| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | // Copyright 2018 yuzu emulator team
 | 
					
						
							|  |  |  | // Licensed under GPLv2 or any later version
 | 
					
						
							|  |  |  | // Refer to the license.txt file included.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | #pragma once
 | 
					
						
							| 
									
										
										
										
											2018-07-28 21:39:42 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | #include <array>
 | 
					
						
							| 
									
										
										
										
											2018-09-23 21:04:13 -04:00
										 |  |  | #include <map>
 | 
					
						
							| 
									
										
										
										
											2018-10-30 05:03:25 +01:00
										 |  |  | #include <optional>
 | 
					
						
							| 
									
										
										
										
											2018-08-04 16:35:35 -04:00
										 |  |  | #include <string>
 | 
					
						
							| 
									
										
										
										
											2018-10-30 05:03:25 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-08-16 17:10:01 -04:00
										 |  |  | #include <boost/container/flat_map.hpp>
 | 
					
						
							| 
									
										
										
										
											2018-07-28 14:28:14 -04:00
										 |  |  | #include <fmt/format.h>
 | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | #include "common/common_types.h"
 | 
					
						
							| 
									
										
										
										
											2018-09-29 11:48:51 -04:00
										 |  |  | #include "core/crypto/partition_data_manager.h"
 | 
					
						
							| 
									
										
										
										
											2018-09-23 21:04:13 -04:00
										 |  |  | #include "core/file_sys/vfs_types.h"
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | namespace FileUtil { | 
					
						
							|  |  |  | class IOFile; | 
					
						
							|  |  |  | } | 
					
						
							| 
									
										
										
										
											2018-09-03 21:58:19 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  | namespace Loader { | 
					
						
							|  |  |  | enum class ResultStatus : u16; | 
					
						
							|  |  |  | } | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-28 21:39:42 -04:00
										 |  |  | namespace Core::Crypto { | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-08-25 11:48:23 -04:00
										 |  |  | constexpr u64 TICKET_FILE_TITLEKEY_OFFSET = 0x180; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-28 21:39:42 -04:00
										 |  |  | using Key128 = std::array<u8, 0x10>; | 
					
						
							|  |  |  | using Key256 = std::array<u8, 0x20>; | 
					
						
							|  |  |  | using SHA256Hash = std::array<u8, 0x20>; | 
					
						
							| 
									
										
										
										
											2018-09-23 21:04:13 -04:00
										 |  |  | using TicketRaw = std::array<u8, 0x400>; | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  | static_assert(sizeof(Key128) == 16, "Key128 must be 128 bytes big."); | 
					
						
							| 
									
										
										
										
											2018-09-23 21:04:13 -04:00
										 |  |  | static_assert(sizeof(Key256) == 32, "Key256 must be 256 bytes big."); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | template <size_t bit_size, size_t byte_size = (bit_size >> 3)> | 
					
						
							|  |  |  | struct RSAKeyPair { | 
					
						
							|  |  |  |     std::array<u8, byte_size> encryption_key; | 
					
						
							|  |  |  |     std::array<u8, byte_size> decryption_key; | 
					
						
							|  |  |  |     std::array<u8, byte_size> modulus; | 
					
						
							|  |  |  |     std::array<u8, 4> exponent; | 
					
						
							|  |  |  | }; | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-04-10 10:21:44 -04:00
										 |  |  | template <size_t bit_size, size_t byte_size> | 
					
						
							|  |  |  | bool operator==(const RSAKeyPair<bit_size, byte_size>& lhs, | 
					
						
							|  |  |  |                 const RSAKeyPair<bit_size, byte_size>& rhs) { | 
					
						
							|  |  |  |     return std::tie(lhs.encryption_key, lhs.decryption_key, lhs.modulus, lhs.exponent) == | 
					
						
							|  |  |  |            std::tie(rhs.encryption_key, rhs.decryption_key, rhs.modulus, rhs.exponent); | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-09-23 20:37:27 -04:00
										 |  |  | enum class KeyCategory : u8 { | 
					
						
							|  |  |  |     Standard, | 
					
						
							|  |  |  |     Title, | 
					
						
							|  |  |  |     Console, | 
					
						
							|  |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | enum class S256KeyType : u64 { | 
					
						
							| 
									
										
										
										
											2018-09-23 20:56:02 -04:00
										 |  |  |     SDKey,        // f1=SDKeyType
 | 
					
						
							|  |  |  |     Header,       //
 | 
					
						
							|  |  |  |     SDKeySource,  // f1=SDKeyType
 | 
					
						
							|  |  |  |     HeaderSource, //
 | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | enum class S128KeyType : u64 { | 
					
						
							| 
									
										
										
										
											2018-07-28 21:39:42 -04:00
										 |  |  |     Master,        // f1=crypto revision
 | 
					
						
							|  |  |  |     Package1,      // f1=crypto revision
 | 
					
						
							|  |  |  |     Package2,      // f1=crypto revision
 | 
					
						
							|  |  |  |     Titlekek,      // f1=crypto revision
 | 
					
						
							|  |  |  |     ETicketRSAKek, //
 | 
					
						
							|  |  |  |     KeyArea,       // f1=crypto revision f2=type {app, ocean, system}
 | 
					
						
							|  |  |  |     SDSeed,        //
 | 
					
						
							|  |  |  |     Titlekey,      // f1=rights id LSB f2=rights id MSB
 | 
					
						
							| 
									
										
										
										
											2018-08-16 17:12:05 -04:00
										 |  |  |     Source,        // f1=source type, f2= sub id
 | 
					
						
							| 
									
										
										
										
											2018-09-23 20:56:02 -04:00
										 |  |  |     Keyblob,       // f1=crypto revision
 | 
					
						
							|  |  |  |     KeyblobMAC,    // f1=crypto revision
 | 
					
						
							|  |  |  |     TSEC,          //
 | 
					
						
							|  |  |  |     SecureBoot,    //
 | 
					
						
							|  |  |  |     BIS,           // f1=partition (0-3), f2=type {crypt, tweak}
 | 
					
						
							|  |  |  |     HeaderKek,     //
 | 
					
						
							|  |  |  |     SDKek,         //
 | 
					
						
							|  |  |  |     RSAKek,        //
 | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | enum class KeyAreaKeyType : u8 { | 
					
						
							|  |  |  |     Application, | 
					
						
							|  |  |  |     Ocean, | 
					
						
							|  |  |  |     System, | 
					
						
							|  |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-08-16 17:12:05 -04:00
										 |  |  | enum class SourceKeyType : u8 { | 
					
						
							| 
									
										
										
										
											2018-09-23 20:31:00 -04:00
										 |  |  |     SDKek,                //
 | 
					
						
							|  |  |  |     AESKekGeneration,     //
 | 
					
						
							|  |  |  |     AESKeyGeneration,     //
 | 
					
						
							| 
									
										
										
										
											2018-09-23 20:56:02 -04:00
										 |  |  |     RSAOaepKekGeneration, //
 | 
					
						
							|  |  |  |     Master,               //
 | 
					
						
							|  |  |  |     Keyblob,              // f2=crypto revision
 | 
					
						
							|  |  |  |     KeyAreaKey,           // f2=KeyAreaKeyType
 | 
					
						
							|  |  |  |     Titlekek,             //
 | 
					
						
							|  |  |  |     Package2,             //
 | 
					
						
							|  |  |  |     HeaderKek,            //
 | 
					
						
							|  |  |  |     KeyblobMAC,           //
 | 
					
						
							|  |  |  |     ETicketKek,           //
 | 
					
						
							|  |  |  |     ETicketKekek,         //
 | 
					
						
							| 
									
										
										
										
											2018-08-16 17:12:05 -04:00
										 |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | enum class SDKeyType : u8 { | 
					
						
							|  |  |  |     Save, | 
					
						
							|  |  |  |     NCA, | 
					
						
							|  |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-09-23 20:56:02 -04:00
										 |  |  | enum class BISKeyType : u8 { | 
					
						
							|  |  |  |     Crypto, | 
					
						
							|  |  |  |     Tweak, | 
					
						
							|  |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | enum class RSAKekType : u8 { | 
					
						
							|  |  |  |     Mask0, | 
					
						
							|  |  |  |     Seed3, | 
					
						
							|  |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | template <typename KeyType> | 
					
						
							|  |  |  | struct KeyIndex { | 
					
						
							|  |  |  |     KeyType type; | 
					
						
							|  |  |  |     u64 field1; | 
					
						
							|  |  |  |     u64 field2; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-28 21:39:42 -04:00
										 |  |  |     std::string DebugInfo() const { | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  |         u8 key_size = 16; | 
					
						
							| 
									
										
										
										
											2018-07-29 19:00:09 -04:00
										 |  |  |         if constexpr (std::is_same_v<KeyType, S256KeyType>) | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  |             key_size = 32; | 
					
						
							|  |  |  |         return fmt::format("key_size={:02X}, key={:02X}, field1={:016X}, field2={:016X}", key_size, | 
					
						
							|  |  |  |                            static_cast<u8>(type), field1, field2); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-08-16 17:10:01 -04:00
										 |  |  | // boost flat_map requires operator< for O(log(n)) lookups.
 | 
					
						
							| 
									
										
										
										
											2018-07-28 21:39:42 -04:00
										 |  |  | template <typename KeyType> | 
					
						
							| 
									
										
										
										
											2018-08-16 17:10:01 -04:00
										 |  |  | bool operator<(const KeyIndex<KeyType>& lhs, const KeyIndex<KeyType>& rhs) { | 
					
						
							| 
									
										
										
										
											2018-08-18 21:16:20 -04:00
										 |  |  |     return std::tie(lhs.type, lhs.field1, lhs.field2) < std::tie(rhs.type, rhs.field1, rhs.field2); | 
					
						
							| 
									
										
										
										
											2018-07-28 21:39:42 -04:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | class KeyManager { | 
					
						
							|  |  |  | public: | 
					
						
							|  |  |  |     KeyManager(); | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-28 21:39:42 -04:00
										 |  |  |     bool HasKey(S128KeyType id, u64 field1 = 0, u64 field2 = 0) const; | 
					
						
							|  |  |  |     bool HasKey(S256KeyType id, u64 field1 = 0, u64 field2 = 0) const; | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-28 21:39:42 -04:00
										 |  |  |     Key128 GetKey(S128KeyType id, u64 field1 = 0, u64 field2 = 0) const; | 
					
						
							|  |  |  |     Key256 GetKey(S256KeyType id, u64 field1 = 0, u64 field2 = 0) const; | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-09-23 20:57:20 -04:00
										 |  |  |     Key256 GetBISKey(u8 partition_id) const; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  |     void SetKey(S128KeyType id, Key128 key, u64 field1 = 0, u64 field2 = 0); | 
					
						
							|  |  |  |     void SetKey(S256KeyType id, Key256 key, u64 field1 = 0, u64 field2 = 0); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-30 12:46:23 -04:00
										 |  |  |     static bool KeyFileExists(bool title); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-08-16 17:12:05 -04:00
										 |  |  |     // Call before using the sd seed to attempt to derive it if it dosen't exist. Needs system save
 | 
					
						
							|  |  |  |     // 8*43 and the private file to exist.
 | 
					
						
							|  |  |  |     void DeriveSDSeedLazy(); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-09-29 11:48:51 -04:00
										 |  |  |     bool BaseDeriveNecessary() const; | 
					
						
							| 
									
										
										
										
											2018-09-23 21:03:00 -04:00
										 |  |  |     void DeriveBase(); | 
					
						
							| 
									
										
										
										
											2018-09-29 11:48:51 -04:00
										 |  |  |     void DeriveETicket(PartitionDataManager& data); | 
					
						
							| 
									
										
										
										
											2018-09-23 21:04:13 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-09-29 11:48:51 -04:00
										 |  |  |     void PopulateFromPartitionData(PartitionDataManager& data); | 
					
						
							| 
									
										
										
										
											2018-09-23 21:05:01 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | private: | 
					
						
							| 
									
										
										
										
											2018-09-23 21:03:00 -04:00
										 |  |  |     std::map<KeyIndex<S128KeyType>, Key128> s128_keys; | 
					
						
							|  |  |  |     std::map<KeyIndex<S256KeyType>, Key256> s256_keys; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-09-23 20:51:44 -04:00
										 |  |  |     std::array<std::array<u8, 0xB0>, 0x20> encrypted_keyblobs{}; | 
					
						
							|  |  |  |     std::array<std::array<u8, 0x90>, 0x20> keyblobs{}; | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-28 21:39:42 -04:00
										 |  |  |     bool dev_mode; | 
					
						
							| 
									
										
										
										
											2018-08-04 16:35:35 -04:00
										 |  |  |     void LoadFromFile(const std::string& filename, bool is_title_keys); | 
					
						
							|  |  |  |     void AttemptLoadKeyFile(const std::string& dir1, const std::string& dir2, | 
					
						
							|  |  |  |                             const std::string& filename, bool title); | 
					
						
							| 
									
										
										
										
											2018-09-23 21:03:00 -04:00
										 |  |  |     template <size_t Size> | 
					
						
							|  |  |  |     void WriteKeyToFile(KeyCategory category, std::string_view keyname, | 
					
						
							|  |  |  |                         const std::array<u8, Size>& key); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-10-13 09:13:19 -04:00
										 |  |  |     void DeriveGeneralPurposeKeys(std::size_t crypto_revision); | 
					
						
							| 
									
										
										
										
											2018-09-29 11:48:51 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-09-23 21:03:00 -04:00
										 |  |  |     void SetKeyWrapped(S128KeyType id, Key128 key, u64 field1 = 0, u64 field2 = 0); | 
					
						
							|  |  |  |     void SetKeyWrapped(S256KeyType id, Key256 key, u64 field1 = 0, u64 field2 = 0); | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-08-16 17:10:01 -04:00
										 |  |  |     static const boost::container::flat_map<std::string, KeyIndex<S128KeyType>> s128_file_id; | 
					
						
							|  |  |  |     static const boost::container::flat_map<std::string, KeyIndex<S256KeyType>> s256_file_id; | 
					
						
							| 
									
										
										
										
											2018-07-27 23:55:23 -04:00
										 |  |  | }; | 
					
						
							| 
									
										
										
										
											2018-08-16 17:12:05 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  | Key128 GenerateKeyEncryptionKey(Key128 source, Key128 master, Key128 kek_seed, Key128 key_seed); | 
					
						
							| 
									
										
										
										
											2018-09-29 11:48:51 -04:00
										 |  |  | Key128 DeriveKeyblobKey(const Key128& sbk, const Key128& tsec, Key128 source); | 
					
						
							|  |  |  | Key128 DeriveKeyblobMACKey(const Key128& keyblob_key, const Key128& mac_source); | 
					
						
							|  |  |  | Key128 DeriveMasterKey(const std::array<u8, 0x90>& keyblob, const Key128& master_source); | 
					
						
							|  |  |  | std::array<u8, 0x90> DecryptKeyblob(const std::array<u8, 0xB0>& encrypted_keyblob, | 
					
						
							|  |  |  |                                     const Key128& key); | 
					
						
							| 
									
										
										
										
											2018-09-23 20:51:44 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-10-30 05:03:25 +01:00
										 |  |  | std::optional<Key128> DeriveSDSeed(); | 
					
						
							| 
									
										
										
										
											2018-09-23 21:04:13 -04:00
										 |  |  | Loader::ResultStatus DeriveSDKeys(std::array<Key256, 2>& sd_keys, KeyManager& keys); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | std::vector<TicketRaw> GetTicketblob(const FileUtil::IOFile& ticket_save); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // Returns a pair of {rights_id, titlekey}. Fails if the ticket has no certificate authority (offset
 | 
					
						
							|  |  |  | // 0x140-0x144 is zero)
 | 
					
						
							| 
									
										
										
										
											2018-10-30 05:03:25 +01:00
										 |  |  | std::optional<std::pair<Key128, Key128>> ParseTicket(const TicketRaw& ticket, | 
					
						
							|  |  |  |                                                      const RSAKeyPair<2048>& eticket_extended_key); | 
					
						
							| 
									
										
										
										
											2018-08-16 17:12:05 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-07-28 21:39:42 -04:00
										 |  |  | } // namespace Core::Crypto
 |