1
0
Fork 0
mirror of https://github.com/Atmosphere-NX/Atmosphere.git synced 2024-11-17 17:36:44 +00:00

spl: Implement non-Lotus FsService commands.

This commit is contained in:
Michael Scire 2019-04-25 00:33:10 -07:00
parent 5633444d5e
commit 85e8506fa8
7 changed files with 140 additions and 3 deletions

View file

@ -0,0 +1,44 @@
/*
* Copyright (c) 2018-2019 Atmosphère-NX
*
* This program is free software; you can redistribute it and/or modify it
* under the terms and conditions of the GNU General Public License,
* version 2, as published by the Free Software Foundation.
*
* This program is distributed in the hope it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <switch.h>
#include <stratosphere.hpp>
#include "spl_fs_service.hpp"
Result FsService::ImportLotusKey(InPointer<u8> src, AccessKey access_key, KeySource key_source, u32 option) {
return ResultSuccess;
/* TODO */
return ResultKernelConnectionClosed;
}
Result FsService::DecryptLotusMessage(Out<size_t> out_size, OutPointerWithClientSize<u8> out, InPointer<u8> base, InPointer<u8> mod, InPointer<u8> label_digest) {
return ResultSuccess;
/* TODO */
return ResultKernelConnectionClosed;
}
Result FsService::GenerateSpecificAesKey(Out<AesKey> out_key, KeySource key_source, u32 generation, u32 which) {
return this->GetSecureMonitorWrapper()->GenerateSpecificAesKey(out_key.GetPointer(), key_source, generation, which);
}
Result FsService::LoadTitleKey(u32 keyslot, AccessKey access_key) {
return this->GetSecureMonitorWrapper()->LoadTitleKey(keyslot, this, access_key);
}
Result FsService::GetPackage2Hash(OutPointerWithClientSize<u8> dst) {
return this->GetSecureMonitorWrapper()->GetPackage2Hash(dst.pointer, dst.num_elements);
}

View file

@ -0,0 +1,65 @@
/*
* Copyright (c) 2018-2019 Atmosphère-NX
*
* This program is free software; you can redistribute it and/or modify it
* under the terms and conditions of the GNU General Public License,
* version 2, as published by the Free Software Foundation.
*
* This program is distributed in the hope it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#pragma once
#include <switch.h>
#include <stratosphere.hpp>
#include "spl_types.hpp"
#include "spl_crypto_service.hpp"
class FsService : public CryptoService {
public:
FsService(SecureMonitorWrapper *sw) : CryptoService(sw) {
/* ... */
}
virtual ~FsService() {
/* ... */
}
protected:
/* Actual commands. */
virtual Result ImportLotusKey(InPointer<u8> src, AccessKey access_key, KeySource key_source, u32 option);
virtual Result DecryptLotusMessage(Out<size_t> out_size, OutPointerWithClientSize<u8> out, InPointer<u8> base, InPointer<u8> mod, InPointer<u8> label_digest);
virtual Result GenerateSpecificAesKey(Out<AesKey> out_key, KeySource key_source, u32 generation, u32 which);
virtual Result LoadTitleKey(u32 keyslot, AccessKey access_key);
virtual Result GetPackage2Hash(OutPointerWithClientSize<u8> dst);
public:
DEFINE_SERVICE_DISPATCH_TABLE {
MakeServiceCommandMeta<Spl_Cmd_GetConfig, &FsService::GetConfig>(),
MakeServiceCommandMeta<Spl_Cmd_ExpMod, &FsService::ExpMod>(),
MakeServiceCommandMeta<Spl_Cmd_SetConfig, &FsService::SetConfig>(),
MakeServiceCommandMeta<Spl_Cmd_GenerateRandomBytes, &FsService::GenerateRandomBytes>(),
MakeServiceCommandMeta<Spl_Cmd_IsDevelopment, &FsService::IsDevelopment>(),
MakeServiceCommandMeta<Spl_Cmd_SetBootReason, &FsService::SetBootReason, FirmwareVersion_300>(),
MakeServiceCommandMeta<Spl_Cmd_GetBootReason, &FsService::GetBootReason, FirmwareVersion_300>(),
MakeServiceCommandMeta<Spl_Cmd_GenerateAesKek, &FsService::GenerateAesKek>(),
MakeServiceCommandMeta<Spl_Cmd_LoadAesKey, &FsService::LoadAesKey>(),
MakeServiceCommandMeta<Spl_Cmd_GenerateAesKey, &FsService::GenerateAesKey>(),
MakeServiceCommandMeta<Spl_Cmd_DecryptAesKey, &FsService::DecryptAesKey>(),
MakeServiceCommandMeta<Spl_Cmd_CryptAesCtr, &FsService::CryptAesCtr>(),
MakeServiceCommandMeta<Spl_Cmd_ComputeCmac, &FsService::ComputeCmac>(),
MakeServiceCommandMeta<Spl_Cmd_AllocateAesKeyslot, &FsService::AllocateAesKeyslot, FirmwareVersion_200>(),
MakeServiceCommandMeta<Spl_Cmd_FreeAesKeyslot, &FsService::FreeAesKeyslot, FirmwareVersion_200>(),
MakeServiceCommandMeta<Spl_Cmd_GetAesKeyslotAvailableEvent, &FsService::GetAesKeyslotAvailableEvent, FirmwareVersion_200>(),
MakeServiceCommandMeta<Spl_Cmd_ImportLotusKey, &FsService::ImportLotusKey>(),
MakeServiceCommandMeta<Spl_Cmd_DecryptLotusMessage, &FsService::DecryptLotusMessage>(),
MakeServiceCommandMeta<Spl_Cmd_GenerateSpecificAesKey, &FsService::GenerateSpecificAesKey>(),
MakeServiceCommandMeta<Spl_Cmd_LoadTitleKey, &FsService::LoadTitleKey>(),
MakeServiceCommandMeta<Spl_Cmd_GetPackage2Hash, &FsService::GetPackage2Hash, FirmwareVersion_500>(),
};
};

View file

@ -27,6 +27,7 @@
#include "spl_crypto_service.hpp"
#include "spl_ssl_service.hpp"
#include "spl_es_service.hpp"
#include "spl_fs_service.hpp"
#include "spl_manu_service.hpp"
extern "C" {
@ -92,6 +93,7 @@ static const auto MakeGeneralService = []() { return std::make_shared<GeneralSer
static const auto MakeCryptoService = []() { return std::make_shared<CryptoService>(&s_secmon_wrapper); };
static const auto MakeSslService = []() { return std::make_shared<SslService>(&s_secmon_wrapper); };
static const auto MakeEsService = []() { return std::make_shared<EsService>(&s_secmon_wrapper); };
static const auto MakeFsService = []() { return std::make_shared<FsService>(&s_secmon_wrapper); };
static const auto MakeManuService = []() { return std::make_shared<ManuService>(&s_secmon_wrapper); };
int main(int argc, char **argv)
@ -111,13 +113,15 @@ int main(int argc, char **argv)
s_server_manager.AddWaitable(new ServiceServer<CryptoService, +MakeCryptoService>("spl:mig", 6));
s_server_manager.AddWaitable(new ServiceServer<SslService, +MakeSslService>("spl:ssl", 2));
s_server_manager.AddWaitable(new ServiceServer<EsService, +MakeEsService>("spl:es", 2));
/* TODO: spl:fs. */
s_server_manager.AddWaitable(new ServiceServer<FsService, +MakeFsService>("spl:fs", 2));
if (GetRuntimeFirmwareVersion() >= FirmwareVersion_500) {
s_server_manager.AddWaitable(new ServiceServer<ManuService, +MakeManuService>("spl:manu", 1));
}
} else {
/* TODO, DeprecatedGeneralService */
}
RebootToRcm();
/* Loop forever, servicing our services. */
s_server_manager.Process();

View file

@ -726,6 +726,10 @@ Result SecureMonitorWrapper::LoadElicenseKey(u32 keyslot, const void *owner, con
return LoadTitleKey(keyslot, owner, access_key);
}
Result SecureMonitorWrapper::GenerateSpecificAesKey(AesKey *out_key, const KeySource &key_source, u32 generation, u32 which) {
return ConvertToSplResult(SmcWrapper::GenerateSpecificAesKey(out_key, key_source, generation, which));
}
Result SecureMonitorWrapper::LoadTitleKey(u32 keyslot, const void *owner, const AccessKey &access_key) {
Result rc = ValidateAesKeyslot(keyslot, owner);
if (R_FAILED(rc)) {
@ -734,6 +738,22 @@ Result SecureMonitorWrapper::LoadTitleKey(u32 keyslot, const void *owner, const
return ConvertToSplResult(SmcWrapper::LoadTitleKey(keyslot, access_key));
}
Result SecureMonitorWrapper::GetPackage2Hash(void *dst, const size_t size) {
u64 hash[4];
if (size < sizeof(hash)) {
return ResultSplInvalidSize;
}
SmcResult smc_res;
if ((smc_res = SmcWrapper::GetConfig(hash, 4, SplConfigItem_Package2Hash)) != SmcResult_Success) {
return ConvertToSplResult(smc_res);
}
std::memcpy(dst, hash, sizeof(hash));
return ResultSuccess;
}
Result SecureMonitorWrapper::ReEncryptRsaPrivateKey(void *dst, size_t dst_size, const void *src, size_t src_size, const AccessKey &access_key_dec, const KeySource &source_dec, const AccessKey &access_key_enc, const KeySource &source_enc, u32 option) {
struct ReEncryptRsaPrivateKeyLayout {
u8 data[RsaPrivateKeyMetaSize + 2 * RsaPrivateKeySize + 0x10];

View file

@ -93,7 +93,9 @@ class SecureMonitorWrapper {
Result LoadElicenseKey(u32 keyslot, const void *owner, const AccessKey &access_key);
/* FS */
Result GenerateSpecificAesKey(AesKey *out_key, const KeySource &key_source, u32 generation, u32 which);
Result LoadTitleKey(u32 keyslot, const void *owner, const AccessKey &access_key);
Result GetPackage2Hash(void *dst, const size_t size);
/* Manu. */
Result ReEncryptRsaPrivateKey(void *dst, size_t dst_size, const void *src, size_t src_size, const AccessKey &access_key_dec, const KeySource &source_dec, const AccessKey &access_key_enc, const KeySource &source_enc, u32 option);

View file

@ -168,7 +168,7 @@ SmcResult SmcWrapper::CryptAes(AsyncOperationKey *out_op, u32 mode, const IvCtr
return static_cast<SmcResult>(args.X[0]);
}
SmcResult SmcWrapper::GenerateSpecificAesKey(u64 *out, const KeySource &source, u32 generation, u32 which) {
SmcResult SmcWrapper::GenerateSpecificAesKey(AesKey *out_key, const KeySource &source, u32 generation, u32 which) {
SecmonArgs args;
args.X[0] = SmcFunctionId_GenerateSpecificAesKey;
@ -178,6 +178,8 @@ SmcResult SmcWrapper::GenerateSpecificAesKey(u64 *out, const KeySource &source,
args.X[4] = which;
svcCallSecureMonitor(&args);
out_key->data64[0] = args.X[1];
out_key->data64[1] = args.X[2];
return static_cast<SmcResult>(args.X[0]);
}

View file

@ -38,7 +38,7 @@ class SmcWrapper {
static SmcResult GenerateAesKek(AccessKey *out, const KeySource &source, u32 generation, u32 option);
static SmcResult LoadAesKey(u32 keyslot, const AccessKey &access_key, const KeySource &source);
static SmcResult CryptAes(AsyncOperationKey *out_op, u32 mode, const IvCtr &iv_ctr, u32 dst_addr, u32 src_addr, size_t size);
static SmcResult GenerateSpecificAesKey(u64 *out, const KeySource &source, u32 generation, u32 which);
static SmcResult GenerateSpecificAesKey(AesKey *out_key, const KeySource &source, u32 generation, u32 which);
static SmcResult ComputeCmac(Cmac *out_mac, u32 keyslot, const void *data, size_t size);
static SmcResult ReEncryptRsaPrivateKey(void *data, size_t size, const AccessKey &access_key_dec, const KeySource &source_dec, const AccessKey &access_key_enc, const KeySource &source_enc, u32 option);
static SmcResult DecryptOrImportRsaPrivateKey(void *data, size_t size, const AccessKey &access_key, const KeySource &source, u32 option);