hekate/nyx: update aes calls based on new bdk
This commit is contained in:
CTCaer
@@ -166,7 +166,7 @@ static void _hos_eks_get()
|
|||||||
|
|
||||||
// Decrypt EKS blob.
|
// Decrypt EKS blob.
|
||||||
hos_eks_mbr_t *eks = (hos_eks_mbr_t *)(mbr + 0x80);
|
hos_eks_mbr_t *eks = (hos_eks_mbr_t *)(mbr + 0x80);
|
||||||
se_aes_crypt_ecb(14, DECRYPT, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
se_aes_crypt_ecb(14, DECRYPT, eks, eks, sizeof(hos_eks_mbr_t));
|
||||||
|
|
||||||
// Check if valid and for this unit.
|
// Check if valid and for this unit.
|
||||||
if (eks->magic == HOS_EKS_MAGIC && eks->lot0 == FUSE(FUSE_OPT_LOT_CODE_0))
|
if (eks->magic == HOS_EKS_MAGIC && eks->lot0 == FUSE(FUSE_OPT_LOT_CODE_0))
|
||||||
@@ -227,7 +227,7 @@ static void _hos_eks_save()
|
|||||||
// Encrypt EKS blob.
|
// Encrypt EKS blob.
|
||||||
u8 *eks = malloc(sizeof(hos_eks_mbr_t));
|
u8 *eks = malloc(sizeof(hos_eks_mbr_t));
|
||||||
memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t));
|
memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t));
|
||||||
se_aes_crypt_ecb(14, ENCRYPT, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
se_aes_crypt_ecb(14, ENCRYPT, eks, eks, sizeof(hos_eks_mbr_t));
|
||||||
|
|
||||||
// Write EKS blob to SD.
|
// Write EKS blob to SD.
|
||||||
memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
|
memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
|
||||||
@@ -262,7 +262,7 @@ static void _hos_eks_clear(u32 mkey)
|
|||||||
// Encrypt EKS blob.
|
// Encrypt EKS blob.
|
||||||
u8 *eks = malloc(sizeof(hos_eks_mbr_t));
|
u8 *eks = malloc(sizeof(hos_eks_mbr_t));
|
||||||
memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t));
|
memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t));
|
||||||
se_aes_crypt_ecb(14, ENCRYPT, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
se_aes_crypt_ecb(14, ENCRYPT, eks, eks, sizeof(hos_eks_mbr_t));
|
||||||
|
|
||||||
// Write EKS blob to SD.
|
// Write EKS blob to SD.
|
||||||
memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
|
memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
|
||||||
@@ -406,7 +406,7 @@ static int _hos_keygen(pkg1_eks_t *eks, u32 mkey, tsec_ctxt_t *tsec_ctxt, bool s
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
// Decrypt eks and set keyslots.
|
// Decrypt eks and set keyslots.
|
||||||
se_aes_crypt_block_ecb(12, DECRYPT, tsec_keys.tmp, eks_keyseeds[0]);
|
se_aes_crypt_ecb(12, DECRYPT, tsec_keys.tmp, eks_keyseeds[0], SE_KEY_128_SIZE);
|
||||||
se_aes_unwrap_key(15, 14, tsec_keys.tmp);
|
se_aes_unwrap_key(15, 14, tsec_keys.tmp);
|
||||||
|
|
||||||
// Derive device keys.
|
// Derive device keys.
|
||||||
@@ -442,7 +442,7 @@ static int _hos_keygen(pkg1_eks_t *eks, u32 mkey, tsec_ctxt_t *tsec_ctxt, bool s
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
// Decrypt eks and set keyslots for Exosphere 2.
|
// Decrypt eks and set keyslots for Exosphere 2.
|
||||||
se_aes_crypt_block_ecb(12, DECRYPT, tsec_keys.tmp, eks_keyseeds[0]);
|
se_aes_crypt_ecb(12, DECRYPT, tsec_keys.tmp, eks_keyseeds[0], SE_KEY_128_SIZE);
|
||||||
se_aes_unwrap_key(15, 14, tsec_keys.tmp);
|
se_aes_unwrap_key(15, 14, tsec_keys.tmp);
|
||||||
|
|
||||||
// Derive device keys.
|
// Derive device keys.
|
||||||
@@ -469,9 +469,9 @@ static int _hos_keygen(pkg1_eks_t *eks, u32 mkey, tsec_ctxt_t *tsec_ctxt, bool s
|
|||||||
se_aes_key_set(13, tsec_keys.tsec, SE_KEY_128_SIZE);
|
se_aes_key_set(13, tsec_keys.tsec, SE_KEY_128_SIZE);
|
||||||
|
|
||||||
// Derive eks keys from TSEC+SBK.
|
// Derive eks keys from TSEC+SBK.
|
||||||
se_aes_crypt_block_ecb(13, DECRYPT, tsec_keys.tsec, eks_keyseeds[0]);
|
se_aes_crypt_ecb(13, DECRYPT, tsec_keys.tsec, eks_keyseeds[0], SE_KEY_128_SIZE);
|
||||||
se_aes_unwrap_key(15, 14, tsec_keys.tsec);
|
se_aes_unwrap_key(15, 14, tsec_keys.tsec);
|
||||||
se_aes_crypt_block_ecb(13, DECRYPT, tsec_keys.tsec, eks_keyseeds[mkey]);
|
se_aes_crypt_ecb(13, DECRYPT, tsec_keys.tsec, eks_keyseeds[mkey], SE_KEY_128_SIZE);
|
||||||
se_aes_unwrap_key(13, 14, tsec_keys.tsec);
|
se_aes_unwrap_key(13, 14, tsec_keys.tsec);
|
||||||
|
|
||||||
// Clear SBK.
|
// Clear SBK.
|
||||||
@@ -481,21 +481,21 @@ static int _hos_keygen(pkg1_eks_t *eks, u32 mkey, tsec_ctxt_t *tsec_ctxt, bool s
|
|||||||
// Verify eks CMAC.
|
// Verify eks CMAC.
|
||||||
u8 cmac[SE_KEY_128_SIZE];
|
u8 cmac[SE_KEY_128_SIZE];
|
||||||
se_aes_unwrap_key(11, 13, cmac_keyseed);
|
se_aes_unwrap_key(11, 13, cmac_keyseed);
|
||||||
se_aes_cmac(cmac, SE_KEY_128_SIZE, 11, (void *)eks->ctr, sizeof(eks->ctr) + sizeof(eks->keys));
|
se_aes_hash_cmac(cmac, SE_KEY_128_SIZE, 11, (void *)eks->ctr, sizeof(eks->ctr) + sizeof(eks->keys));
|
||||||
if (!memcmp(eks->cmac, cmac, SE_KEY_128_SIZE))
|
if (!memcmp(eks->cmac, cmac, SE_KEY_128_SIZE))
|
||||||
return 0;
|
return 0;
|
||||||
*/
|
*/
|
||||||
|
|
||||||
se_aes_crypt_block_ecb(13, DECRYPT, tsec_keys.tsec, cmac_keyseed);
|
se_aes_crypt_ecb(13, DECRYPT, tsec_keys.tsec, cmac_keyseed, SE_KEY_128_SIZE);
|
||||||
se_aes_unwrap_key(11, 13, cmac_keyseed);
|
se_aes_unwrap_key(11, 13, cmac_keyseed);
|
||||||
|
|
||||||
// Decrypt eks and set keyslots.
|
// Decrypt eks and set keyslots.
|
||||||
se_aes_crypt_ctr(13, &eks->keys, sizeof(eks_keys_t), &eks->keys, sizeof(eks_keys_t), eks->ctr);
|
se_aes_crypt_ctr(13, &eks->keys, &eks->keys, sizeof(eks_keys_t), eks->ctr);
|
||||||
se_aes_key_set(11, eks->keys.package1_key, SE_KEY_128_SIZE);
|
se_aes_key_set(11, eks->keys.package1_key, SE_KEY_128_SIZE);
|
||||||
se_aes_key_set(12, eks->keys.master_kekseed, SE_KEY_128_SIZE);
|
se_aes_key_set(12, eks->keys.master_kekseed, SE_KEY_128_SIZE);
|
||||||
se_aes_key_set(13, eks->keys.master_kekseed, SE_KEY_128_SIZE);
|
se_aes_key_set(13, eks->keys.master_kekseed, SE_KEY_128_SIZE);
|
||||||
|
|
||||||
se_aes_crypt_block_ecb(12, DECRYPT, tsec_keys.tsec, master_keyseed_retail);
|
se_aes_crypt_ecb(12, DECRYPT, tsec_keys.tsec, master_keyseed_retail, SE_KEY_128_SIZE);
|
||||||
|
|
||||||
if (!is_exo)
|
if (!is_exo)
|
||||||
{
|
{
|
||||||
@@ -839,7 +839,7 @@ void hos_launch(ini_sec_t *cfg)
|
|||||||
if (h_cfg.t210b01)
|
if (h_cfg.t210b01)
|
||||||
{
|
{
|
||||||
u32 bek_vector[4] = {0};
|
u32 bek_vector[4] = {0};
|
||||||
se_aes_crypt_ecb(13, ENCRYPT, bek_vector, SE_KEY_128_SIZE, bek_vector, SE_KEY_128_SIZE);
|
se_aes_crypt_ecb(13, ENCRYPT, bek_vector, bek_vector, SE_KEY_128_SIZE);
|
||||||
if (bek_vector[0] == 0x59C14895) // Encrypted zeroes first 32bits.
|
if (bek_vector[0] == 0x59C14895) // Encrypted zeroes first 32bits.
|
||||||
EPRINTF("Pkg1 corrupt?");
|
EPRINTF("Pkg1 corrupt?");
|
||||||
else
|
else
|
||||||
|
|||||||
@@ -205,7 +205,7 @@ int pkg1_decrypt(const pkg1_id_t *id, u8 *pkg1)
|
|||||||
u8 *pkg11 = pkg1 + id->pkg11_off;
|
u8 *pkg11 = pkg1 + id->pkg11_off;
|
||||||
u32 pkg11_size = *(u32 *)pkg11;
|
u32 pkg11_size = *(u32 *)pkg11;
|
||||||
hdr = (pk11_hdr_t *)(pkg11 + 0x20);
|
hdr = (pk11_hdr_t *)(pkg11 + 0x20);
|
||||||
se_aes_crypt_ctr(11, hdr, pkg11_size, hdr, pkg11_size, pkg11 + 0x10);
|
se_aes_crypt_ctr(11, hdr, hdr, pkg11_size, pkg11 + 0x10);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@@ -216,7 +216,7 @@ int pkg1_decrypt(const pkg1_id_t *id, u8 *pkg1)
|
|||||||
// Use BEK for T210B01.
|
// Use BEK for T210B01.
|
||||||
// Additionally, skip 0x20 bytes from decryption to maintain the header.
|
// Additionally, skip 0x20 bytes from decryption to maintain the header.
|
||||||
se_aes_iv_clear(13);
|
se_aes_iv_clear(13);
|
||||||
se_aes_crypt_cbc(13, DECRYPT, pkg1 + 0x20, oem_hdr->size - 0x20, pkg1 + 0x20, oem_hdr->size - 0x20);
|
se_aes_crypt_cbc(13, DECRYPT, pkg1 + 0x20, pkg1 + 0x20, oem_hdr->size - 0x20);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Return if header is valid.
|
// Return if header is valid.
|
||||||
|
|||||||
@@ -708,7 +708,7 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 mkey, bool is_exo)
|
|||||||
u8 tmp_mkey[SE_KEY_128_SIZE];
|
u8 tmp_mkey[SE_KEY_128_SIZE];
|
||||||
|
|
||||||
// Decrypt 7.0.0 encrypted mkey.
|
// Decrypt 7.0.0 encrypted mkey.
|
||||||
se_aes_crypt_ecb(!is_exo ? 7 : 13, DECRYPT, tmp_mkey, SE_KEY_128_SIZE, mkey_vector_7xx, SE_KEY_128_SIZE);
|
se_aes_crypt_ecb(!is_exo ? 7 : 13, DECRYPT, tmp_mkey, mkey_vector_7xx, SE_KEY_128_SIZE);
|
||||||
|
|
||||||
// Set and unwrap pkg2 key.
|
// Set and unwrap pkg2 key.
|
||||||
se_aes_key_set(9, tmp_mkey, SE_KEY_128_SIZE);
|
se_aes_key_set(9, tmp_mkey, SE_KEY_128_SIZE);
|
||||||
@@ -718,7 +718,7 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 mkey, bool is_exo)
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Decrypt header.
|
// Decrypt header.
|
||||||
se_aes_crypt_ctr(pkg2_keyslot, hdr, sizeof(pkg2_hdr_t), hdr, sizeof(pkg2_hdr_t), hdr);
|
se_aes_crypt_ctr(pkg2_keyslot, hdr, hdr, sizeof(pkg2_hdr_t), hdr);
|
||||||
|
|
||||||
if (hdr->magic != PKG2_MAGIC)
|
if (hdr->magic != PKG2_MAGIC)
|
||||||
return NULL;
|
return NULL;
|
||||||
@@ -730,7 +730,7 @@ DPRINTF("sec %d has size %08X\n", i, hdr->sec_size[i]);
|
|||||||
if (!hdr->sec_size[i])
|
if (!hdr->sec_size[i])
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
se_aes_crypt_ctr(pkg2_keyslot, pdata, hdr->sec_size[i], pdata, hdr->sec_size[i], &hdr->sec_ctr[i * SE_AES_IV_SIZE]);
|
se_aes_crypt_ctr(pkg2_keyslot, pdata, pdata, hdr->sec_size[i], &hdr->sec_ctr[i * SE_AES_IV_SIZE]);
|
||||||
|
|
||||||
pdata += hdr->sec_size[i];
|
pdata += hdr->sec_size[i];
|
||||||
}
|
}
|
||||||
@@ -776,7 +776,7 @@ DPRINTF("adding kip1 '%s' @ %08X (%08X)\n", (char *)ki->kip1->name, (u32)ki->kip
|
|||||||
{
|
{
|
||||||
hdr->sec_size[PKG2_SEC_INI1] = ini1_size;
|
hdr->sec_size[PKG2_SEC_INI1] = ini1_size;
|
||||||
hdr->sec_off[PKG2_SEC_INI1] = 0x14080000;
|
hdr->sec_off[PKG2_SEC_INI1] = 0x14080000;
|
||||||
se_aes_crypt_ctr(8, ini1, ini1_size, ini1, ini1_size, &hdr->sec_ctr[PKG2_SEC_INI1 * SE_AES_IV_SIZE]);
|
se_aes_crypt_ctr(8, ini1, ini1, ini1_size, &hdr->sec_ctr[PKG2_SEC_INI1 * SE_AES_IV_SIZE]);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@@ -854,7 +854,7 @@ DPRINTF("%s @ %08X (%08X)\n", is_meso ? "Mesosphere": "kernel",(u32)ctxt->kernel
|
|||||||
kernel_size += ini1_size;
|
kernel_size += ini1_size;
|
||||||
}
|
}
|
||||||
hdr->sec_size[PKG2_SEC_KERNEL] = kernel_size;
|
hdr->sec_size[PKG2_SEC_KERNEL] = kernel_size;
|
||||||
se_aes_crypt_ctr(pkg2_keyslot, pdst, kernel_size, pdst, kernel_size, &hdr->sec_ctr[PKG2_SEC_KERNEL * SE_AES_IV_SIZE]);
|
se_aes_crypt_ctr(pkg2_keyslot, pdst, pdst, kernel_size, &hdr->sec_ctr[PKG2_SEC_KERNEL * SE_AES_IV_SIZE]);
|
||||||
pdst += kernel_size;
|
pdst += kernel_size;
|
||||||
DPRINTF("kernel encrypted\n");
|
DPRINTF("kernel encrypted\n");
|
||||||
|
|
||||||
@@ -878,7 +878,7 @@ DPRINTF("INI1 encrypted\n");
|
|||||||
// Encrypt header.
|
// Encrypt header.
|
||||||
*(u32 *)hdr->ctr = 0x100 + sizeof(pkg2_hdr_t) + kernel_size + ini1_size;
|
*(u32 *)hdr->ctr = 0x100 + sizeof(pkg2_hdr_t) + kernel_size + ini1_size;
|
||||||
hdr->ctr[4] = key_ver;
|
hdr->ctr[4] = key_ver;
|
||||||
se_aes_crypt_ctr(pkg2_keyslot, hdr, sizeof(pkg2_hdr_t), hdr, sizeof(pkg2_hdr_t), hdr);
|
se_aes_crypt_ctr(pkg2_keyslot, hdr, hdr, sizeof(pkg2_hdr_t), hdr);
|
||||||
memset(hdr->ctr, 0 , SE_AES_IV_SIZE);
|
memset(hdr->ctr, 0 , SE_AES_IV_SIZE);
|
||||||
*(u32 *)hdr->ctr = 0x100 + sizeof(pkg2_hdr_t) + kernel_size + ini1_size;
|
*(u32 *)hdr->ctr = 0x100 + sizeof(pkg2_hdr_t) + kernel_size + ini1_size;
|
||||||
hdr->ctr[4] = key_ver;
|
hdr->ctr[4] = key_ver;
|
||||||
|
|||||||
@@ -1286,7 +1286,7 @@ static lv_res_t _create_window_dump_pk12_tool(lv_obj_t *btn)
|
|||||||
if (h_cfg.t210b01)
|
if (h_cfg.t210b01)
|
||||||
{
|
{
|
||||||
se_aes_iv_clear(13);
|
se_aes_iv_clear(13);
|
||||||
se_aes_crypt_cbc(13, DECRYPT, bct + 0x480, BCT_SIZE - 0x480, bct + 0x480, BCT_SIZE - 0x480);
|
se_aes_crypt_cbc(13, DECRYPT, bct + 0x480, bct + 0x480, BCT_SIZE - 0x480);
|
||||||
emmcsn_path_impl(path, bct_paths[idx], "bct_decr.bin", &emmc_storage);
|
emmcsn_path_impl(path, bct_paths[idx], "bct_decr.bin", &emmc_storage);
|
||||||
if (sd_save_to_file(bct, 0x2800, path))
|
if (sd_save_to_file(bct, 0x2800, path))
|
||||||
goto out;
|
goto out;
|
||||||
@@ -1341,8 +1341,7 @@ static lv_res_t _create_window_dump_pk12_tool(lv_obj_t *btn)
|
|||||||
{
|
{
|
||||||
|
|
||||||
se_aes_iv_clear(13);
|
se_aes_iv_clear(13);
|
||||||
se_aes_crypt_cbc(13, DECRYPT, warmboot + 0x330, hdr_pk11->wb_size - 0x330,
|
se_aes_crypt_cbc(13, DECRYPT, warmboot + 0x330, warmboot + 0x330, hdr_pk11->wb_size - 0x330);
|
||||||
warmboot + 0x330, hdr_pk11->wb_size - 0x330);
|
|
||||||
emmcsn_path_impl(path, pkg1_paths[idx], "warmboot_dec.bin", &emmc_storage);
|
emmcsn_path_impl(path, pkg1_paths[idx], "warmboot_dec.bin", &emmc_storage);
|
||||||
if (sd_save_to_file(warmboot, hdr_pk11->wb_size, path))
|
if (sd_save_to_file(warmboot, hdr_pk11->wb_size, path))
|
||||||
goto out;
|
goto out;
|
||||||
|
|||||||
@@ -208,7 +208,7 @@ static void _hos_eks_get()
|
|||||||
|
|
||||||
// Decrypt EKS blob.
|
// Decrypt EKS blob.
|
||||||
hos_eks_mbr_t *eks = (hos_eks_mbr_t *)(mbr + 0x80);
|
hos_eks_mbr_t *eks = (hos_eks_mbr_t *)(mbr + 0x80);
|
||||||
se_aes_crypt_ecb(14, DECRYPT, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
se_aes_crypt_ecb(14, DECRYPT, eks, eks, sizeof(hos_eks_mbr_t));
|
||||||
|
|
||||||
// Check if valid and for this unit.
|
// Check if valid and for this unit.
|
||||||
if (eks->magic == HOS_EKS_MAGIC && eks->lot0 == FUSE(FUSE_OPT_LOT_CODE_0))
|
if (eks->magic == HOS_EKS_MAGIC && eks->lot0 == FUSE(FUSE_OPT_LOT_CODE_0))
|
||||||
@@ -269,7 +269,7 @@ static void _hos_eks_save()
|
|||||||
// Encrypt EKS blob.
|
// Encrypt EKS blob.
|
||||||
u8 *eks = malloc(sizeof(hos_eks_mbr_t));
|
u8 *eks = malloc(sizeof(hos_eks_mbr_t));
|
||||||
memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t));
|
memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t));
|
||||||
se_aes_crypt_ecb(14, ENCRYPT, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
se_aes_crypt_ecb(14, ENCRYPT, eks, eks, sizeof(hos_eks_mbr_t));
|
||||||
|
|
||||||
// Write EKS blob to SD.
|
// Write EKS blob to SD.
|
||||||
memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
|
memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
|
||||||
@@ -304,7 +304,7 @@ void hos_eks_clear(u32 mkey)
|
|||||||
// Encrypt EKS blob.
|
// Encrypt EKS blob.
|
||||||
u8 *eks = malloc(sizeof(hos_eks_mbr_t));
|
u8 *eks = malloc(sizeof(hos_eks_mbr_t));
|
||||||
memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t));
|
memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t));
|
||||||
se_aes_crypt_ecb(14, ENCRYPT, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
se_aes_crypt_ecb(14, ENCRYPT, eks, eks, sizeof(hos_eks_mbr_t));
|
||||||
|
|
||||||
// Write EKS blob to SD.
|
// Write EKS blob to SD.
|
||||||
memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
|
memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
|
||||||
@@ -423,7 +423,7 @@ int hos_keygen(pkg1_eks_t *eks, u32 mkey, tsec_ctxt_t *tsec_ctxt)
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Decrypt eks and set keyslots.
|
// Decrypt eks and set keyslots.
|
||||||
se_aes_crypt_block_ecb(12, DECRYPT, tsec_keys.tmp, eks_keyseeds[0]);
|
se_aes_crypt_ecb(12, DECRYPT, tsec_keys.tmp, eks_keyseeds[0], SE_KEY_128_SIZE);
|
||||||
se_aes_unwrap_key(15, 14, tsec_keys.tmp);
|
se_aes_unwrap_key(15, 14, tsec_keys.tmp);
|
||||||
|
|
||||||
// Derive device keys.
|
// Derive device keys.
|
||||||
@@ -447,7 +447,7 @@ int hos_keygen(pkg1_eks_t *eks, u32 mkey, tsec_ctxt_t *tsec_ctxt)
|
|||||||
se_aes_key_set(13, tsec_keys.tsec_root, SE_KEY_128_SIZE);
|
se_aes_key_set(13, tsec_keys.tsec_root, SE_KEY_128_SIZE);
|
||||||
|
|
||||||
// Decrypt eks and set keyslots.
|
// Decrypt eks and set keyslots.
|
||||||
se_aes_crypt_block_ecb(12, DECRYPT, tsec_keys.tmp, eks_keyseeds[0]);
|
se_aes_crypt_ecb(12, DECRYPT, tsec_keys.tmp, eks_keyseeds[0], SE_KEY_128_SIZE);
|
||||||
se_aes_unwrap_key(15, 14, tsec_keys.tmp);
|
se_aes_unwrap_key(15, 14, tsec_keys.tmp);
|
||||||
|
|
||||||
// Derive device keys.
|
// Derive device keys.
|
||||||
@@ -469,30 +469,30 @@ int hos_keygen(pkg1_eks_t *eks, u32 mkey, tsec_ctxt_t *tsec_ctxt)
|
|||||||
se_aes_key_set(13, tsec_keys.tsec, SE_KEY_128_SIZE);
|
se_aes_key_set(13, tsec_keys.tsec, SE_KEY_128_SIZE);
|
||||||
|
|
||||||
// Derive eks keys from TSEC+SBK.
|
// Derive eks keys from TSEC+SBK.
|
||||||
se_aes_crypt_block_ecb(13, DECRYPT, tsec_keys.tsec, eks_keyseeds[0]);
|
se_aes_crypt_ecb(13, DECRYPT, tsec_keys.tsec, eks_keyseeds[0], SE_KEY_128_SIZE);
|
||||||
se_aes_unwrap_key(15, 14, tsec_keys.tsec);
|
se_aes_unwrap_key(15, 14, tsec_keys.tsec);
|
||||||
se_aes_crypt_block_ecb(13, DECRYPT, tsec_keys.tsec, eks_keyseeds[mkey]);
|
se_aes_crypt_ecb(13, DECRYPT, tsec_keys.tsec, eks_keyseeds[mkey], SE_KEY_128_SIZE);
|
||||||
se_aes_unwrap_key(13, 14, tsec_keys.tsec);
|
se_aes_unwrap_key(13, 14, tsec_keys.tsec);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
// Verify eks CMAC.
|
// Verify eks CMAC.
|
||||||
u8 cmac[SE_KEY_128_SIZE];
|
u8 cmac[SE_KEY_128_SIZE];
|
||||||
se_aes_unwrap_key(11, 13, cmac_keyseed);
|
se_aes_unwrap_key(11, 13, cmac_keyseed);
|
||||||
se_aes_cmac(cmac, SE_KEY_128_SIZE, 11, (void *)eks->ctr, sizeof(eks->ctr) + sizeof(eks->keys));
|
se_aes_hash_cmac(cmac, SE_KEY_128_SIZE, 11, (void *)eks->ctr, sizeof(eks->ctr) + sizeof(eks->keys));
|
||||||
if (!memcmp(eks->cmac, cmac, SE_KEY_128_SIZE))
|
if (!memcmp(eks->cmac, cmac, SE_KEY_128_SIZE))
|
||||||
return 0;
|
return 0;
|
||||||
*/
|
*/
|
||||||
|
|
||||||
se_aes_crypt_block_ecb(13, DECRYPT, tsec_keys.tsec, cmac_keyseed);
|
se_aes_crypt_ecb(13, DECRYPT, tsec_keys.tsec, cmac_keyseed, SE_KEY_128_SIZE);
|
||||||
se_aes_unwrap_key(11, 13, cmac_keyseed);
|
se_aes_unwrap_key(11, 13, cmac_keyseed);
|
||||||
|
|
||||||
// Decrypt eks and set keyslots.
|
// Decrypt eks and set keyslots.
|
||||||
se_aes_crypt_ctr(13, &eks->keys, sizeof(eks_keys_t), &eks->keys, sizeof(eks_keys_t), eks->ctr);
|
se_aes_crypt_ctr(13, &eks->keys, &eks->keys, sizeof(eks_keys_t), eks->ctr);
|
||||||
se_aes_key_set(11, eks->keys.package1_key, SE_KEY_128_SIZE);
|
se_aes_key_set(11, eks->keys.package1_key, SE_KEY_128_SIZE);
|
||||||
se_aes_key_set(12, eks->keys.master_kekseed, SE_KEY_128_SIZE);
|
se_aes_key_set(12, eks->keys.master_kekseed, SE_KEY_128_SIZE);
|
||||||
se_aes_key_set(13, eks->keys.master_kekseed, SE_KEY_128_SIZE);
|
se_aes_key_set(13, eks->keys.master_kekseed, SE_KEY_128_SIZE);
|
||||||
|
|
||||||
se_aes_crypt_block_ecb(12, DECRYPT, tsec_keys.tsec, master_keyseed_retail);
|
se_aes_crypt_ecb(12, DECRYPT, tsec_keys.tsec, master_keyseed_retail, SE_KEY_128_SIZE);
|
||||||
|
|
||||||
switch (mkey)
|
switch (mkey)
|
||||||
{
|
{
|
||||||
@@ -531,12 +531,11 @@ static void _hos_validate_mkey()
|
|||||||
do
|
do
|
||||||
{
|
{
|
||||||
mkey_idx--;
|
mkey_idx--;
|
||||||
se_aes_crypt_ecb(7, DECRYPT, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx], SE_KEY_128_SIZE);
|
se_aes_crypt_ecb(7, DECRYPT, tmp_mkey, mkey_vectors[mkey_idx], SE_KEY_128_SIZE);
|
||||||
for (u32 idx = 0; idx < mkey_idx; idx++)
|
for (u32 idx = 0; idx < mkey_idx; idx++)
|
||||||
{
|
{
|
||||||
se_aes_key_clear(2);
|
|
||||||
se_aes_key_set(2, tmp_mkey, SE_KEY_128_SIZE);
|
se_aes_key_set(2, tmp_mkey, SE_KEY_128_SIZE);
|
||||||
se_aes_crypt_ecb(2, DECRYPT, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx - 1 - idx], SE_KEY_128_SIZE);
|
se_aes_crypt_ecb(2, DECRYPT, tmp_mkey, mkey_vectors[mkey_idx - 1 - idx], SE_KEY_128_SIZE);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!memcmp(tmp_mkey, "\x00\x00\x00\x00\x00\x00\x00\x00", 8))
|
if (!memcmp(tmp_mkey, "\x00\x00\x00\x00\x00\x00\x00\x00", 8))
|
||||||
@@ -593,19 +592,17 @@ int hos_bis_keygen()
|
|||||||
do
|
do
|
||||||
{
|
{
|
||||||
mkey_idx--;
|
mkey_idx--;
|
||||||
se_aes_crypt_ecb(7, DECRYPT, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx], SE_KEY_128_SIZE);
|
se_aes_crypt_ecb(7, DECRYPT, tmp_mkey, mkey_vectors[mkey_idx], SE_KEY_128_SIZE);
|
||||||
for (u32 idx = 0; idx < mkey_idx; idx++)
|
for (u32 idx = 0; idx < mkey_idx; idx++)
|
||||||
{
|
{
|
||||||
se_aes_key_clear(2);
|
|
||||||
se_aes_key_set(2, tmp_mkey, SE_KEY_128_SIZE);
|
se_aes_key_set(2, tmp_mkey, SE_KEY_128_SIZE);
|
||||||
se_aes_crypt_ecb(2, DECRYPT, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx - 1 - idx], SE_KEY_128_SIZE);
|
se_aes_crypt_ecb(2, DECRYPT, tmp_mkey, mkey_vectors[mkey_idx - 1 - idx], SE_KEY_128_SIZE);
|
||||||
}
|
}
|
||||||
} while (memcmp(tmp_mkey, "\x00\x00\x00\x00\x00\x00\x00\x00", 8) != 0 && (mkey_idx - 1));
|
} while (memcmp(tmp_mkey, "\x00\x00\x00\x00\x00\x00\x00\x00", 8) != 0 && (mkey_idx - 1));
|
||||||
|
|
||||||
// Derive new device key.
|
// Derive new device key.
|
||||||
se_aes_key_clear(1);
|
|
||||||
se_aes_unwrap_key(1, 10, new_console_keyseed[keygen_rev]); // Uses Device key 4x.
|
se_aes_unwrap_key(1, 10, new_console_keyseed[keygen_rev]); // Uses Device key 4x.
|
||||||
se_aes_crypt_ecb(10, DECRYPT, tmp_mkey, SE_KEY_128_SIZE, new_console_keyseed[keygen_rev], SE_KEY_128_SIZE); // Uses Device key 4x.
|
se_aes_crypt_ecb(10, DECRYPT, tmp_mkey, new_console_keyseed[keygen_rev], SE_KEY_128_SIZE); // Uses Device key 4x.
|
||||||
se_aes_unwrap_key(1, 2, new_console_kekseed[keygen_rev]); // Uses Master Key 0.
|
se_aes_unwrap_key(1, 2, new_console_kekseed[keygen_rev]); // Uses Master Key 0.
|
||||||
se_aes_unwrap_key(1, 1, tmp_mkey);
|
se_aes_unwrap_key(1, 1, tmp_mkey);
|
||||||
|
|
||||||
@@ -613,29 +610,27 @@ int hos_bis_keygen()
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Generate generic key.
|
// Generate generic key.
|
||||||
se_aes_key_clear(2);
|
|
||||||
se_aes_unwrap_key(2, console_key_slot, gen_keyseed_retail);
|
se_aes_unwrap_key(2, console_key_slot, gen_keyseed_retail);
|
||||||
|
|
||||||
// Clear bis keys storage.
|
// Clear bis keys storage.
|
||||||
memset(bis_keys, 0, SE_KEY_128_SIZE * 6);
|
memset(bis_keys, 0, SE_KEY_128_SIZE * 6);
|
||||||
|
|
||||||
// Generate BIS 0 Keys.
|
// Generate BIS 0 Keys.
|
||||||
se_aes_crypt_block_ecb(2, DECRYPT, bis_keys + (0 * SE_KEY_128_SIZE), bis_keyseed[0]);
|
se_aes_crypt_ecb(2, DECRYPT, bis_keys + (0 * SE_KEY_128_SIZE), bis_keyseed[0], SE_KEY_128_SIZE);
|
||||||
se_aes_crypt_block_ecb(2, DECRYPT, bis_keys + (1 * SE_KEY_128_SIZE), bis_keyseed[1]);
|
se_aes_crypt_ecb(2, DECRYPT, bis_keys + (1 * SE_KEY_128_SIZE), bis_keyseed[1], SE_KEY_128_SIZE);
|
||||||
|
|
||||||
// Generate generic kek.
|
// Generate generic kek.
|
||||||
se_aes_key_clear(2);
|
|
||||||
se_aes_unwrap_key(2, console_key_slot, gen_kekseed);
|
se_aes_unwrap_key(2, console_key_slot, gen_kekseed);
|
||||||
se_aes_unwrap_key(2, 2, bis_kekseed);
|
se_aes_unwrap_key(2, 2, bis_kekseed);
|
||||||
se_aes_unwrap_key(2, 2, gen_keyseed);
|
se_aes_unwrap_key(2, 2, gen_keyseed);
|
||||||
|
|
||||||
// Generate BIS 1 Keys.
|
// Generate BIS 1 Keys.
|
||||||
se_aes_crypt_block_ecb(2, DECRYPT, bis_keys + (2 * SE_KEY_128_SIZE), bis_keyseed[2]);
|
se_aes_crypt_ecb(2, DECRYPT, bis_keys + (2 * SE_KEY_128_SIZE), bis_keyseed[2], SE_KEY_128_SIZE);
|
||||||
se_aes_crypt_block_ecb(2, DECRYPT, bis_keys + (3 * SE_KEY_128_SIZE), bis_keyseed[3]);
|
se_aes_crypt_ecb(2, DECRYPT, bis_keys + (3 * SE_KEY_128_SIZE), bis_keyseed[3], SE_KEY_128_SIZE);
|
||||||
|
|
||||||
// Generate BIS 2/3 Keys.
|
// Generate BIS 2/3 Keys.
|
||||||
se_aes_crypt_block_ecb(2, DECRYPT, bis_keys + (4 * SE_KEY_128_SIZE), bis_keyseed[4]);
|
se_aes_crypt_ecb(2, DECRYPT, bis_keys + (4 * SE_KEY_128_SIZE), bis_keyseed[4], SE_KEY_128_SIZE);
|
||||||
se_aes_crypt_block_ecb(2, DECRYPT, bis_keys + (5 * SE_KEY_128_SIZE), bis_keyseed[5]);
|
se_aes_crypt_ecb(2, DECRYPT, bis_keys + (5 * SE_KEY_128_SIZE), bis_keyseed[5], SE_KEY_128_SIZE);
|
||||||
|
|
||||||
// Validate key because HOS_MKEY_VER_MAX.
|
// Validate key because HOS_MKEY_VER_MAX.
|
||||||
if (!h_cfg.t210b01)
|
if (!h_cfg.t210b01)
|
||||||
|
|||||||
@@ -96,7 +96,7 @@ int pkg1_decrypt(const pkg1_id_t *id, u8 *pkg1)
|
|||||||
u8 *pkg11 = pkg1 + id->pkg11_off;
|
u8 *pkg11 = pkg1 + id->pkg11_off;
|
||||||
u32 pkg11_size = *(u32 *)pkg11;
|
u32 pkg11_size = *(u32 *)pkg11;
|
||||||
hdr = (pk11_hdr_t *)(pkg11 + 0x20);
|
hdr = (pk11_hdr_t *)(pkg11 + 0x20);
|
||||||
se_aes_crypt_ctr(11, hdr, pkg11_size, hdr, pkg11_size, pkg11 + 0x10);
|
se_aes_crypt_ctr(11, hdr, hdr, pkg11_size, pkg11 + 0x10);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@@ -107,7 +107,7 @@ int pkg1_decrypt(const pkg1_id_t *id, u8 *pkg1)
|
|||||||
// Use BEK for T210B01.
|
// Use BEK for T210B01.
|
||||||
// Additionally, skip 0x20 bytes from decryption to maintain the header.
|
// Additionally, skip 0x20 bytes from decryption to maintain the header.
|
||||||
se_aes_iv_clear(13);
|
se_aes_iv_clear(13);
|
||||||
se_aes_crypt_cbc(13, DECRYPT, pkg1 + 0x20, oem_hdr->size - 0x20, pkg1 + 0x20, oem_hdr->size - 0x20);
|
se_aes_crypt_cbc(13, DECRYPT, pkg1 + 0x20, pkg1 + 0x20, oem_hdr->size - 0x20);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Return if header is valid.
|
// Return if header is valid.
|
||||||
|
|||||||
@@ -123,13 +123,13 @@ static const u8 mkey_vector_7xx[HOS_MKEY_VER_MAX - HOS_MKEY_VER_810 + 1][SE_KEY_
|
|||||||
static bool _pkg2_key_unwrap_validate(pkg2_hdr_t *tmp_test, pkg2_hdr_t *hdr, u8 src_slot, u8 *mkey, const u8 *key_seed)
|
static bool _pkg2_key_unwrap_validate(pkg2_hdr_t *tmp_test, pkg2_hdr_t *hdr, u8 src_slot, u8 *mkey, const u8 *key_seed)
|
||||||
{
|
{
|
||||||
// Decrypt older encrypted mkey.
|
// Decrypt older encrypted mkey.
|
||||||
se_aes_crypt_ecb(src_slot, DECRYPT, mkey, SE_KEY_128_SIZE, key_seed, SE_KEY_128_SIZE);
|
se_aes_crypt_ecb(src_slot, DECRYPT, mkey, key_seed, SE_KEY_128_SIZE);
|
||||||
// Set and unwrap pkg2 key.
|
// Set and unwrap pkg2 key.
|
||||||
se_aes_key_set(9, mkey, SE_KEY_128_SIZE);
|
se_aes_key_set(9, mkey, SE_KEY_128_SIZE);
|
||||||
se_aes_unwrap_key(9, 9, package2_keyseed);
|
se_aes_unwrap_key(9, 9, package2_keyseed);
|
||||||
|
|
||||||
// Decrypt header.
|
// Decrypt header.
|
||||||
se_aes_crypt_ctr(9, tmp_test, sizeof(pkg2_hdr_t), hdr, sizeof(pkg2_hdr_t), hdr);
|
se_aes_crypt_ctr(9, tmp_test, hdr, sizeof(pkg2_hdr_t), hdr);
|
||||||
|
|
||||||
// Return if header is valid.
|
// Return if header is valid.
|
||||||
return (tmp_test->magic == PKG2_MAGIC);
|
return (tmp_test->magic == PKG2_MAGIC);
|
||||||
@@ -150,7 +150,7 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 mkey)
|
|||||||
pdata += sizeof(pkg2_hdr_t);
|
pdata += sizeof(pkg2_hdr_t);
|
||||||
|
|
||||||
// Check if we need to decrypt with newer mkeys. Valid for THK for 7.0.0 and up.
|
// Check if we need to decrypt with newer mkeys. Valid for THK for 7.0.0 and up.
|
||||||
se_aes_crypt_ctr(8, &mkey_test, sizeof(pkg2_hdr_t), hdr, sizeof(pkg2_hdr_t), hdr);
|
se_aes_crypt_ctr(8, &mkey_test, hdr, sizeof(pkg2_hdr_t), hdr);
|
||||||
|
|
||||||
if (mkey_test.magic == PKG2_MAGIC)
|
if (mkey_test.magic == PKG2_MAGIC)
|
||||||
goto key_found;
|
goto key_found;
|
||||||
@@ -197,7 +197,7 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 mkey)
|
|||||||
|
|
||||||
key_found:
|
key_found:
|
||||||
// Decrypt header.
|
// Decrypt header.
|
||||||
se_aes_crypt_ctr(pkg2_keyslot, hdr, sizeof(pkg2_hdr_t), hdr, sizeof(pkg2_hdr_t), hdr);
|
se_aes_crypt_ctr(pkg2_keyslot, hdr, hdr, sizeof(pkg2_hdr_t), hdr);
|
||||||
|
|
||||||
if (hdr->magic != PKG2_MAGIC)
|
if (hdr->magic != PKG2_MAGIC)
|
||||||
return NULL;
|
return NULL;
|
||||||
@@ -209,7 +209,7 @@ DPRINTF("sec %d has size %08X\n", i, hdr->sec_size[i]);
|
|||||||
if (!hdr->sec_size[i])
|
if (!hdr->sec_size[i])
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
se_aes_crypt_ctr(pkg2_keyslot, pdata, hdr->sec_size[i], pdata, hdr->sec_size[i], &hdr->sec_ctr[i * SE_AES_IV_SIZE]);
|
se_aes_crypt_ctr(pkg2_keyslot, pdata, pdata, hdr->sec_size[i], &hdr->sec_ctr[i * SE_AES_IV_SIZE]);
|
||||||
|
|
||||||
pdata += hdr->sec_size[i];
|
pdata += hdr->sec_size[i];
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user