mika/Atmosphere-libs
1
0
Fork 0
mirror of https://github.com/Atmosphere-NX/Atmosphere-libs.git synced 2025-06-29 22:42:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

exo2: implement through package2 decryption

Browse Source
This commit is contained in:
Michael Scire 2020-05-12 11:40:29 -07:00
parent cf923dc0fe
commit 91bcead046
6 changed files with 163 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
libexosphere/include/exosphere.hpp
View File

@ -25,6 +25,7 @@
#include <exosphere/gic.hpp> #include <exosphere/gic.hpp>
#include <exosphere/wdt.hpp> #include <exosphere/wdt.hpp>
#include <exosphere/pkg1.hpp> #include <exosphere/pkg1.hpp>
#include <exosphere/pkg2.hpp>
#include <exosphere/tsec.hpp> #include <exosphere/tsec.hpp>
#include <exosphere/se.hpp> #include <exosphere/se.hpp>
#include <exosphere/flow.hpp> #include <exosphere/flow.hpp>

4
libexosphere/include/exosphere/pkg1/pkg1_boot_config.hpp
View File

@ -122,6 +122,10 @@ namespace ams::pkg1 {
constexpr bool IsProgramVerificationDisabled() const { constexpr bool IsProgramVerificationDisabled() const {
return (this->flags1[0] & (1 << 0)) != 0; return (this->flags1[0] & (1 << 0)) != 0;
} }
constexpr void SetPackage2Decrypted(bool decrypted) {
this->flags |= decrypted ? 0x3 : 0x0;
}
}; };
static_assert(util::is_pod<BootConfigSignedData>::value); static_assert(util::is_pod<BootConfigSignedData>::value);
static_assert(sizeof(BootConfigSignedData) == 0x100); static_assert(sizeof(BootConfigSignedData) == 0x100);

81
libexosphere/include/exosphere/pkg2.hpp Normal file
View File

@ -0,0 +1,81 @@
/*
* Copyright (c) 2018-2020 Atmosphère-NX
*
* This program is free software; you can redistribute it and/or modify it
* under the terms and conditions of the GNU General Public License,
* version 2, as published by the Free Software Foundation.
*
* This program is distributed in the hope it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#pragma once
#include <vapours.hpp>
namespace ams::pkg2 {
constexpr inline size_t Package2SizeMax = 8_MB - 16_KB;
constexpr inline size_t SegmentAlignment = 4;
constexpr inline int SegmentCount = 3;
constexpr inline int MinimumValidDataVersion = 0; /* We allow older package2 to load; this value is currently 0x10 in Nintendo's code. */
constexpr inline int CurrentBootloaderVersion = 0xD;
struct Package2Meta {
using Magic = util::FourCC<'P','K','2','1'>;
u32 package2_size;
u8 key_generation;
u8 header_iv_remainder[11];
u8 segment_iv[SegmentCount][0x10];
u8 padding_40[0x10];
u8 magic[4];
u32 entrypoint;
u8 padding_58[4];
u8 package2_version;
u8 bootloader_version;
u8 padding_5E[2];
u32 segment_sizes[SegmentCount];
u8 padding_6C[4];
u32 segment_offsets[SegmentCount];
u8 padding_7C[4];
u8 segment_hashes[SegmentCount][crypto::Sha256Generator::HashSize];
u8 padding_E0[0x20];
private:
static ALWAYS_INLINE u32 ReadWord(const void *ptr, int offset) {
return util::LoadLittleEndian(reinterpret_cast<const u32 *>(reinterpret_cast<uintptr_t>(ptr) + offset));
}
public:
ALWAYS_INLINE u8 GetKeyGeneration() const {
return std::min<u8>(0, (this->key_generation ^ this->header_iv_remainder[1] ^ this->header_iv_remainder[2]) - 1);
}
ALWAYS_INLINE u32 GetSize() const {
return this->package2_size ^ ReadWord(this->header_iv_remainder, 3) ^ ReadWord(this->header_iv_remainder, 7);
}
};
static_assert(util::is_pod<Package2Meta>::value);
static_assert(sizeof(Package2Meta) == 0x100);
struct Package2Header {
u8 signature[0x100];
Package2Meta meta;
};
static_assert(util::is_pod<Package2Header>::value);
static_assert(sizeof(Package2Header) == 0x200);
struct StorageLayout {
u8 boot_config[16_KB];
Package2Header package2_header;
u8 data[Package2SizeMax - sizeof(Package2Header)];
};
static_assert(util::is_pod<StorageLayout>::value);
static_assert(sizeof(StorageLayout) == 8_MB);
}

2
libexosphere/include/exosphere/se/se_aes.hpp
View File

@ -33,4 +33,6 @@ namespace ams::se {
void EncryptAes128(void *dst, size_t dst_size, int slot, const void *src, size_t src_size); void EncryptAes128(void *dst, size_t dst_size, int slot, const void *src, size_t src_size);
void DecryptAes128(void *dst, size_t dst_size, int slot, const void *src, size_t src_size); void DecryptAes128(void *dst, size_t dst_size, int slot, const void *src, size_t src_size);
void ComputeAes128Ctr(void *dst, size_t dst_size, int slot, const void *src, size_t src_size, const void *iv, size_t iv_size);
} }

3
libexosphere/include/exosphere/secmon/secmon_memory_layout.hpp
View File

@ -80,6 +80,9 @@ namespace ams::secmon {
constexpr inline const MemoryRegion MemoryRegionDramDefaultKernelCarveout = MemoryRegion(UINT64_C(0x80060000), UINT64_C(0x1FFE0000)); constexpr inline const MemoryRegion MemoryRegionDramDefaultKernelCarveout = MemoryRegion(UINT64_C(0x80060000), UINT64_C(0x1FFE0000));
static_assert(MemoryRegionDram.Contains(MemoryRegionDramDefaultKernelCarveout)); static_assert(MemoryRegionDram.Contains(MemoryRegionDramDefaultKernelCarveout));
constexpr inline const MemoryRegion MemoryRegionDramPackage2 = MemoryRegion(UINT64_C(0xA9800000), UINT64_C(0x07FC0000));
static_assert(MemoryRegionDram.Contains(MemoryRegionDramPackage2));
constexpr inline const MemoryRegion MemoryRegionPhysicalIram = MemoryRegion(UINT64_C(0x40000000), 0x40000); constexpr inline const MemoryRegion MemoryRegionPhysicalIram = MemoryRegion(UINT64_C(0x40000000), 0x40000);
constexpr inline const MemoryRegion MemoryRegionPhysicalTzram = MemoryRegion(UINT64_C(0x7C010000), 0x10000); constexpr inline const MemoryRegion MemoryRegionPhysicalTzram = MemoryRegion(UINT64_C(0x7C010000), 0x10000);
static_assert(MemoryRegionPhysical.Contains(MemoryRegionPhysicalIram)); static_assert(MemoryRegionPhysical.Contains(MemoryRegionPhysicalIram));

64
libexosphere/source/se/se_aes.cpp
View File

@ -41,6 +41,14 @@ namespace ams::se {
SE_REG_BITS_ENUM (CRYPTO_CONFIG_XOR_POS, BYPASS), SE_REG_BITS_ENUM (CRYPTO_CONFIG_XOR_POS, BYPASS),
SE_REG_BITS_ENUM (CRYPTO_CONFIG_HASH_ENB, DISABLE)); SE_REG_BITS_ENUM (CRYPTO_CONFIG_HASH_ENB, DISABLE));
constexpr inline u32 AesConfigCtr = reg::Encode(SE_REG_BITS_VALUE(CRYPTO_CONFIG_CTR_CNTN, 1),
SE_REG_BITS_ENUM (CRYPTO_CONFIG_KEYSCH_BYPASS, DISABLE),
SE_REG_BITS_ENUM (CRYPTO_CONFIG_IV_SELECT, ORIGINAL),
SE_REG_BITS_ENUM (CRYPTO_CONFIG_VCTRAM_SEL, MEMORY),
SE_REG_BITS_ENUM (CRYPTO_CONFIG_INPUT_SEL, LINEAR_CTR),
SE_REG_BITS_ENUM (CRYPTO_CONFIG_XOR_POS, BOTTOM),
SE_REG_BITS_ENUM (CRYPTO_CONFIG_HASH_ENB, DISABLE));
void SetConfig(volatile SecurityEngineRegisters *SE, bool encrypt, SE_CONFIG_DST dst) { void SetConfig(volatile SecurityEngineRegisters *SE, bool encrypt, SE_CONFIG_DST dst) {
reg::Write(SE->SE_CONFIG, SE_REG_BITS_ENUM (CONFIG_ENC_MODE, AESMODE_KEY128), reg::Write(SE->SE_CONFIG, SE_REG_BITS_ENUM (CONFIG_ENC_MODE, AESMODE_KEY128),
SE_REG_BITS_ENUM (CONFIG_DEC_MODE, AESMODE_KEY128), SE_REG_BITS_ENUM (CONFIG_DEC_MODE, AESMODE_KEY128),
@ -69,6 +77,16 @@ namespace ams::se {
// reg::ReadWrite(SE->SE_CRYPTO_CONFIG, SE_REG_BITS_VALUE(CRYPTO_CONFIG_MEMIF, memif)); // reg::ReadWrite(SE->SE_CRYPTO_CONFIG, SE_REG_BITS_VALUE(CRYPTO_CONFIG_MEMIF, memif));
// } // }
void SetCounter(volatile SecurityEngineRegisters *SE, const void *ctr) {
const u32 *ctr_32 = reinterpret_cast<const u32 *>(ctr);
/* Copy the input ctr to the linear CTR registers. */
reg::Write(SE->SE_CRYPTO_LINEAR_CTR[0], util::LoadLittleEndian(ctr_32 + 0));
reg::Write(SE->SE_CRYPTO_LINEAR_CTR[1], util::LoadLittleEndian(ctr_32 + 1));
reg::Write(SE->SE_CRYPTO_LINEAR_CTR[2], util::LoadLittleEndian(ctr_32 + 2));
reg::Write(SE->SE_CRYPTO_LINEAR_CTR[3], util::LoadLittleEndian(ctr_32 + 3));
}
void SetEncryptedAesKey(int dst_slot, int kek_slot, const void *key, size_t key_size, AesMode mode) { void SetEncryptedAesKey(int dst_slot, int kek_slot, const void *key, size_t key_size, AesMode mode) {
AMS_ABORT_UNLESS(key_size <= AesKeySizeMax); AMS_ABORT_UNLESS(key_size <= AesKeySizeMax);
AMS_ABORT_UNLESS(0 <= dst_slot && dst_slot < AesKeySlotCount); AMS_ABORT_UNLESS(0 <= dst_slot && dst_slot < AesKeySlotCount);
@ -206,4 +224,50 @@ namespace ams::se {
ExecuteOperationSingleBlock(SE, dst, dst_size, src, src_size); ExecuteOperationSingleBlock(SE, dst, dst_size, src, src_size);
} }
void ComputeAes128Ctr(void *dst, size_t dst_size, int slot, const void *src, size_t src_size, const void *iv, size_t iv_size) {
/* If nothing to do, succeed. */
if (src_size == 0) { return; }
/* Validate input. */
AMS_ABORT_UNLESS(iv_size == AesBlockSize);
AMS_ABORT_UNLESS(0 <= slot && slot < AesKeySlotCount);
/* Get the engine. */
auto *SE = GetRegisters();
/* Determine how many full blocks we can operate on. */
const size_t num_blocks = src_size / AesBlockSize;
const size_t aligned_size = num_blocks * AesBlockSize;
const size_t fractional = src_size - aligned_size;
/* Here Nintendo writes 1 to SE_SPARE. It's unclear why they do this, but we will do so as well. */
SE->SE_SPARE = 0x1;
/* Configure for AES-CTR encryption/decryption to memory. */
SetConfig(SE, true, SE_CONFIG_DST_MEMORY);
SetAesConfig(SE, slot, true, AesConfigCtr);
/* Set the counter. */
SetCounter(SE, iv);
/* Process as many aligned blocks as we can. */
if (aligned_size > 0) {
/* Configure the engine to process the right number of blocks. */
SetBlockCount(SE, num_blocks);
/* Execute the operation. */
ExecuteOperation(SE, SE_OPERATION_OP_START, dst, dst_size, src, aligned_size);
/* Synchronize around this point. */
hw::DataSynchronizationBarrierInnerShareable();
}
/* Process a single block to output. */
if (fractional > 0 && dst_size > aligned_size) {
const size_t copy_size = std::min(fractional, dst_size - aligned_size);
ExecuteOperationSingleBlock(SE, static_cast<u8 *>(dst) + aligned_size, copy_size, static_cast<const u8 *>(src) + aligned_size, fractional);
}
}
} }