core: Add support for loading NSPs with personalized tickets. (#10048)
Co-authored-by: Morph <39850852+Morph1984@users.noreply.github.com>
This commit is contained in:
parent
c24ed3ecaf
commit
0a51fe7854
|
@ -35,7 +35,6 @@ namespace Core::Crypto {
|
||||||
namespace {
|
namespace {
|
||||||
|
|
||||||
constexpr u64 CURRENT_CRYPTO_REVISION = 0x5;
|
constexpr u64 CURRENT_CRYPTO_REVISION = 0x5;
|
||||||
constexpr u64 FULL_TICKET_SIZE = 0x400;
|
|
||||||
|
|
||||||
using Common::AsArray;
|
using Common::AsArray;
|
||||||
|
|
||||||
|
@ -156,6 +155,10 @@ u64 GetSignatureTypePaddingSize(SignatureType type) {
|
||||||
UNREACHABLE();
|
UNREACHABLE();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool Ticket::IsValid() const {
|
||||||
|
return !std::holds_alternative<std::monostate>(data);
|
||||||
|
}
|
||||||
|
|
||||||
SignatureType Ticket::GetSignatureType() const {
|
SignatureType Ticket::GetSignatureType() const {
|
||||||
if (const auto* ticket = std::get_if<RSA4096Ticket>(&data)) {
|
if (const auto* ticket = std::get_if<RSA4096Ticket>(&data)) {
|
||||||
return ticket->sig_type;
|
return ticket->sig_type;
|
||||||
|
@ -210,6 +213,54 @@ Ticket Ticket::SynthesizeCommon(Key128 title_key, const std::array<u8, 16>& righ
|
||||||
return Ticket{out};
|
return Ticket{out};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Ticket Ticket::Read(const FileSys::VirtualFile& file) {
|
||||||
|
// Attempt to read up to the largest ticket size, and make sure we read at least a signature
|
||||||
|
// type.
|
||||||
|
std::array<u8, sizeof(RSA4096Ticket)> raw_data{};
|
||||||
|
auto read_size = file->Read(raw_data.data(), raw_data.size(), 0);
|
||||||
|
if (read_size < sizeof(SignatureType)) {
|
||||||
|
LOG_WARNING(Crypto, "Attempted to read ticket file with invalid size {}.", read_size);
|
||||||
|
return Ticket{std::monostate()};
|
||||||
|
}
|
||||||
|
return Read(std::span{raw_data});
|
||||||
|
}
|
||||||
|
|
||||||
|
Ticket Ticket::Read(std::span<const u8> raw_data) {
|
||||||
|
// Some tools read only 0x180 bytes of ticket data instead of 0x2C0, so
|
||||||
|
// just make sure we have at least the bare minimum of data to work with.
|
||||||
|
SignatureType sig_type;
|
||||||
|
if (raw_data.size() < sizeof(SignatureType)) {
|
||||||
|
LOG_WARNING(Crypto, "Attempted to parse ticket buffer with invalid size {}.",
|
||||||
|
raw_data.size());
|
||||||
|
return Ticket{std::monostate()};
|
||||||
|
}
|
||||||
|
std::memcpy(&sig_type, raw_data.data(), sizeof(sig_type));
|
||||||
|
|
||||||
|
switch (sig_type) {
|
||||||
|
case SignatureType::RSA_4096_SHA1:
|
||||||
|
case SignatureType::RSA_4096_SHA256: {
|
||||||
|
RSA4096Ticket ticket{};
|
||||||
|
std::memcpy(&ticket, raw_data.data(), sizeof(ticket));
|
||||||
|
return Ticket{ticket};
|
||||||
|
}
|
||||||
|
case SignatureType::RSA_2048_SHA1:
|
||||||
|
case SignatureType::RSA_2048_SHA256: {
|
||||||
|
RSA2048Ticket ticket{};
|
||||||
|
std::memcpy(&ticket, raw_data.data(), sizeof(ticket));
|
||||||
|
return Ticket{ticket};
|
||||||
|
}
|
||||||
|
case SignatureType::ECDSA_SHA1:
|
||||||
|
case SignatureType::ECDSA_SHA256: {
|
||||||
|
ECDSATicket ticket{};
|
||||||
|
std::memcpy(&ticket, raw_data.data(), sizeof(ticket));
|
||||||
|
return Ticket{ticket};
|
||||||
|
}
|
||||||
|
default:
|
||||||
|
LOG_WARNING(Crypto, "Attempted to parse ticket buffer with invalid type {}.", sig_type);
|
||||||
|
return Ticket{std::monostate()};
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
Key128 GenerateKeyEncryptionKey(Key128 source, Key128 master, Key128 kek_seed, Key128 key_seed) {
|
Key128 GenerateKeyEncryptionKey(Key128 source, Key128 master, Key128 kek_seed, Key128 key_seed) {
|
||||||
Key128 out{};
|
Key128 out{};
|
||||||
|
|
||||||
|
@ -290,9 +341,9 @@ void KeyManager::DeriveGeneralPurposeKeys(std::size_t crypto_revision) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
RSAKeyPair<2048> KeyManager::GetETicketRSAKey() const {
|
void KeyManager::DeriveETicketRSAKey() {
|
||||||
if (IsAllZeroArray(eticket_extended_kek) || !HasKey(S128KeyType::ETicketRSAKek)) {
|
if (IsAllZeroArray(eticket_extended_kek) || !HasKey(S128KeyType::ETicketRSAKek)) {
|
||||||
return {};
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
const auto eticket_final = GetKey(S128KeyType::ETicketRSAKek);
|
const auto eticket_final = GetKey(S128KeyType::ETicketRSAKek);
|
||||||
|
@ -304,12 +355,12 @@ RSAKeyPair<2048> KeyManager::GetETicketRSAKey() const {
|
||||||
rsa_1.Transcode(eticket_extended_kek.data() + 0x10, eticket_extended_kek.size() - 0x10,
|
rsa_1.Transcode(eticket_extended_kek.data() + 0x10, eticket_extended_kek.size() - 0x10,
|
||||||
extended_dec.data(), Op::Decrypt);
|
extended_dec.data(), Op::Decrypt);
|
||||||
|
|
||||||
RSAKeyPair<2048> rsa_key{};
|
std::memcpy(eticket_rsa_keypair.decryption_key.data(), extended_dec.data(),
|
||||||
std::memcpy(rsa_key.decryption_key.data(), extended_dec.data(), rsa_key.decryption_key.size());
|
eticket_rsa_keypair.decryption_key.size());
|
||||||
std::memcpy(rsa_key.modulus.data(), extended_dec.data() + 0x100, rsa_key.modulus.size());
|
std::memcpy(eticket_rsa_keypair.modulus.data(), extended_dec.data() + 0x100,
|
||||||
std::memcpy(rsa_key.exponent.data(), extended_dec.data() + 0x200, rsa_key.exponent.size());
|
eticket_rsa_keypair.modulus.size());
|
||||||
|
std::memcpy(eticket_rsa_keypair.exponent.data(), extended_dec.data() + 0x200,
|
||||||
return rsa_key;
|
eticket_rsa_keypair.exponent.size());
|
||||||
}
|
}
|
||||||
|
|
||||||
Key128 DeriveKeyblobMACKey(const Key128& keyblob_key, const Key128& mac_source) {
|
Key128 DeriveKeyblobMACKey(const Key128& keyblob_key, const Key128& mac_source) {
|
||||||
|
@ -447,10 +498,12 @@ std::vector<Ticket> GetTicketblob(const Common::FS::IOFile& ticket_save) {
|
||||||
for (std::size_t offset = 0; offset + 0x4 < buffer.size(); ++offset) {
|
for (std::size_t offset = 0; offset + 0x4 < buffer.size(); ++offset) {
|
||||||
if (buffer[offset] == 0x4 && buffer[offset + 1] == 0x0 && buffer[offset + 2] == 0x1 &&
|
if (buffer[offset] == 0x4 && buffer[offset + 1] == 0x0 && buffer[offset + 2] == 0x1 &&
|
||||||
buffer[offset + 3] == 0x0) {
|
buffer[offset + 3] == 0x0) {
|
||||||
out.emplace_back();
|
// NOTE: Assumes ticket blob will only contain RSA-2048 tickets.
|
||||||
auto& next = out.back();
|
auto ticket = Ticket::Read(std::span{buffer.data() + offset, sizeof(RSA2048Ticket)});
|
||||||
std::memcpy(&next, buffer.data() + offset, sizeof(Ticket));
|
offset += sizeof(RSA2048Ticket);
|
||||||
offset += FULL_TICKET_SIZE;
|
if (ticket.IsValid()) {
|
||||||
|
out.push_back(ticket);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -503,27 +556,38 @@ static std::optional<u64> FindTicketOffset(const std::array<u8, size>& data) {
|
||||||
return offset;
|
return offset;
|
||||||
}
|
}
|
||||||
|
|
||||||
std::optional<std::pair<Key128, Key128>> ParseTicket(const Ticket& ticket,
|
std::optional<Key128> KeyManager::ParseTicketTitleKey(const Ticket& ticket) {
|
||||||
const RSAKeyPair<2048>& key) {
|
if (!ticket.IsValid()) {
|
||||||
|
LOG_WARNING(Crypto, "Attempted to parse title key of invalid ticket.");
|
||||||
|
return std::nullopt;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (ticket.GetData().rights_id == Key128{}) {
|
||||||
|
LOG_WARNING(Crypto, "Attempted to parse title key of ticket with no rights ID.");
|
||||||
|
return std::nullopt;
|
||||||
|
}
|
||||||
|
|
||||||
const auto issuer = ticket.GetData().issuer;
|
const auto issuer = ticket.GetData().issuer;
|
||||||
if (IsAllZeroArray(issuer)) {
|
if (IsAllZeroArray(issuer)) {
|
||||||
|
LOG_WARNING(Crypto, "Attempted to parse title key of ticket with invalid issuer.");
|
||||||
return std::nullopt;
|
return std::nullopt;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (issuer[0] != 'R' || issuer[1] != 'o' || issuer[2] != 'o' || issuer[3] != 't') {
|
if (issuer[0] != 'R' || issuer[1] != 'o' || issuer[2] != 'o' || issuer[3] != 't') {
|
||||||
LOG_INFO(Crypto, "Attempting to parse ticket with non-standard certificate authority.");
|
LOG_WARNING(Crypto, "Parsing ticket with non-standard certificate authority.");
|
||||||
}
|
}
|
||||||
|
|
||||||
Key128 rights_id = ticket.GetData().rights_id;
|
if (ticket.GetData().type == TitleKeyType::Common) {
|
||||||
|
return ticket.GetData().title_key_common;
|
||||||
|
}
|
||||||
|
|
||||||
if (rights_id == Key128{}) {
|
if (eticket_rsa_keypair == RSAKeyPair<2048>{}) {
|
||||||
|
LOG_WARNING(
|
||||||
|
Crypto,
|
||||||
|
"Skipping personalized ticket title key parsing due to missing ETicket RSA key-pair.");
|
||||||
return std::nullopt;
|
return std::nullopt;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!std::any_of(ticket.GetData().title_key_common_pad.begin(),
|
|
||||||
ticket.GetData().title_key_common_pad.end(), [](u8 b) { return b != 0; })) {
|
|
||||||
return std::make_pair(rights_id, ticket.GetData().title_key_common);
|
|
||||||
}
|
|
||||||
|
|
||||||
mbedtls_mpi D; // RSA Private Exponent
|
mbedtls_mpi D; // RSA Private Exponent
|
||||||
mbedtls_mpi N; // RSA Modulus
|
mbedtls_mpi N; // RSA Modulus
|
||||||
mbedtls_mpi S; // Input
|
mbedtls_mpi S; // Input
|
||||||
|
@ -534,9 +598,12 @@ std::optional<std::pair<Key128, Key128>> ParseTicket(const Ticket& ticket,
|
||||||
mbedtls_mpi_init(&S);
|
mbedtls_mpi_init(&S);
|
||||||
mbedtls_mpi_init(&M);
|
mbedtls_mpi_init(&M);
|
||||||
|
|
||||||
mbedtls_mpi_read_binary(&D, key.decryption_key.data(), key.decryption_key.size());
|
const auto& title_key_block = ticket.GetData().title_key_block;
|
||||||
mbedtls_mpi_read_binary(&N, key.modulus.data(), key.modulus.size());
|
mbedtls_mpi_read_binary(&D, eticket_rsa_keypair.decryption_key.data(),
|
||||||
mbedtls_mpi_read_binary(&S, ticket.GetData().title_key_block.data(), 0x100);
|
eticket_rsa_keypair.decryption_key.size());
|
||||||
|
mbedtls_mpi_read_binary(&N, eticket_rsa_keypair.modulus.data(),
|
||||||
|
eticket_rsa_keypair.modulus.size());
|
||||||
|
mbedtls_mpi_read_binary(&S, title_key_block.data(), title_key_block.size());
|
||||||
|
|
||||||
mbedtls_mpi_exp_mod(&M, &S, &D, &N, nullptr);
|
mbedtls_mpi_exp_mod(&M, &S, &D, &N, nullptr);
|
||||||
|
|
||||||
|
@ -564,8 +631,7 @@ std::optional<std::pair<Key128, Key128>> ParseTicket(const Ticket& ticket,
|
||||||
|
|
||||||
Key128 key_temp{};
|
Key128 key_temp{};
|
||||||
std::memcpy(key_temp.data(), m_2.data() + *offset, key_temp.size());
|
std::memcpy(key_temp.data(), m_2.data() + *offset, key_temp.size());
|
||||||
|
return key_temp;
|
||||||
return std::make_pair(rights_id, key_temp);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
KeyManager::KeyManager() {
|
KeyManager::KeyManager() {
|
||||||
|
@ -669,6 +735,14 @@ void KeyManager::LoadFromFile(const std::filesystem::path& file_path, bool is_ti
|
||||||
encrypted_keyblobs[index] = Common::HexStringToArray<0xB0>(out[1]);
|
encrypted_keyblobs[index] = Common::HexStringToArray<0xB0>(out[1]);
|
||||||
} else if (out[0].compare(0, 20, "eticket_extended_kek") == 0) {
|
} else if (out[0].compare(0, 20, "eticket_extended_kek") == 0) {
|
||||||
eticket_extended_kek = Common::HexStringToArray<576>(out[1]);
|
eticket_extended_kek = Common::HexStringToArray<576>(out[1]);
|
||||||
|
} else if (out[0].compare(0, 19, "eticket_rsa_keypair") == 0) {
|
||||||
|
const auto key_data = Common::HexStringToArray<528>(out[1]);
|
||||||
|
std::memcpy(eticket_rsa_keypair.decryption_key.data(), key_data.data(),
|
||||||
|
eticket_rsa_keypair.decryption_key.size());
|
||||||
|
std::memcpy(eticket_rsa_keypair.modulus.data(), key_data.data() + 0x100,
|
||||||
|
eticket_rsa_keypair.modulus.size());
|
||||||
|
std::memcpy(eticket_rsa_keypair.exponent.data(), key_data.data() + 0x200,
|
||||||
|
eticket_rsa_keypair.exponent.size());
|
||||||
} else {
|
} else {
|
||||||
for (const auto& kv : KEYS_VARIABLE_LENGTH) {
|
for (const auto& kv : KEYS_VARIABLE_LENGTH) {
|
||||||
if (!ValidCryptoRevisionString(out[0], kv.second.size(), 2)) {
|
if (!ValidCryptoRevisionString(out[0], kv.second.size(), 2)) {
|
||||||
|
@ -1110,56 +1184,38 @@ void KeyManager::DeriveETicket(PartitionDataManager& data,
|
||||||
|
|
||||||
eticket_extended_kek = data.GetETicketExtendedKek();
|
eticket_extended_kek = data.GetETicketExtendedKek();
|
||||||
WriteKeyToFile(KeyCategory::Console, "eticket_extended_kek", eticket_extended_kek);
|
WriteKeyToFile(KeyCategory::Console, "eticket_extended_kek", eticket_extended_kek);
|
||||||
|
DeriveETicketRSAKey();
|
||||||
PopulateTickets();
|
PopulateTickets();
|
||||||
}
|
}
|
||||||
|
|
||||||
void KeyManager::PopulateTickets() {
|
void KeyManager::PopulateTickets() {
|
||||||
const auto rsa_key = GetETicketRSAKey();
|
if (ticket_databases_loaded) {
|
||||||
|
|
||||||
if (rsa_key == RSAKeyPair<2048>{}) {
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
ticket_databases_loaded = true;
|
||||||
|
|
||||||
if (!common_tickets.empty() && !personal_tickets.empty()) {
|
std::vector<Ticket> tickets;
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
const auto system_save_e1_path =
|
const auto system_save_e1_path =
|
||||||
Common::FS::GetYuzuPath(Common::FS::YuzuPath::NANDDir) / "system/save/80000000000000e1";
|
Common::FS::GetYuzuPath(Common::FS::YuzuPath::NANDDir) / "system/save/80000000000000e1";
|
||||||
|
if (Common::FS::Exists(system_save_e1_path)) {
|
||||||
const Common::FS::IOFile save_e1{system_save_e1_path, Common::FS::FileAccessMode::Read,
|
const Common::FS::IOFile save_e1{system_save_e1_path, Common::FS::FileAccessMode::Read,
|
||||||
Common::FS::FileType::BinaryFile};
|
Common::FS::FileType::BinaryFile};
|
||||||
|
const auto blob1 = GetTicketblob(save_e1);
|
||||||
|
tickets.insert(tickets.end(), blob1.begin(), blob1.end());
|
||||||
|
}
|
||||||
|
|
||||||
const auto system_save_e2_path =
|
const auto system_save_e2_path =
|
||||||
Common::FS::GetYuzuPath(Common::FS::YuzuPath::NANDDir) / "system/save/80000000000000e2";
|
Common::FS::GetYuzuPath(Common::FS::YuzuPath::NANDDir) / "system/save/80000000000000e2";
|
||||||
|
if (Common::FS::Exists(system_save_e2_path)) {
|
||||||
|
const Common::FS::IOFile save_e2{system_save_e2_path, Common::FS::FileAccessMode::Read,
|
||||||
|
Common::FS::FileType::BinaryFile};
|
||||||
|
const auto blob2 = GetTicketblob(save_e2);
|
||||||
|
tickets.insert(tickets.end(), blob2.begin(), blob2.end());
|
||||||
|
}
|
||||||
|
|
||||||
const Common::FS::IOFile save_e2{system_save_e2_path, Common::FS::FileAccessMode::Read,
|
for (const auto& ticket : tickets) {
|
||||||
Common::FS::FileType::BinaryFile};
|
AddTicket(ticket);
|
||||||
|
|
||||||
const auto blob2 = GetTicketblob(save_e2);
|
|
||||||
auto res = GetTicketblob(save_e1);
|
|
||||||
|
|
||||||
const auto idx = res.size();
|
|
||||||
res.insert(res.end(), blob2.begin(), blob2.end());
|
|
||||||
|
|
||||||
for (std::size_t i = 0; i < res.size(); ++i) {
|
|
||||||
const auto common = i < idx;
|
|
||||||
const auto pair = ParseTicket(res[i], rsa_key);
|
|
||||||
if (!pair) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
const auto& [rid, key] = *pair;
|
|
||||||
u128 rights_id;
|
|
||||||
std::memcpy(rights_id.data(), rid.data(), rid.size());
|
|
||||||
|
|
||||||
if (common) {
|
|
||||||
common_tickets[rights_id] = res[i];
|
|
||||||
} else {
|
|
||||||
personal_tickets[rights_id] = res[i];
|
|
||||||
}
|
|
||||||
|
|
||||||
SetKey(S128KeyType::Titlekey, key, rights_id[1], rights_id[0]);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1291,41 +1347,33 @@ const std::map<u128, Ticket>& KeyManager::GetPersonalizedTickets() const {
|
||||||
return personal_tickets;
|
return personal_tickets;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool KeyManager::AddTicketCommon(Ticket raw) {
|
bool KeyManager::AddTicket(const Ticket& ticket) {
|
||||||
const auto rsa_key = GetETicketRSAKey();
|
if (!ticket.IsValid()) {
|
||||||
if (rsa_key == RSAKeyPair<2048>{}) {
|
LOG_WARNING(Crypto, "Attempted to add invalid ticket.");
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
const auto pair = ParseTicket(raw, rsa_key);
|
const auto& rid = ticket.GetData().rights_id;
|
||||||
if (!pair) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
const auto& [rid, key] = *pair;
|
|
||||||
u128 rights_id;
|
u128 rights_id;
|
||||||
std::memcpy(rights_id.data(), rid.data(), rid.size());
|
std::memcpy(rights_id.data(), rid.data(), rid.size());
|
||||||
common_tickets[rights_id] = raw;
|
if (ticket.GetData().type == Core::Crypto::TitleKeyType::Common) {
|
||||||
SetKey(S128KeyType::Titlekey, key, rights_id[1], rights_id[0]);
|
common_tickets[rights_id] = ticket;
|
||||||
return true;
|
} else {
|
||||||
}
|
personal_tickets[rights_id] = ticket;
|
||||||
|
|
||||||
bool KeyManager::AddTicketPersonalized(Ticket raw) {
|
|
||||||
const auto rsa_key = GetETicketRSAKey();
|
|
||||||
if (rsa_key == RSAKeyPair<2048>{}) {
|
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
const auto pair = ParseTicket(raw, rsa_key);
|
if (HasKey(S128KeyType::Titlekey, rights_id[1], rights_id[0])) {
|
||||||
if (!pair) {
|
LOG_DEBUG(Crypto,
|
||||||
return false;
|
"Skipping parsing title key from ticket for known rights ID {:016X}{:016X}.",
|
||||||
|
rights_id[1], rights_id[0]);
|
||||||
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
const auto& [rid, key] = *pair;
|
const auto key = ParseTicketTitleKey(ticket);
|
||||||
u128 rights_id;
|
if (!key) {
|
||||||
std::memcpy(rights_id.data(), rid.data(), rid.size());
|
return false;
|
||||||
common_tickets[rights_id] = raw;
|
}
|
||||||
SetKey(S128KeyType::Titlekey, key, rights_id[1], rights_id[0]);
|
SetKey(S128KeyType::Titlekey, key.value(), rights_id[1], rights_id[0]);
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
} // namespace Core::Crypto
|
} // namespace Core::Crypto
|
||||||
|
|
|
@ -7,6 +7,7 @@
|
||||||
#include <filesystem>
|
#include <filesystem>
|
||||||
#include <map>
|
#include <map>
|
||||||
#include <optional>
|
#include <optional>
|
||||||
|
#include <span>
|
||||||
#include <string>
|
#include <string>
|
||||||
|
|
||||||
#include <variant>
|
#include <variant>
|
||||||
|
@ -29,8 +30,6 @@ enum class ResultStatus : u16;
|
||||||
|
|
||||||
namespace Core::Crypto {
|
namespace Core::Crypto {
|
||||||
|
|
||||||
constexpr u64 TICKET_FILE_TITLEKEY_OFFSET = 0x180;
|
|
||||||
|
|
||||||
using Key128 = std::array<u8, 0x10>;
|
using Key128 = std::array<u8, 0x10>;
|
||||||
using Key256 = std::array<u8, 0x20>;
|
using Key256 = std::array<u8, 0x20>;
|
||||||
using SHA256Hash = std::array<u8, 0x20>;
|
using SHA256Hash = std::array<u8, 0x20>;
|
||||||
|
@ -82,6 +81,7 @@ struct RSA4096Ticket {
|
||||||
INSERT_PADDING_BYTES(0x3C);
|
INSERT_PADDING_BYTES(0x3C);
|
||||||
TicketData data;
|
TicketData data;
|
||||||
};
|
};
|
||||||
|
static_assert(sizeof(RSA4096Ticket) == 0x500, "RSA4096Ticket has incorrect size.");
|
||||||
|
|
||||||
struct RSA2048Ticket {
|
struct RSA2048Ticket {
|
||||||
SignatureType sig_type;
|
SignatureType sig_type;
|
||||||
|
@ -89,6 +89,7 @@ struct RSA2048Ticket {
|
||||||
INSERT_PADDING_BYTES(0x3C);
|
INSERT_PADDING_BYTES(0x3C);
|
||||||
TicketData data;
|
TicketData data;
|
||||||
};
|
};
|
||||||
|
static_assert(sizeof(RSA2048Ticket) == 0x400, "RSA2048Ticket has incorrect size.");
|
||||||
|
|
||||||
struct ECDSATicket {
|
struct ECDSATicket {
|
||||||
SignatureType sig_type;
|
SignatureType sig_type;
|
||||||
|
@ -96,16 +97,41 @@ struct ECDSATicket {
|
||||||
INSERT_PADDING_BYTES(0x40);
|
INSERT_PADDING_BYTES(0x40);
|
||||||
TicketData data;
|
TicketData data;
|
||||||
};
|
};
|
||||||
|
static_assert(sizeof(ECDSATicket) == 0x340, "ECDSATicket has incorrect size.");
|
||||||
|
|
||||||
struct Ticket {
|
struct Ticket {
|
||||||
std::variant<RSA4096Ticket, RSA2048Ticket, ECDSATicket> data;
|
std::variant<std::monostate, RSA4096Ticket, RSA2048Ticket, ECDSATicket> data;
|
||||||
|
|
||||||
SignatureType GetSignatureType() const;
|
[[nodiscard]] bool IsValid() const;
|
||||||
TicketData& GetData();
|
[[nodiscard]] SignatureType GetSignatureType() const;
|
||||||
const TicketData& GetData() const;
|
[[nodiscard]] TicketData& GetData();
|
||||||
u64 GetSize() const;
|
[[nodiscard]] const TicketData& GetData() const;
|
||||||
|
[[nodiscard]] u64 GetSize() const;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Synthesizes a common ticket given a title key and rights ID.
|
||||||
|
*
|
||||||
|
* @param title_key Title key to store in the ticket.
|
||||||
|
* @param rights_id Rights ID the ticket is for.
|
||||||
|
* @return The synthesized common ticket.
|
||||||
|
*/
|
||||||
static Ticket SynthesizeCommon(Key128 title_key, const std::array<u8, 0x10>& rights_id);
|
static Ticket SynthesizeCommon(Key128 title_key, const std::array<u8, 0x10>& rights_id);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Reads a ticket from a file.
|
||||||
|
*
|
||||||
|
* @param file File to read the ticket from.
|
||||||
|
* @return The read ticket. If the ticket data is invalid, Ticket::IsValid() will be false.
|
||||||
|
*/
|
||||||
|
static Ticket Read(const FileSys::VirtualFile& file);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Reads a ticket from a memory buffer.
|
||||||
|
*
|
||||||
|
* @param raw_data Buffer to read the ticket from.
|
||||||
|
* @return The read ticket. If the ticket data is invalid, Ticket::IsValid() will be false.
|
||||||
|
*/
|
||||||
|
static Ticket Read(std::span<const u8> raw_data);
|
||||||
};
|
};
|
||||||
|
|
||||||
static_assert(sizeof(Key128) == 16, "Key128 must be 128 bytes big.");
|
static_assert(sizeof(Key128) == 16, "Key128 must be 128 bytes big.");
|
||||||
|
@ -264,8 +290,7 @@ public:
|
||||||
const std::map<u128, Ticket>& GetCommonTickets() const;
|
const std::map<u128, Ticket>& GetCommonTickets() const;
|
||||||
const std::map<u128, Ticket>& GetPersonalizedTickets() const;
|
const std::map<u128, Ticket>& GetPersonalizedTickets() const;
|
||||||
|
|
||||||
bool AddTicketCommon(Ticket raw);
|
bool AddTicket(const Ticket& ticket);
|
||||||
bool AddTicketPersonalized(Ticket raw);
|
|
||||||
|
|
||||||
void ReloadKeys();
|
void ReloadKeys();
|
||||||
bool AreKeysLoaded() const;
|
bool AreKeysLoaded() const;
|
||||||
|
@ -279,10 +304,12 @@ private:
|
||||||
// Map from rights ID to ticket
|
// Map from rights ID to ticket
|
||||||
std::map<u128, Ticket> common_tickets;
|
std::map<u128, Ticket> common_tickets;
|
||||||
std::map<u128, Ticket> personal_tickets;
|
std::map<u128, Ticket> personal_tickets;
|
||||||
|
bool ticket_databases_loaded = false;
|
||||||
|
|
||||||
std::array<std::array<u8, 0xB0>, 0x20> encrypted_keyblobs{};
|
std::array<std::array<u8, 0xB0>, 0x20> encrypted_keyblobs{};
|
||||||
std::array<std::array<u8, 0x90>, 0x20> keyblobs{};
|
std::array<std::array<u8, 0x90>, 0x20> keyblobs{};
|
||||||
std::array<u8, 576> eticket_extended_kek{};
|
std::array<u8, 576> eticket_extended_kek{};
|
||||||
|
RSAKeyPair<2048> eticket_rsa_keypair{};
|
||||||
|
|
||||||
bool dev_mode;
|
bool dev_mode;
|
||||||
void LoadFromFile(const std::filesystem::path& file_path, bool is_title_keys);
|
void LoadFromFile(const std::filesystem::path& file_path, bool is_title_keys);
|
||||||
|
@ -293,10 +320,13 @@ private:
|
||||||
|
|
||||||
void DeriveGeneralPurposeKeys(std::size_t crypto_revision);
|
void DeriveGeneralPurposeKeys(std::size_t crypto_revision);
|
||||||
|
|
||||||
RSAKeyPair<2048> GetETicketRSAKey() const;
|
void DeriveETicketRSAKey();
|
||||||
|
|
||||||
void SetKeyWrapped(S128KeyType id, Key128 key, u64 field1 = 0, u64 field2 = 0);
|
void SetKeyWrapped(S128KeyType id, Key128 key, u64 field1 = 0, u64 field2 = 0);
|
||||||
void SetKeyWrapped(S256KeyType id, Key256 key, u64 field1 = 0, u64 field2 = 0);
|
void SetKeyWrapped(S256KeyType id, Key256 key, u64 field1 = 0, u64 field2 = 0);
|
||||||
|
|
||||||
|
/// Parses the title key section of a ticket.
|
||||||
|
std::optional<Key128> ParseTicketTitleKey(const Ticket& ticket);
|
||||||
};
|
};
|
||||||
|
|
||||||
Key128 GenerateKeyEncryptionKey(Key128 source, Key128 master, Key128 kek_seed, Key128 key_seed);
|
Key128 GenerateKeyEncryptionKey(Key128 source, Key128 master, Key128 kek_seed, Key128 key_seed);
|
||||||
|
@ -311,9 +341,4 @@ Loader::ResultStatus DeriveSDKeys(std::array<Key256, 2>& sd_keys, KeyManager& ke
|
||||||
|
|
||||||
std::vector<Ticket> GetTicketblob(const Common::FS::IOFile& ticket_save);
|
std::vector<Ticket> GetTicketblob(const Common::FS::IOFile& ticket_save);
|
||||||
|
|
||||||
// Returns a pair of {rights_id, titlekey}. Fails if the ticket has no certificate authority
|
|
||||||
// (offset 0x140-0x144 is zero)
|
|
||||||
std::optional<std::pair<Key128, Key128>> ParseTicket(const Ticket& ticket,
|
|
||||||
const RSAKeyPair<2048>& eticket_extended_key);
|
|
||||||
|
|
||||||
} // namespace Core::Crypto
|
} // namespace Core::Crypto
|
||||||
|
|
|
@ -164,24 +164,6 @@ VirtualFile NSP::GetNCAFile(u64 title_id, ContentRecordType type, TitleType titl
|
||||||
return nullptr;
|
return nullptr;
|
||||||
}
|
}
|
||||||
|
|
||||||
std::vector<Core::Crypto::Key128> NSP::GetTitlekey() const {
|
|
||||||
if (extracted)
|
|
||||||
LOG_WARNING(Service_FS, "called on an NSP that is of type extracted.");
|
|
||||||
std::vector<Core::Crypto::Key128> out;
|
|
||||||
for (const auto& ticket_file : ticket_files) {
|
|
||||||
if (ticket_file == nullptr ||
|
|
||||||
ticket_file->GetSize() <
|
|
||||||
Core::Crypto::TICKET_FILE_TITLEKEY_OFFSET + sizeof(Core::Crypto::Key128)) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
out.emplace_back();
|
|
||||||
ticket_file->Read(out.back().data(), out.back().size(),
|
|
||||||
Core::Crypto::TICKET_FILE_TITLEKEY_OFFSET);
|
|
||||||
}
|
|
||||||
return out;
|
|
||||||
}
|
|
||||||
|
|
||||||
std::vector<VirtualFile> NSP::GetFiles() const {
|
std::vector<VirtualFile> NSP::GetFiles() const {
|
||||||
return pfs->GetFiles();
|
return pfs->GetFiles();
|
||||||
}
|
}
|
||||||
|
@ -208,22 +190,11 @@ void NSP::SetTicketKeys(const std::vector<VirtualFile>& files) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ticket_file->GetSize() <
|
auto ticket = Core::Crypto::Ticket::Read(ticket_file);
|
||||||
Core::Crypto::TICKET_FILE_TITLEKEY_OFFSET + sizeof(Core::Crypto::Key128)) {
|
if (!keys.AddTicket(ticket)) {
|
||||||
|
LOG_WARNING(Common_Filesystem, "Could not load NSP ticket {}", ticket_file->GetName());
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
Core::Crypto::Key128 key{};
|
|
||||||
ticket_file->Read(key.data(), key.size(), Core::Crypto::TICKET_FILE_TITLEKEY_OFFSET);
|
|
||||||
|
|
||||||
// We get the name without the extension in order to create the rights ID.
|
|
||||||
std::string name_only(ticket_file->GetName());
|
|
||||||
name_only.erase(name_only.size() - 4);
|
|
||||||
|
|
||||||
const auto rights_id_raw = Common::HexStringToArray<16>(name_only);
|
|
||||||
u128 rights_id;
|
|
||||||
std::memcpy(rights_id.data(), rights_id_raw.data(), sizeof(u128));
|
|
||||||
keys.SetKey(Core::Crypto::S128KeyType::Titlekey, key, rights_id[1], rights_id[0]);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -53,7 +53,6 @@ public:
|
||||||
TitleType title_type = TitleType::Application) const;
|
TitleType title_type = TitleType::Application) const;
|
||||||
VirtualFile GetNCAFile(u64 title_id, ContentRecordType type,
|
VirtualFile GetNCAFile(u64 title_id, ContentRecordType type,
|
||||||
TitleType title_type = TitleType::Application) const;
|
TitleType title_type = TitleType::Application) const;
|
||||||
std::vector<Core::Crypto::Key128> GetTitlekey() const;
|
|
||||||
|
|
||||||
std::vector<VirtualFile> GetFiles() const override;
|
std::vector<VirtualFile> GetFiles() const override;
|
||||||
|
|
||||||
|
|
|
@ -122,20 +122,18 @@ private:
|
||||||
}
|
}
|
||||||
|
|
||||||
void ImportTicket(HLERequestContext& ctx) {
|
void ImportTicket(HLERequestContext& ctx) {
|
||||||
const auto ticket = ctx.ReadBuffer();
|
const auto raw_ticket = ctx.ReadBuffer();
|
||||||
[[maybe_unused]] const auto cert = ctx.ReadBuffer(1);
|
[[maybe_unused]] const auto cert = ctx.ReadBuffer(1);
|
||||||
|
|
||||||
if (ticket.size() < sizeof(Core::Crypto::Ticket)) {
|
if (raw_ticket.size() < sizeof(Core::Crypto::Ticket)) {
|
||||||
LOG_ERROR(Service_ETicket, "The input buffer is not large enough!");
|
LOG_ERROR(Service_ETicket, "The input buffer is not large enough!");
|
||||||
IPC::ResponseBuilder rb{ctx, 2};
|
IPC::ResponseBuilder rb{ctx, 2};
|
||||||
rb.Push(ERROR_INVALID_ARGUMENT);
|
rb.Push(ERROR_INVALID_ARGUMENT);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
Core::Crypto::Ticket raw{};
|
Core::Crypto::Ticket ticket = Core::Crypto::Ticket::Read(raw_ticket);
|
||||||
std::memcpy(&raw, ticket.data(), sizeof(Core::Crypto::Ticket));
|
if (!keys.AddTicket(ticket)) {
|
||||||
|
|
||||||
if (!keys.AddTicketPersonalized(raw)) {
|
|
||||||
LOG_ERROR(Service_ETicket, "The ticket could not be imported!");
|
LOG_ERROR(Service_ETicket, "The ticket could not be imported!");
|
||||||
IPC::ResponseBuilder rb{ctx, 2};
|
IPC::ResponseBuilder rb{ctx, 2};
|
||||||
rb.Push(ERROR_INVALID_ARGUMENT);
|
rb.Push(ERROR_INVALID_ARGUMENT);
|
||||||
|
|
Reference in New Issue