sept: update to support 8.1.0
This commit is contained in:
@@ -1,7 +1,19 @@
|
||||
HOVI_ENC_KEY_PRD = bytearray.fromhex('00000000000000000000000000000000')
|
||||
HOVI_ENC_KEY_DEV = bytearray.fromhex('00000000000000000000000000000000')
|
||||
HOVI_SIG_KEY_PRD = bytearray.fromhex('00000000000000000000000000000000')
|
||||
HOVI_SIG_KEY_DEV = bytearray.fromhex('00000000000000000000000000000000')
|
||||
HOVI_KEK_KEY_PRD = bytearray.fromhex('00000000000000000000000000000000')
|
||||
HOVI_KEK_KEY_DEV = bytearray.fromhex('00000000000000000000000000000000')
|
||||
IV = bytearray.fromhex('00000000000000000000000000000000')
|
||||
NUM_KEYS = 2
|
||||
|
||||
HOVI_ENC_KEY_PRD = [
|
||||
bytearray.fromhex('00000000000000000000000000000000'),
|
||||
bytearray.fromhex('00000000000000000000000000000000'),
|
||||
]
|
||||
HOVI_SIG_KEY_PRD = [
|
||||
bytearray.fromhex('00000000000000000000000000000000'),
|
||||
bytearray.fromhex('00000000000000000000000000000000'),
|
||||
]
|
||||
|
||||
IV = [
|
||||
bytearray.fromhex('00000000000000000000000000000000'),
|
||||
bytearray.fromhex('00000000000000000000000000000000'),
|
||||
]
|
||||
|
||||
assert len(HOVI_ENC_KEY_PRD) == NUM_KEYS
|
||||
assert len(HOVI_SIG_KEY_PRD) == NUM_KEYS
|
||||
assert len(IV) == NUM_KEYS
|
||||
@@ -137,12 +137,12 @@ clean:
|
||||
@echo clean ...
|
||||
@$(MAKE) -C $(AMS)/exosphere/rebootstub clean
|
||||
@$(MAKE) -C key_derivation clean
|
||||
@rm -fr $(BUILD) $(TARGET).bin $(TARGET).enc $(TARGET).elf
|
||||
@rm -fr $(BUILD) $(TARGET).bin $(TARGET)_*.enc $(TARGET).elf
|
||||
|
||||
|
||||
#---------------------------------------------------------------------------------
|
||||
else
|
||||
.PHONY: all
|
||||
.PHONY: all $(OUTPUT).bin
|
||||
|
||||
DEPENDS := $(OFILES:.o=.d)
|
||||
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
|
||||
#define AL16 __attribute__((aligned(16)))
|
||||
|
||||
#define DERIVATION_ID_MAX 1
|
||||
#define DERIVATION_ID_MAX 2
|
||||
|
||||
static const uint8_t AL16 keyblob_seed_00[0x10] = {
|
||||
0xDF, 0x20, 0x6F, 0x59, 0x44, 0x54, 0xEF, 0xDC, 0x70, 0x74, 0x48, 0x3B, 0x0D, 0xED, 0x9F, 0xD3
|
||||
@@ -44,10 +44,12 @@ static const uint8_t AL16 masterkey_4x_seed[0x10] = {
|
||||
|
||||
static const uint8_t AL16 master_kek_seeds[DERIVATION_ID_MAX][0x10] = {
|
||||
{0x9A, 0x3E, 0xA9, 0xAB, 0xFD, 0x56, 0x46, 0x1C, 0x9B, 0xF6, 0x48, 0x7F, 0x5C, 0xFA, 0x09, 0x5C},
|
||||
{0xDE, 0xDC, 0xE3, 0x39, 0x30, 0x88, 0x16, 0xF8, 0xAE, 0x97, 0xAD, 0xEC, 0x64, 0x2D, 0x41, 0x41},
|
||||
};
|
||||
|
||||
static const uint8_t AL16 master_devkey_seeds[DERIVATION_ID_MAX][0x10] = {
|
||||
{0x8F, 0x77, 0x5A, 0x96, 0xB0, 0x94, 0xFD, 0x8D, 0x28, 0xE4, 0x19, 0xC8, 0x16, 0x1C, 0xDB, 0x3D},
|
||||
{0x67, 0x62, 0xD4, 0x8E, 0x55, 0xCF, 0xFF, 0x41, 0x31, 0x15, 0x3B, 0x24, 0x0C, 0x7C, 0x07, 0xAE},
|
||||
};
|
||||
|
||||
void derive_keys(void) {
|
||||
@@ -101,7 +103,7 @@ void derive_keys(void) {
|
||||
}
|
||||
|
||||
/* Derive master kek. */
|
||||
decrypt_data_into_keyslot(0xE, 0xE, master_kek_seeds[0], 0x10);
|
||||
decrypt_data_into_keyslot(0xE, 0xE, master_kek_seeds[derivation_id], 0x10);
|
||||
|
||||
/* Derive master key, device master key. */
|
||||
decrypt_data_into_keyslot(0xC, 0xE, masterkey_seed, 0x10);
|
||||
@@ -123,7 +125,7 @@ void derive_keys(void) {
|
||||
decrypt_data_into_keyslot(0xF, 0xF, devicekey_seed, 0x10);
|
||||
|
||||
/* Derive firmware specific device key. */
|
||||
se_aes_ecb_decrypt_block(0xA, work_buffer, 0x10, master_devkey_seeds[0], 0x10);
|
||||
se_aes_ecb_decrypt_block(0xA, work_buffer, 0x10, master_devkey_seeds[derivation_id], 0x10);
|
||||
decrypt_data_into_keyslot(0xE, 0xE, work_buffer, 0x10);
|
||||
|
||||
/* Clear work buffer. */
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
#!/usr/bin/env python
|
||||
import sys
|
||||
import sys, os
|
||||
from struct import pack as pk, unpack as up
|
||||
from Crypto.Cipher import AES
|
||||
from Crypto.Hash import CMAC
|
||||
@@ -41,7 +41,7 @@ def get_last_block_for_desired_mac(key, data, desired_mac):
|
||||
return last_block
|
||||
|
||||
|
||||
def sign_encrypt_code(code, sig_key, enc_key, iv, desired_mac):
|
||||
def sign_encrypt_code(code, sig_key, enc_key, iv, desired_mac, version):
|
||||
# Pad with 0x20 of zeroes.
|
||||
code = code + bytearray(0x20)
|
||||
code_len = len(code)
|
||||
@@ -49,6 +49,9 @@ def sign_encrypt_code(code, sig_key, enc_key, iv, desired_mac):
|
||||
code_len &= ~0xFFF
|
||||
code = code + bytearray(code_len - len(code))
|
||||
|
||||
# Insert version
|
||||
code = code[:8] + pk('<I', version) + code[12:]
|
||||
|
||||
# Add empty trustzone, warmboot segments.
|
||||
code = code + bytearray(0x1FE0 - 0x10)
|
||||
pk11_hdr = b'PK11' + pk('<IIIIIII', 0x1000, 0, 0, code_len - 0x20, 0, 0x1000, 0)
|
||||
@@ -69,8 +72,10 @@ def main(argc, argv):
|
||||
if len(code) & 0xF:
|
||||
code = code + bytearray(0x10 - (len(code) & 0xF))
|
||||
# TODO: Support dev unit crypto
|
||||
with open(argv[2], 'wb') as f:
|
||||
f.write(sign_encrypt_code(code, KEYS.HOVI_SIG_KEY_PRD, KEYS.HOVI_ENC_KEY_PRD, KEYS.IV, b'THANKS_NVIDIA_<3'))
|
||||
fn, fext = os.path.splitext(argv[2])
|
||||
for key in range(KEYS.NUM_KEYS):
|
||||
with open(fn + ('_%02X' % key) + fext, 'wb') as f:
|
||||
f.write(sign_encrypt_code(code, KEYS.HOVI_SIG_KEY_PRD[key], KEYS.HOVI_ENC_KEY_PRD[key], KEYS.IV[key], b'THANKS_NVIDIA_<3', key))
|
||||
return 0
|
||||
|
||||
|
||||
|
||||
@@ -29,7 +29,7 @@
|
||||
#undef u32
|
||||
|
||||
|
||||
void derive_keys(void) {
|
||||
void derive_keys(uint32_t version) {
|
||||
/* Clear mailbox. */
|
||||
volatile uint32_t *mailbox = (volatile uint32_t *)0x4003FF00;
|
||||
while (*mailbox != 0) {
|
||||
@@ -37,7 +37,7 @@ void derive_keys(void) {
|
||||
}
|
||||
|
||||
/* Set derivation id. */
|
||||
*((volatile uint32_t *)0x4003E800) = 0x0;
|
||||
*((volatile uint32_t *)0x4003E800) = version;
|
||||
|
||||
/* Copy key derivation stub into IRAM high. */
|
||||
for (size_t i = 0; i < key_derivation_bin_size; i += sizeof(uint32_t)) {
|
||||
|
||||
@@ -21,7 +21,7 @@
|
||||
#include <stdbool.h>
|
||||
#include <stdint.h>
|
||||
|
||||
void derive_keys(void);
|
||||
void derive_keys(uint32_t version);
|
||||
void load_keys(const uint8_t *se_state);
|
||||
|
||||
#endif
|
||||
|
||||
@@ -48,7 +48,7 @@ static void set_has_rebooted(bool rebooted) {
|
||||
}
|
||||
|
||||
|
||||
static void exfiltrate_keys_and_reboot_if_needed(void) {
|
||||
static void exfiltrate_keys_and_reboot_if_needed(uint32_t version) {
|
||||
volatile tegra_pmc_t *pmc = pmc_get_regs();
|
||||
uint8_t *enc_se_state = (uint8_t *)0x4003E000;
|
||||
uint8_t *dec_se_state = (uint8_t *)0x4003F000;
|
||||
@@ -59,7 +59,7 @@ static void exfiltrate_keys_and_reboot_if_needed(void) {
|
||||
set_has_rebooted(true);
|
||||
|
||||
/* Derive keys. */
|
||||
derive_keys();
|
||||
derive_keys(version);
|
||||
|
||||
reboot_to_self();
|
||||
} else {
|
||||
@@ -135,14 +135,14 @@ static void exit_callback(int rc) {
|
||||
relocate_and_chainload();
|
||||
}
|
||||
|
||||
int main(void) {
|
||||
int sept_main(uint32_t version) {
|
||||
const char *stage2_path;
|
||||
stage2_args_t *stage2_args;
|
||||
uint32_t stage2_version = 0;
|
||||
ScreenLogLevel log_level = SCREEN_LOG_LEVEL_NONE;
|
||||
|
||||
/* Extract keys from the security engine, which TSEC FW locked down. */
|
||||
exfiltrate_keys_and_reboot_if_needed();
|
||||
exfiltrate_keys_and_reboot_if_needed(version);
|
||||
|
||||
/* Override the global logging level. */
|
||||
log_set_log_level(log_level);
|
||||
|
||||
@@ -13,7 +13,7 @@
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
|
||||
.macro CLEAR_GPR_REG_ITER
|
||||
mov r\@, #0
|
||||
.endm
|
||||
@@ -26,13 +26,18 @@
|
||||
_start:
|
||||
/* Switch to system mode, mask all interrupts, clear all flags */
|
||||
msr cpsr_cxsf, #0xDF
|
||||
b begin_relocation_loop
|
||||
_version:
|
||||
.word 0x00000000 /* Version. */
|
||||
.word 0x00000000 /* Reserved. */
|
||||
|
||||
begin_relocation_loop:
|
||||
/* Relocate ourselves if necessary */
|
||||
ldr r2, =__start__
|
||||
adr r3, _start
|
||||
cmp r2, r3
|
||||
beq _relocation_loop_end
|
||||
|
||||
|
||||
/* If we are relocating, we are not rebooting to ourselves. Note that. */
|
||||
ldr r0, =0x4003FFFC
|
||||
mov r1, #0x0
|
||||
@@ -50,12 +55,12 @@ _start:
|
||||
|
||||
ldr r12, =_second_relocation_start
|
||||
bx r12
|
||||
|
||||
|
||||
_second_relocation_start:
|
||||
ldr r4, =__bss_start__
|
||||
sub r4, r4, r2
|
||||
mov r1, #0x0
|
||||
|
||||
|
||||
_second_relocation_loop:
|
||||
ldmia r3!, {r5-r12}
|
||||
stmia r2!, {r5-r12}
|
||||
@@ -67,7 +72,7 @@ _start:
|
||||
bx r12
|
||||
|
||||
_relocation_loop_end:
|
||||
|
||||
|
||||
/* Set the stack pointer */
|
||||
ldr sp, =__stack_top__
|
||||
mov fp, #0
|
||||
@@ -78,7 +83,9 @@ _start:
|
||||
CLEAR_GPR_REG_ITER
|
||||
.endr
|
||||
ldr lr, =__program_exit
|
||||
b main
|
||||
ldr r0, =_version
|
||||
ldr r0, [r0]
|
||||
b sept_main
|
||||
|
||||
/* No need to include this in normal programs: */
|
||||
.section .chainloader.text.start, "ax", %progbits
|
||||
|
||||
Reference in New Issue
Block a user