OmniNX/hekate
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

se: Refactor with proper names

Browse Source 
Additionally fix some bugs in rsa access control
This commit is contained in:
CTCaer
2021-02-06 02:55:58 +02:00
parent 8038e1faa9
commit a7bf8bf118
12 changed files with 604 additions and 675 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
nyx/nyx_gui/hos/pkg2.c
View File

@@ -24,6 +24,7 @@
#include <libs/fatfs/ff.h>
#include <mem/heap.h>
#include <sec/se.h>
#include <sec/se_t210.h>
#include <libs/compr/blz.h>
#include <gfx_utils.h>
@@ -111,7 +112,7 @@ DPRINTF(" kip1 %d:%s @ %08X (%08X)\n", i, kip1->name, (u32)kip1, ki->size);
return true;
}
static const u8 mkey_vector_8xx[][0x10] =
static const u8 mkey_vector_8xx[][SE_KEY_128_SIZE] =
{
// Master key 8 encrypted with 9. (8.1.0 with 9.0.0)
{ 0x4D, 0xD9, 0x98, 0x42, 0x45, 0x0D, 0xB1, 0x3C, 0x52, 0x0C, 0x9A, 0x44, 0xBB, 0xAD, 0xAF, 0x80 },
@@ -122,10 +123,10 @@ static const u8 mkey_vector_8xx[][0x10] =
static bool _pkg2_key_unwrap_validate(pkg2_hdr_t *tmp_test, pkg2_hdr_t *hdr, u8 src_slot, u8 *mkey, const u8 *key_seed)
{
// Decrypt older encrypted mkey.
se_aes_crypt_ecb(src_slot, 0, mkey, 0x10, key_seed, 0x10);
se_aes_crypt_ecb(src_slot, 0, mkey, SE_KEY_128_SIZE, key_seed, SE_KEY_128_SIZE);
// Set and unwrap pkg2 key.
se_aes_key_clear(9);
se_aes_key_set(9, mkey, 0x10);
se_aes_key_set(9, mkey, SE_KEY_128_SIZE);
se_aes_unwrap_key(9, 9, package2_keyseed);
// Decrypt header.
@@ -158,9 +159,9 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb)
// Decrypt older pkg2 via new mkeys.
if ((kb >= KB_FIRMWARE_VERSION_810) && (kb < KB_FIRMWARE_VERSION_MAX))
{
u8 tmp_mkey[0x10];
u8 tmp_mkey[SE_KEY_128_SIZE];
u8 decr_slot = !h_cfg.t210b01 ? (!h_cfg.aes_slots_new ? 12 : 13) : 7; // Sept mkey or T210B01 mkey.
u8 mkey_seeds_cnt = sizeof(mkey_vector_8xx) / 0x10;
u8 mkey_seeds_cnt = sizeof(mkey_vector_8xx) / SE_KEY_128_SIZE;
u8 mkey_seeds_idx = mkey_seeds_cnt; // Real index + 1.
u8 mkey_seeds_min_idx = mkey_seeds_cnt - (KB_FIRMWARE_VERSION_MAX - kb);
@@ -180,7 +181,7 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb)
// Set current mkey in order to decrypt a lower mkey.
mkey_seeds_idx--;
se_aes_key_clear(9);
se_aes_key_set(9, tmp_mkey, 0x10);
se_aes_key_set(9, tmp_mkey, SE_KEY_128_SIZE);
decr_slot = 9; // Temp key.
@@ -214,7 +215,7 @@ DPRINTF("sec %d has size %08X\n", i, hdr->sec_size[i]);
if (!hdr->sec_size[i])
continue;
se_aes_crypt_ctr(keyslot, pdata, hdr->sec_size[i], pdata, hdr->sec_size[i], &hdr->sec_ctr[i * 0x10]);
se_aes_crypt_ctr(keyslot, pdata, hdr->sec_size[i], pdata, hdr->sec_size[i], &hdr->sec_ctr[i * SE_AES_IV_SIZE]);
//gfx_hexdump((u32)pdata, pdata, 0x100);
pdata += hdr->sec_size[i];