keys: Handle legacy ES key generation
This commit is contained in:
parent
b2d970ed2a
commit
514343db9b
|
@ -94,9 +94,9 @@ static const u8 mariko_key_vectors[][0x10] __attribute__((aligned(4))) = {
|
||||||
// from Package1 -> Secure_Monitor
|
// from Package1 -> Secure_Monitor
|
||||||
static const u8 aes_kek_generation_source[0x10] __attribute__((aligned(4))) = {
|
static const u8 aes_kek_generation_source[0x10] __attribute__((aligned(4))) = {
|
||||||
0x4D, 0x87, 0x09, 0x86, 0xC4, 0x5D, 0x20, 0x72, 0x2F, 0xBA, 0x10, 0x53, 0xDA, 0x92, 0xE8, 0xA9};
|
0x4D, 0x87, 0x09, 0x86, 0xC4, 0x5D, 0x20, 0x72, 0x2F, 0xBA, 0x10, 0x53, 0xDA, 0x92, 0xE8, 0xA9};
|
||||||
static const u8 aes_kek_seed_01[0x10] __attribute__((aligned(4))) = {
|
static const u8 aes_seal_key_mask_decrypt_device_unique_data[0x10] __attribute__((aligned(4))) = {
|
||||||
0xA2, 0xAB, 0xBF, 0x9C, 0x92, 0x2F, 0xBB, 0xE3, 0x78, 0x79, 0x9B, 0xC0, 0xCC, 0xEA, 0xA5, 0x74};
|
0xA2, 0xAB, 0xBF, 0x9C, 0x92, 0x2F, 0xBB, 0xE3, 0x78, 0x79, 0x9B, 0xC0, 0xCC, 0xEA, 0xA5, 0x74};
|
||||||
static const u8 aes_kek_seed_03[0x10] __attribute__((aligned(4))) = {
|
static const u8 aes_seal_key_mask_import_es_device_key[0x10] __attribute__((aligned(4))) = {
|
||||||
0xE5, 0x4D, 0x9A, 0x02, 0xF0, 0x4F, 0x5F, 0xA8, 0xAD, 0x76, 0x0A, 0xF6, 0x32, 0x95, 0x59, 0xBB};
|
0xE5, 0x4D, 0x9A, 0x02, 0xF0, 0x4F, 0x5F, 0xA8, 0xAD, 0x76, 0x0A, 0xF6, 0x32, 0x95, 0x59, 0xBB};
|
||||||
static const u8 package2_key_source[0x10] __attribute__((aligned(4))) = {
|
static const u8 package2_key_source[0x10] __attribute__((aligned(4))) = {
|
||||||
0xFB, 0x8B, 0x6A, 0x9C, 0x79, 0x00, 0xC8, 0x49, 0xEF, 0xD2, 0x4D, 0x85, 0x4D, 0x30, 0xA0, 0xC7};
|
0xFB, 0x8B, 0x6A, 0x9C, 0x79, 0x00, 0xC8, 0x49, 0xEF, 0xD2, 0x4D, 0x85, 0x4D, 0x30, 0xA0, 0xC7};
|
||||||
|
@ -161,6 +161,8 @@ static const u8 eticket_rsa_kek_source[0x10] __attribute__((aligned(4))) = {
|
||||||
0XDB, 0XA4, 0X51, 0X12, 0X4C, 0XA0, 0XA9, 0X83, 0X68, 0X14, 0XF5, 0XED, 0X95, 0XE3, 0X12, 0X5B};
|
0XDB, 0XA4, 0X51, 0X12, 0X4C, 0XA0, 0XA9, 0X83, 0X68, 0X14, 0XF5, 0XED, 0X95, 0XE3, 0X12, 0X5B};
|
||||||
static const u8 eticket_rsa_kek_source_dev[0x10] __attribute__((aligned(4))) = {
|
static const u8 eticket_rsa_kek_source_dev[0x10] __attribute__((aligned(4))) = {
|
||||||
0xBE, 0xC0, 0xBC, 0x8E, 0x75, 0xA0, 0xF6, 0x0C, 0x4A, 0x56, 0x64, 0x02, 0x3E, 0xD4, 0x9C, 0xD5};
|
0xBE, 0xC0, 0xBC, 0x8E, 0x75, 0xA0, 0xF6, 0x0C, 0x4A, 0x56, 0x64, 0x02, 0x3E, 0xD4, 0x9C, 0xD5};
|
||||||
|
static const u8 eticket_rsa_kek_source_legacy[0x10] __attribute__((aligned(4))) = {
|
||||||
|
0x88, 0x87, 0x50, 0x90, 0xA6, 0x2F, 0x75, 0x70, 0xA2, 0xD7, 0x71, 0x51, 0xAE, 0x6D, 0x39, 0x87};
|
||||||
static const u8 eticket_rsa_kekek_source[0x10] __attribute__((aligned(4))) = {
|
static const u8 eticket_rsa_kekek_source[0x10] __attribute__((aligned(4))) = {
|
||||||
0X46, 0X6E, 0X57, 0XB7, 0X4A, 0X44, 0X7F, 0X02, 0XF3, 0X21, 0XCD, 0XE5, 0X8F, 0X2F, 0X55, 0X35};
|
0X46, 0X6E, 0X57, 0XB7, 0X4A, 0X44, 0X7F, 0X02, 0XF3, 0X21, 0XCD, 0XE5, 0X8F, 0X2F, 0X55, 0X35};
|
||||||
|
|
||||||
|
|
|
@ -235,12 +235,12 @@ static void _derive_misc_keys(key_derivation_ctx_t *keys, bool is_dev) {
|
||||||
|
|
||||||
if (_key_exists(keys->master_key[0])) {
|
if (_key_exists(keys->master_key[0])) {
|
||||||
for (u32 i = 0; i < AES_128_KEY_SIZE; i++)
|
for (u32 i = 0; i < AES_128_KEY_SIZE; i++)
|
||||||
keys->temp_key[i] = aes_kek_generation_source[i] ^ aes_kek_seed_03[i];
|
keys->temp_key[i] = aes_kek_generation_source[i] ^ aes_seal_key_mask_import_es_device_key[i];
|
||||||
_generate_kek(8, eticket_rsa_kekek_source, keys->master_key[0], keys->temp_key, NULL);
|
_generate_kek(8, eticket_rsa_kekek_source, keys->master_key[0], keys->temp_key, NULL);
|
||||||
se_aes_crypt_block_ecb(8, DECRYPT, keys->eticket_rsa_kek, is_dev ? eticket_rsa_kek_source_dev : eticket_rsa_kek_source);
|
se_aes_crypt_block_ecb(8, DECRYPT, keys->eticket_rsa_kek, is_dev ? eticket_rsa_kek_source_dev : eticket_rsa_kek_source);
|
||||||
|
|
||||||
for (u32 i = 0; i < AES_128_KEY_SIZE; i++)
|
for (u32 i = 0; i < AES_128_KEY_SIZE; i++)
|
||||||
keys->temp_key[i] = aes_kek_generation_source[i] ^ aes_kek_seed_01[i];
|
keys->temp_key[i] = aes_kek_generation_source[i] ^ aes_seal_key_mask_decrypt_device_unique_data[i];
|
||||||
_generate_kek(8, ssl_rsa_kek_source_x, keys->master_key[0], keys->temp_key, NULL);
|
_generate_kek(8, ssl_rsa_kek_source_x, keys->master_key[0], keys->temp_key, NULL);
|
||||||
se_aes_crypt_block_ecb(8, DECRYPT, keys->ssl_rsa_kek, ssl_rsa_kek_source_y);
|
se_aes_crypt_block_ecb(8, DECRYPT, keys->ssl_rsa_kek, ssl_rsa_kek_source_y);
|
||||||
}
|
}
|
||||||
|
@ -483,7 +483,7 @@ static bool _derive_titlekeys(key_derivation_ctx_t *keys, titlekey_buffer_t *tit
|
||||||
if (keypair_generation) {
|
if (keypair_generation) {
|
||||||
keypair_generation--;
|
keypair_generation--;
|
||||||
for (u32 i = 0; i < AES_128_KEY_SIZE; i++)
|
for (u32 i = 0; i < AES_128_KEY_SIZE; i++)
|
||||||
keys->temp_key[i] = aes_kek_generation_source[i] ^ aes_kek_seed_03[i];
|
keys->temp_key[i] = aes_kek_generation_source[i] ^ aes_seal_key_mask_import_es_device_key[i];
|
||||||
u32 temp_device_key[AES_128_KEY_SIZE / 4] = {0};
|
u32 temp_device_key[AES_128_KEY_SIZE / 4] = {0};
|
||||||
_get_device_key(7, keys, temp_device_key, keypair_generation);
|
_get_device_key(7, keys, temp_device_key, keypair_generation);
|
||||||
_generate_kek(7, eticket_rsa_kekek_source, temp_device_key, keys->temp_key, NULL);
|
_generate_kek(7, eticket_rsa_kekek_source, temp_device_key, keys->temp_key, NULL);
|
||||||
|
@ -498,8 +498,20 @@ static bool _derive_titlekeys(key_derivation_ctx_t *keys, titlekey_buffer_t *tit
|
||||||
|
|
||||||
// Check public exponent is 65537 big endian
|
// Check public exponent is 65537 big endian
|
||||||
if (_read_be_u32(rsa_keypair.public_exponent, 0) != 65537) {
|
if (_read_be_u32(rsa_keypair.public_exponent, 0) != 65537) {
|
||||||
EPRINTF("Invalid public exponent.");
|
for (u32 i = 0; i < AES_128_KEY_SIZE; i++)
|
||||||
return false;
|
keys->temp_key[i] = aes_kek_generation_source[i] ^ aes_seal_key_mask_import_es_device_key[i];
|
||||||
|
_generate_kek(8, eticket_rsa_kekek_source, keys->master_key[0], keys->temp_key, NULL);
|
||||||
|
se_aes_crypt_block_ecb(8, DECRYPT, keys->temp_key, eticket_rsa_kek_source_legacy);
|
||||||
|
|
||||||
|
se_aes_key_set(6, keys->temp_key, sizeof(keys->temp_key));
|
||||||
|
se_aes_crypt_ctr(6, &rsa_keypair, sizeof(rsa_keypair), eticket_device_key, sizeof(rsa_keypair), eticket_iv);
|
||||||
|
|
||||||
|
if (_read_be_u32(rsa_keypair.public_exponent, 0) != 65537) {
|
||||||
|
EPRINTF("Invalid public exponent.");
|
||||||
|
return false;
|
||||||
|
} else {
|
||||||
|
memcpy(keys->eticket_rsa_kek, keys->temp_key, sizeof(keys->eticket_rsa_kek));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!_test_key_pair(rsa_keypair.public_exponent, rsa_keypair.private_exponent, rsa_keypair.modulus)) {
|
if (!_test_key_pair(rsa_keypair.public_exponent, rsa_keypair.private_exponent, rsa_keypair.modulus)) {
|
||||||
|
@ -702,10 +714,10 @@ static void _save_keys_to_sd(key_derivation_ctx_t *keys, titlekey_buffer_t *titl
|
||||||
SAVE_KEY(per_console_key_source);
|
SAVE_KEY(per_console_key_source);
|
||||||
SAVE_KEY(retail_specific_aes_key_source);
|
SAVE_KEY(retail_specific_aes_key_source);
|
||||||
for (u32 i = 0; i < AES_128_KEY_SIZE; i++)
|
for (u32 i = 0; i < AES_128_KEY_SIZE; i++)
|
||||||
keys->temp_key[i] = aes_kek_generation_source[i] ^ aes_kek_seed_03[i];
|
keys->temp_key[i] = aes_kek_generation_source[i] ^ aes_seal_key_mask_import_es_device_key[i];
|
||||||
SAVE_KEY_VAR(rsa_oaep_kek_generation_source, keys->temp_key);
|
SAVE_KEY_VAR(rsa_oaep_kek_generation_source, keys->temp_key);
|
||||||
for (u32 i = 0; i < AES_128_KEY_SIZE; i++)
|
for (u32 i = 0; i < AES_128_KEY_SIZE; i++)
|
||||||
keys->temp_key[i] = aes_kek_generation_source[i] ^ aes_kek_seed_01[i];
|
keys->temp_key[i] = aes_kek_generation_source[i] ^ aes_seal_key_mask_decrypt_device_unique_data[i];
|
||||||
SAVE_KEY_VAR(rsa_private_kek_generation_source, keys->temp_key);
|
SAVE_KEY_VAR(rsa_private_kek_generation_source, keys->temp_key);
|
||||||
SAVE_KEY(save_mac_kek_source);
|
SAVE_KEY(save_mac_kek_source);
|
||||||
SAVE_KEY_VAR(save_mac_key, keys->save_mac_key);
|
SAVE_KEY_VAR(save_mac_key, keys->save_mac_key);
|
||||||
|
|
Loading…
Reference in New Issue