hos: Support new sept/exo keyslots

2020-06-14 13:53:21 +03:00
parent f7f99bddab
commit d607a8830b
8 changed files with 105 additions and 47 deletions
--- a/bootloader/config/config.c
+++ b/bootloader/config/config.c
@@ -47,10 +47,9 @@ void set_default_configuration()
 	h_cfg.errors = 0;
 	h_cfg.eks = NULL;
 	h_cfg.sept_run = EMC(EMC_SCRATCH0) & EMC_SEPT_RUN;
+	h_cfg.aes_slots_new = false;
 	h_cfg.rcm_patched = fuse_check_patched_rcm();
 	h_cfg.emummc_force_disable = false;
-
-	sd_power_cycle_time_start = 0;
 }

 int create_config_entry()
--- a/bootloader/config/config.h
+++ b/bootloader/config/config.h
@@ -35,6 +35,7 @@ typedef struct _hekate_config
 	// Global temporary config.
 	bool se_keygen_done;
 	bool sept_run;
+	bool aes_slots_new;
 	bool emummc_force_disable;
 	bool rcm_patched;
 	u32  errors;
--- a/bootloader/hos/hos.c
+++ b/bootloader/hos/hos.c
@@ -43,6 +43,7 @@
 #include "../storage/nx_emmc.h"
 #include "../storage/nx_sd.h"
 #include "../storage/sdmmc.h"
+#include "../utils/btn.h"
 #include "../utils/util.h"
 #include "../gfx/gfx.h"

@@ -272,8 +273,16 @@ void hos_eks_save(u32 kb)
 			memcpy(h_cfg.eks->dkg, keys + 10 * 0x10, 0x10);
 			memcpy(h_cfg.eks->dkk, keys + 15 * 0x10, 0x10);

-			memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 12 * 0x10, 0x10);
-			memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 13 * 0x10, 0x10);
+			if (!h_cfg.aes_slots_new)
+			{
+				memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 12 * 0x10, 0x10);
+				memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 13 * 0x10, 0x10);
+			}
+			else // New sept slots.
+			{
+				memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 13 * 0x10, 0x10);
+				memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 12 * 0x10, 0x10);
+			}

 			// Encrypt EKS blob.
 			u8 *eks = calloc(512 , 1);
@@ -386,17 +395,29 @@ int hos_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, launch_ctxt_t *hos_c
 			se_aes_key_set(10, h_cfg.eks->dkg, 0x10);
 			// Set Device key to slot 15.
 			se_aes_key_set(15, h_cfg.eks->dkk, 0x10);
-			// Set Master key to slot 12.
-			se_aes_key_set(12, h_cfg.eks->keys[key_idx].mkk, 0x10);
-			// Set FW Device key key to slot 13.
-			se_aes_key_set(13, h_cfg.eks->keys[key_idx].fdk, 0x10);

-			// Lock FDK.
-			se_key_acc_ctrl(13, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG);
+			if (!h_cfg.aes_slots_new)
+			{
+				// Set Master key to slot 12.
+				se_aes_key_set(12, h_cfg.eks->keys[key_idx].mkk, 0x10);
+				// Set FW Device key key to slot 13.
+				se_aes_key_set(13, h_cfg.eks->keys[key_idx].fdk, 0x10);
+				// Lock FDK.
+				se_key_acc_ctrl(13, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG);
+			}
+			else // New exosphere.
+			{
+				// Set Master key to slot 13.
+				se_aes_key_set(13, h_cfg.eks->keys[key_idx].mkk, 0x10);
+				// Set FW Device key key to slot 12.
+				se_aes_key_set(12, h_cfg.eks->keys[key_idx].fdk, 0x10);
+				// Lock FDK.
+				se_key_acc_ctrl(12, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG);
+			}
 		}

 		se_aes_key_clear(8);
-		se_aes_unwrap_key(8, 12, package2_keyseed);
+		se_aes_unwrap_key(8, !h_cfg.aes_slots_new ? 12 : 13, package2_keyseed);
 	}
 	else if (kb == KB_FIRMWARE_VERSION_620)
 	{
@@ -422,11 +443,20 @@ int hos_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, launch_ctxt_t *hos_c
 			se_aes_unwrap_key(15, 15, console_keyseed);

 			se_aes_unwrap_key(13, 13, master_keyseed_620);
-			se_aes_unwrap_key(12, 13, master_keyseed_retail);
-			se_aes_unwrap_key(14, 13, master_keyseed_4xx_5xx_610);
+
+			if (!h_cfg.aes_slots_new)
+			{
+				se_aes_unwrap_key(14, 13, master_keyseed_4xx_5xx_610);
+				se_aes_unwrap_key(12, 13, master_keyseed_retail);
+			}
+			else // New exosphere.
+			{
+				se_aes_unwrap_key(12, 13, master_keyseed_4xx_5xx_610);
+				se_aes_unwrap_key(13, 13, master_keyseed_retail);
+			}

 			// Package2 key.
-			se_aes_unwrap_key(8, 12, package2_keyseed);
+			se_aes_unwrap_key(8, !h_cfg.aes_slots_new ? 12 : 13, package2_keyseed);

 			h_cfg.se_keygen_done = 1;
 		}
@@ -465,32 +495,42 @@ int hos_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, launch_ctxt_t *hos_c

 		se_aes_crypt_block_ecb(12, 0, tmp, master_keyseed_retail);

-		switch (kb)
+		if (!h_cfg.aes_slots_new)
+		{
+			switch (kb)
+			{
+			case KB_FIRMWARE_VERSION_100_200:
+			case KB_FIRMWARE_VERSION_300:
+			case KB_FIRMWARE_VERSION_301:
+				se_aes_unwrap_key(13, 15, console_keyseed);
+				se_aes_unwrap_key(12, 12, master_keyseed_retail);
+				break;
+			case KB_FIRMWARE_VERSION_400:
+				se_aes_unwrap_key(13, 15, console_keyseed_4xx_5xx);
+				se_aes_unwrap_key(15, 15, console_keyseed);
+				se_aes_unwrap_key(14, 12, master_keyseed_4xx_5xx_610);
+				se_aes_unwrap_key(12, 12, master_keyseed_retail);
+				break;
+			case KB_FIRMWARE_VERSION_500:
+			case KB_FIRMWARE_VERSION_600:
+				se_aes_unwrap_key(10, 15, console_keyseed_4xx_5xx);
+				se_aes_unwrap_key(15, 15, console_keyseed);
+				se_aes_unwrap_key(14, 12, master_keyseed_4xx_5xx_610);
+				se_aes_unwrap_key(12, 12, master_keyseed_retail);
+				break;
+			}
+		}
+		else // New exosphere.
 		{
-		case KB_FIRMWARE_VERSION_100_200:
-		case KB_FIRMWARE_VERSION_300:
-		case KB_FIRMWARE_VERSION_301:
-			se_aes_unwrap_key(13, 15, console_keyseed);
-			se_aes_unwrap_key(12, 12, master_keyseed_retail);
-			break;
-		case KB_FIRMWARE_VERSION_400:
-			se_aes_unwrap_key(13, 15, console_keyseed_4xx_5xx);
-			se_aes_unwrap_key(15, 15, console_keyseed);
-			se_aes_unwrap_key(14, 12, master_keyseed_4xx_5xx_610);
-			se_aes_unwrap_key(12, 12, master_keyseed_retail);
-			break;
-		case KB_FIRMWARE_VERSION_500:
-		case KB_FIRMWARE_VERSION_600:
 			se_aes_unwrap_key(10, 15, console_keyseed_4xx_5xx);
 			se_aes_unwrap_key(15, 15, console_keyseed);
-			se_aes_unwrap_key(14, 12, master_keyseed_4xx_5xx_610);
-			se_aes_unwrap_key(12, 12, master_keyseed_retail);
-			break;
+			se_aes_unwrap_key(13, 12, master_keyseed_retail);
+			se_aes_unwrap_key(12, 12, master_keyseed_4xx_5xx_610);
 		}

 		// Package2 key.
 		se_key_acc_ctrl(8, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG);
-		se_aes_unwrap_key(8, 12, package2_keyseed);
+		se_aes_unwrap_key(8, !h_cfg.aes_slots_new ? 12 : 13, package2_keyseed);
 	}

 	return 1;
@@ -989,5 +1029,6 @@ int hos_launch(ini_sec_t *cfg)

 error:
 	sdmmc_storage_end(&emmc_storage);
+	h_cfg.aes_slots_new = false;
 	return 0;
 }
--- a/bootloader/hos/pkg2.c
+++ b/bootloader/hos/pkg2.c
@@ -1296,7 +1296,7 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb)
 	if ((kb >= KB_FIRMWARE_VERSION_810) && (kb < KB_FIRMWARE_VERSION_MAX))
 	{
 		u8 tmp_mkey[0x10];
-		u8 decr_slot = 12; // Sept mkey.
+		u8 decr_slot = !h_cfg.aes_slots_new ? 12 : 13; // Sept mkey.
 		u8 mkey_seeds_cnt = sizeof(mkey_vector_8xx) / 0x10;
 		u8 mkey_seeds_idx = mkey_seeds_cnt; // Real index + 1.
 		u8 mkey_seeds_min_idx = mkey_seeds_cnt - (KB_FIRMWARE_VERSION_MAX - kb);
@@ -1327,7 +1327,7 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb)
 				{
 					mkey_seeds_cnt--;
 					mkey_seeds_idx = mkey_seeds_cnt;
-					decr_slot = 12; // Sept mkey.
+					decr_slot = !h_cfg.aes_slots_new ? 12 : 13; // Sept mkey.
 				}

 				// Out of keys. pkg2 is latest or process failed.