mirror of
https://github.com/Atmosphere-NX/Atmosphere.git
synced 2024-11-18 01:46:47 +00:00
spl: Implement non-Lotus FsService commands.
This commit is contained in:
parent
5633444d5e
commit
85e8506fa8
7 changed files with 140 additions and 3 deletions
44
stratosphere/spl/source/spl_fs_service.cpp
Normal file
44
stratosphere/spl/source/spl_fs_service.cpp
Normal file
|
@ -0,0 +1,44 @@
|
|||
/*
|
||||
* Copyright (c) 2018-2019 Atmosphère-NX
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms and conditions of the GNU General Public License,
|
||||
* version 2, as published by the Free Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope it will be useful, but WITHOUT
|
||||
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
||||
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|
||||
* more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <switch.h>
|
||||
#include <stratosphere.hpp>
|
||||
|
||||
#include "spl_fs_service.hpp"
|
||||
|
||||
Result FsService::ImportLotusKey(InPointer<u8> src, AccessKey access_key, KeySource key_source, u32 option) {
|
||||
return ResultSuccess;
|
||||
/* TODO */
|
||||
return ResultKernelConnectionClosed;
|
||||
}
|
||||
|
||||
Result FsService::DecryptLotusMessage(Out<size_t> out_size, OutPointerWithClientSize<u8> out, InPointer<u8> base, InPointer<u8> mod, InPointer<u8> label_digest) {
|
||||
return ResultSuccess;
|
||||
/* TODO */
|
||||
return ResultKernelConnectionClosed;
|
||||
}
|
||||
|
||||
Result FsService::GenerateSpecificAesKey(Out<AesKey> out_key, KeySource key_source, u32 generation, u32 which) {
|
||||
return this->GetSecureMonitorWrapper()->GenerateSpecificAesKey(out_key.GetPointer(), key_source, generation, which);
|
||||
}
|
||||
|
||||
Result FsService::LoadTitleKey(u32 keyslot, AccessKey access_key) {
|
||||
return this->GetSecureMonitorWrapper()->LoadTitleKey(keyslot, this, access_key);
|
||||
}
|
||||
|
||||
Result FsService::GetPackage2Hash(OutPointerWithClientSize<u8> dst) {
|
||||
return this->GetSecureMonitorWrapper()->GetPackage2Hash(dst.pointer, dst.num_elements);
|
||||
}
|
65
stratosphere/spl/source/spl_fs_service.hpp
Normal file
65
stratosphere/spl/source/spl_fs_service.hpp
Normal file
|
@ -0,0 +1,65 @@
|
|||
/*
|
||||
* Copyright (c) 2018-2019 Atmosphère-NX
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms and conditions of the GNU General Public License,
|
||||
* version 2, as published by the Free Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope it will be useful, but WITHOUT
|
||||
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
||||
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|
||||
* more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#pragma once
|
||||
#include <switch.h>
|
||||
#include <stratosphere.hpp>
|
||||
|
||||
#include "spl_types.hpp"
|
||||
#include "spl_crypto_service.hpp"
|
||||
|
||||
class FsService : public CryptoService {
|
||||
public:
|
||||
FsService(SecureMonitorWrapper *sw) : CryptoService(sw) {
|
||||
/* ... */
|
||||
}
|
||||
|
||||
virtual ~FsService() {
|
||||
/* ... */
|
||||
}
|
||||
protected:
|
||||
/* Actual commands. */
|
||||
virtual Result ImportLotusKey(InPointer<u8> src, AccessKey access_key, KeySource key_source, u32 option);
|
||||
virtual Result DecryptLotusMessage(Out<size_t> out_size, OutPointerWithClientSize<u8> out, InPointer<u8> base, InPointer<u8> mod, InPointer<u8> label_digest);
|
||||
virtual Result GenerateSpecificAesKey(Out<AesKey> out_key, KeySource key_source, u32 generation, u32 which);
|
||||
virtual Result LoadTitleKey(u32 keyslot, AccessKey access_key);
|
||||
virtual Result GetPackage2Hash(OutPointerWithClientSize<u8> dst);
|
||||
public:
|
||||
DEFINE_SERVICE_DISPATCH_TABLE {
|
||||
MakeServiceCommandMeta<Spl_Cmd_GetConfig, &FsService::GetConfig>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_ExpMod, &FsService::ExpMod>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_SetConfig, &FsService::SetConfig>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_GenerateRandomBytes, &FsService::GenerateRandomBytes>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_IsDevelopment, &FsService::IsDevelopment>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_SetBootReason, &FsService::SetBootReason, FirmwareVersion_300>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_GetBootReason, &FsService::GetBootReason, FirmwareVersion_300>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_GenerateAesKek, &FsService::GenerateAesKek>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_LoadAesKey, &FsService::LoadAesKey>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_GenerateAesKey, &FsService::GenerateAesKey>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_DecryptAesKey, &FsService::DecryptAesKey>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_CryptAesCtr, &FsService::CryptAesCtr>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_ComputeCmac, &FsService::ComputeCmac>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_AllocateAesKeyslot, &FsService::AllocateAesKeyslot, FirmwareVersion_200>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_FreeAesKeyslot, &FsService::FreeAesKeyslot, FirmwareVersion_200>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_GetAesKeyslotAvailableEvent, &FsService::GetAesKeyslotAvailableEvent, FirmwareVersion_200>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_ImportLotusKey, &FsService::ImportLotusKey>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_DecryptLotusMessage, &FsService::DecryptLotusMessage>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_GenerateSpecificAesKey, &FsService::GenerateSpecificAesKey>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_LoadTitleKey, &FsService::LoadTitleKey>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_GetPackage2Hash, &FsService::GetPackage2Hash, FirmwareVersion_500>(),
|
||||
|
||||
};
|
||||
};
|
|
@ -27,6 +27,7 @@
|
|||
#include "spl_crypto_service.hpp"
|
||||
#include "spl_ssl_service.hpp"
|
||||
#include "spl_es_service.hpp"
|
||||
#include "spl_fs_service.hpp"
|
||||
#include "spl_manu_service.hpp"
|
||||
|
||||
extern "C" {
|
||||
|
@ -92,6 +93,7 @@ static const auto MakeGeneralService = []() { return std::make_shared<GeneralSer
|
|||
static const auto MakeCryptoService = []() { return std::make_shared<CryptoService>(&s_secmon_wrapper); };
|
||||
static const auto MakeSslService = []() { return std::make_shared<SslService>(&s_secmon_wrapper); };
|
||||
static const auto MakeEsService = []() { return std::make_shared<EsService>(&s_secmon_wrapper); };
|
||||
static const auto MakeFsService = []() { return std::make_shared<FsService>(&s_secmon_wrapper); };
|
||||
static const auto MakeManuService = []() { return std::make_shared<ManuService>(&s_secmon_wrapper); };
|
||||
|
||||
int main(int argc, char **argv)
|
||||
|
@ -111,13 +113,15 @@ int main(int argc, char **argv)
|
|||
s_server_manager.AddWaitable(new ServiceServer<CryptoService, +MakeCryptoService>("spl:mig", 6));
|
||||
s_server_manager.AddWaitable(new ServiceServer<SslService, +MakeSslService>("spl:ssl", 2));
|
||||
s_server_manager.AddWaitable(new ServiceServer<EsService, +MakeEsService>("spl:es", 2));
|
||||
/* TODO: spl:fs. */
|
||||
s_server_manager.AddWaitable(new ServiceServer<FsService, +MakeFsService>("spl:fs", 2));
|
||||
if (GetRuntimeFirmwareVersion() >= FirmwareVersion_500) {
|
||||
s_server_manager.AddWaitable(new ServiceServer<ManuService, +MakeManuService>("spl:manu", 1));
|
||||
}
|
||||
} else {
|
||||
/* TODO, DeprecatedGeneralService */
|
||||
}
|
||||
|
||||
RebootToRcm();
|
||||
|
||||
/* Loop forever, servicing our services. */
|
||||
s_server_manager.Process();
|
||||
|
|
|
@ -726,6 +726,10 @@ Result SecureMonitorWrapper::LoadElicenseKey(u32 keyslot, const void *owner, con
|
|||
return LoadTitleKey(keyslot, owner, access_key);
|
||||
}
|
||||
|
||||
Result SecureMonitorWrapper::GenerateSpecificAesKey(AesKey *out_key, const KeySource &key_source, u32 generation, u32 which) {
|
||||
return ConvertToSplResult(SmcWrapper::GenerateSpecificAesKey(out_key, key_source, generation, which));
|
||||
}
|
||||
|
||||
Result SecureMonitorWrapper::LoadTitleKey(u32 keyslot, const void *owner, const AccessKey &access_key) {
|
||||
Result rc = ValidateAesKeyslot(keyslot, owner);
|
||||
if (R_FAILED(rc)) {
|
||||
|
@ -734,6 +738,22 @@ Result SecureMonitorWrapper::LoadTitleKey(u32 keyslot, const void *owner, const
|
|||
return ConvertToSplResult(SmcWrapper::LoadTitleKey(keyslot, access_key));
|
||||
}
|
||||
|
||||
Result SecureMonitorWrapper::GetPackage2Hash(void *dst, const size_t size) {
|
||||
u64 hash[4];
|
||||
|
||||
if (size < sizeof(hash)) {
|
||||
return ResultSplInvalidSize;
|
||||
}
|
||||
|
||||
SmcResult smc_res;
|
||||
if ((smc_res = SmcWrapper::GetConfig(hash, 4, SplConfigItem_Package2Hash)) != SmcResult_Success) {
|
||||
return ConvertToSplResult(smc_res);
|
||||
}
|
||||
|
||||
std::memcpy(dst, hash, sizeof(hash));
|
||||
return ResultSuccess;
|
||||
}
|
||||
|
||||
Result SecureMonitorWrapper::ReEncryptRsaPrivateKey(void *dst, size_t dst_size, const void *src, size_t src_size, const AccessKey &access_key_dec, const KeySource &source_dec, const AccessKey &access_key_enc, const KeySource &source_enc, u32 option) {
|
||||
struct ReEncryptRsaPrivateKeyLayout {
|
||||
u8 data[RsaPrivateKeyMetaSize + 2 * RsaPrivateKeySize + 0x10];
|
||||
|
|
|
@ -93,7 +93,9 @@ class SecureMonitorWrapper {
|
|||
Result LoadElicenseKey(u32 keyslot, const void *owner, const AccessKey &access_key);
|
||||
|
||||
/* FS */
|
||||
Result GenerateSpecificAesKey(AesKey *out_key, const KeySource &key_source, u32 generation, u32 which);
|
||||
Result LoadTitleKey(u32 keyslot, const void *owner, const AccessKey &access_key);
|
||||
Result GetPackage2Hash(void *dst, const size_t size);
|
||||
|
||||
/* Manu. */
|
||||
Result ReEncryptRsaPrivateKey(void *dst, size_t dst_size, const void *src, size_t src_size, const AccessKey &access_key_dec, const KeySource &source_dec, const AccessKey &access_key_enc, const KeySource &source_enc, u32 option);
|
||||
|
|
|
@ -168,7 +168,7 @@ SmcResult SmcWrapper::CryptAes(AsyncOperationKey *out_op, u32 mode, const IvCtr
|
|||
return static_cast<SmcResult>(args.X[0]);
|
||||
}
|
||||
|
||||
SmcResult SmcWrapper::GenerateSpecificAesKey(u64 *out, const KeySource &source, u32 generation, u32 which) {
|
||||
SmcResult SmcWrapper::GenerateSpecificAesKey(AesKey *out_key, const KeySource &source, u32 generation, u32 which) {
|
||||
SecmonArgs args;
|
||||
|
||||
args.X[0] = SmcFunctionId_GenerateSpecificAesKey;
|
||||
|
@ -178,6 +178,8 @@ SmcResult SmcWrapper::GenerateSpecificAesKey(u64 *out, const KeySource &source,
|
|||
args.X[4] = which;
|
||||
svcCallSecureMonitor(&args);
|
||||
|
||||
out_key->data64[0] = args.X[1];
|
||||
out_key->data64[1] = args.X[2];
|
||||
return static_cast<SmcResult>(args.X[0]);
|
||||
}
|
||||
|
||||
|
|
|
@ -38,7 +38,7 @@ class SmcWrapper {
|
|||
static SmcResult GenerateAesKek(AccessKey *out, const KeySource &source, u32 generation, u32 option);
|
||||
static SmcResult LoadAesKey(u32 keyslot, const AccessKey &access_key, const KeySource &source);
|
||||
static SmcResult CryptAes(AsyncOperationKey *out_op, u32 mode, const IvCtr &iv_ctr, u32 dst_addr, u32 src_addr, size_t size);
|
||||
static SmcResult GenerateSpecificAesKey(u64 *out, const KeySource &source, u32 generation, u32 which);
|
||||
static SmcResult GenerateSpecificAesKey(AesKey *out_key, const KeySource &source, u32 generation, u32 which);
|
||||
static SmcResult ComputeCmac(Cmac *out_mac, u32 keyslot, const void *data, size_t size);
|
||||
static SmcResult ReEncryptRsaPrivateKey(void *data, size_t size, const AccessKey &access_key_dec, const KeySource &source_dec, const AccessKey &access_key_enc, const KeySource &source_enc, u32 option);
|
||||
static SmcResult DecryptOrImportRsaPrivateKey(void *data, size_t size, const AccessKey &access_key, const KeySource &source, u32 option);
|
||||
|
|
Loading…
Reference in a new issue