forked from eden-emu/eden
		
	content_archive: Add support for titlekey cryptography
This commit is contained in:
		
							parent
							
								
									2b06301dbf
								
							
						
					
					
						commit
						2cc962e171
					
				
					 2 changed files with 39 additions and 7 deletions
				
			
		|  | @ -76,12 +76,17 @@ bool IsValidNCA(const NCAHeader& header) { | ||||||
|     return header.magic == Common::MakeMagic('N', 'C', 'A', '3'); |     return header.magic == Common::MakeMagic('N', 'C', 'A', '3'); | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| boost::optional<Core::Crypto::Key128> NCA::GetKeyAreaKey(NCASectionCryptoType type) const { | u8 NCA::GetCryptoRevision() const { | ||||||
|     u8 master_key_id = header.crypto_type; |     u8 master_key_id = header.crypto_type; | ||||||
|     if (header.crypto_type_2 > master_key_id) |     if (header.crypto_type_2 > master_key_id) | ||||||
|         master_key_id = header.crypto_type_2; |         master_key_id = header.crypto_type_2; | ||||||
|     if (master_key_id > 0) |     if (master_key_id > 0) | ||||||
|         --master_key_id; |         --master_key_id; | ||||||
|  |     return master_key_id; | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | boost::optional<Core::Crypto::Key128> NCA::GetKeyAreaKey(NCASectionCryptoType type) const { | ||||||
|  |     const auto master_key_id = GetCryptoRevision(); | ||||||
| 
 | 
 | ||||||
|     if (!keys.HasKey(Core::Crypto::S128KeyType::KeyArea, master_key_id, header.key_index)) |     if (!keys.HasKey(Core::Crypto::S128KeyType::KeyArea, master_key_id, header.key_index)) | ||||||
|         return boost::none; |         return boost::none; | ||||||
|  | @ -108,33 +113,58 @@ boost::optional<Core::Crypto::Key128> NCA::GetKeyAreaKey(NCASectionCryptoType ty | ||||||
|     return out; |     return out; | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| VirtualFile NCA::Decrypt(NCASectionHeader header, VirtualFile in, u64 starting_offset) const { | boost::optional<Core::Crypto::Key128> NCA::GetTitlekey() const { | ||||||
|  |     const auto master_key_id = GetCryptoRevision(); | ||||||
|  | 
 | ||||||
|  |     u128 rights_id{}; | ||||||
|  |     memcpy(rights_id.data(), header.rights_id.data(), 16); | ||||||
|  |     if (rights_id == u128{}) | ||||||
|  |         return boost::none; | ||||||
|  | 
 | ||||||
|  |     auto titlekey = keys.GetKey(Core::Crypto::S128KeyType::Titlekey, rights_id[1], rights_id[0]); | ||||||
|  |     if (titlekey == Core::Crypto::Key128{}) | ||||||
|  |         return boost::none; | ||||||
|  |     Core::Crypto::AESCipher<Core::Crypto::Key128> cipher( | ||||||
|  |         keys.GetKey(Core::Crypto::S128KeyType::Titlekek, master_key_id), Core::Crypto::Mode::ECB); | ||||||
|  |     cipher.Transcode(titlekey.data(), titlekey.size(), titlekey.data(), Core::Crypto::Op::Decrypt); | ||||||
|  | 
 | ||||||
|  |     return titlekey; | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | VirtualFile NCA::Decrypt(NCASectionHeader s_header, VirtualFile in, u64 starting_offset) const { | ||||||
|     if (!encrypted) |     if (!encrypted) | ||||||
|         return in; |         return in; | ||||||
| 
 | 
 | ||||||
|     switch (header.raw.header.crypto_type) { |     switch (s_header.raw.header.crypto_type) { | ||||||
|     case NCASectionCryptoType::NONE: |     case NCASectionCryptoType::NONE: | ||||||
|         LOG_DEBUG(Crypto, "called with mode=NONE"); |         LOG_DEBUG(Crypto, "called with mode=NONE"); | ||||||
|         return in; |         return in; | ||||||
|     case NCASectionCryptoType::CTR: |     case NCASectionCryptoType::CTR: | ||||||
|         LOG_DEBUG(Crypto, "called with mode=CTR, starting_offset={:016X}", starting_offset); |         LOG_DEBUG(Crypto, "called with mode=CTR, starting_offset={:016X}", starting_offset); | ||||||
|         { |         { | ||||||
|             const auto key = GetKeyAreaKey(NCASectionCryptoType::CTR); |             boost::optional<Core::Crypto::Key128> key = boost::none; | ||||||
|  |             if (std::find_if_not(header.rights_id.begin(), header.rights_id.end(), | ||||||
|  |                                  [](char c) { return c == 0; }) == header.rights_id.end()) { | ||||||
|  |                 key = GetKeyAreaKey(NCASectionCryptoType::CTR); | ||||||
|  |             } else { | ||||||
|  |                 key = GetTitlekey(); | ||||||
|  |             } | ||||||
|  | 
 | ||||||
|             if (key == boost::none) |             if (key == boost::none) | ||||||
|                 return nullptr; |                 return nullptr; | ||||||
|             auto out = std::make_shared<Core::Crypto::CTREncryptionLayer>( |             auto out = std::make_shared<Core::Crypto::CTREncryptionLayer>( | ||||||
|                 std::move(in), key.value(), starting_offset); |                 std::move(in), key.value(), starting_offset); | ||||||
|             std::vector<u8> iv(16); |             std::vector<u8> iv(16); | ||||||
|             for (u8 i = 0; i < 8; ++i) |             for (u8 i = 0; i < 8; ++i) | ||||||
|                 iv[i] = header.raw.section_ctr[0x8 - i - 1]; |                 iv[i] = s_header.raw.section_ctr[0x8 - i - 1]; | ||||||
|             out->SetIV(iv); |             out->SetIV(iv); | ||||||
|             return std::static_pointer_cast<VfsFile>(out); |             return std::static_pointer_cast<VfsFile>(out); | ||||||
|         } |         } | ||||||
|     case NCASectionCryptoType::XTS: |     case NCASectionCryptoType::XTS: | ||||||
|         // TODO(DarkLordZach): Implement XTSEncryptionLayer and title key encryption.
 |         // TODO(DarkLordZach): Implement XTSEncryptionLayer.
 | ||||||
|     default: |     default: | ||||||
|         LOG_ERROR(Crypto, "called with unhandled crypto type={:02X}", |         LOG_ERROR(Crypto, "called with unhandled crypto type={:02X}", | ||||||
|                   static_cast<u8>(header.raw.header.crypto_type)); |                   static_cast<u8>(s_header.raw.header.crypto_type)); | ||||||
|         return nullptr; |         return nullptr; | ||||||
|     } |     } | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -95,7 +95,9 @@ protected: | ||||||
|     bool ReplaceFileWithSubdirectory(VirtualFile file, VirtualDir dir) override; |     bool ReplaceFileWithSubdirectory(VirtualFile file, VirtualDir dir) override; | ||||||
| 
 | 
 | ||||||
| private: | private: | ||||||
|  |     u8 GetCryptoRevision() const; | ||||||
|     boost::optional<Core::Crypto::Key128> GetKeyAreaKey(NCASectionCryptoType type) const; |     boost::optional<Core::Crypto::Key128> GetKeyAreaKey(NCASectionCryptoType type) const; | ||||||
|  |     boost::optional<Core::Crypto::Key128> GetTitlekey() const; | ||||||
|     VirtualFile Decrypt(NCASectionHeader header, VirtualFile in, u64 starting_offset) const; |     VirtualFile Decrypt(NCASectionHeader header, VirtualFile in, u64 starting_offset) const; | ||||||
| 
 | 
 | ||||||
|     std::vector<VirtualDir> dirs; |     std::vector<VirtualDir> dirs; | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue
	
	 Zach Hilman
						Zach Hilman