sept: update to support 8.1.0

This commit is contained in:
Michael Scire
2019-06-18 23:23:31 -07:00
parent c96ae0148e
commit befd912a88
20 changed files with 218 additions and 140 deletions

View File

@@ -1,7 +1,19 @@
HOVI_ENC_KEY_PRD = bytearray.fromhex('00000000000000000000000000000000')
HOVI_ENC_KEY_DEV = bytearray.fromhex('00000000000000000000000000000000')
HOVI_SIG_KEY_PRD = bytearray.fromhex('00000000000000000000000000000000')
HOVI_SIG_KEY_DEV = bytearray.fromhex('00000000000000000000000000000000')
HOVI_KEK_KEY_PRD = bytearray.fromhex('00000000000000000000000000000000')
HOVI_KEK_KEY_DEV = bytearray.fromhex('00000000000000000000000000000000')
IV = bytearray.fromhex('00000000000000000000000000000000')
NUM_KEYS = 2
HOVI_ENC_KEY_PRD = [
bytearray.fromhex('00000000000000000000000000000000'),
bytearray.fromhex('00000000000000000000000000000000'),
]
HOVI_SIG_KEY_PRD = [
bytearray.fromhex('00000000000000000000000000000000'),
bytearray.fromhex('00000000000000000000000000000000'),
]
IV = [
bytearray.fromhex('00000000000000000000000000000000'),
bytearray.fromhex('00000000000000000000000000000000'),
]
assert len(HOVI_ENC_KEY_PRD) == NUM_KEYS
assert len(HOVI_SIG_KEY_PRD) == NUM_KEYS
assert len(IV) == NUM_KEYS

View File

@@ -137,12 +137,12 @@ clean:
@echo clean ...
@$(MAKE) -C $(AMS)/exosphere/rebootstub clean
@$(MAKE) -C key_derivation clean
@rm -fr $(BUILD) $(TARGET).bin $(TARGET).enc $(TARGET).elf
@rm -fr $(BUILD) $(TARGET).bin $(TARGET)_*.enc $(TARGET).elf
#---------------------------------------------------------------------------------
else
.PHONY: all
.PHONY: all $(OUTPUT).bin
DEPENDS := $(OFILES:.o=.d)

View File

@@ -20,7 +20,7 @@
#define AL16 __attribute__((aligned(16)))
#define DERIVATION_ID_MAX 1
#define DERIVATION_ID_MAX 2
static const uint8_t AL16 keyblob_seed_00[0x10] = {
0xDF, 0x20, 0x6F, 0x59, 0x44, 0x54, 0xEF, 0xDC, 0x70, 0x74, 0x48, 0x3B, 0x0D, 0xED, 0x9F, 0xD3
@@ -44,10 +44,12 @@ static const uint8_t AL16 masterkey_4x_seed[0x10] = {
static const uint8_t AL16 master_kek_seeds[DERIVATION_ID_MAX][0x10] = {
{0x9A, 0x3E, 0xA9, 0xAB, 0xFD, 0x56, 0x46, 0x1C, 0x9B, 0xF6, 0x48, 0x7F, 0x5C, 0xFA, 0x09, 0x5C},
{0xDE, 0xDC, 0xE3, 0x39, 0x30, 0x88, 0x16, 0xF8, 0xAE, 0x97, 0xAD, 0xEC, 0x64, 0x2D, 0x41, 0x41},
};
static const uint8_t AL16 master_devkey_seeds[DERIVATION_ID_MAX][0x10] = {
{0x8F, 0x77, 0x5A, 0x96, 0xB0, 0x94, 0xFD, 0x8D, 0x28, 0xE4, 0x19, 0xC8, 0x16, 0x1C, 0xDB, 0x3D},
{0x67, 0x62, 0xD4, 0x8E, 0x55, 0xCF, 0xFF, 0x41, 0x31, 0x15, 0x3B, 0x24, 0x0C, 0x7C, 0x07, 0xAE},
};
void derive_keys(void) {
@@ -101,7 +103,7 @@ void derive_keys(void) {
}
/* Derive master kek. */
decrypt_data_into_keyslot(0xE, 0xE, master_kek_seeds[0], 0x10);
decrypt_data_into_keyslot(0xE, 0xE, master_kek_seeds[derivation_id], 0x10);
/* Derive master key, device master key. */
decrypt_data_into_keyslot(0xC, 0xE, masterkey_seed, 0x10);
@@ -123,7 +125,7 @@ void derive_keys(void) {
decrypt_data_into_keyslot(0xF, 0xF, devicekey_seed, 0x10);
/* Derive firmware specific device key. */
se_aes_ecb_decrypt_block(0xA, work_buffer, 0x10, master_devkey_seeds[0], 0x10);
se_aes_ecb_decrypt_block(0xA, work_buffer, 0x10, master_devkey_seeds[derivation_id], 0x10);
decrypt_data_into_keyslot(0xE, 0xE, work_buffer, 0x10);
/* Clear work buffer. */

View File

@@ -1,5 +1,5 @@
#!/usr/bin/env python
import sys
import sys, os
from struct import pack as pk, unpack as up
from Crypto.Cipher import AES
from Crypto.Hash import CMAC
@@ -41,7 +41,7 @@ def get_last_block_for_desired_mac(key, data, desired_mac):
return last_block
def sign_encrypt_code(code, sig_key, enc_key, iv, desired_mac):
def sign_encrypt_code(code, sig_key, enc_key, iv, desired_mac, version):
# Pad with 0x20 of zeroes.
code = code + bytearray(0x20)
code_len = len(code)
@@ -49,6 +49,9 @@ def sign_encrypt_code(code, sig_key, enc_key, iv, desired_mac):
code_len &= ~0xFFF
code = code + bytearray(code_len - len(code))
# Insert version
code = code[:8] + pk('<I', version) + code[12:]
# Add empty trustzone, warmboot segments.
code = code + bytearray(0x1FE0 - 0x10)
pk11_hdr = b'PK11' + pk('<IIIIIII', 0x1000, 0, 0, code_len - 0x20, 0, 0x1000, 0)
@@ -69,8 +72,10 @@ def main(argc, argv):
if len(code) & 0xF:
code = code + bytearray(0x10 - (len(code) & 0xF))
# TODO: Support dev unit crypto
with open(argv[2], 'wb') as f:
f.write(sign_encrypt_code(code, KEYS.HOVI_SIG_KEY_PRD, KEYS.HOVI_ENC_KEY_PRD, KEYS.IV, b'THANKS_NVIDIA_<3'))
fn, fext = os.path.splitext(argv[2])
for key in range(KEYS.NUM_KEYS):
with open(fn + ('_%02X' % key) + fext, 'wb') as f:
f.write(sign_encrypt_code(code, KEYS.HOVI_SIG_KEY_PRD[key], KEYS.HOVI_ENC_KEY_PRD[key], KEYS.IV[key], b'THANKS_NVIDIA_<3', key))
return 0

View File

@@ -29,7 +29,7 @@
#undef u32
void derive_keys(void) {
void derive_keys(uint32_t version) {
/* Clear mailbox. */
volatile uint32_t *mailbox = (volatile uint32_t *)0x4003FF00;
while (*mailbox != 0) {
@@ -37,7 +37,7 @@ void derive_keys(void) {
}
/* Set derivation id. */
*((volatile uint32_t *)0x4003E800) = 0x0;
*((volatile uint32_t *)0x4003E800) = version;
/* Copy key derivation stub into IRAM high. */
for (size_t i = 0; i < key_derivation_bin_size; i += sizeof(uint32_t)) {

View File

@@ -21,7 +21,7 @@
#include <stdbool.h>
#include <stdint.h>
void derive_keys(void);
void derive_keys(uint32_t version);
void load_keys(const uint8_t *se_state);
#endif

View File

@@ -48,7 +48,7 @@ static void set_has_rebooted(bool rebooted) {
}
static void exfiltrate_keys_and_reboot_if_needed(void) {
static void exfiltrate_keys_and_reboot_if_needed(uint32_t version) {
volatile tegra_pmc_t *pmc = pmc_get_regs();
uint8_t *enc_se_state = (uint8_t *)0x4003E000;
uint8_t *dec_se_state = (uint8_t *)0x4003F000;
@@ -59,7 +59,7 @@ static void exfiltrate_keys_and_reboot_if_needed(void) {
set_has_rebooted(true);
/* Derive keys. */
derive_keys();
derive_keys(version);
reboot_to_self();
} else {
@@ -135,14 +135,14 @@ static void exit_callback(int rc) {
relocate_and_chainload();
}
int main(void) {
int sept_main(uint32_t version) {
const char *stage2_path;
stage2_args_t *stage2_args;
uint32_t stage2_version = 0;
ScreenLogLevel log_level = SCREEN_LOG_LEVEL_NONE;
/* Extract keys from the security engine, which TSEC FW locked down. */
exfiltrate_keys_and_reboot_if_needed();
exfiltrate_keys_and_reboot_if_needed(version);
/* Override the global logging level. */
log_set_log_level(log_level);

View File

@@ -13,7 +13,7 @@
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
.macro CLEAR_GPR_REG_ITER
mov r\@, #0
.endm
@@ -26,13 +26,18 @@
_start:
/* Switch to system mode, mask all interrupts, clear all flags */
msr cpsr_cxsf, #0xDF
b begin_relocation_loop
_version:
.word 0x00000000 /* Version. */
.word 0x00000000 /* Reserved. */
begin_relocation_loop:
/* Relocate ourselves if necessary */
ldr r2, =__start__
adr r3, _start
cmp r2, r3
beq _relocation_loop_end
/* If we are relocating, we are not rebooting to ourselves. Note that. */
ldr r0, =0x4003FFFC
mov r1, #0x0
@@ -50,12 +55,12 @@ _start:
ldr r12, =_second_relocation_start
bx r12
_second_relocation_start:
ldr r4, =__bss_start__
sub r4, r4, r2
mov r1, #0x0
_second_relocation_loop:
ldmia r3!, {r5-r12}
stmia r2!, {r5-r12}
@@ -67,7 +72,7 @@ _start:
bx r12
_relocation_loop_end:
/* Set the stack pointer */
ldr sp, =__stack_top__
mov fp, #0
@@ -78,7 +83,9 @@ _start:
CLEAR_GPR_REG_ITER
.endr
ldr lr, =__program_exit
b main
ldr r0, =_version
ldr r0, [r0]
b sept_main
/* No need to include this in normal programs: */
.section .chainloader.text.start, "ax", %progbits