(), ticket.data() + 0x180, key_temp.size()); + return std::pair{rights_id, key_temp}; + } + + mbedtls_mpi D; // RSA Private Exponent + mbedtls_mpi N; // RSA Modulus + mbedtls_mpi S; // Input + mbedtls_mpi M; // Output + + mbedtls_mpi_init(&D); + mbedtls_mpi_init(&N); + mbedtls_mpi_init(&S); + mbedtls_mpi_init(&M); + + mbedtls_mpi_read_binary(&D, key.decryption_key.data(), key.decryption_key.size()); + mbedtls_mpi_read_binary(&N, key.modulus.data(), key.modulus.size()); + mbedtls_mpi_read_binary(&S, ticket.data() + 0x180, 0x100); + + mbedtls_mpi_exp_mod(&M, &S, &D, &N, nullptr); + + std::array rsa_step{}; + mbedtls_mpi_write_binary(&M, rsa_step.data(), rsa_step.size()); + + u8 m_0 = rsa_step[0]; + std::array m_1{}; + std::memcpy(m_1.data(), rsa_step.data() + 0x01, m_1.size()); + std::array m_2{}; + std::memcpy(m_2.data(), rsa_step.data() + 0x21, m_2.size()); + + if (m_0 != 0) + return boost::none; + + m_1 = m_1 ^ MGF1<0x20>(m_2); + m_2 = m_2 ^ MGF1<0xDF>(m_1); + + u64 offset = 0; + for (size_t i = 0x20; i < m_2.size() - 0x10; ++i) { + if (m_2[i] == 0x1) { + offset = i + 1; + break; + } else if (m_2[i] != 0x0) { + return boost::none; + } + } + + ASSERT(offset > 0); + + std::memcpy(key_temp.data(), m_2.data() + offset, key_temp.size()); + + return std::pair{rights_id, key_temp}; +} + KeyManager::KeyManager() { // Initialize keys const std::string hactool_keys_dir = FileUtil::GetHactoolConfigurationPath(); @@ -609,6 +750,114 @@ void KeyManager::DeriveBase() { SetKey(S256KeyType::Header, out); } } + +void KeyManager::DeriveETicket(PartitionDataManager data) { + // ETicket keys + const auto es = Service::FileSystem::GetUnionContents()->GetEntry( + 0x0100000000000033, FileSys::ContentRecordType::Program); + + if (es == nullptr) + return; + + const auto exefs = es->GetExeFS(); + if (exefs == nullptr) + return; + + const auto main = exefs->GetFile("main"); + if (main == nullptr) + return; + + const auto bytes = main->ReadAllBytes(); + + using namespace Common; + const auto eticket_kek = FindKeyFromHex(bytes, eticket_source_hashes[0]); + const auto eticket_kekek = FindKeyFromHex(bytes, eticket_source_hashes[1]); + + const auto seed3 = data.GetRSAKekSeed3(); + const auto mask0 = data.GetRSAKekMask0(); + + if (eticket_kek != Key128{}) + SetKey(S128KeyType::Source, eticket_kek, static_cast(SourceKeyType::ETicketKek)); + if (eticket_kekek != Key128{}) + SetKey(S128KeyType::Source, eticket_kekek, + static_cast(SourceKeyType::ETicketKekek)); + if (seed3 != Key128{}) + SetKey(S128KeyType::RSAKek, seed3, static_cast(RSAKekType::Seed3)); + if (mask0 != Key128{}) + SetKey(S128KeyType::RSAKek, mask0, static_cast(RSAKekType::Mask0)); + + if (eticket_kek == Key128{} || eticket_kekek == Key128{} || seed3 == Key128{} || + mask0 == Key128{}) + return; + + Key128 rsa_oaep_kek{}; + for (size_t i = 0; i < rsa_oaep_kek.size(); ++i) + rsa_oaep_kek[i] = seed3[i] ^ mask0[i]; + + if (rsa_oaep_kek == Key128{}) + return; + + SetKey(S128KeyType::Source, rsa_oaep_kek, + static_cast(SourceKeyType::RSAOaepKekGeneration)); + + Key128 temp_kek{}; + Key128 temp_kekek{}; + Key128 eticket_final{}; + + // Derive ETicket RSA Kek + AESCipher es_master(GetKey(S128KeyType::Master), Mode::ECB); + es_master.Transcode(rsa_oaep_kek.data(), rsa_oaep_kek.size(), temp_kek.data(), Op::Decrypt); + AESCipher es_kekek(temp_kek, Mode::ECB); + es_kekek.Transcode(eticket_kekek.data(), eticket_kekek.size(), temp_kekek.data(), Op::Decrypt); + AESCipher es_kek(temp_kekek, Mode::ECB); + es_kek.Transcode(eticket_kek.data(), eticket_kek.size(), eticket_final.data(), Op::Decrypt); + + if (eticket_final == Key128{}) + return; + + SetKey(S128KeyType::ETicketRSAKek, eticket_final); + + // Titlekeys + data.DecryptProdInfo(GetKey(S128KeyType::BIS), + GetKey(S128KeyType::BIS, 0, static_cast(BISKeyType::Tweak))); + + const auto eticket_extended_kek = data.GetETicketExtendedKek(); + + std::vector extended_iv(0x10); + std::memcpy(extended_iv.data(), eticket_extended_kek.data(), extended_iv.size()); + std::array extended_dec{}; + AESCipher rsa_1(eticket_final, Mode::CTR); + rsa_1.SetIV(extended_iv); + rsa_1.Transcode(eticket_extended_kek.data() + 0x10, eticket_extended_kek.size() - 0x10, + extended_dec.data(), Op::Decrypt); + + RSAKeyPair<2048> rsa_key{}; + std::memcpy(rsa_key.decryption_key.data(), extended_dec.data(), rsa_key.decryption_key.size()); + std::memcpy(rsa_key.modulus.data(), extended_dec.data() + 0x100, rsa_key.modulus.size()); + std::memcpy(rsa_key.exponent.data(), extended_dec.data() + 0x200, rsa_key.exponent.size()); + + const FileUtil::IOFile save1(FileUtil::GetUserPath(FileUtil::UserPath::NANDDir) + + "/system/save/80000000000000e1", + "rb+"); + const FileUtil::IOFile save2(FileUtil::GetUserPath(FileUtil::UserPath::NANDDir) + + "/system/save/80000000000000e2", + "rb+"); + + auto res = GetTicketblob(save1); + const auto res2 = GetTicketblob(save2); + std::copy(res2.begin(), res2.end(), std::back_inserter(res)); + + for (const auto& raw : res) { + const auto pair = ParseTicket(raw, rsa_key); + if (pair == boost::none) + continue; + auto [rid, key] = pair.value(); + u128 rights_id{}; + std::memcpy(rights_id.data(), rid.data(), rid.size()); + SetKey(S128KeyType::Titlekey, key, rights_id[1], rights_id[0]); + } +} + void KeyManager::SetKeyWrapped(S128KeyType id, Key128 key, u64 field1, u64 field2) { if (key == Key128{}) return; -- cgit v1.2.3 From 4aad010f7adbcf7d524b245139cd35869c7799f2 Mon Sep 17 00:00:00 2001 From: Zach Hilman Date: Sun, 23 Sep 2018 21:05:01 -0400 Subject: key_manager: Add support for loading keys from partition data --- src/core/crypto/key_manager.cpp | 86 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 86 insertions(+) (limited to 'src/core/crypto/key_manager.cpp') diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index 1328cdd47..027643654 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp @@ -870,6 +870,92 @@ void KeyManager::SetKeyWrapped(S256KeyType id, Key256 key, u64 field1, u64 field SetKey(id, key, field1, field2); } +void KeyManager::PopulateFromPartitionData(PartitionDataManager data) { + if (!BaseDeriveNecessary()) + return; + + if (!data.HasBoot0()) + return; + + for (size_t i = 0; i < 0x20; ++i) { + if (encrypted_keyblobs[i] != std::array{}) + continue; + encrypted_keyblobs[i] = data.GetEncryptedKeyblob(i); + WriteKeyToFile<0xB0>(KeyCategory::Console, fmt::format("encrypted_keyblob_{:02X}", i), + encrypted_keyblobs[i]); + } + + SetKeyWrapped(S128KeyType::Source, data.GetPackage2KeySource(), + static_cast(SourceKeyType::Package2)); + SetKeyWrapped(S128KeyType::Source, data.GetAESKekGenerationSource(), + static_cast(SourceKeyType::AESKekGeneration)); + SetKeyWrapped(S128KeyType::Source, data.GetTitlekekSource(), + static_cast(SourceKeyType::Titlekek)); + SetKeyWrapped(S128KeyType::Source, data.GetMasterKeySource(), + static_cast(SourceKeyType::Master)); + SetKeyWrapped(S128KeyType::Source, data.GetKeyblobMACKeySource(), + static_cast(SourceKeyType::KeyblobMAC)); + + for (size_t i = 0; i < PartitionDataManager::MAX_KEYBLOB_SOURCE_HASH; ++i) { + SetKeyWrapped(S128KeyType::Source, data.GetKeyblobKeySource(i), + static_cast(SourceKeyType::Keyblob), i); + } + + if (data.HasFuses()) + SetKeyWrapped(S128KeyType::SecureBoot, data.GetSecureBootKey()); + + DeriveBase(); + + Key128 latest_master{}; + for (s8 i = 0x1F; i > 0; --i) { + if (GetKey(S128KeyType::Master, i) != Key128{}) { + latest_master = GetKey(S128KeyType::Master, i); + break; + } + } + + const auto masters = data.GetTZMasterKeys(latest_master); + for (size_t i = 0; i < 0x20; ++i) { + if (masters[i] != Key128{} && !HasKey(S128KeyType::Master, i)) + SetKey(S128KeyType::Master, masters[i], i); + } + + DeriveBase(); + + if (!data.HasPackage2()) + return; + + std::array package2_keys{}; + for (size_t i = 0; i < 0x20; ++i) { + if (HasKey(S128KeyType::Package2, i)) + package2_keys[i] = GetKey(S128KeyType::Package2, i); + } + data.DecryptPackage2(package2_keys, Package2Type::NormalMain); + + SetKeyWrapped(S128KeyType::Source, data.GetKeyAreaKeyApplicationSource(), + static_cast(SourceKeyType::KeyAreaKey), + static_cast(KeyAreaKeyType::Application)); + SetKeyWrapped(S128KeyType::Source, data.GetKeyAreaKeyOceanSource(), + static_cast(SourceKeyType::KeyAreaKey), + static_cast(KeyAreaKeyType::Ocean)); + SetKeyWrapped(S128KeyType::Source, data.GetKeyAreaKeySystemSource(), + static_cast(SourceKeyType::KeyAreaKey), + static_cast(KeyAreaKeyType::System)); + SetKeyWrapped(S128KeyType::Source, data.GetSDKekSource(), + static_cast(SourceKeyType::SDKek)); + SetKeyWrapped(S256KeyType::SDKeySource, data.GetSDSaveKeySource(), + static_cast(SDKeyType::Save)); + SetKeyWrapped(S256KeyType::SDKeySource, data.GetSDNCAKeySource(), + static_cast(SDKeyType::NCA)); + SetKeyWrapped(S128KeyType::Source, data.GetHeaderKekSource(), + static_cast(SourceKeyType::HeaderKek)); + SetKeyWrapped(S256KeyType::HeaderSource, data.GetHeaderKeySource()); + SetKeyWrapped(S128KeyType::Source, data.GetAESKeyGenerationSource(), + static_cast(SourceKeyType::AESKeyGeneration)); + + DeriveBase(); +} + const boost::container::flat_map> KeyManager::s128_file_id = { {"eticket_rsa_kek", {S128KeyType::ETicketRSAKek, 0, 0}}, {"eticket_rsa_kek_source", -- cgit v1.2.3 From 3ec054643e50f2845fb6a1a924b83bd71a0e2234 Mon Sep 17 00:00:00 2001 From: Zach Hilman Date: Sat, 29 Sep 2018 11:48:51 -0400 Subject: partition_data_manager: Rename system files for hekate x --- src/core/crypto/key_manager.cpp | 292 ++++++++++++++++++++++------------------ 1 file changed, 160 insertions(+), 132 deletions(-) (limited to 'src/core/crypto/key_manager.cpp') diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index 027643654..a59a7e1f5 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp @@ -5,6 +5,7 @@ #include #include #include +#include #include #include #include @@ -23,6 +24,7 @@ #include "common/logging/log.h" #include "core/crypto/aes_util.h" #include "core/crypto/key_manager.h" +#include "core/crypto/partition_data_manager.h" #include "core/file_sys/content_archive.h" #include "core/file_sys/nca_metadata.h" #include "core/file_sys/partition_filesystem.h" @@ -37,11 +39,21 @@ constexpr u64 CURRENT_CRYPTO_REVISION = 0x5; using namespace Common; -const static std::array eticket_source_hashes{ +const std::array eticket_source_hashes{ "B71DB271DC338DF380AA2C4335EF8873B1AFD408E80B3582D8719FC81C5E511C"_array32, // eticket_rsa_kek_source "E8965A187D30E57869F562D04383C996DE487BBA5761363D2D4D32391866A85C"_array32, // eticket_rsa_kekek_source }; +const std::map, std::string> KEYS_VARIABLE_LENGTH{ + {{S128KeyType::Master, 0}, "master_key_"}, + {{S128KeyType::Package1, 0}, "package1_key_"}, + {{S128KeyType::Package2, 0}, "package2_key_"}, + {{S128KeyType::Titlekek, 0}, "titlekek_"}, + {{S128KeyType::Source, static_cast(SourceKeyType::Keyblob)}, "keyblob_key_source_"}, + {{S128KeyType::Keyblob, 0}, "keyblob_key_"}, + {{S128KeyType::KeyblobMAC, 0}, "keyblob_mac_key_"}, +}; + Key128 GenerateKeyEncryptionKey(Key128 source, Key128 master, Key128 kek_seed, Key128 key_seed) { Key128 out{}; @@ -58,7 +70,7 @@ Key128 GenerateKeyEncryptionKey(Key128 source, Key128 master, Key128 kek_seed, K return out; } -Key128 DeriveKeyblobKey(Key128 sbk, Key128 tsec, Key128 source) { +Key128 DeriveKeyblobKey(const Key128& sbk, const Key128& tsec, Key128 source) { AESCipher sbk_cipher(sbk, Mode::ECB); AESCipher tsec_cipher(tsec, Mode::ECB); tsec_cipher.Transcode(source.data(), source.size(), source.data(), Op::Decrypt); @@ -66,6 +78,69 @@ Key128 DeriveKeyblobKey(Key128 sbk, Key128 tsec, Key128 source) { return source; } +Key128 DeriveMasterKey(const std::array& keyblob, const Key128& master_source) { + Key128 master_root; + std::memcpy(master_root.data(), keyblob.data(), sizeof(Key128)); + + AESCipher master_cipher(master_root, Mode::ECB); + + Key128 master{}; + master_cipher.Transcode(master_source.data(), master_source.size(), master.data(), Op::Decrypt); + return master; +} + +std::array DecryptKeyblob(const std::array& encrypted_keyblob, + const Key128& key) { + std::array keyblob; + AESCipher cipher(key, Mode::CTR); + cipher.SetIV(std::vector(encrypted_keyblob.data() + 0x10, encrypted_keyblob.data() + 0x20)); + cipher.Transcode(encrypted_keyblob.data() + 0x20, keyblob.size(), keyblob.data(), Op::Decrypt); + return keyblob; +} + +void KeyManager::DeriveGeneralPurposeKeys(u8 crypto_revision) { + const auto kek_generation_source = + GetKey(S128KeyType::Source, static_cast(SourceKeyType::AESKekGeneration)); + const auto key_generation_source = + GetKey(S128KeyType::Source, static_cast(SourceKeyType::AESKeyGeneration)); + + if (HasKey(S128KeyType::Master, crypto_revision)) { + for (auto kak_type : + {KeyAreaKeyType::Application, KeyAreaKeyType::Ocean, KeyAreaKeyType::System}) { + if (HasKey(S128KeyType::Source, static_cast(SourceKeyType::KeyAreaKey), + static_cast(kak_type))) { + const auto source = + GetKey(S128KeyType::Source, static_cast(SourceKeyType::KeyAreaKey), + static_cast(kak_type)); + const auto kek = + GenerateKeyEncryptionKey(source, GetKey(S128KeyType::Master, crypto_revision), + kek_generation_source, key_generation_source); + SetKey(S128KeyType::KeyArea, kek, crypto_revision, static_cast(kak_type)); + } + } + + AESCipher master_cipher(GetKey(S128KeyType::Master, crypto_revision), Mode::ECB); + for (auto key_type : {SourceKeyType::Titlekek, SourceKeyType::Package2}) { + if (HasKey(S128KeyType::Source, static_cast(key_type))) { + Key128 key{}; + master_cipher.Transcode( + GetKey(S128KeyType::Source, static_cast(key_type)).data(), key.size(), + key.data(), Op::Decrypt); + SetKey(key_type == SourceKeyType::Titlekek ? S128KeyType::Titlekek + : S128KeyType::Package2, + key, crypto_revision); + } + } + } +} + +Key128 DeriveKeyblobMACKey(const Key128& keyblob_key, const Key128& mac_source) { + AESCipher mac_cipher(keyblob_key, Mode::ECB); + Key128 mac_key{}; + mac_cipher.Transcode(mac_source.data(), mac_key.size(), mac_key.data(), Op::Decrypt); + return mac_key; +} + boost::optional DeriveSDSeed() { const FileUtil::IOFile save_43(FileUtil::GetUserPath(FileUtil::UserPath::NANDDir) + "/system/save/8000000000000043", @@ -166,10 +241,10 @@ std::vector GetTicketblob(const FileUtil::IOFile& ticket_save) { for (std::size_t offset = 0; offset + 0x4 < buffer.size(); ++offset) { if (buffer[offset] == 0x4 && buffer[offset + 1] == 0x0 && buffer[offset + 2] == 0x1 && buffer[offset + 3] == 0x0) { - TicketRaw next{}; + out.emplace_back(); + auto& next = out.back(); std::memcpy(&next, buffer.data() + offset, sizeof(TicketRaw)); offset += next.size(); - out.push_back(next); } } @@ -180,8 +255,7 @@ template static std::array operator^(const std::array& lhs, const std::array& rhs) { std::array out{}; - for (size_t i = 0; i < size; ++i) - out[i] = lhs[i] ^ rhs[i]; + std::transform(lhs.begin(), lhs.end(), rhs.begin(), out.begin(), std::bit_xor<>()); return out; } @@ -193,17 +267,32 @@ static std::array MGF1(const std::array& seed) { std::vector out; size_t i = 0; while (out.size() < target_size) { - out.resize(out.size() + 0x20, 0); + out.resize(out.size() + 0x20); seed_exp[in_size + 3] = i; mbedtls_sha256(seed_exp.data(), seed_exp.size(), out.data() + out.size() - 0x20, 0); ++i; } - std::array target{}; + std::array target; std::memcpy(target.data(), out.data(), target_size); return target; } +template +static boost::optional FindTicketOffset(const std::array& data) { + u64 offset = 0; + for (size_t i = 0x20; i < data.size() - 0x10; ++i) { + if (data[i] == 0x1) { + offset = i + 1; + break; + } else if (data[i] != 0x0) { + return boost::none; + } + } + + return offset; +} + boost::optional> ParseTicket(const TicketRaw& ticket, const RSAKeyPair<2048>& key) { u32 cert_authority; @@ -215,14 +304,17 @@ boost::optional> ParseTicket(const TicketRaw& ticket, "Attempting to parse ticket with non-standard certificate authority {:08X}.", cert_authority); - Key128 rights_id{}; + Key128 rights_id; std::memcpy(rights_id.data(), ticket.data() + 0x2A0, sizeof(Key128)); + if (rights_id == Key128{}) + return boost::none; + Key128 key_temp{}; if (!std::any_of(ticket.begin() + 0x190, ticket.begin() + 0x280, [](u8 b) { return b != 0; })) { std::memcpy(key_temp.data(), ticket.data() + 0x180, key_temp.size()); - return std::pair{rights_id, key_temp}; + return std::make_pair(rights_id, key_temp); } mbedtls_mpi D; // RSA Private Exponent @@ -241,13 +333,13 @@ boost::optional> ParseTicket(const TicketRaw& ticket, mbedtls_mpi_exp_mod(&M, &S, &D, &N, nullptr); - std::array rsa_step{}; + std::array rsa_step; mbedtls_mpi_write_binary(&M, rsa_step.data(), rsa_step.size()); u8 m_0 = rsa_step[0]; - std::array m_1{}; + std::array m_1; std::memcpy(m_1.data(), rsa_step.data() + 0x01, m_1.size()); - std::array m_2{}; + std::array m_2; std::memcpy(m_2.data(), rsa_step.data() + 0x21, m_2.size()); if (m_0 != 0) @@ -256,21 +348,14 @@ boost::optional> ParseTicket(const TicketRaw& ticket, m_1 = m_1 ^ MGF1<0x20>(m_2); m_2 = m_2 ^ MGF1<0xDF>(m_1); - u64 offset = 0; - for (size_t i = 0x20; i < m_2.size() - 0x10; ++i) { - if (m_2[i] == 0x1) { - offset = i + 1; - break; - } else if (m_2[i] != 0x0) { - return boost::none; - } - } - - ASSERT(offset > 0); + const auto offset = FindTicketOffset(m_2); + if (offset == boost::none) + return boost::none; + ASSERT(offset.get() > 0); - std::memcpy(key_temp.data(), m_2.data() + offset, key_temp.size()); + std::memcpy(key_temp.data(), m_2.data() + offset.get(), key_temp.size()); - return std::pair{rights_id, key_temp}; + return std::make_pair(rights_id, key_temp); } KeyManager::KeyManager() { @@ -293,10 +378,11 @@ KeyManager::KeyManager() { AttemptLoadKeyFile(yuzu_keys_dir, yuzu_keys_dir, "console.keys_autogenerated", false); } -static bool ValidCryptoRevisionString(const std::string& base, size_t begin, size_t length) { +static bool ValidCryptoRevisionString(std::string_view base, size_t begin, size_t length) { if (base.size() < begin + length) return false; - return std::all_of(base.begin() + begin, base.begin() + begin + length, ::isdigit); + return std::all_of(base.begin() + begin, base.begin() + begin + length, + [](u8 c) { return std::isdigit(c); }); } void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { @@ -351,16 +437,7 @@ void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { const auto index = std::stoul(out[0].substr(18, 2), nullptr, 16); encrypted_keyblobs[index] = Common::HexStringToArray<0xB0>(out[1]); } else { - for (const auto& kv : std::map, std::string>{ - {{S128KeyType::Master, 0}, "master_key_"}, - {{S128KeyType::Package1, 0}, "package1_key_"}, - {{S128KeyType::Package2, 0}, "package2_key_"}, - {{S128KeyType::Titlekek, 0}, "titlekek_"}, - {{S128KeyType::Source, static_cast(SourceKeyType::Keyblob)}, - "keyblob_key_source_"}, - {{S128KeyType::Keyblob, 0}, "keyblob_key_"}, - {{S128KeyType::KeyblobMAC, 0}, "keyblob_mac_key_"}, - }) { + for (const auto& kv : KEYS_VARIABLE_LENGTH) { if (!ValidCryptoRevisionString(out[0], kv.second.size(), 2)) continue; if (out[0].compare(0, kv.second.size(), kv.second) == 0) { @@ -379,9 +456,9 @@ void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { } } - const static std::array kak_names = { + static constexpr std::array kak_names = { "key_area_key_application_", "key_area_key_ocean_", "key_area_key_system_"}; - for (size_t j = 0; j < 3; ++j) { + for (size_t j = 0; j < kak_names.size(); ++j) { const auto& match = kak_names[j]; if (out[0].compare(0, std::strlen(match), match) == 0) { const auto index = @@ -403,7 +480,7 @@ void KeyManager::AttemptLoadKeyFile(const std::string& dir1, const std::string& LoadFromFile(dir2 + DIR_SEP + filename, title); } -bool KeyManager::BaseDeriveNecessary() { +bool KeyManager::BaseDeriveNecessary() const { const auto check_key_existence = [this](auto key_type, u64 index1 = 0, u64 index2 = 0) { return !HasKey(key_type, index1, index2); }; @@ -512,9 +589,9 @@ void KeyManager::SetKey(S128KeyType id, Key128 key, u64 field1, u64 field2) { // Variable cases if (id == S128KeyType::KeyArea) { - const static std::array kak_names = {"key_area_key_application_{:02X}", - "key_area_key_ocean_{:02X}", - "key_area_key_system_{:02X}"}; + static constexpr std::array kak_names = {"key_area_key_application_{:02X}", + "key_area_key_ocean_{:02X}", + "key_area_key_system_{:02X}"}; WriteKeyToFile(category, fmt::format(kak_names.at(field2), field1), key); } else if (id == S128KeyType::Master) { WriteKeyToFile(category, fmt::format("master_key_{:02X}", field1), key); @@ -575,11 +652,11 @@ void KeyManager::DeriveSDSeedLazy() { SetKey(S128KeyType::SDSeed, res.get()); } -static Key128 CalculateCMAC(const u8* source, size_t size, Key128 key) { +static Key128 CalculateCMAC(const u8* source, size_t size, const Key128& key) { Key128 out{}; - mbedtls_cipher_cmac(mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB), key.data(), 0x80, - source, size, out.data()); + mbedtls_cipher_cmac(mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB), key.data(), + key.size() * 8, source, size, out.data()); return out; } @@ -610,12 +687,12 @@ void KeyManager::DeriveBase() { else if (has_bis(3) && !has_bis(2)) copy_bis(3, 2); - std::bitset<32> revisions{}; - revisions.set(); - for (size_t i = 0; i < 32; ++i) { + std::bitset<32> revisions(0xFFFFFFFF); + for (size_t i = 0; i < revisions.size(); ++i) { if (!HasKey(S128KeyType::Source, static_cast(SourceKeyType::Keyblob), i) || - encrypted_keyblobs[i] == std::array{}) + encrypted_keyblobs[i] == std::array{}) { revisions.reset(i); + } } if (!revisions.any()) @@ -624,12 +701,8 @@ void KeyManager::DeriveBase() { const auto sbk = GetKey(S128KeyType::SecureBoot); const auto tsec = GetKey(S128KeyType::TSEC); const auto master_source = GetKey(S128KeyType::Source, static_cast(SourceKeyType::Master)); - const auto kek_generation_source = - GetKey(S128KeyType::Source, static_cast(SourceKeyType::AESKekGeneration)); - const auto key_generation_source = - GetKey(S128KeyType::Source, static_cast(SourceKeyType::AESKeyGeneration)); - for (size_t i = 0; i < 32; ++i) { + for (size_t i = 0; i < revisions.size(); ++i) { if (!revisions[i]) continue; @@ -643,13 +716,8 @@ void KeyManager::DeriveBase() { if (!HasKey(S128KeyType::Source, static_cast(SourceKeyType::KeyblobMAC))) continue; - const auto mac_source = - GetKey(S128KeyType::Source, static_cast(SourceKeyType::KeyblobMAC)); - - AESCipher mac_cipher(key, Mode::ECB); - Key128 mac_key{}; - mac_cipher.Transcode(mac_source.data(), mac_key.size(), mac_key.data(), Op::Decrypt); - + const auto mac_key = DeriveKeyblobMACKey( + key, GetKey(S128KeyType::Source, static_cast(SourceKeyType::KeyblobMAC))); SetKey(S128KeyType::KeyblobMAC, mac_key, i); Key128 cmac = CalculateCMAC(encrypted_keyblobs[i].data() + 0x10, 0xA0, mac_key); @@ -657,39 +725,27 @@ void KeyManager::DeriveBase() { continue; // Decrypt keyblob - bool has_keyblob = keyblobs[i] != std::array{}; - - AESCipher cipher(key, Mode::CTR); - cipher.SetIV(std::vector(encrypted_keyblobs[i].data() + 0x10, - encrypted_keyblobs[i].data() + 0x20)); - cipher.Transcode(encrypted_keyblobs[i].data() + 0x20, keyblobs[i].size(), - keyblobs[i].data(), Op::Decrypt); - - if (!has_keyblob) { + if (keyblobs[i] == std::array{}) { + keyblobs[i] = DecryptKeyblob(encrypted_keyblobs[i], key); WriteKeyToFile<0x90>(KeyCategory::Console, fmt::format("keyblob_{:02X}", i), keyblobs[i]); } - Key128 package1{}; + Key128 package1; std::memcpy(package1.data(), keyblobs[i].data() + 0x80, sizeof(Key128)); SetKey(S128KeyType::Package1, package1, i); // Derive master key if (HasKey(S128KeyType::Source, static_cast(SourceKeyType::Master))) { - Key128 master_root{}; - std::memcpy(master_root.data(), keyblobs[i].data(), sizeof(Key128)); - - AESCipher master_cipher(master_root, Mode::ECB); - - Key128 master{}; - master_cipher.Transcode(master_source.data(), master_source.size(), master.data(), - Op::Decrypt); - SetKey(S128KeyType::Master, master, i); + SetKey(S128KeyType::Master, + DeriveMasterKey(keyblobs[i], GetKey(S128KeyType::Source, + static_cast(SourceKeyType::Master))), + i); } } revisions.set(); - for (size_t i = 0; i < 32; ++i) { + for (size_t i = 0; i < revisions.size(); ++i) { if (!HasKey(S128KeyType::Master, i)) revisions.reset(i); } @@ -697,39 +753,12 @@ void KeyManager::DeriveBase() { if (!revisions.any()) return; - for (size_t i = 0; i < 32; ++i) { + for (size_t i = 0; i < revisions.size(); ++i) { if (!revisions[i]) continue; // Derive general purpose keys - if (HasKey(S128KeyType::Master, i)) { - for (auto kak_type : - {KeyAreaKeyType::Application, KeyAreaKeyType::Ocean, KeyAreaKeyType::System}) { - if (HasKey(S128KeyType::Source, static_cast(SourceKeyType::KeyAreaKey), - static_cast(kak_type))) { - const auto source = - GetKey(S128KeyType::Source, static_cast(SourceKeyType::KeyAreaKey), - static_cast(kak_type)); - const auto kek = - GenerateKeyEncryptionKey(source, GetKey(S128KeyType::Master, i), - kek_generation_source, key_generation_source); - SetKey(S128KeyType::KeyArea, kek, i, static_cast(kak_type)); - } - } - - AESCipher master_cipher(GetKey(S128KeyType::Master, i), Mode::ECB); - for (auto key_type : {SourceKeyType::Titlekek, SourceKeyType::Package2}) { - if (HasKey(S128KeyType::Source, static_cast(key_type))) { - Key128 key{}; - master_cipher.Transcode( - GetKey(S128KeyType::Source, static_cast(key_type)).data(), key.size(), - key.data(), Op::Decrypt); - SetKey(key_type == SourceKeyType::Titlekek ? S128KeyType::Titlekek - : S128KeyType::Package2, - key, i); - } - } - } + DeriveGeneralPurposeKeys(i); } if (HasKey(S128KeyType::Master, 0) && @@ -751,7 +780,7 @@ void KeyManager::DeriveBase() { } } -void KeyManager::DeriveETicket(PartitionDataManager data) { +void KeyManager::DeriveETicket(PartitionDataManager& data) { // ETicket keys const auto es = Service::FileSystem::GetUnionContents()->GetEntry( 0x0100000000000033, FileSys::ContentRecordType::Program); @@ -769,30 +798,30 @@ void KeyManager::DeriveETicket(PartitionDataManager data) { const auto bytes = main->ReadAllBytes(); - using namespace Common; - const auto eticket_kek = FindKeyFromHex(bytes, eticket_source_hashes[0]); - const auto eticket_kekek = FindKeyFromHex(bytes, eticket_source_hashes[1]); + const auto eticket_kek = FindKeyFromHex16(bytes, eticket_source_hashes[0]); + const auto eticket_kekek = FindKeyFromHex16(bytes, eticket_source_hashes[1]); const auto seed3 = data.GetRSAKekSeed3(); const auto mask0 = data.GetRSAKekMask0(); if (eticket_kek != Key128{}) SetKey(S128KeyType::Source, eticket_kek, static_cast(SourceKeyType::ETicketKek)); - if (eticket_kekek != Key128{}) + if (eticket_kekek != Key128{}) { SetKey(S128KeyType::Source, eticket_kekek, static_cast(SourceKeyType::ETicketKekek)); + } if (seed3 != Key128{}) SetKey(S128KeyType::RSAKek, seed3, static_cast(RSAKekType::Seed3)); if (mask0 != Key128{}) SetKey(S128KeyType::RSAKek, mask0, static_cast(RSAKekType::Mask0)); - if (eticket_kek == Key128{} || eticket_kekek == Key128{} || seed3 == Key128{} || - mask0 == Key128{}) + mask0 == Key128{}) { return; + } Key128 rsa_oaep_kek{}; - for (size_t i = 0; i < rsa_oaep_kek.size(); ++i) - rsa_oaep_kek[i] = seed3[i] ^ mask0[i]; + std::transform(seed3.begin(), seed3.end(), mask0.begin(), rsa_oaep_kek.begin(), + std::bit_xor<>()); if (rsa_oaep_kek == Key128{}) return; @@ -818,8 +847,7 @@ void KeyManager::DeriveETicket(PartitionDataManager data) { SetKey(S128KeyType::ETicketRSAKek, eticket_final); // Titlekeys - data.DecryptProdInfo(GetKey(S128KeyType::BIS), - GetKey(S128KeyType::BIS, 0, static_cast(BISKeyType::Tweak))); + data.DecryptProdInfo(GetBISKey(0)); const auto eticket_extended_kek = data.GetETicketExtendedKek(); @@ -851,8 +879,8 @@ void KeyManager::DeriveETicket(PartitionDataManager data) { const auto pair = ParseTicket(raw, rsa_key); if (pair == boost::none) continue; - auto [rid, key] = pair.value(); - u128 rights_id{}; + const auto& [rid, key] = pair.value(); + u128 rights_id; std::memcpy(rights_id.data(), rid.data(), rid.size()); SetKey(S128KeyType::Titlekey, key, rights_id[1], rights_id[0]); } @@ -870,14 +898,14 @@ void KeyManager::SetKeyWrapped(S256KeyType id, Key256 key, u64 field1, u64 field SetKey(id, key, field1, field2); } -void KeyManager::PopulateFromPartitionData(PartitionDataManager data) { +void KeyManager::PopulateFromPartitionData(PartitionDataManager& data) { if (!BaseDeriveNecessary()) return; if (!data.HasBoot0()) return; - for (size_t i = 0; i < 0x20; ++i) { + for (size_t i = 0; i < encrypted_keyblobs.size(); ++i) { if (encrypted_keyblobs[i] != std::array{}) continue; encrypted_keyblobs[i] = data.GetEncryptedKeyblob(i); @@ -907,15 +935,15 @@ void KeyManager::PopulateFromPartitionData(PartitionDataManager data) { DeriveBase(); Key128 latest_master{}; - for (s8 i = 0x1F; i > 0; --i) { - if (GetKey(S128KeyType::Master, i) != Key128{}) { - latest_master = GetKey(S128KeyType::Master, i); + for (s8 i = 0x1F; i >= 0; --i) { + if (GetKey(S128KeyType::Master, static_cast(i)) != Key128{}) { + latest_master = GetKey(S128KeyType::Master, static_cast(i)); break; } } const auto masters = data.GetTZMasterKeys(latest_master); - for (size_t i = 0; i < 0x20; ++i) { + for (size_t i = 0; i < masters.size(); ++i) { if (masters[i] != Key128{} && !HasKey(S128KeyType::Master, i)) SetKey(S128KeyType::Master, masters[i], i); } @@ -926,7 +954,7 @@ void KeyManager::PopulateFromPartitionData(PartitionDataManager data) { return; std::array package2_keys{}; - for (size_t i = 0; i < 0x20; ++i) { + for (size_t i = 0; i < package2_keys.size(); ++i) { if (HasKey(S128KeyType::Package2, i)) package2_keys[i] = GetKey(S128KeyType::Package2, i); } -- cgit v1.2.3