From f5ec4a3a3715cc066d82a6ea4d866da300a59efb Mon Sep 17 00:00:00 2001 From: CTCaer Date: Sat, 28 Aug 2021 17:53:14 +0300 Subject: [PATCH] hekate/Nyx: remove Sept completely - remove any reference to sept and parsing of it - completely refactor and simplify keygen - use new Atmo tsec keygen for 7.0.0 and up - simplify all info/tools that depend on hos keygen and bis keys --- bootloader/config.c | 3 - bootloader/config.h | 5 +- bootloader/frontend/fe_info.h | 2 +- bootloader/frontend/fe_tools.c | 51 +-- bootloader/frontend/fe_tools.h | 2 +- bootloader/hos/fss.c | 161 +++----- bootloader/hos/fss.h | 14 +- bootloader/hos/hos.c | 434 +++++++++---------- bootloader/hos/hos.h | 36 +- bootloader/hos/hos_config.c | 4 +- bootloader/hos/pkg1.c | 2 +- bootloader/hos/pkg2.c | 46 ++- bootloader/hos/pkg2.h | 2 +- bootloader/hos/sept.c | 278 ------------- bootloader/hos/sept.h | 25 -- bootloader/main.c | 66 +-- nyx/nyx_gui/config.c | 4 - nyx/nyx_gui/config.h | 4 - nyx/nyx_gui/frontend/fe_emummc_tools.c | 163 +------- nyx/nyx_gui/frontend/gui.c | 26 +- nyx/nyx_gui/frontend/gui_emmc_tools.c | 1 - nyx/nyx_gui/frontend/gui_info.c | 145 ++----- nyx/nyx_gui/frontend/gui_info.h | 3 +- nyx/nyx_gui/frontend/gui_tools.c | 75 +--- nyx/nyx_gui/frontend/gui_tools.h | 3 +- nyx/nyx_gui/hos/hos.c | 549 ++++++++++--------------- nyx/nyx_gui/hos/hos.h | 34 +- nyx/nyx_gui/hos/pkg1.c | 2 +- nyx/nyx_gui/hos/pkg2.c | 40 +- nyx/nyx_gui/hos/sept.c | 175 -------- nyx/nyx_gui/hos/sept.h | 26 -- nyx/nyx_gui/storage/nx_emmc_bis.c | 2 +- 32 files changed, 661 insertions(+), 1722 deletions(-) delete mode 100644 bootloader/hos/sept.c delete mode 100644 bootloader/hos/sept.h delete mode 100644 nyx/nyx_gui/hos/sept.c delete mode 100644 nyx/nyx_gui/hos/sept.h diff --git a/bootloader/config.c b/bootloader/config.c index a83172f..271ff5e 100644 --- a/bootloader/config.c +++ b/bootloader/config.c @@ -38,7 +38,6 @@ void set_default_configuration() h_cfg.autoboot = 0; h_cfg.autoboot_list = 0; h_cfg.bootwait = 3; - h_cfg.se_keygen_done = 0; h_cfg.backlight = 100; h_cfg.autohosoff = 0; h_cfg.autonogc = 1; @@ -46,8 +45,6 @@ void set_default_configuration() h_cfg.bootprotect = 0; h_cfg.errors = 0; h_cfg.eks = NULL; - h_cfg.sept_run = EMC(EMC_SCRATCH0) & EMC_SEPT_RUN; - h_cfg.aes_slots_new = false; h_cfg.rcm_patched = fuse_check_patched_rcm(); h_cfg.emummc_force_disable = false; h_cfg.t210b01 = hw_get_chip_id() == GP_HIDREV_MAJOR_T210B01; diff --git a/bootloader/config.h b/bootloader/config.h index 09c360a..11f7f26 100644 --- a/bootloader/config.h +++ b/bootloader/config.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2019 CTCaer + * Copyright (c) 2018-2021 CTCaer * * This program is free software; you can redistribute it and/or modify it * under the terms and conditions of the GNU General Public License, @@ -33,9 +33,6 @@ typedef struct _hekate_config u32 bootprotect; // Global temporary config. bool t210b01; - bool se_keygen_done; - bool sept_run; - bool aes_slots_new; bool emummc_force_disable; bool rcm_patched; u32 errors; diff --git a/bootloader/frontend/fe_info.h b/bootloader/frontend/fe_info.h index ba044d9..5818bee 100644 --- a/bootloader/frontend/fe_info.h +++ b/bootloader/frontend/fe_info.h @@ -1,6 +1,6 @@ /* * Copyright (c) 2018 naehrwert - * Copyright (c) 2018 CTCaer + * Copyright (c) 2018-2021 CTCaer * Copyright (c) 2018 balika011 * * This program is free software; you can redistribute it and/or modify it diff --git a/bootloader/frontend/fe_tools.c b/bootloader/frontend/fe_tools.c index dabbd43..3ec6dd0 100644 --- a/bootloader/frontend/fe_tools.c +++ b/bootloader/frontend/fe_tools.c @@ -26,7 +26,6 @@ #include "../hos/hos.h" #include "../hos/pkg1.h" #include "../hos/pkg2.h" -#include "../hos/sept.h" #include #include #include @@ -90,38 +89,18 @@ void dump_packages12() kb = pkg1_id->kb; - if (!h_cfg.se_keygen_done) - { - tsec_ctxt.fw = (void *)pkg1 + pkg1_id->tsec_off; - tsec_ctxt.pkg1 = (void *)pkg1; - tsec_ctxt.pkg11_off = pkg1_id->pkg11_off; - tsec_ctxt.secmon_base = pkg1_id->secmon_base; + tsec_ctxt.fw = (void *)pkg1 + pkg1_id->tsec_off; + tsec_ctxt.pkg1 = (void *)pkg1; + tsec_ctxt.pkg11_off = pkg1_id->pkg11_off; + tsec_ctxt.secmon_base = pkg1_id->secmon_base; - if (kb >= KB_FIRMWARE_VERSION_700 && !h_cfg.sept_run) - { - b_cfg.autoboot = 0; - b_cfg.autoboot_list = 0; + // Read keyblob. + u8 *keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1); + sdmmc_storage_read(&emmc_storage, 0x180000 / NX_EMMC_BLOCKSIZE + kb, 1, keyblob); - gfx_printf("sept will run to get the keys.\nThen rerun this option."); - btn_wait(); - - if (!reboot_to_sept((u8 *)tsec_ctxt.fw, kb, NULL)) - { - gfx_printf("Failed to run sept\n"); - goto out_free; - } - } - - // Read keyblob. - u8 *keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1); - sdmmc_storage_read(&emmc_storage, 0x180000 / NX_EMMC_BLOCKSIZE + kb, 1, keyblob); - - // Decrypt. - hos_keygen(keyblob, kb, &tsec_ctxt, NULL); - if (kb <= KB_FIRMWARE_VERSION_600) - h_cfg.se_keygen_done = 1; - free(keyblob); - } + // Decrypt. + hos_keygen(keyblob, kb, &tsec_ctxt, false, false); + free(keyblob); if (kb <= KB_FIRMWARE_VERSION_600) pkg1_decrypt(pkg1_id, pkg1); @@ -199,8 +178,16 @@ void dump_packages12() pkg2 = malloc(pkg2_size_aligned); nx_emmc_part_read(&emmc_storage, pkg2_part, 0x4000 / NX_EMMC_BLOCKSIZE, pkg2_size_aligned / NX_EMMC_BLOCKSIZE, pkg2); + +#if 0 + emmcsn_path_impl(path, "/pkg2", "pkg2_encr.bin", &emmc_storage); + if (sd_save_to_file(pkg2, pkg2_size_aligned, path)) + goto out; + gfx_puts("\npkg2 dumped to pkg2_encr.bin\n"); +#endif + // Decrypt package2 and parse KIP1 blobs in INI1 section. - pkg2_hdr_t *pkg2_hdr = pkg2_decrypt(pkg2, kb); + pkg2_hdr_t *pkg2_hdr = pkg2_decrypt(pkg2, kb, false); if (!pkg2_hdr) { gfx_printf("Pkg2 decryption failed!\n"); diff --git a/bootloader/frontend/fe_tools.h b/bootloader/frontend/fe_tools.h index 7b8e99b..637bcab 100644 --- a/bootloader/frontend/fe_tools.h +++ b/bootloader/frontend/fe_tools.h @@ -1,6 +1,6 @@ /* * Copyright (c) 2018 naehrwert - * Copyright (c) 2018 CTCaer + * Copyright (c) 2018-2021 CTCaer * * This program is free software; you can redistribute it and/or modify it * under the terms and conditions of the GNU General Public License, diff --git a/bootloader/hos/fss.c b/bootloader/hos/fss.c index d0c1e15..312113f 100644 --- a/bootloader/hos/fss.c +++ b/bootloader/hos/fss.c @@ -1,7 +1,7 @@ /* * Atmosphère Fusée Secondary Storage parser. * - * Copyright (c) 2019-2020 CTCaer + * Copyright (c) 2019-2021 CTCaer * * This program is free software; you can redistribute it and/or modify it * under the terms and conditions of the GNU General Public License, @@ -51,6 +51,7 @@ extern bool is_ipl_updated(void *buf, char *path, bool force); #define CNT_TYPE_KLD 9 // Kernel Loader. #define CNT_TYPE_KRN 10 // Kernel. #define CNT_TYPE_EXF 11 // Exosphere Mariko fatal payload. +#define CNT_TYPE_TKG 12 // Tsec Keygen. // FSS0 Content Flags. #define CNT_FLAG0_EXPERIMENTAL BIT(0) @@ -116,33 +117,30 @@ static void _update_r2p(launch_ctxt_t *ctxt, const char *path) free(r2p_path); } -int parse_fss(launch_ctxt_t *ctxt, const char *path, fss0_sept_t *sept_ctxt) +int parse_fss(launch_ctxt_t *ctxt, const char *path) { FIL fp; bool stock = false; - int sept_used = 0; // Skip if stock and Exosphere and warmboot are not needed. - if (!sept_ctxt) - { - bool pkg1_old = ctxt->pkg1_id->kb <= KB_FIRMWARE_VERSION_620; - bool emummc_disabled = !emu_cfg.enabled || h_cfg.emummc_force_disable; + bool pkg1_old = ctxt->pkg1_id->kb <= KB_FIRMWARE_VERSION_620; // Should check if t210b01? + bool emummc_disabled = !emu_cfg.enabled || h_cfg.emummc_force_disable; - LIST_FOREACH_ENTRY(ini_kv_t, kv, &ctxt->cfg->kvs, link) - { - if (!strcmp("stock", kv->key)) - if (kv->val[0] == '1') - stock = true; - } + LIST_FOREACH_ENTRY(ini_kv_t, kv, &ctxt->cfg->kvs, link) + { + if (!strcmp("stock", kv->key)) + if (kv->val[0] == '1') + stock = true; + } #ifdef HOS_MARIKO_STOCK_SECMON - if (stock && emummc_disabled && (pkg1_old || h_cfg.t210b01)) + if (stock && emummc_disabled && (pkg1_old || h_cfg.t210b01)) + return 1; #else - if (stock && emummc_disabled && pkg1_old) + if (stock && emummc_disabled && pkg1_old) + return 1; #endif - return 1; - } if (f_open(&fp, path, FA_READ) != FR_OK) return 0; @@ -160,16 +158,13 @@ int parse_fss(launch_ctxt_t *ctxt, const char *path, fss0_sept_t *sept_ctxt) if (fss_meta->magic == FSS0_MAGIC) { gfx_printf("Found FSS0, Atmosphere %d.%d.%d-%08x\n" - "Max HOS supported: %d.%d.%d\n" - "Unpacking and loading components.. ", + "Max HOS: %d.%d.%d\n" + "Unpacking.. ", fss_meta->version >> 24, (fss_meta->version >> 16) & 0xFF, (fss_meta->version >> 8) & 0xFF, fss_meta->git_rev, fss_meta->hos_ver >> 24, (fss_meta->hos_ver >> 16) & 0xFF, (fss_meta->hos_ver >> 8) & 0xFF); - if (!sept_ctxt) - { - ctxt->atmosphere = true; - ctxt->fss0_hosver = fss_meta->hos_ver; - } + ctxt->atmosphere = true; + ctxt->fss0_hosver = fss_meta->hos_ver; // Parse FSS0 contents. fss_content_t *curr_fss_cnt = (fss_content_t *)(fss + fss_meta->cnt_off); @@ -186,84 +181,57 @@ int parse_fss(launch_ctxt_t *ctxt, const char *path, fss0_sept_t *sept_ctxt) if ((curr_fss_cnt[i].flags0 & CNT_FLAG0_EXPERIMENTAL) && !ctxt->fss0_experimental) continue; - // Parse content. - if (!sept_ctxt) + // Prepare content. + switch (curr_fss_cnt[i].type) { - // Prepare content context. - switch (curr_fss_cnt[i].type) - { - case CNT_TYPE_KIP: - if (stock) - continue; - merge_kip_t *mkip1 = (merge_kip_t *)malloc(sizeof(merge_kip_t)); - mkip1->kip1 = content; - list_append(&ctxt->kip1_list, &mkip1->link); - DPRINTF("Loaded %s.kip1 from FSS0 (size %08X)\n", curr_fss_cnt[i].name, curr_fss_cnt[i].size); - break; - - case CNT_TYPE_KRN: - if (stock) - continue; - ctxt->kernel_size = curr_fss_cnt[i].size; - ctxt->kernel = content; - break; - - case CNT_TYPE_EXO: - ctxt->secmon_size = curr_fss_cnt[i].size; - ctxt->secmon = content; - break; - - case CNT_TYPE_EXF: - ctxt->exofatal_size = curr_fss_cnt[i].size; - ctxt->exofatal = content; - break; - - case CNT_TYPE_WBT: - if (h_cfg.t210b01) - continue; - ctxt->warmboot_size = curr_fss_cnt[i].size; - ctxt->warmboot = content; - break; - - default: + case CNT_TYPE_KIP: + if (stock) continue; - } + merge_kip_t *mkip1 = (merge_kip_t *)malloc(sizeof(merge_kip_t)); + mkip1->kip1 = content; + list_append(&ctxt->kip1_list, &mkip1->link); + DPRINTF("Loaded %s.kip1 from FSS0 (size %08X)\n", curr_fss_cnt[i].name, curr_fss_cnt[i].size); + break; - // Load content to launch context. - f_lseek(&fp, curr_fss_cnt[i].offset); - f_read(&fp, content, curr_fss_cnt[i].size, NULL); - } - else - { - // Load sept content directly to launch context. - switch (curr_fss_cnt[i].type) - { - case CNT_TYPE_SP1: - f_lseek(&fp, curr_fss_cnt[i].offset); - f_read(&fp, sept_ctxt->sept_primary, curr_fss_cnt[i].size, NULL); - break; - case CNT_TYPE_SP2: - if (!memcmp(curr_fss_cnt[i].name, (sept_ctxt->kb < KB_FIRMWARE_VERSION_810) ? "septsecondary00" : "septsecondary01", 15)) - { - f_lseek(&fp, curr_fss_cnt[i].offset); - f_read(&fp, sept_ctxt->sept_secondary, curr_fss_cnt[i].size, NULL); - sept_used = 1; - goto out; - } - break; - default: - break; - } + case CNT_TYPE_KRN: + if (stock) + continue; + ctxt->kernel_size = curr_fss_cnt[i].size; + ctxt->kernel = content; + break; + + case CNT_TYPE_EXO: + ctxt->secmon_size = curr_fss_cnt[i].size; + ctxt->secmon = content; + break; + + case CNT_TYPE_EXF: + ctxt->exofatal_size = curr_fss_cnt[i].size; + ctxt->exofatal = content; + break; + + case CNT_TYPE_WBT: + if (h_cfg.t210b01) + continue; + ctxt->warmboot_size = curr_fss_cnt[i].size; + ctxt->warmboot = content; + break; + + default: + continue; } + + // Load content to launch context. + f_lseek(&fp, curr_fss_cnt[i].offset); + f_read(&fp, content, curr_fss_cnt[i].size, NULL); } -out: gfx_printf("Done!\n"); f_close(&fp); _update_r2p(ctxt, path); - return (!sept_ctxt ? 1 : sept_used); + return 1; } f_close(&fp); @@ -271,14 +239,3 @@ out: return 0; } - -int load_sept_from_ffs0(fss0_sept_t *sept_ctxt) -{ - LIST_FOREACH_ENTRY(ini_kv_t, kv, &sept_ctxt->cfg_sec->kvs, link) - { - if (!strcmp("fss0", kv->key)) - return parse_fss(NULL, kv->val, sept_ctxt); - } - - return 0; -} diff --git a/bootloader/hos/fss.h b/bootloader/hos/fss.h index 3f56d7c..e7e23bb 100644 --- a/bootloader/hos/fss.h +++ b/bootloader/hos/fss.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019 CTCaer + * Copyright (c) 2019-2021 CTCaer * * This program is free software; you can redistribute it and/or modify it * under the terms and conditions of the GNU General Public License, @@ -19,16 +19,6 @@ #include "hos.h" -typedef struct _fss0_sept_t -{ - u32 kb; - ini_sec_t *cfg_sec; - void *sept_primary; - void *sept_secondary; - -} fss0_sept_t; - -int parse_fss(launch_ctxt_t *ctxt, const char *path, fss0_sept_t *sept_ctxt); -int load_sept_from_ffs0(fss0_sept_t *sept_ctxt); +int parse_fss(launch_ctxt_t *ctxt, const char *path); #endif diff --git a/bootloader/hos/hos.c b/bootloader/hos/hos.c index 51f4498..73880d8 100644 --- a/bootloader/hos/hos.c +++ b/bootloader/hos/hos.c @@ -22,7 +22,6 @@ #include "hos.h" #include "hos_config.h" -#include "sept.h" #include "secmon_exo.h" #include "../config.h" #include @@ -84,7 +83,7 @@ typedef struct _tsec_keys_t typedef struct _kb_keys_t { - u8 master_keyseed[SE_KEY_128_SIZE]; + u8 master_kekseed[SE_KEY_128_SIZE]; u8 random_data[0x70]; u8 package1_key[SE_KEY_128_SIZE]; } kb_keys_t; @@ -112,12 +111,17 @@ static const u8 cmac_keyseed[SE_KEY_128_SIZE] = static const u8 master_keyseed_retail[SE_KEY_128_SIZE] = { 0xD8, 0xA2, 0x41, 0x0A, 0xC6, 0xC5, 0x90, 0x01, 0xC6, 0x1D, 0x6A, 0x26, 0x7C, 0x51, 0x3F, 0x3C }; -static const u8 master_keyseed_4xx_5xx_610[SE_KEY_128_SIZE] = +static const u8 master_keyseed_4xx[SE_KEY_128_SIZE] = { 0x2D, 0xC1, 0xF4, 0x8D, 0xF3, 0x5B, 0x69, 0x33, 0x42, 0x10, 0xAC, 0x65, 0xDA, 0x90, 0x46, 0x66 }; -static const u8 master_keyseed_620[SE_KEY_128_SIZE] = +static const u8 master_kekseed_620[SE_KEY_128_SIZE] = { 0x37, 0x4B, 0x77, 0x29, 0x59, 0xB4, 0x04, 0x30, 0x81, 0xF6, 0xE5, 0x8C, 0x6D, 0x36, 0x17, 0x9A }; +//!TODO: Update on mkey changes. +static const u8 master_kekseed_t210_max[SE_KEY_128_SIZE] = + { 0x84, 0x67, 0xB6, 0x7F, 0x13, 0x11, 0xAE, 0xE6, 0x58, 0x9B, 0x19, 0xAF, 0x13, 0x6C, 0x80, 0x7A }; // 12.1.0. + +//!TODO: Update on mkey changes. static const u8 master_kekseed_t210b01[][SE_KEY_128_SIZE] = { { 0x77, 0x60, 0x5A, 0xD2, 0xEE, 0x6E, 0xF8, 0x3C, 0x3F, 0x72, 0xE2, 0x59, 0x9D, 0xAC, 0x5E, 0x56 }, // 6.0.0. { 0x1E, 0x80, 0xB8, 0x17, 0x3E, 0xC0, 0x60, 0xAA, 0x11, 0xBE, 0x1A, 0x4A, 0xA6, 0x6F, 0xE4, 0xAE }, // 6.2.0. @@ -131,7 +135,7 @@ static const u8 master_kekseed_t210b01[][SE_KEY_128_SIZE] = { static const u8 console_keyseed[SE_KEY_128_SIZE] = { 0x4F, 0x02, 0x5F, 0x0E, 0xB6, 0x6D, 0x11, 0x0E, 0xDC, 0x32, 0x7D, 0x41, 0x86, 0xC2, 0xF4, 0x78 }; -static const u8 console_keyseed_4xx_5xx[SE_KEY_128_SIZE] = +static const u8 console_keyseed_4xx[SE_KEY_128_SIZE] = { 0x0C, 0x91, 0x09, 0xDB, 0x93, 0x93, 0x07, 0x81, 0x07, 0x3C, 0xC4, 0x16, 0x22, 0x7C, 0x6C, 0x28 }; const u8 package2_keyseed[SE_KEY_128_SIZE] = @@ -214,7 +218,7 @@ bool hos_eks_rw_try(u8 *buf, bool write) return false; } -void hos_eks_get() +static void _hos_eks_get() { // Check if Erista based unit. if (h_cfg.t210b01) @@ -230,11 +234,10 @@ void hos_eks_get() // Decrypt EKS blob. hos_eks_mbr_t *eks = (hos_eks_mbr_t *)(mbr + 0x80); - se_aes_crypt_ecb(14, 0, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t)); + se_aes_crypt_ecb(14, DECRYPT, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t)); // Check if valid and for this unit. - if (eks->magic == HOS_EKS_MAGIC && - (eks->lot0 == FUSE(FUSE_OPT_LOT_CODE_0) || eks->lot0 == FUSE(FUSE_PRIVATE_KEY0))) + if (eks->magic == HOS_EKS_MAGIC && eks->lot0 == FUSE(FUSE_OPT_LOT_CODE_0)) { h_cfg.eks = eks; return; @@ -245,82 +248,63 @@ out: } } -void hos_eks_save(u32 kb) +static void _hos_eks_save(u32 kb) { // Check if Erista based unit. if (h_cfg.t210b01) return; - if (kb >= KB_FIRMWARE_VERSION_700) + // EKS save. Only for 7.0.0 and up. + bool new_eks = false; + if (!h_cfg.eks) { - u32 key_idx = 0; - if (kb >= KB_FIRMWARE_VERSION_810) - key_idx = 1; + h_cfg.eks = calloc(512 , 1); + new_eks = true; + } - bool new_eks = false; - if (!h_cfg.eks) + // If matching blob doesn't exist, create it. + if (h_cfg.eks->enabled < kb) + { + // Read EKS blob. + u8 *mbr = calloc(512 , 1); + if (!hos_eks_rw_try(mbr, false)) { - h_cfg.eks = calloc(512 , 1); - new_eks = true; + if (new_eks) + { + free(h_cfg.eks); + h_cfg.eks = NULL; + } + + goto out; } - // If matching blob doesn't exist, create it. - bool update_eks = key_idx ? (h_cfg.eks->enabled[key_idx] < kb) : !h_cfg.eks->enabled[0]; - // If old EKS version was found, update it. - update_eks |= h_cfg.eks->lot0 != FUSE(FUSE_OPT_LOT_CODE_0); - if (update_eks) - { - // Read EKS blob. - u8 *mbr = calloc(512 , 1); - if (!hos_eks_rw_try(mbr, false)) - { - if (new_eks) - { - free(h_cfg.eks); - h_cfg.eks = NULL; - } + // Get keys. + u8 *keys = (u8 *)calloc(0x2000, 1); + se_get_aes_keys(keys + 0x1000, keys, SE_KEY_128_SIZE); - goto out; - } + // Set magic and personalized info. + h_cfg.eks->magic = HOS_EKS_MAGIC; + h_cfg.eks->enabled = KB_FIRMWARE_VERSION_MAX; + h_cfg.eks->lot0 = FUSE(FUSE_OPT_LOT_CODE_0); - // Get keys. - u8 *keys = (u8 *)calloc(0x2000, 1); - se_get_aes_keys(keys + 0x1000, keys, SE_KEY_128_SIZE); + // Copy new keys. + memcpy(h_cfg.eks->tsec, keys + 12 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); + memcpy(h_cfg.eks->troot, keys + 13 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); + memcpy(h_cfg.eks->troot_dev, keys + 11 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); - // Set magic and personalized info. - h_cfg.eks->magic = HOS_EKS_MAGIC; - h_cfg.eks->enabled[key_idx] = kb; - h_cfg.eks->lot0 = FUSE(FUSE_OPT_LOT_CODE_0); + // Encrypt EKS blob. + u8 *eks = calloc(512 , 1); + memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t)); + se_aes_crypt_ecb(14, ENCRYPT, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t)); - // Copy new keys. - memcpy(h_cfg.eks->dkg, keys + 10 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); - memcpy(h_cfg.eks->dkk, keys + 15 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); + // Write EKS blob to SD. + memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t)); + hos_eks_rw_try(mbr, true); - if (!h_cfg.aes_slots_new) - { - memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 12 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); - memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 13 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); - } - else // New sept slots. - { - memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 13 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); - memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 12 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); - } - - // Encrypt EKS blob. - u8 *eks = calloc(512 , 1); - memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t)); - se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t)); - - // Write EKS blob to SD. - memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t)); - hos_eks_rw_try(mbr, true); - - free(eks); - free(keys); + free(eks); + free(keys); out: - free(mbr); - } + free(mbr); } } @@ -332,12 +316,8 @@ void hos_eks_clear(u32 kb) if (h_cfg.eks && kb >= KB_FIRMWARE_VERSION_700) { - u32 key_idx = 0; - if (kb >= KB_FIRMWARE_VERSION_810) - key_idx = 1; - - // Check if Current Master key is enabled. - if (h_cfg.eks->enabled[key_idx]) + // Check if current Master key is enabled. + if (h_cfg.eks->enabled) { // Read EKS blob. u8 *mbr = calloc(512 , 1); @@ -345,20 +325,17 @@ void hos_eks_clear(u32 kb) goto out; // Disable current Master key version. - h_cfg.eks->enabled[key_idx] = 0; + h_cfg.eks->enabled = 0; // Encrypt EKS blob. u8 *eks = calloc(512 , 1); memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t)); - se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t)); + se_aes_crypt_ecb(14, ENCRYPT, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t)); // Write EKS blob to SD. memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t)); hos_eks_rw_try(mbr, true); - EMC(EMC_SCRATCH0) &= ~EMC_SEPT_RUN; - h_cfg.sept_run = false; - free(eks); out: free(mbr); @@ -369,7 +346,7 @@ out: int hos_keygen_t210b01(u32 kb) { // Use SBK as Device key 4x unsealer and KEK for mkey in T210B01 units. - se_aes_unwrap_key(10, 14, console_keyseed_4xx_5xx); + se_aes_unwrap_key(10, 14, console_keyseed_4xx); // Derive master key. se_aes_unwrap_key(7, 12, &master_kekseed_t210b01[kb - KB_FIRMWARE_VERSION_600]); @@ -381,9 +358,12 @@ int hos_keygen_t210b01(u32 kb) return 1; } -int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, launch_ctxt_t *hos_ctxt) +int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, bool stock, bool is_exo) { + static bool sbk_wiped = false; + u32 retries = 0; + bool use_tsec = false; tsec_keys_t tsec_keys; kb_t *kb_data = (kb_t *)keyblob; @@ -393,76 +373,114 @@ int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, launch_ctxt_t *hos if (h_cfg.t210b01) return hos_keygen_t210b01(kb); - if (kb <= KB_FIRMWARE_VERSION_600) - tsec_ctxt->size = 0xF00; - else if (kb == KB_FIRMWARE_VERSION_620) - tsec_ctxt->size = 0x2900; - else if (kb == KB_FIRMWARE_VERSION_700) - tsec_ctxt->size = 0x3000; - else - tsec_ctxt->size = 0x3300; + // Do Erista keygen. - // Prepare smmu tsec page for 6.2.0. - if (kb == KB_FIRMWARE_VERSION_620) + // SBK is wiped. Try to restore it from fuses. + if (sbk_wiped) { + if (fuse_set_sbk()) + sbk_wiped = false; + else + return 1; // Continue with current SE keys. + } + + // Use HOS EKS if it exists. + _hos_eks_get(); + + // Use tsec keygen for old firmware or if EKS keys do not exist for newer. + if (kb <= KB_FIRMWARE_VERSION_620 || !h_cfg.eks || (h_cfg.eks && h_cfg.eks->enabled < kb)) + use_tsec = true; + + if (kb <= KB_FIRMWARE_VERSION_600) + { + tsec_ctxt->size = 0xF00; + tsec_ctxt->type = TSEC_FW_TYPE_OLD; + } + else if (kb == KB_FIRMWARE_VERSION_620) + { + tsec_ctxt->size = 0x2900; + tsec_ctxt->type = TSEC_FW_TYPE_EMU; + + // Prepare smmu tsec page for 6.2.0. u8 *tsec_paged = (u8 *)page_alloc(3); memcpy(tsec_paged, (void *)tsec_ctxt->fw, tsec_ctxt->size); tsec_ctxt->fw = tsec_paged; } + else if (use_tsec) // 7.0.0+ + { + /* + * 7.0.0/8.1.0 tsec fw are 0x3000/0x3300. + * Unused here because of THK. + */ + + // Use custom TSEC Hovi Keygen firmware. + tsec_ctxt->fw = sd_file_read("bootloader/sys/thk.bin", NULL); + if (!tsec_ctxt->fw) + { + _hos_crit_error("\nFailed to load thk.bin"); + return 0; + } + + tsec_ctxt->size = 0x1F00; + tsec_ctxt->type = TSEC_FW_TYPE_NEW; + } + else if (h_cfg.eks) + { + // EKS found. Set TSEC keys. + se_aes_key_set(12, h_cfg.eks->tsec, SE_KEY_128_SIZE); + se_aes_key_set(13, h_cfg.eks->troot, SE_KEY_128_SIZE); + se_aes_key_set(11, h_cfg.eks->troot_dev, SE_KEY_128_SIZE); + } // Get TSEC key. - if (kb <= KB_FIRMWARE_VERSION_620) + while (use_tsec && tsec_query(&tsec_keys, tsec_ctxt) < 0) { - while (tsec_query(&tsec_keys, kb, tsec_ctxt) < 0) - { - memset(&tsec_keys, 0x00, 0x20); - retries++; + memset(&tsec_keys, 0x00, 0x20); + retries++; - // We rely on racing conditions, make sure we cover even the unluckiest cases. - if (retries > 15) - { - _hos_crit_error("\nFailed to get TSEC keys. Please try again."); - return 0; - } + // We rely on racing conditions, make sure we cover even the unluckiest cases. + if (retries > 15) + { + _hos_crit_error("\nFailed to get TSEC keys. Please try again."); + return 0; } } if (kb >= KB_FIRMWARE_VERSION_700) { - // Use HOS EKS if it exists. - u32 key_idx = 0; - if (kb >= KB_FIRMWARE_VERSION_810) - key_idx = 1; - - if (h_cfg.eks && h_cfg.eks->enabled[key_idx] >= kb) + // For 7.0.0 and up, save EKS slot if it doesn't exist. + if (use_tsec) { - // Set Device keygen key to slot 10. - se_aes_key_set(10, h_cfg.eks->dkg, SE_KEY_128_SIZE); - // Set Device key to slot 15. - se_aes_key_set(15, h_cfg.eks->dkk, SE_KEY_128_SIZE); - - if (!h_cfg.aes_slots_new) - { - // Set Master key to slot 12. - se_aes_key_set(12, h_cfg.eks->keys[key_idx].mkk, SE_KEY_128_SIZE); - // Set FW Device key key to slot 13. - se_aes_key_set(13, h_cfg.eks->keys[key_idx].fdk, SE_KEY_128_SIZE); - // Lock FDK. - se_key_acc_ctrl(13, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG); - } - else // New exosphere. - { - // Set Master key to slot 13. - se_aes_key_set(13, h_cfg.eks->keys[key_idx].mkk, SE_KEY_128_SIZE); - // Set FW Device key key to slot 12. - se_aes_key_set(12, h_cfg.eks->keys[key_idx].fdk, SE_KEY_128_SIZE); - // Lock FDK. - se_key_acc_ctrl(12, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG); - } + _hos_eks_save(kb); + free(tsec_ctxt->fw); } - se_aes_key_clear(8); - se_aes_unwrap_key(8, !h_cfg.aes_slots_new ? 12 : 13, package2_keyseed); + if (!is_exo) + { + // Derive Package2 key in secmon compatible way. + se_aes_unwrap_key(7, 13, master_kekseed_t210_max); + se_aes_unwrap_key(7, 7, master_keyseed_retail); + se_aes_unwrap_key(8, 7, package2_keyseed); + } + else + { + se_aes_crypt_block_ecb(12, DECRYPT, tsec_keys.tmp, keyblob_keyseeds[0]); + se_aes_unwrap_key(15, 14, tsec_keys.tmp); + + // Derive device keys. + se_aes_unwrap_key(10, 15, console_keyseed_4xx); + se_aes_unwrap_key(15, 15, console_keyseed); + + // Derive master kek. + se_aes_unwrap_key(13, 13, master_kekseed_t210_max); + + // Derive device master key and master key. + se_aes_unwrap_key(12, 13, master_keyseed_4xx); + se_aes_unwrap_key(13, 13, master_keyseed_retail); + + // Package2 key. + se_aes_unwrap_key(8, 13, package2_keyseed); + } } else if (kb == KB_FIRMWARE_VERSION_620) { @@ -471,39 +489,33 @@ int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, launch_ctxt_t *hos // Set TSEC root key. se_aes_key_set(13, tsec_keys.tsec_root, SE_KEY_128_SIZE); - if (!(emu_cfg.enabled && !h_cfg.emummc_force_disable) && hos_ctxt->stock) + if (!is_exo) { - // Package2 key. + // Derive Package2 key in secmon compatible way. se_aes_key_set(8, tsec_keys.tsec_root, SE_KEY_128_SIZE); - se_aes_unwrap_key(8, 8, master_keyseed_620); + se_aes_unwrap_key(8, 8, master_kekseed_620); se_aes_unwrap_key(8, 8, master_keyseed_retail); se_aes_unwrap_key(8, 8, package2_keyseed); } else { - // Decrypt keyblob and set keyslots - se_aes_crypt_block_ecb(12, 0, tsec_keys.tmp, keyblob_keyseeds[0]); + // Decrypt keyblob and set keyslots for Exosphere 2. + se_aes_crypt_block_ecb(12, DECRYPT, tsec_keys.tmp, keyblob_keyseeds[0]); se_aes_unwrap_key(15, 14, tsec_keys.tmp); - se_aes_unwrap_key(10, 15, console_keyseed_4xx_5xx); + + // Derive device keys. + se_aes_unwrap_key(10, 15, console_keyseed_4xx); se_aes_unwrap_key(15, 15, console_keyseed); - se_aes_unwrap_key(13, 13, master_keyseed_620); + // Derive master kek. + se_aes_unwrap_key(13, 13, master_kekseed_620); - if (!h_cfg.aes_slots_new) - { - se_aes_unwrap_key(14, 13, master_keyseed_4xx_5xx_610); - se_aes_unwrap_key(12, 13, master_keyseed_retail); - } - else // New exosphere. - { - se_aes_unwrap_key(12, 13, master_keyseed_4xx_5xx_610); - se_aes_unwrap_key(13, 13, master_keyseed_retail); - } + // Derive device master key and master key. + se_aes_unwrap_key(12, 13, master_keyseed_4xx); + se_aes_unwrap_key(13, 13, master_keyseed_retail); // Package2 key. - se_aes_unwrap_key(8, !h_cfg.aes_slots_new ? 12 : 13, package2_keyseed); - - h_cfg.se_keygen_done = 1; + se_aes_unwrap_key(8, 13, package2_keyseed); } } else @@ -515,13 +527,13 @@ int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, launch_ctxt_t *hos se_aes_key_set(13, tsec_keys.tsec, SE_KEY_128_SIZE); // Derive keyblob keys from TSEC+SBK. - se_aes_crypt_block_ecb(13, 0, tsec_keys.tsec, keyblob_keyseeds[0]); + se_aes_crypt_block_ecb(13, DECRYPT, tsec_keys.tsec, keyblob_keyseeds[0]); se_aes_unwrap_key(15, 14, tsec_keys.tsec); - se_aes_crypt_block_ecb(13, 0, tsec_keys.tsec, keyblob_keyseeds[kb]); + se_aes_crypt_block_ecb(13, DECRYPT, tsec_keys.tsec, keyblob_keyseeds[kb]); se_aes_unwrap_key(13, 14, tsec_keys.tsec); // Clear SBK. - se_aes_key_clear(14); + //se_aes_key_clear(14); /* // Verify keyblob CMAC. @@ -532,18 +544,18 @@ int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, launch_ctxt_t *hos return 0; */ - se_aes_crypt_block_ecb(13, 0, tsec_keys.tsec, cmac_keyseed); + se_aes_crypt_block_ecb(13, DECRYPT, tsec_keys.tsec, cmac_keyseed); se_aes_unwrap_key(11, 13, cmac_keyseed); // Decrypt keyblob and set keyslots. - se_aes_crypt_ctr(13, &kb_data->keys, sizeof(kb_data->keys), &kb_data->keys, sizeof(kb_data->keys), kb_data->ctr); + se_aes_crypt_ctr(13, &kb_data->keys, sizeof(kb_keys_t), &kb_data->keys, sizeof(kb_keys_t), kb_data->ctr); se_aes_key_set(11, kb_data->keys.package1_key, SE_KEY_128_SIZE); - se_aes_key_set(12, kb_data->keys.master_keyseed, SE_KEY_128_SIZE); - se_aes_key_set(13, kb_data->keys.master_keyseed, SE_KEY_128_SIZE); + se_aes_key_set(12, kb_data->keys.master_kekseed, SE_KEY_128_SIZE); + se_aes_key_set(13, kb_data->keys.master_kekseed, SE_KEY_128_SIZE); - se_aes_crypt_block_ecb(12, 0, tsec_keys.tsec, master_keyseed_retail); + se_aes_crypt_block_ecb(12, DECRYPT, tsec_keys.tsec, master_keyseed_retail); - if (!h_cfg.aes_slots_new) + if (!is_exo) { switch (kb) { @@ -554,31 +566,33 @@ int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, launch_ctxt_t *hos se_aes_unwrap_key(12, 12, master_keyseed_retail); break; case KB_FIRMWARE_VERSION_400: - se_aes_unwrap_key(13, 15, console_keyseed_4xx_5xx); + se_aes_unwrap_key(13, 15, console_keyseed_4xx); se_aes_unwrap_key(15, 15, console_keyseed); - se_aes_unwrap_key(14, 12, master_keyseed_4xx_5xx_610); + se_aes_unwrap_key(14, 12, master_keyseed_4xx); se_aes_unwrap_key(12, 12, master_keyseed_retail); + sbk_wiped = true; break; case KB_FIRMWARE_VERSION_500: case KB_FIRMWARE_VERSION_600: - se_aes_unwrap_key(10, 15, console_keyseed_4xx_5xx); + se_aes_unwrap_key(10, 15, console_keyseed_4xx); se_aes_unwrap_key(15, 15, console_keyseed); - se_aes_unwrap_key(14, 12, master_keyseed_4xx_5xx_610); + se_aes_unwrap_key(14, 12, master_keyseed_4xx); se_aes_unwrap_key(12, 12, master_keyseed_retail); + sbk_wiped = true; break; } } - else // New exosphere. + else // Exosphere 2. { - se_aes_unwrap_key(10, 15, console_keyseed_4xx_5xx); + se_aes_unwrap_key(10, 15, console_keyseed_4xx); se_aes_unwrap_key(15, 15, console_keyseed); se_aes_unwrap_key(13, 12, master_keyseed_retail); - se_aes_unwrap_key(12, 12, master_keyseed_4xx_5xx_610); + se_aes_unwrap_key(12, 12, master_keyseed_4xx); } // Package2 key. se_key_acc_ctrl(8, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG); - se_aes_unwrap_key(8, !h_cfg.aes_slots_new ? 12 : 13, package2_keyseed); + se_aes_unwrap_key(8, !is_exo ? 12 : 13, package2_keyseed); } return 1; @@ -722,14 +736,12 @@ int hos_launch(ini_sec_t *cfg) u8 kb; u32 secmon_base; u32 warmboot_base; - launch_ctxt_t ctxt; - bool exo_new = false; - tsec_ctxt_t tsec_ctxt; + bool is_exo = false; + launch_ctxt_t ctxt = {0}; + tsec_ctxt_t tsec_ctxt = {0}; volatile secmon_mailbox_t *secmon_mailbox; minerva_change_freq(FREQ_1600); - memset(&ctxt, 0, sizeof(launch_ctxt_t)); - memset(&tsec_ctxt, 0, sizeof(tsec_ctxt_t)); list_init(&ctxt.kip1_list); ctxt.cfg = cfg; @@ -780,7 +792,7 @@ int hos_launch(ini_sec_t *cfg) goto error; } - ctxt.atmosphere = true; // Set atmosphere patching in case of Stock emuMMC and no fss0. + ctxt.atmosphere = true; // Set atmosphere patching in case of no fss0. config_kip1patch(&ctxt, "emummc"); } else if (!emu_cfg.enabled && ctxt.emummc_forced) @@ -817,34 +829,22 @@ int hos_launch(ini_sec_t *cfg) gfx_puts("Loaded config, pkg1 and keyblob\n"); - // Check if secmon is new exosphere. + // Check if secmon is exosphere. if (ctxt.secmon) - exo_new = !memcmp((void *)((u8 *)ctxt.secmon + ctxt.secmon_size - 4), "LENY", 4); + is_exo = !memcmp((void *)((u8 *)ctxt.secmon + ctxt.secmon_size - 4), "LENY", 4); const pkg1_id_t *pk1_latest = pkg1_get_latest(); - secmon_base = exo_new ? pk1_latest->secmon_base : ctxt.pkg1_id->secmon_base; - warmboot_base = exo_new ? pk1_latest->warmboot_base : ctxt.pkg1_id->warmboot_base; - h_cfg.aes_slots_new = exo_new; + secmon_base = is_exo ? pk1_latest->secmon_base : ctxt.pkg1_id->secmon_base; + warmboot_base = is_exo ? pk1_latest->warmboot_base : ctxt.pkg1_id->warmboot_base; // Generate keys. - if (!h_cfg.se_keygen_done) - { - tsec_ctxt.fw = (u8 *)ctxt.pkg1 + ctxt.pkg1_id->tsec_off; - tsec_ctxt.pkg1 = ctxt.pkg1; - tsec_ctxt.pkg11_off = ctxt.pkg1_id->pkg11_off; - tsec_ctxt.secmon_base = secmon_base; + tsec_ctxt.fw = (u8 *)ctxt.pkg1 + ctxt.pkg1_id->tsec_off; + tsec_ctxt.pkg1 = ctxt.pkg1; + tsec_ctxt.pkg11_off = ctxt.pkg1_id->pkg11_off; + tsec_ctxt.secmon_base = secmon_base; - if (kb >= KB_FIRMWARE_VERSION_700 && !h_cfg.sept_run) - { - _hos_crit_error("Failed to run sept"); - goto error; - } - - if (!hos_keygen(ctxt.keyblob, kb, &tsec_ctxt, &ctxt)) - goto error; - gfx_puts("Generated keys\n"); - if (kb <= KB_FIRMWARE_VERSION_600) - h_cfg.se_keygen_done = 1; - } + if (!hos_keygen(ctxt.keyblob, kb, &tsec_ctxt, ctxt.stock, is_exo)) + goto error; + gfx_puts("Generated keys\n"); // Decrypt and unpack package1 if we require parts of it. if (!ctxt.warmboot || !ctxt.secmon) @@ -870,7 +870,7 @@ int hos_launch(ini_sec_t *cfg) pk1_offset = sizeof(bl_hdr_t210b01_t); pkg1_unpack((void *)warmboot_base, &ctxt.warmboot_size, - !exo_new ? (void *)ctxt.pkg1_id->secmon_base : NULL, NULL, + !is_exo ? (void *)ctxt.pkg1_id->secmon_base : NULL, NULL, ctxt.pkg1_id, ctxt.pkg1 + pk1_offset); gfx_puts("Decrypted & unpacked pkg1\n"); @@ -929,19 +929,16 @@ int hos_launch(ini_sec_t *cfg) gfx_puts("Read pkg2\n"); // Decrypt package2 and parse KIP1 blobs in INI1 section. - pkg2_hdr_t *pkg2_hdr = pkg2_decrypt(ctxt.pkg2, kb); + pkg2_hdr_t *pkg2_hdr = pkg2_decrypt(ctxt.pkg2, kb, is_exo); if (!pkg2_hdr) { _hos_crit_error("Pkg2 decryption failed!"); - EPRINTFARGS("Is hekate%s updated?", kb >= KB_FIRMWARE_VERSION_700 ? " or Sept" : ""); + EPRINTF("Is hekate updated?"); - // Clear EKS slot, in case something went wrong with sept keygen. - if (kb >= KB_FIRMWARE_VERSION_700) - hos_eks_clear(kb); + // Clear EKS slot, in case something went wrong with tsec keygen. + hos_eks_clear(kb); goto error; } - else if (kb >= KB_FIRMWARE_VERSION_700) - hos_eks_save(kb); // Save EKS slot if it doesn't exist. LIST_INIT(kip1_info); if (!pkg2_parse_kips(&kip1_info, pkg2_hdr, &ctxt.new_pkg2)) @@ -1056,8 +1053,11 @@ int hos_launch(ini_sec_t *cfg) se_aes_key_clear(8); se_aes_key_clear(11); - // Finalize per firmware key access. Skip access control if new exosphere. - switch (kb | (exo_new << 7)) + // Clear derived master key in case of Erista and 7.0.0+ + se_aes_key_clear(9); + + // Finalize per firmware key access. Skip access control if Exosphere 2. + switch (kb | (is_exo << 7)) { case KB_FIRMWARE_VERSION_100: case KB_FIRMWARE_VERSION_300: @@ -1079,7 +1079,7 @@ int hos_launch(ini_sec_t *cfg) } // Clear BCT area for retail units and copy it over if dev unit. - if (kb <= KB_FIRMWARE_VERSION_500 && !exo_new) + if (kb <= KB_FIRMWARE_VERSION_500 && !is_exo) { memset((void *)SECMON_BCT_CFG_ADDR, 0, 0x3000); if (fuse_read_hw_state() == FUSE_NX_HW_STATE_DEV) @@ -1094,19 +1094,19 @@ int hos_launch(ini_sec_t *cfg) free(bootConfigBuf); // Config Exosphère if booting full Atmosphère. - if (ctxt.atmosphere && ctxt.secmon) - config_exosphere(&ctxt, warmboot_base, exo_new); + if (is_exo) + config_exosphere(&ctxt, warmboot_base); // Unmount SD card and eMMC. sd_end(); sdmmc_storage_end(&emmc_storage); // Finalize MC carveout. - if (kb <= KB_FIRMWARE_VERSION_301 && !exo_new) + if (kb <= KB_FIRMWARE_VERSION_301 && !is_exo) mc_config_carveout(); // Lock SE before starting 'SecureMonitor' if < 6.2.0, otherwise lock bootrom and ipatches. - _se_lock(kb <= KB_FIRMWARE_VERSION_600 && !exo_new); + _se_lock(kb <= KB_FIRMWARE_VERSION_600 && !is_exo); // Reset sysctr0 counters. if (kb >= KB_FIRMWARE_VERSION_620) @@ -1116,7 +1116,7 @@ int hos_launch(ini_sec_t *cfg) //pmc_scratch_lock(PMC_SEC_LOCK_LP0_PARAMS); // Set secmon mailbox address and clear it. - if (kb >= KB_FIRMWARE_VERSION_700 || exo_new) + if (kb >= KB_FIRMWARE_VERSION_700 || is_exo) { memset((void *)SECMON7_MAILBOX_ADDR, 0, 0x200); secmon_mailbox = (secmon_mailbox_t *)(SECMON7_MAILBOX_ADDR + SECMON_STATE_OFFSET); @@ -1172,6 +1172,6 @@ int hos_launch(ini_sec_t *cfg) error: sdmmc_storage_end(&emmc_storage); - h_cfg.aes_slots_new = false; + return 0; } diff --git a/bootloader/hos/hos.h b/bootloader/hos/hos.h index 6211d57..7658bc5 100644 --- a/bootloader/hos/hos.h +++ b/bootloader/hos/hos.h @@ -39,12 +39,12 @@ #define KB_FIRMWARE_VERSION_900 9 #define KB_FIRMWARE_VERSION_910 10 #define KB_FIRMWARE_VERSION_1210 11 -#define KB_FIRMWARE_VERSION_MAX KB_FIRMWARE_VERSION_1210 +#define KB_FIRMWARE_VERSION_MAX KB_FIRMWARE_VERSION_1210 //!TODO: Update on mkey changes. #define HOS_PKG11_MAGIC 0x31314B50 -#define HOS_EKS_MAGIC 0x30534B45 +#define HOS_EKS_MAGIC 0x31534B45 // EKS1. -// Use official Mariko secmon when in stock. +// Use official Mariko secmon when in stock. Needs access to TZRAM. //#define HOS_MARIKO_STOCK_SECMON typedef struct _exo_ctxt_t @@ -57,32 +57,18 @@ typedef struct _exo_ctxt_t bool *cal0_allow_writes_sys; } exo_ctxt_t; -typedef struct _hos_eks_keys_t -{ - u8 mkk[SE_KEY_128_SIZE]; - u8 fdk[SE_KEY_128_SIZE]; -} hos_eks_keys_t; - -typedef struct _hos_eks_bis_keys_t -{ - u8 crypt[SE_KEY_128_SIZE]; - u8 tweak[SE_KEY_128_SIZE]; -} hos_eks_bis_keys_t; - typedef struct _hos_eks_mbr_t { u32 magic; - u8 enabled[5]; - u8 enabled_bis; - u8 rsvd[2]; + u32 enabled; u32 lot0; - u8 dkg[SE_KEY_128_SIZE]; - u8 dkk[SE_KEY_128_SIZE]; - hos_eks_keys_t keys[5]; - hos_eks_bis_keys_t bis_keys[3]; + u32 rsvd; + u8 tsec[SE_KEY_128_SIZE]; + u8 troot[SE_KEY_128_SIZE]; + u8 troot_dev[SE_KEY_128_SIZE]; } hos_eks_mbr_t; -static_assert(sizeof(hos_eks_mbr_t) == 304, "HOS EKS size is wrong!"); +static_assert(sizeof(hos_eks_mbr_t) == 64, "HOS EKS size is wrong!"); typedef struct _launch_ctxt_t { @@ -130,10 +116,8 @@ typedef struct _merge_kip_t link_t link; } merge_kip_t; -void hos_eks_get(); -void hos_eks_save(u32 kb); void hos_eks_clear(u32 kb); int hos_launch(ini_sec_t *cfg); -int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, launch_ctxt_t *hos_ctxt); +int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, bool stock, bool is_exo); #endif diff --git a/bootloader/hos/hos_config.c b/bootloader/hos/hos_config.c index 577633c..03bc25f 100644 --- a/bootloader/hos/hos_config.c +++ b/bootloader/hos/hos_config.c @@ -1,6 +1,6 @@ /* * Copyright (c) 2018 naehrwert - * Copyright (c) 2018-2020 CTCaer + * Copyright (c) 2018-2021 CTCaer * * This program is free software; you can redistribute it and/or modify it * under the terms and conditions of the GNU General Public License, @@ -271,7 +271,7 @@ static int _config_fss(launch_ctxt_t *ctxt, const char *value) } } - return parse_fss(ctxt, value, NULL); + return parse_fss(ctxt, value); } static int _config_exo_fatal_payload(launch_ctxt_t *ctxt, const char *value) diff --git a/bootloader/hos/pkg1.c b/bootloader/hos/pkg1.c index e9e55db..6cf4fc6 100644 --- a/bootloader/hos/pkg1.c +++ b/bootloader/hos/pkg1.c @@ -212,7 +212,7 @@ int pkg1_decrypt(const pkg1_id_t *id, u8 *pkg1) // Use BEK for T210B01. // Additionally, skip 0x20 bytes from decryption to maintain the header. se_aes_iv_clear(13); - se_aes_crypt_cbc(13, 0, pkg1 + 0x20, oem_hdr->size - 0x20, pkg1 + 0x20, oem_hdr->size - 0x20); + se_aes_crypt_cbc(13, DECRYPT, pkg1 + 0x20, oem_hdr->size - 0x20, pkg1 + 0x20, oem_hdr->size - 0x20); } // Return if header is valid. diff --git a/bootloader/hos/pkg2.c b/bootloader/hos/pkg2.c index 5b8b7ff..ec636be 100644 --- a/bootloader/hos/pkg2.c +++ b/bootloader/hos/pkg2.c @@ -673,8 +673,11 @@ const char* pkg2_patch_kips(link_t *info, char* patchNames) return NULL; } -static const u8 mkey_vector_8xx[][SE_KEY_128_SIZE] = +//!TODO: Update on mkey changes. +static const u8 mkey_vector_7xx[][SE_KEY_128_SIZE] = { + // Master key 7 encrypted with 8. (7.0.0 with 8.1.0) + { 0xEA, 0x60, 0xB3, 0xEA, 0xCE, 0x8F, 0x24, 0x46, 0x7D, 0x33, 0x9C, 0xD1, 0xBC, 0x24, 0x98, 0x29 }, // Master key 8 encrypted with 9. (8.1.0 with 9.0.0) { 0x4D, 0xD9, 0x98, 0x42, 0x45, 0x0D, 0xB1, 0x3C, 0x52, 0x0C, 0x9A, 0x44, 0xBB, 0xAD, 0xAF, 0x80 }, // Master key 9 encrypted with 10. (9.0.0 with 9.1.0) @@ -686,9 +689,8 @@ static const u8 mkey_vector_8xx[][SE_KEY_128_SIZE] = static bool _pkg2_key_unwrap_validate(pkg2_hdr_t *tmp_test, pkg2_hdr_t *hdr, u8 src_slot, u8 *mkey, const u8 *key_seed) { // Decrypt older encrypted mkey. - se_aes_crypt_ecb(src_slot, 0, mkey, SE_KEY_128_SIZE, key_seed, SE_KEY_128_SIZE); + se_aes_crypt_ecb(src_slot, DECRYPT, mkey, SE_KEY_128_SIZE, key_seed, SE_KEY_128_SIZE); // Set and unwrap pkg2 key. - se_aes_key_clear(9); se_aes_key_set(9, mkey, SE_KEY_128_SIZE); se_aes_unwrap_key(9, 9, package2_keyseed); @@ -700,11 +702,13 @@ static bool _pkg2_key_unwrap_validate(pkg2_hdr_t *tmp_test, pkg2_hdr_t *hdr, u8 } u8 pkg2_keyslot; -pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb) +bool pkg2_broken_keygen_700; +pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb, bool is_exo) { pkg2_hdr_t mkey_test; u8 *pdata = (u8 *)data; pkg2_keyslot = 8; + pkg2_broken_keygen_700 = false; // Skip signature. pdata += 0x100; @@ -714,26 +718,28 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb) // Skip header. pdata += sizeof(pkg2_hdr_t); - // Check if we need to decrypt with newer mkeys. Valid for sept for 8.1.0 and up. + // Check if we need to decrypt with newer mkeys. Valid for THK for 7.0.0 and up. se_aes_crypt_ctr(8, &mkey_test, sizeof(pkg2_hdr_t), hdr, sizeof(pkg2_hdr_t), hdr); if (mkey_test.magic == PKG2_MAGIC) goto key_found; // Decrypt older pkg2 via new mkeys. - if ((kb >= KB_FIRMWARE_VERSION_810) && (kb < KB_FIRMWARE_VERSION_MAX)) + if ((kb >= KB_FIRMWARE_VERSION_700) && (kb < KB_FIRMWARE_VERSION_MAX)) { u8 tmp_mkey[SE_KEY_128_SIZE]; - u8 decr_slot = !h_cfg.t210b01 ? (!h_cfg.aes_slots_new ? 12 : 13) : 7; // Sept mkey or T210B01 mkey. - u8 mkey_seeds_cnt = sizeof(mkey_vector_8xx) / SE_KEY_128_SIZE; + u8 decr_slot = (h_cfg.t210b01 || !is_exo) ? 7 : 13; // THK mkey or T210B01 mkey. + u8 mkey_seeds_cnt = sizeof(mkey_vector_7xx) / SE_KEY_128_SIZE; u8 mkey_seeds_idx = mkey_seeds_cnt; // Real index + 1. u8 mkey_seeds_min_idx = mkey_seeds_cnt - (KB_FIRMWARE_VERSION_MAX - kb); + // Re-encrypt with initial pkg2 key if 7.0.0 and Erista, because of a bug in Exo2. + pkg2_broken_keygen_700 = kb == KB_FIRMWARE_VERSION_700 && decr_slot == 13; while (mkey_seeds_cnt) { // Decrypt and validate mkey. int res = _pkg2_key_unwrap_validate(&mkey_test, hdr, decr_slot, - tmp_mkey, mkey_vector_8xx[mkey_seeds_idx - 1]); + tmp_mkey, mkey_vector_7xx[mkey_seeds_idx - 1]); if (res) { @@ -744,23 +750,18 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb) { // Set current mkey in order to decrypt a lower mkey. mkey_seeds_idx--; - se_aes_key_clear(9); se_aes_key_set(9, tmp_mkey, SE_KEY_128_SIZE); decr_slot = 9; // Temp key. // Check if we tried last key for that pkg2 version. - // And start with a lower mkey in case sept is older. + // And start with a lower mkey in case mkey is older. if (mkey_seeds_idx == mkey_seeds_min_idx) { mkey_seeds_cnt--; mkey_seeds_idx = mkey_seeds_cnt; - decr_slot = !h_cfg.aes_slots_new ? 12 : 13; // Sept mkey. + decr_slot = (h_cfg.t210b01 || !is_exo) ? 7 : 13; // THK mkey or T210B01 mkey. } - - // Out of keys. pkg2 is latest or process failed. - if (!mkey_seeds_cnt) - se_aes_key_clear(9); } } } @@ -785,6 +786,9 @@ DPRINTF("sec %d has size %08X\n", i, hdr->sec_size[i]); pdata += hdr->sec_size[i]; } + if (pkg2_broken_keygen_700) + pkg2_keyslot = 8; + return hdr; } @@ -826,6 +830,7 @@ void pkg2_build_encrypt(void *dst, void *hos_ctxt, link_t *kips_info) launch_ctxt_t * ctxt = (launch_ctxt_t *)hos_ctxt; u32 kernel_size = ctxt->kernel_size; bool is_meso = *(u32 *)(ctxt->kernel + 4) == ATM_MESOSPHERE; + u8 kb = ctxt->pkg1_id->kb; // Force new Package2 if Mesosphere. if (is_meso) @@ -884,15 +889,16 @@ DPRINTF("INI1 encrypted\n"); se_calc_sha256_oneshot(&hdr->sec_sha256[0x20 * PKG2_SEC_INI1], (void *)pk2_hash_data, hdr->sec_size[PKG2_SEC_INI1]); + // Set key version. For Erista 7.0.0, use max because of a bug in Exo2? + u8 key_ver = kb ? kb + 1 : 0; + if (pkg2_broken_keygen_700) + key_ver = KB_FIRMWARE_VERSION_MAX + 1; + //Encrypt header. - u8 key_ver = ctxt->pkg1_id->kb ? ctxt->pkg1_id->kb + 1 : 0; *(u32 *)hdr->ctr = 0x100 + sizeof(pkg2_hdr_t) + kernel_size + ini1_size; hdr->ctr[4] = key_ver; se_aes_crypt_ctr(pkg2_keyslot, hdr, sizeof(pkg2_hdr_t), hdr, sizeof(pkg2_hdr_t), hdr); memset(hdr->ctr, 0 , SE_AES_IV_SIZE); *(u32 *)hdr->ctr = 0x100 + sizeof(pkg2_hdr_t) + kernel_size + ini1_size; hdr->ctr[4] = key_ver; - - if (pkg2_keyslot != 8) - se_aes_key_clear(9); } diff --git a/bootloader/hos/pkg2.h b/bootloader/hos/pkg2.h index 5d0f5f3..8a63a86 100644 --- a/bootloader/hos/pkg2.h +++ b/bootloader/hos/pkg2.h @@ -156,7 +156,7 @@ void pkg2_get_ids(kip1_id_t **ids, u32 *entries); const char* pkg2_patch_kips(link_t *info, char* patchNames); const pkg2_kernel_id_t *pkg2_identify(u8 *hash); -pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb); +pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb, bool is_exo); void pkg2_build_encrypt(void *dst, void *hos_ctxt, link_t *kips_info); #endif diff --git a/bootloader/hos/sept.c b/bootloader/hos/sept.c deleted file mode 100644 index ac34528..0000000 --- a/bootloader/hos/sept.c +++ /dev/null @@ -1,278 +0,0 @@ -/* - * Copyright (c) 2019-2021 CTCaer - * - * This program is free software; you can redistribute it and/or modify it - * under the terms and conditions of the GNU General Public License, - * version 2, as published by the Free Software Foundation. - * - * This program is distributed in the hope it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -#include - -#include "hos.h" -#include "fss.h" -#include "sept.h" -#include "../config.h" -#include -#include -#include -#include -#include -#include -#include -#include "../storage/emummc.h" -#include "../storage/nx_emmc.h" -#include -#include -#include -#include -#include - -#include - -#define RELOC_META_OFF 0x7C -#define PATCHED_RELOC_SZ 0x94 - -#define WB_RST_ADDR 0x40010ED0 -#define WB_RST_SIZE 0x30 - -u8 warmboot_reboot[] = { - 0x14, 0x00, 0x9F, 0xE5, // LDR R0, =0x7000E450 - 0x01, 0x10, 0xB0, 0xE3, // MOVS R1, #1 - 0x00, 0x10, 0x80, 0xE5, // STR R1, [R0] - 0x0C, 0x00, 0x9F, 0xE5, // LDR R0, =0x7000E400 - 0x10, 0x10, 0xB0, 0xE3, // MOVS R1, #0x10 - 0x00, 0x10, 0x80, 0xE5, // STR R1, [R0] - 0xFE, 0xFF, 0xFF, 0xEA, // LOOP - 0x50, 0xE4, 0x00, 0x70, // #0x7000E450 - 0x00, 0xE4, 0x00, 0x70 // #0x7000E400 -}; - -#define SEPT_PRI_ADDR 0x4003F000 -#define SEPT_PRI_ENTRY 0x40010340 - -#define SEPT_PK1T_ADDR 0xC0400000 -#define SEPT_TCSZ_ADDR (SEPT_PK1T_ADDR - 0x4) -#define SEPT_STG1_ADDR (SEPT_PK1T_ADDR + 0x2E100) -#define SEPT_STG2_ADDR (SEPT_PK1T_ADDR + 0x60E0) -#define SEPT_PKG_SZ (0x2F100 + WB_RST_SIZE) - -extern boot_cfg_t b_cfg; -extern hekate_config h_cfg; -extern const volatile ipl_ver_meta_t ipl_ver; - -extern bool is_ipl_updated(void *buf); -extern void reloc_patcher(u32 payload_dst, u32 payload_src, u32 payload_size); - -void check_sept(ini_sec_t *cfg_sec) -{ - if (h_cfg.t210b01) - { - h_cfg.sept_run = true; - return; - } - - hos_eks_get(); - - // Check if non-hekate payload is used for sept and restore it. - if (h_cfg.sept_run) - { - if (!f_stat("sept/payload.bak", NULL)) - { - f_unlink("sept/payload.bin"); - f_rename("sept/payload.bak", "sept/payload.bin"); - } - - return; - } - - u8 *pkg1 = (u8 *)calloc(1, 0x40000); - - int res = emummc_storage_init_mmc(); - if (res) - { - if (res == 2) - EPRINTF("Failed to init eMMC."); - else - EPRINTF("Failed to init emuMMC."); - - goto out_free; - } - - emummc_storage_set_mmc_partition(EMMC_BOOT0); - - // Read package1. - emummc_storage_read(0x100000 / NX_EMMC_BLOCKSIZE, 0x40000 / NX_EMMC_BLOCKSIZE, pkg1); - const pkg1_id_t *pkg1_id = pkg1_identify(pkg1); - if (!pkg1_id) - { - EPRINTF("Unknown pkg1 version."); - goto out_free; - } - - if (pkg1_id->kb >= KB_FIRMWARE_VERSION_700 && !h_cfg.sept_run) - { - u32 key_idx = 0; - if (pkg1_id->kb >= KB_FIRMWARE_VERSION_810) - key_idx = 1; - - if (h_cfg.eks && h_cfg.eks->enabled[key_idx] >= pkg1_id->kb) - { - h_cfg.sept_run = true; - goto out_free; - } - - u8 *bct_bldr = (u8 *)calloc(1, 512); - sdmmc_storage_read(&emmc_storage, 0x2200 / NX_EMMC_BLOCKSIZE, 1, bct_bldr); - u32 bootloader_entrypoint = *(u32 *)&bct_bldr[0x144]; - free(bct_bldr); - if (bootloader_entrypoint > SEPT_PRI_ENTRY) - { - gfx_con.mute = false; - EPRINTF("Failed to run sept\n""Main BCT is improper!\nRun sept with proper BCT at least once\nto cache keys."); - gfx_printf("\nPress any key...\n"); - display_backlight_brightness(h_cfg.backlight, 1000); - msleep(500); - btn_wait(); - goto out_free; - } - - sdmmc_storage_end(&emmc_storage); - reboot_to_sept((u8 *)pkg1 + pkg1_id->tsec_off, pkg1_id->kb, cfg_sec); - } - -out_free: - free(pkg1); - sdmmc_storage_end(&emmc_storage); -} - -int reboot_to_sept(const u8 *tsec_fw, u32 kb, ini_sec_t *cfg_sec) -{ - FIL fp; - bool fss0_sept_used = false; - - // Copy warmboot reboot code and TSEC fw. - u32 tsec_fw_size = 0x3000; - if (kb > KB_FIRMWARE_VERSION_700) - tsec_fw_size = 0x3300; - memcpy((u8 *)(SEPT_PK1T_ADDR - WB_RST_SIZE), (u8 *)warmboot_reboot, sizeof(warmboot_reboot)); - memcpy((void *)SEPT_PK1T_ADDR, tsec_fw, tsec_fw_size); - *(vu32 *)SEPT_TCSZ_ADDR = tsec_fw_size; - - if (cfg_sec) - { - fss0_sept_t sept_ctxt; - sept_ctxt.kb = kb; - sept_ctxt.cfg_sec = cfg_sec; - sept_ctxt.sept_primary = (void *)SEPT_STG1_ADDR; - sept_ctxt.sept_secondary = (void *)SEPT_STG2_ADDR; - - fss0_sept_used = load_sept_from_ffs0(&sept_ctxt); - } - - if (!fss0_sept_used) - { - // Copy sept-primary. - if (f_open(&fp, "sept/sept-primary.bin", FA_READ)) - goto error; - - if (f_read(&fp, (u8 *)SEPT_STG1_ADDR, f_size(&fp), NULL)) - { - f_close(&fp); - goto error; - } - f_close(&fp); - - // Copy sept-secondary. - if (kb < KB_FIRMWARE_VERSION_810) - { - if (f_open(&fp, "sept/sept-secondary_00.enc", FA_READ)) - goto error; - } - else - { - if (f_open(&fp, "sept/sept-secondary_01.enc", FA_READ)) - goto error; - } - - if (f_read(&fp, (u8 *)SEPT_STG2_ADDR, f_size(&fp), NULL)) - { - f_close(&fp); - goto error; - } - f_close(&fp); - } - - b_cfg.boot_cfg |= (BOOT_CFG_AUTOBOOT_EN | BOOT_CFG_SEPT_RUN); - - bool update_sept_payload = true; - if (!f_open(&fp, "sept/payload.bin", FA_READ | FA_WRITE)) - { - ipl_ver_meta_t tmp_ver; - f_lseek(&fp, PATCHED_RELOC_SZ + sizeof(boot_cfg_t)); - f_read(&fp, &tmp_ver, sizeof(ipl_ver_meta_t), NULL); - - if (tmp_ver.magic == ipl_ver.magic) - { - if (tmp_ver.version == ipl_ver.version) - { - // Save auto boot config to sept payload, if any. - boot_cfg_t *tmp_cfg = malloc(sizeof(boot_cfg_t)); - memcpy(tmp_cfg, &b_cfg, sizeof(boot_cfg_t)); - f_lseek(&fp, PATCHED_RELOC_SZ); - f_write(&fp, tmp_cfg, sizeof(boot_cfg_t), NULL); - update_sept_payload = false; - } - - f_close(&fp); - } - else - { - f_close(&fp); - f_rename("sept/payload.bin", "sept/payload.bak"); // Backup foreign payload. - } - } - - if (update_sept_payload) - { - volatile reloc_meta_t *reloc = (reloc_meta_t *)(IPL_LOAD_ADDR + RELOC_META_OFF); - f_mkdir("sept"); - f_open(&fp, "sept/payload.bin", FA_WRITE | FA_CREATE_ALWAYS); - f_write(&fp, (u8 *)reloc->start, reloc->end - reloc->start, NULL); - f_close(&fp); - } - - sd_end(); - - u32 pk1t_sept = SEPT_PK1T_ADDR - (ALIGN(PATCHED_RELOC_SZ, 0x10) + WB_RST_SIZE); - - void (*sept)() = (void *)pk1t_sept; - - reloc_patcher(WB_RST_ADDR, pk1t_sept, SEPT_PKG_SZ); - - // Patch SDRAM init to perform an SVC immediately after second write. - PMC(APBDEV_PMC_SCRATCH45) = 0x2E38DFFF; - PMC(APBDEV_PMC_SCRATCH46) = 0x6001DC28; - // Set SVC handler to jump to sept-primary in IRAM. - PMC(APBDEV_PMC_SCRATCH33) = SEPT_PRI_ADDR; - PMC(APBDEV_PMC_SCRATCH40) = 0x6000F208; - - hw_reinit_workaround(false, 0); - - (*sept)(); - -error: - gfx_con.mute = false; - EPRINTF("Failed to run sept\n"); - - btn_wait(); - - return 0; -} \ No newline at end of file diff --git a/bootloader/hos/sept.h b/bootloader/hos/sept.h deleted file mode 100644 index 2db6b78..0000000 --- a/bootloader/hos/sept.h +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright (c) 2019 CTCaer - * - * This program is free software; you can redistribute it and/or modify it - * under the terms and conditions of the GNU General Public License, - * version 2, as published by the Free Software Foundation. - * - * This program is distributed in the hope it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -#ifndef _SEPT_H_ -#define _SEPT_H_ - -#include - -void check_sept(ini_sec_t *cfg_sec); -int reboot_to_sept(const u8 *tsec_fw, u32 kb, ini_sec_t *cfg_sec); - -#endif diff --git a/bootloader/main.c b/bootloader/main.c index 107234f..e08b39c 100644 --- a/bootloader/main.c +++ b/bootloader/main.c @@ -28,7 +28,6 @@ #include "gfx/tui.h" #include "hos/hos.h" #include "hos/secmon_exo.h" -#include "hos/sept.h" #include #include #include @@ -489,9 +488,6 @@ void ini_list_launcher() goto wrong_emupath; } - if (cfg_sec && !payload_path) - check_sept(cfg_sec); - if (!cfg_sec) { free(ments); @@ -630,9 +626,6 @@ void launch_firmware() goto wrong_emupath; } - if (cfg_sec && !payload_path) - check_sept(cfg_sec); - if (!cfg_sec) { free(ments); @@ -720,12 +713,6 @@ void nyx_load_run() nyx_str->cfg = 0; if (b_cfg.extra_cfg) { - if (b_cfg.extra_cfg & EXTRA_CFG_NYX_SEPT) - { - b_cfg.extra_cfg &= ~(EXTRA_CFG_NYX_SEPT); - nyx_str->cfg |= NYX_CFG_SEPT; - nyx_str->cfg |= b_cfg.sept << 24; - } if (b_cfg.extra_cfg & EXTRA_CFG_NYX_UMS) { b_cfg.extra_cfg &= ~(EXTRA_CFG_NYX_UMS); @@ -804,24 +791,6 @@ static void _bootloader_corruption_protect() static void _auto_launch_firmware() { - if(b_cfg.extra_cfg & EXTRA_CFG_NYX_SEPT) - { - if (!h_cfg.sept_run) - EMC(EMC_SCRATCH0) |= EMC_HEKA_UPD; - check_sept(NULL); - } - - if (!h_cfg.sept_run) - auto_launch_update(); - - u8 *BOOTLOGO = NULL; - char *payload_path = NULL; - char *emummc_path = NULL; - u32 btn = 0; - bool boot_from_id = (b_cfg.boot_cfg & BOOT_CFG_FROM_ID) && (b_cfg.boot_cfg & BOOT_CFG_AUTOBOOT_EN); - if (boot_from_id) - b_cfg.id[7] = 0; - struct _bmp_data { u32 size; @@ -832,14 +801,19 @@ static void _auto_launch_firmware() u32 pos_y; }; - struct _bmp_data bmpData; - bool bootlogoFound = false; + char *emummc_path = NULL; char *bootlogoCustomEntry = NULL; + ini_sec_t *cfg_sec = NULL; + + auto_launch_update(); + + bool boot_from_id = (b_cfg.boot_cfg & BOOT_CFG_FROM_ID) && (b_cfg.boot_cfg & BOOT_CFG_AUTOBOOT_EN); + if (boot_from_id) + b_cfg.id[7] = 0; if (!(b_cfg.boot_cfg & BOOT_CFG_FROM_LAUNCH)) gfx_con.mute = true; - ini_sec_t *cfg_sec = NULL; LIST_INIT(ini_sections); LIST_INIT(ini_list_sections); @@ -883,17 +857,12 @@ static void _auto_launch_firmware() } boot_entry_id++; - // Override autoboot, otherwise save it for a possbile sept run. + // Override autoboot. if (b_cfg.boot_cfg & BOOT_CFG_AUTOBOOT_EN) { h_cfg.autoboot = b_cfg.autoboot; h_cfg.autoboot_list = b_cfg.autoboot_list; } - else - { - b_cfg.autoboot = h_cfg.autoboot; - b_cfg.autoboot_list = h_cfg.autoboot_list; - } // Apply bootloader protection against corruption. _bootloader_corruption_protect(); @@ -983,9 +952,13 @@ skip_list: goto out; u8 *bitmap = NULL; - if (!(b_cfg.boot_cfg & BOOT_CFG_FROM_LAUNCH) && h_cfg.bootwait && !h_cfg.sept_run) + struct _bmp_data bmpData; + bool bootlogoFound = false; + if (!(b_cfg.boot_cfg & BOOT_CFG_FROM_LAUNCH) && h_cfg.bootwait) { u32 fsize; + u8 *BOOTLOGO = NULL; + if (bootlogoCustomEntry) // Check if user set custom logo path at the boot entry. bitmap = (u8 *)sd_file_read(bootlogoCustomEntry, &fsize); @@ -1035,6 +1008,7 @@ skip_list: { gfx_render_bmp_argb((u32 *)BOOTLOGO, bmpData.size_x, bmpData.size_y, bmpData.pos_x, bmpData.pos_y); + free(BOOTLOGO); } else { @@ -1048,19 +1022,19 @@ skip_list: if (b_cfg.boot_cfg & BOOT_CFG_FROM_LAUNCH) display_backlight_brightness(h_cfg.backlight, 0); - else if (!h_cfg.sept_run && h_cfg.bootwait) + else if (h_cfg.bootwait) display_backlight_brightness(h_cfg.backlight, 1000); // Wait before booting. If VOL- is pressed go into bootloader menu. - if (!h_cfg.sept_run && !(b_cfg.boot_cfg & BOOT_CFG_FROM_LAUNCH)) + if (!(b_cfg.boot_cfg & BOOT_CFG_FROM_LAUNCH)) { - btn = btn_wait_timeout_single(h_cfg.bootwait * 1000, BTN_VOL_DOWN | BTN_SINGLE); + u32 btn = btn_wait_timeout_single(h_cfg.bootwait * 1000, BTN_VOL_DOWN | BTN_SINGLE); if (btn & BTN_VOL_DOWN) goto out; } - payload_path = ini_check_payload_section(cfg_sec); + char *payload_path = ini_check_payload_section(cfg_sec); if (payload_path) { @@ -1079,7 +1053,6 @@ skip_list: goto wrong_emupath; } - check_sept(cfg_sec); hos_launch(cfg_sec); wrong_emupath: @@ -1105,7 +1078,6 @@ out: // Clear boot reasons from binary. if (b_cfg.boot_cfg & (BOOT_CFG_FROM_ID | BOOT_CFG_TO_EMUMMC)) memset(b_cfg.xt_str, 0, sizeof(b_cfg.xt_str)); - b_cfg.boot_cfg &= BOOT_CFG_SEPT_RUN; h_cfg.emummc_force_disable = false; // L4T: Clear custom boot mode flags from PMC_SCRATCH0. diff --git a/nyx/nyx_gui/config.c b/nyx/nyx_gui/config.c index 4906b06..538439a 100644 --- a/nyx/nyx_gui/config.c +++ b/nyx/nyx_gui/config.c @@ -38,7 +38,6 @@ void set_default_configuration() h_cfg.autoboot = 0; h_cfg.autoboot_list = 0; h_cfg.bootwait = 3; - h_cfg.se_keygen_done = 0; h_cfg.backlight = 100; h_cfg.autohosoff = 0; h_cfg.autonogc = 1; @@ -46,10 +45,7 @@ void set_default_configuration() h_cfg.bootprotect = 0; h_cfg.errors = 0; h_cfg.eks = NULL; - h_cfg.sept_run = EMC(EMC_SCRATCH0) & EMC_SEPT_RUN; - h_cfg.aes_slots_new = false; h_cfg.rcm_patched = fuse_check_patched_rcm(); - h_cfg.sbk_set = FUSE(FUSE_PRIVATE_KEY0) == 0xFFFFFFFF; h_cfg.emummc_force_disable = false; h_cfg.t210b01 = hw_get_chip_id() == GP_HIDREV_MAJOR_T210B01; diff --git a/nyx/nyx_gui/config.h b/nyx/nyx_gui/config.h index b1c940c..aa23dec 100644 --- a/nyx/nyx_gui/config.h +++ b/nyx/nyx_gui/config.h @@ -33,12 +33,8 @@ typedef struct _hekate_config u32 bootprotect; // Global temporary config. bool t210b01; - bool se_keygen_done; - bool sept_run; - bool aes_slots_new; bool emummc_force_disable; bool rcm_patched; - bool sbk_set; u32 errors; hos_eks_mbr_t *eks; } hekate_config; diff --git a/nyx/nyx_gui/frontend/fe_emummc_tools.c b/nyx/nyx_gui/frontend/fe_emummc_tools.c index bfeda16..e46bd33 100644 --- a/nyx/nyx_gui/frontend/fe_emummc_tools.c +++ b/nyx/nyx_gui/frontend/fe_emummc_tools.c @@ -23,7 +23,6 @@ #include "gui.h" #include "fe_emummc_tools.h" -#include "../hos/sept.h" #include "../config.h" #include #include @@ -752,133 +751,18 @@ static int _dump_emummc_raw_part(emmc_tool_gui_t *gui, int active_part, int part return 1; } -u32 kb = 0; -u8 *tsec_fw = NULL; -bool sept_error = false; - -static lv_res_t _emummc_raw_check_sept_action(lv_obj_t *btns, const char * txt) -{ - int btn_idx = lv_btnm_get_pressed(btns); - - mbox_action(btns, txt); - - if (btn_idx == 1 && !sept_error) - { - // Set boot cfg. - b_cfg->autoboot = 0; - b_cfg->autoboot_list = 0; - b_cfg->extra_cfg = EXTRA_CFG_NYX_SEPT; - b_cfg->sept = NYX_SEPT_EMUF; - - sd_mount(); - reboot_to_sept(tsec_fw, kb); - } - - return LV_RES_INV; -} - -static int _emummc_raw_check_sept(emmc_tool_gui_t *gui, u32 resized_count) +static int _emummc_raw_derive_bis_keys(emmc_tool_gui_t *gui, u32 resized_count) { if (!resized_count) return 1; - bool sept_needed = false; - sept_error = false; - tsec_fw = NULL; + bool error = false; char *txt_buf = (char *)malloc(0x4000); txt_buf[0] = 0; - // Read package1. - static const u32 BOOTLOADER_SIZE = 0x40000; - static const u32 BOOTLOADER_MAIN_OFFSET = 0x100000; - static const u32 BOOTLOADER_BACKUP_OFFSET = 0x140000; - static const u32 HOS_KEYBLOBS_OFFSET = 0x180000; - - u32 bootloader_offset = BOOTLOADER_MAIN_OFFSET; - u32 pk1_offset = h_cfg.t210b01 ? sizeof(bl_hdr_t210b01_t) : 0; // Skip T210B01 OEM header. - u8 *pkg1 = (u8 *)malloc(BOOTLOADER_SIZE); - - sdmmc_storage_set_mmc_partition(&emmc_storage, EMMC_BOOT0); - -try_load: - sdmmc_storage_read(&emmc_storage, bootloader_offset / NX_EMMC_BLOCKSIZE, BOOTLOADER_SIZE / NX_EMMC_BLOCKSIZE, pkg1); - - char *build_date = malloc(32); - const pkg1_id_t *pkg1_id = pkg1_identify(pkg1 + pk1_offset, build_date); - - s_printf(txt_buf + strlen(txt_buf), "#00DDFF Found pkg1 ('%s')#\n", build_date); - free(build_date); - - if (!pkg1_id) - { - strcat(txt_buf, "#FFDD00 Unknown pkg1 version!#\n"); - // Try backup bootloader. - if (bootloader_offset != BOOTLOADER_BACKUP_OFFSET) - { - strcat(txt_buf, "Trying backup bootloader...\n"); - bootloader_offset = BOOTLOADER_BACKUP_OFFSET; - goto try_load; - } - - sept_error = true; - goto out; - } - - kb = pkg1_id->kb; - - // Skip if Mariko. - if (h_cfg.t210b01) - goto bis_derivation; - - tsec_ctxt_t tsec_ctxt; - tsec_ctxt.fw = (u8 *)pkg1 + pkg1_id->tsec_off; - tsec_ctxt.pkg1 = pkg1; - tsec_ctxt.pkg11_off = pkg1_id->pkg11_off; - tsec_ctxt.secmon_base = pkg1_id->secmon_base; - - // Get keys. - hos_eks_get(); - if (kb >= KB_FIRMWARE_VERSION_700 && !h_cfg.sept_run) - { - u32 key_idx = 0; - if (kb >= KB_FIRMWARE_VERSION_810) - key_idx = 1; - - if (h_cfg.eks && h_cfg.eks->enabled[key_idx] >= kb) - h_cfg.sept_run = true; - else - { - // Check that BCT is proper so sept can run. - u8 *bct_bldr = (u8 *)calloc(1, 512); - sdmmc_storage_read(&emmc_storage, 0x2200 / NX_EMMC_BLOCKSIZE, 1, bct_bldr); - u32 bootloader_entrypoint = *(u32 *)&bct_bldr[0x144]; - free(bct_bldr); - if (bootloader_entrypoint > SEPT_PRI_ENTRY) - { - strcpy(txt_buf, "#FFDD00 Failed to run sept because main BCT is improper!#\n" - "#FFDD00 Run sept with proper BCT at least once to cache keys.#\n"); - sept_error = true; - goto out; - } - - // Set TSEC fw. - tsec_fw = (u8 *)tsec_ctxt.fw; - - sept_needed = true; - goto out; - } - } - -bis_derivation:; - // Read the correct keyblob. - u8 *keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1); - sdmmc_storage_read(&emmc_storage, HOS_KEYBLOBS_OFFSET / NX_EMMC_BLOCKSIZE + kb, 1, keyblob); - - // Generate BIS keys - hos_bis_keygen(keyblob, kb, &tsec_ctxt); - - free(keyblob); + // Generate BIS keys. + hos_bis_keygen(); u8 *cal0_buf = malloc(0x10000); @@ -894,32 +778,25 @@ bis_derivation:; nx_emmc_cal0_t *cal0 = (nx_emmc_cal0_t *)cal0_buf; - // If successful, save BIS keys. + // Check keys validity. if (memcmp(&cal0->magic, "CAL0", 4)) { - hos_bis_keys_clear(); - hos_eks_bis_clear(); + // Clear EKS keys. + hos_eks_clear(KB_FIRMWARE_VERSION_MAX); strcpy(txt_buf, "#FFDD00 BIS keys validation failed!#\n"); - sept_error = true; + error = true; } - else - hos_eks_bis_save(); + free(cal0_buf); -out: - // Check if sept is not needed. - if (!sept_needed) - free(pkg1); - - if (sept_needed || sept_error) + if (error) { lv_obj_t *dark_bg = lv_obj_create(lv_scr_act(), NULL); lv_obj_set_style(dark_bg, &mbox_darken); lv_obj_set_size(dark_bg, LV_HOR_RES, LV_VER_RES); - static const char * mbox_btn_map[] = { "\211", "\222Launch", "\222Close", "\211", "" }; - static const char * mbox_btn_map2[] = { "\211", "\222Close", "\211", "" }; + static const char * mbox_btn_map[] = { "\211", "\222Close", "\211", "" }; lv_obj_t * mbox = lv_mbox_create(dark_bg, NULL); lv_mbox_set_recolor_text(mbox, true); lv_obj_set_width(mbox, LV_HOR_RES / 9 * 5); @@ -932,18 +809,8 @@ out: lv_label_set_style(lb_desc, &monospace_text); lv_obj_set_width(lb_desc, LV_HOR_RES / 9 * 4); - if (sept_error) - { - lv_label_set_text(lb_desc, txt_buf); - lv_mbox_add_btns(mbox, mbox_btn_map2, _emummc_raw_check_sept_action); - free(pkg1); - } - else - { - lv_label_set_text(lb_desc, "Sept needs to launch in order to generate keys\nneeded for emuMMC resizing.\n" - "After that enter this menu again."); - lv_mbox_add_btns(mbox, mbox_btn_map, _emummc_raw_check_sept_action); - } + lv_label_set_text(lb_desc, txt_buf); + lv_mbox_add_btns(mbox, mbox_btn_map, mbox_action); lv_obj_align(mbox, NULL, LV_ALIGN_CENTER, 0, 0); lv_obj_set_top(mbox, true); @@ -953,7 +820,7 @@ out: return 0; } - sdmmc_storage_set_mmc_partition(&emmc_storage, EMMC_GPP); + free(txt_buf); return 1; } @@ -984,7 +851,7 @@ void dump_emummc_raw(emmc_tool_gui_t *gui, int part_idx, u32 sector_start, u32 r goto out; } - if (!_emummc_raw_check_sept(gui, resized_count)) + if (!_emummc_raw_derive_bis_keys(gui, resized_count)) { s_printf(gui->txt_buf, "#FFDD00 For formatting USER partition,#\n#FFDD00 BIS keys are needed!#\n"); lv_label_ins_text(gui->label_log, LV_LABEL_POS_LAST, gui->txt_buf); diff --git a/nyx/nyx_gui/frontend/gui.c b/nyx/nyx_gui/frontend/gui.c index f607a66..16adeea 100644 --- a/nyx/nyx_gui/frontend/gui.c +++ b/nyx/nyx_gui/frontend/gui.c @@ -1868,7 +1868,7 @@ static void _create_tab_home(lv_theme_t *th, lv_obj_t *parent) label_btn = lv_label_create(btn_emummc, label_btn); s_printf(btn_colored_text, "%s%s", text_color, " "SYMBOL_LIST"#"); lv_label_set_text(label_btn, btn_colored_text); - lv_btn_set_action(btn_emummc, LV_BTN_ACTION_CLICK,create_win_emummc_tools); + lv_btn_set_action(btn_emummc, LV_BTN_ACTION_CLICK, create_win_emummc_tools); lv_btn_set_layout(btn_emummc, LV_LAYOUT_OFF); lv_obj_align(label_btn, NULL, LV_ALIGN_CENTER, 0, -28); lv_obj_set_pos(btn_emummc, 959, 160); @@ -2208,28 +2208,8 @@ static void _nyx_main_menu(lv_theme_t * th) // Option save button. lv_tabview_set_tab_load_action(tv, _show_hide_save_button); - // If we rebooted to run sept for dumping, lunch dump immediately. - if (nyx_str->cfg & NYX_CFG_SEPT) - { - u32 type = nyx_str->cfg >> 24; - nyx_str->cfg &= ~(NYX_CFG_SEPT | NYX_CFG_EXTRA); - - if (type == NYX_SEPT_DUMP) - { - lv_task_t *task_run_dump = lv_task_create(sept_run_dump, LV_TASK_ONESHOT, LV_TASK_PRIO_MID, NULL); - lv_task_once(task_run_dump); - } - else if (type == NYX_SEPT_CAL0) - { - lv_task_t *task_run_cal0 = lv_task_create(sept_run_cal0, LV_TASK_ONESHOT, LV_TASK_PRIO_LOWEST, NULL); - lv_task_once(task_run_cal0); - } - else if (type == NYX_SEPT_EMUF) - { - // TODO: Maybe automatically relaunch emuMMC creation in the future. - } - } - else if (nyx_str->cfg & NYX_CFG_UMS) + // Check if Nyx was launched with a function set. + if (nyx_str->cfg & NYX_CFG_UMS) { nyx_str->cfg &= ~(NYX_CFG_UMS); lv_task_t *task_run_ums = lv_task_create(nyx_run_ums, LV_TASK_ONESHOT, LV_TASK_PRIO_MID, (void *)&nyx_str->cfg); diff --git a/nyx/nyx_gui/frontend/gui_emmc_tools.c b/nyx/nyx_gui/frontend/gui_emmc_tools.c index f019967..749c6ba 100644 --- a/nyx/nyx_gui/frontend/gui_emmc_tools.c +++ b/nyx/nyx_gui/frontend/gui_emmc_tools.c @@ -24,7 +24,6 @@ #include "../hos/pkg1.h" #include "../hos/pkg2.h" #include "../hos/hos.h" -#include "../hos/sept.h" #include #include #include diff --git a/nyx/nyx_gui/frontend/gui_info.c b/nyx/nyx_gui/frontend/gui_info.c index 8d6f1c8..65aae95 100644 --- a/nyx/nyx_gui/frontend/gui_info.c +++ b/nyx/nyx_gui/frontend/gui_info.c @@ -21,7 +21,6 @@ #include "../config.h" #include "../hos/hos.h" #include "../hos/pkg1.h" -#include "../hos/sept.h" #include #include #include @@ -302,108 +301,16 @@ static lv_res_t _create_mbox_cal0(lv_obj_t *btn) sd_mount(); - // Read package1. - static const u32 BOOTLOADER_SIZE = 0x40000; - static const u32 BOOTLOADER_MAIN_OFFSET = 0x100000; - static const u32 BOOTLOADER_BACKUP_OFFSET = 0x140000; - static const u32 HOS_KEYBLOBS_OFFSET = 0x180000; - - u8 kb = 0; - u32 bootloader_offset = BOOTLOADER_MAIN_OFFSET; - u32 pk1_offset = h_cfg.t210b01 ? sizeof(bl_hdr_t210b01_t) : 0; // Skip T210B01 OEM header. - u8 *pkg1 = (u8 *)malloc(BOOTLOADER_SIZE); - + // Init eMMC. if (!sdmmc_storage_init_mmc(&emmc_storage, &emmc_sdmmc, SDMMC_BUS_WIDTH_8, SDHCI_TIMING_MMC_HS400)) { lv_label_set_text(lb_desc, "#FFDD00 Failed to init eMMC!#"); goto out; } - sdmmc_storage_set_mmc_partition(&emmc_storage, EMMC_BOOT0); - -try_load: - sdmmc_storage_read(&emmc_storage, bootloader_offset / NX_EMMC_BLOCKSIZE, BOOTLOADER_SIZE / NX_EMMC_BLOCKSIZE, pkg1); - - char *build_date = malloc(32); - const pkg1_id_t *pkg1_id = pkg1_identify(pkg1 + pk1_offset, build_date); - - s_printf(txt_buf + strlen(txt_buf), "#00DDFF Found pkg1 ('%s')#\n", build_date); - free(build_date); - - if (!pkg1_id) - { - strcat(txt_buf, "#FFDD00 Unknown pkg1 version!#\n"); - // Try backup bootloader. - if (bootloader_offset != BOOTLOADER_BACKUP_OFFSET) - { - strcat(txt_buf, "Trying backup bootloader...\n"); - bootloader_offset = BOOTLOADER_BACKUP_OFFSET; - goto try_load; - } - lv_label_set_text(lb_desc, txt_buf); - - goto out; - } - - kb = pkg1_id->kb; - - // Skip if Mariko. - if (h_cfg.t210b01) - goto t210b01; - - tsec_ctxt_t tsec_ctxt; - tsec_ctxt.fw = (u8 *)pkg1 + pkg1_id->tsec_off; - tsec_ctxt.pkg1 = pkg1; - tsec_ctxt.pkg11_off = pkg1_id->pkg11_off; - tsec_ctxt.secmon_base = pkg1_id->secmon_base; - - // Get keys. - hos_eks_get(); - if (kb >= KB_FIRMWARE_VERSION_700 && !h_cfg.sept_run) - { - u32 key_idx = 0; - if (kb >= KB_FIRMWARE_VERSION_810) - key_idx = 1; - - if (h_cfg.eks && h_cfg.eks->enabled[key_idx] >= kb) - h_cfg.sept_run = true; - else - { - // Check that BCT is proper so sept can run. - u8 *bct_bldr = (u8 *)calloc(1, 512); - sdmmc_storage_read(&emmc_storage, 0x2200 / NX_EMMC_BLOCKSIZE, 1, bct_bldr); - u32 bootloader_entrypoint = *(u32 *)&bct_bldr[0x144]; - free(bct_bldr); - if (bootloader_entrypoint > SEPT_PRI_ENTRY) - { - lv_label_set_text(lb_desc, "#FFDD00 Main BCT is improper! Failed to run sept.#\n" - "#FFDD00 Run sept with proper BCT at least once#\n#FFDD00 to cache keys.#\n"); - goto out; - } - - // Set boot cfg. - b_cfg->autoboot = 0; - b_cfg->autoboot_list = 0; - b_cfg->extra_cfg = EXTRA_CFG_NYX_SEPT; - b_cfg->sept = NYX_SEPT_CAL0; - - if (!reboot_to_sept((u8 *)tsec_ctxt.fw, kb)) - { - lv_label_set_text(lb_desc, "#FFDD00 Failed to run sept#\n"); - goto out; - } - } - } - -t210b01:; - // Read the correct keyblob. - u8 *keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1); - sdmmc_storage_read(&emmc_storage, HOS_KEYBLOBS_OFFSET / NX_EMMC_BLOCKSIZE + kb, 1, keyblob); // Generate BIS keys - hos_bis_keygen(keyblob, kb, &tsec_ctxt); - - free(keyblob); + hos_bis_keygen(); if (!cal0_buf) cal0_buf = malloc(0x10000); @@ -418,24 +325,23 @@ t210b01:; nx_emmc_bis_end(); nx_emmc_gpt_free(&gpt); - // Clear BIS keys slots and reinstate SBK. + // Clear BIS keys slots. hos_bis_keys_clear(); nx_emmc_cal0_t *cal0 = (nx_emmc_cal0_t *)cal0_buf; - // If successful, save BIS keys. + // Check keys validity. if (memcmp(&cal0->magic, "CAL0", 4)) { free(cal0_buf); cal0_buf = NULL; - hos_eks_bis_clear(); + // Clear EKS keys. + hos_eks_clear(KB_FIRMWARE_VERSION_MAX); lv_label_set_text(lb_desc, "#FFDD00 CAL0 is corrupt or wrong keys!#\n"); goto out; } - else - hos_eks_bis_save(); u32 hash[8]; se_calc_sha256_oneshot(hash, (u8 *)cal0 + 0x40, cal0->body_size); @@ -526,7 +432,6 @@ t210b01:; lv_label_set_text(lb_desc, txt_buf); out: - free(pkg1); free(txt_buf); sd_unmount(); sdmmc_storage_end(&emmc_storage); @@ -1042,11 +947,6 @@ static lv_res_t _create_window_fuses_info_status(lv_obj_t *btn) return LV_RES_OK; } -void sept_run_cal0(void *param) -{ - _create_window_fuses_info_status(NULL); -} - static char *ipatches_txt; static void _ipatch_process(u32 offset, u32 value) { @@ -1098,7 +998,7 @@ static lv_res_t _create_window_tsec_keys_status(lv_obj_t *btn) { u32 retries = 0; - tsec_ctxt_t tsec_ctxt; + tsec_ctxt_t tsec_ctxt = {0}; lv_obj_t *win = nyx_create_standard_window(SYMBOL_CHIP" TSEC Keys"); @@ -1173,28 +1073,35 @@ try_load: tsec_ctxt.secmon_base = pkg1_id->secmon_base; if (pkg1_id->kb <= KB_FIRMWARE_VERSION_600) + { tsec_ctxt.size = 0xF00; - else if (pkg1_id->kb == KB_FIRMWARE_VERSION_620) - tsec_ctxt.size = 0x2900; - else if (pkg1_id->kb == KB_FIRMWARE_VERSION_700) - { - tsec_ctxt.size = 0x3000; - // Exit after TSEC key generation. - *((vu16 *)((u32)tsec_ctxt.fw + 0x2DB5)) = 0x02F8; + tsec_ctxt.type = TSEC_FW_TYPE_OLD; } - else - tsec_ctxt.size = 0x3300; - - if (pkg1_id->kb == KB_FIRMWARE_VERSION_620) + else if (pkg1_id->kb == KB_FIRMWARE_VERSION_620) { + tsec_ctxt.size = 0x2900; + tsec_ctxt.type = TSEC_FW_TYPE_EMU; + u8 *tsec_paged = (u8 *)page_alloc(3); memcpy(tsec_paged, (void *)tsec_ctxt.fw, tsec_ctxt.size); tsec_ctxt.fw = tsec_paged; } + else if (pkg1_id->kb == KB_FIRMWARE_VERSION_700) + { + tsec_ctxt.size = 0x3000; + tsec_ctxt.type = TSEC_FW_TYPE_NEW; + // Exit after TSEC key generation. + *((vu16 *)((u32)tsec_ctxt.fw + 0x2DB5)) = 0x02F8; + } + else + { + tsec_ctxt.size = 0x3300; + tsec_ctxt.type = TSEC_FW_TYPE_NEW; + } int res = 0; - while (tsec_query((u8 *)tsec_keys, pkg1_id->kb, &tsec_ctxt) < 0) + while (tsec_query((u8 *)tsec_keys, &tsec_ctxt) < 0) { memset(tsec_keys, 0x00, 0x20); diff --git a/nyx/nyx_gui/frontend/gui_info.h b/nyx/nyx_gui/frontend/gui_info.h index bd0c316..ac64cbd 100644 --- a/nyx/nyx_gui/frontend/gui_info.h +++ b/nyx/nyx_gui/frontend/gui_info.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2019 CTCaer + * Copyright (c) 2018-2021 CTCaer * * This program is free software; you can redistribute it and/or modify it * under the terms and conditions of the GNU General Public License, @@ -19,7 +19,6 @@ #include -void sept_run_cal0(void *param); void create_tab_info(lv_theme_t *th, lv_obj_t *parent); #endif diff --git a/nyx/nyx_gui/frontend/gui_tools.c b/nyx/nyx_gui/frontend/gui_tools.c index a104d57..c789f2b 100644 --- a/nyx/nyx_gui/frontend/gui_tools.c +++ b/nyx/nyx_gui/frontend/gui_tools.c @@ -28,7 +28,6 @@ #include "../hos/pkg1.h" #include "../hos/pkg2.h" #include "../hos/hos.h" -#include "../hos/sept.h" #include #include #include @@ -1138,62 +1137,19 @@ static lv_res_t _create_window_dump_pk12_tool(lv_obj_t *btn) kb = pkg1_id->kb; - if (!h_cfg.se_keygen_done) - { - tsec_ctxt_t tsec_ctxt; - tsec_ctxt.fw = (void *)(pkg1 + pkg1_id->tsec_off); - tsec_ctxt.pkg1 = (void *)pkg1; - tsec_ctxt.pkg11_off = pkg1_id->pkg11_off; - tsec_ctxt.secmon_base = pkg1_id->secmon_base; + tsec_ctxt_t tsec_ctxt = {0}; + tsec_ctxt.fw = (void *)(pkg1 + pkg1_id->tsec_off); + tsec_ctxt.pkg1 = (void *)pkg1; + tsec_ctxt.pkg11_off = pkg1_id->pkg11_off; + tsec_ctxt.secmon_base = pkg1_id->secmon_base; - hos_eks_get(); + // Read keyblob. + u8 *keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1); + sdmmc_storage_read(&emmc_storage, HOS_KEYBLOBS_OFFSET / NX_EMMC_BLOCKSIZE + kb, 1, keyblob); - if (!h_cfg.t210b01 && kb >= KB_FIRMWARE_VERSION_700 && !h_cfg.sept_run) - { - u32 key_idx = 0; - if (kb >= KB_FIRMWARE_VERSION_810) - key_idx = 1; - - if (h_cfg.eks && h_cfg.eks->enabled[key_idx] >= kb) - h_cfg.sept_run = true; - else - { - // Check that BCT is proper so sept can run. - u8 *bct_bldr = (u8 *)calloc(1, 512); - sdmmc_storage_read(&emmc_storage, 0x2200 / NX_EMMC_BLOCKSIZE, 1, bct_bldr); - u32 bootloader_entrypoint = *(u32 *)&bct_bldr[0x144]; - free(bct_bldr); - if (bootloader_entrypoint > SEPT_PRI_ENTRY) - { - lv_label_set_text(lb_desc, "#FFDD00 Failed to run sept because main BCT is improper!#\n" - "#FFDD00 Run sept with proper BCT at least once to cache keys.#\n"); - goto out_free; - } - - // Set boot cfg. - b_cfg->autoboot = 0; - b_cfg->autoboot_list = 0; - b_cfg->extra_cfg = EXTRA_CFG_NYX_SEPT; - b_cfg->sept = NYX_SEPT_DUMP; - - if (!reboot_to_sept((u8 *)tsec_ctxt.fw, kb)) - { - lv_label_set_text(lb_desc, "#FFDD00 Failed to run sept#\n"); - goto out_free; - } - } - } - - // Read keyblob. - u8 *keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1); - sdmmc_storage_read(&emmc_storage, HOS_KEYBLOBS_OFFSET / NX_EMMC_BLOCKSIZE + kb, 1, keyblob); - - // Decrypt. - hos_keygen(keyblob, kb, &tsec_ctxt); - if (kb <= KB_FIRMWARE_VERSION_600) - h_cfg.se_keygen_done = 1; - free(keyblob); - } + // Decrypt. + hos_keygen(keyblob, kb, &tsec_ctxt); + free(keyblob); if (h_cfg.t210b01 || kb <= KB_FIRMWARE_VERSION_600) { @@ -1316,13 +1272,11 @@ static lv_res_t _create_window_dump_pk12_tool(lv_obj_t *btn) lv_label_set_text(lb_desc, txt_buf); manual_system_maintenance(true); - // Clear EKS slot, in case something went wrong with sept keygen. + // Clear EKS slot, in case something went wrong with tsec keygen. hos_eks_clear(kb); goto out; } - else if (kb >= KB_FIRMWARE_VERSION_700) - hos_eks_save(kb); // Save EKS slot if it doesn't exist. // Display info. s_printf(txt_buf + strlen(txt_buf), @@ -1429,11 +1383,6 @@ out_end: return LV_RES_OK; } -void sept_run_dump(void *param) -{ - _create_window_dump_pk12_tool(NULL); -} - static void _create_tab_tools_emmc_pkg12(lv_theme_t *th, lv_obj_t *parent) { lv_page_set_scrl_layout(parent, LV_LAYOUT_PRETTY); diff --git a/nyx/nyx_gui/frontend/gui_tools.h b/nyx/nyx_gui/frontend/gui_tools.h index de40004..c841708 100644 --- a/nyx/nyx_gui/frontend/gui_tools.h +++ b/nyx/nyx_gui/frontend/gui_tools.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2019 CTCaer + * Copyright (c) 2018-2021 CTCaer * * This program is free software; you can redistribute it and/or modify it * under the terms and conditions of the GNU General Public License, @@ -23,7 +23,6 @@ extern lv_obj_t *ums_mbox; void create_tab_tools(lv_theme_t *th, lv_obj_t *parent); void nyx_run_ums(void *param); -void sept_run_dump(void *param); bool get_autorcm_status(bool change); lv_res_t action_ums_sd(lv_obj_t *btn); diff --git a/nyx/nyx_gui/hos/hos.c b/nyx/nyx_gui/hos/hos.c index afdb8cd..2979d47 100644 --- a/nyx/nyx_gui/hos/hos.c +++ b/nyx/nyx_gui/hos/hos.c @@ -21,7 +21,6 @@ #include #include "hos.h" -#include "sept.h" #include "../config.h" #include #include @@ -54,7 +53,7 @@ typedef struct _tsec_keys_t typedef struct _kb_keys_t { - u8 master_keyseed[SE_KEY_128_SIZE]; + u8 master_kekseed[SE_KEY_128_SIZE]; u8 random_data[0x70]; u8 package1_key[SE_KEY_128_SIZE]; } kb_keys_t; @@ -82,12 +81,18 @@ static const u8 cmac_keyseed[SE_KEY_128_SIZE] = static const u8 master_keyseed_retail[SE_KEY_128_SIZE] = { 0xD8, 0xA2, 0x41, 0x0A, 0xC6, 0xC5, 0x90, 0x01, 0xC6, 0x1D, 0x6A, 0x26, 0x7C, 0x51, 0x3F, 0x3C }; -static const u8 master_keyseed_4xx_5xx_610[SE_KEY_128_SIZE] = - { 0x2D, 0xC1, 0xF4, 0x8D, 0xF3, 0x5B, 0x69, 0x33, 0x42, 0x10, 0xAC, 0x65, 0xDA, 0x90, 0x46, 0x66 }; +// Unused in this context. +//static const u8 master_keyseed_4xx[SE_KEY_128_SIZE] = +// { 0x2D, 0xC1, 0xF4, 0x8D, 0xF3, 0x5B, 0x69, 0x33, 0x42, 0x10, 0xAC, 0x65, 0xDA, 0x90, 0x46, 0x66 }; -static const u8 master_keyseed_620[SE_KEY_128_SIZE] = +static const u8 master_kekseed_620[SE_KEY_128_SIZE] = { 0x37, 0x4B, 0x77, 0x29, 0x59, 0xB4, 0x04, 0x30, 0x81, 0xF6, 0xE5, 0x8C, 0x6D, 0x36, 0x17, 0x9A }; +//!TODO: Update on mkey changes. +static const u8 master_kekseed_t210_max[SE_KEY_128_SIZE] = + { 0x84, 0x67, 0xB6, 0x7F, 0x13, 0x11, 0xAE, 0xE6, 0x58, 0x9B, 0x19, 0xAF, 0x13, 0x6C, 0x80, 0x7A }; // 12.1.0. + +//!TODO: Update on mkey changes. static const u8 master_kekseed_t210b01[][SE_KEY_128_SIZE] = { { 0x77, 0x60, 0x5A, 0xD2, 0xEE, 0x6E, 0xF8, 0x3C, 0x3F, 0x72, 0xE2, 0x59, 0x9D, 0xAC, 0x5E, 0x56 }, // 6.0.0. { 0x1E, 0x80, 0xB8, 0x17, 0x3E, 0xC0, 0x60, 0xAA, 0x11, 0xBE, 0x1A, 0x4A, 0xA6, 0x6F, 0xE4, 0xAE }, // 6.2.0. @@ -101,12 +106,13 @@ static const u8 master_kekseed_t210b01[][SE_KEY_128_SIZE] = { static const u8 console_keyseed[SE_KEY_128_SIZE] = { 0x4F, 0x02, 0x5F, 0x0E, 0xB6, 0x6D, 0x11, 0x0E, 0xDC, 0x32, 0x7D, 0x41, 0x86, 0xC2, 0xF4, 0x78 }; -static const u8 console_keyseed_4xx_5xx[SE_KEY_128_SIZE] = +static const u8 console_keyseed_4xx[SE_KEY_128_SIZE] = { 0x0C, 0x91, 0x09, 0xDB, 0x93, 0x93, 0x07, 0x81, 0x07, 0x3C, 0xC4, 0x16, 0x22, 0x7C, 0x6C, 0x28 }; const u8 package2_keyseed[SE_KEY_128_SIZE] = { 0xFB, 0x8B, 0x6A, 0x9C, 0x79, 0x00, 0xC8, 0x49, 0xEF, 0xD2, 0x4D, 0x85, 0x4D, 0x30, 0xA0, 0xC7 }; +//!TODO: Update on mkey changes. static const u8 mkey_vectors[KB_FIRMWARE_VERSION_MAX + 1][SE_KEY_128_SIZE] = { { 0x0C, 0xF0, 0x59, 0xAC, 0x85, 0xF6, 0x26, 0x65, 0xE1, 0xE9, 0x19, 0x55, 0xE6, 0xF2, 0x67, 0x3D }, // Zeroes encrypted with mkey 00. { 0x29, 0x4C, 0x04, 0xC8, 0xEB, 0x10, 0xED, 0x9D, 0x51, 0x64, 0x97, 0xFB, 0xF3, 0x4D, 0x50, 0xDD }, // Mkey 00 encrypted with mkey 01. @@ -122,6 +128,7 @@ static const u8 mkey_vectors[KB_FIRMWARE_VERSION_MAX + 1][SE_KEY_128_SIZE] = { { 0xC1, 0x8D, 0x16, 0xBB, 0x2A, 0xE4, 0x1D, 0xD4, 0xC2, 0xC1, 0xB6, 0x40, 0x94, 0x35, 0x63, 0x98 }, // Mkey 10 encrypted with mkey 11. }; +//!TODO: Update on mkey changes. static const u8 new_console_keyseed[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VERSION_400 + 1][SE_KEY_128_SIZE] = { { 0x8B, 0x4E, 0x1C, 0x22, 0x42, 0x07, 0xC8, 0x73, 0x56, 0x94, 0x08, 0x8B, 0xCC, 0x47, 0x0F, 0x5D }, // 4.x New Device Key Source. { 0x6C, 0xEF, 0xC6, 0x27, 0x8B, 0xEC, 0x8A, 0x91, 0x99, 0xAB, 0x24, 0xAC, 0x4F, 0x1C, 0x8F, 0x1C }, // 5.x New Device Key Source. @@ -134,6 +141,7 @@ static const u8 new_console_keyseed[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VERSIO { 0xAA, 0xFD, 0xBC, 0xBB, 0x25, 0xC3, 0xA4, 0xEF, 0xE3, 0xEE, 0x58, 0x53, 0xB7, 0xF8, 0xDD, 0xD6 }, // 12.1.0 New Device Key Source. }; +//!TODO: Update on mkey changes. static const u8 new_console_kekseed[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VERSION_400 + 1][SE_KEY_128_SIZE] = { { 0x88, 0x62, 0x34, 0x6E, 0xFA, 0xF7, 0xD8, 0x3F, 0xE1, 0x30, 0x39, 0x50, 0xF0, 0xB7, 0x5D, 0x5D }, // 4.x New Device Keygen Source. { 0x06, 0x1E, 0x7B, 0xE9, 0x6D, 0x47, 0x8C, 0x77, 0xC5, 0xC8, 0xE7, 0x94, 0x9A, 0xA8, 0x5F, 0x2E }, // 5.x New Device Keygen Source. @@ -186,7 +194,7 @@ bool hos_eks_rw_try(u8 *buf, bool write) return false; } -void hos_eks_get() +static void _hos_eks_get() { // Check if Erista based unit. if (h_cfg.t210b01) @@ -202,11 +210,10 @@ void hos_eks_get() // Decrypt EKS blob. hos_eks_mbr_t *eks = (hos_eks_mbr_t *)(mbr + 0x80); - se_aes_crypt_ecb(14, 0, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t)); + se_aes_crypt_ecb(14, DECRYPT, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t)); // Check if valid and for this unit. - if (eks->magic == HOS_EKS_MAGIC && - (eks->lot0 == FUSE(FUSE_OPT_LOT_CODE_0) || eks->lot0 == FUSE(FUSE_PRIVATE_KEY0))) + if (eks->magic == HOS_EKS_MAGIC && eks->lot0 == FUSE(FUSE_OPT_LOT_CODE_0)) { h_cfg.eks = eks; return; @@ -217,133 +224,13 @@ out: } } -void hos_eks_save(u32 kb) -{ - // Check if Erista based unit. - if (h_cfg.t210b01) - return; - - if (kb >= KB_FIRMWARE_VERSION_700) - { - u32 key_idx = 0; - if (kb >= KB_FIRMWARE_VERSION_810) - key_idx = 1; - - bool new_eks = false; - if (!h_cfg.eks) - { - h_cfg.eks = calloc(512 , 1); - new_eks = true; - } - - // If matching blob doesn't exist, create it. - bool update_eks = key_idx ? (h_cfg.eks->enabled[key_idx] < kb) : !h_cfg.eks->enabled[0]; - // If old EKS version was found, update it. - update_eks |= h_cfg.eks->lot0 != FUSE(FUSE_OPT_LOT_CODE_0); - if (update_eks) - { - // Read EKS blob. - u8 *mbr = calloc(512 , 1); - if (!hos_eks_rw_try(mbr, false)) - { - if (new_eks) - { - free(h_cfg.eks); - h_cfg.eks = NULL; - } - - goto out; - } - - // Get keys. - u8 *keys = (u8 *)calloc(0x2000, 1); - se_get_aes_keys(keys + 0x1000, keys, SE_KEY_128_SIZE); - - // Set magic and personalized info. - h_cfg.eks->magic = HOS_EKS_MAGIC; - h_cfg.eks->enabled[key_idx] = kb; - h_cfg.eks->lot0 = FUSE(FUSE_OPT_LOT_CODE_0); - - // Copy new keys. - memcpy(h_cfg.eks->dkg, keys + 10 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); - memcpy(h_cfg.eks->dkk, keys + 15 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); - - if (!h_cfg.aes_slots_new) - { - memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 12 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); - memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 13 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); - } - else // New sept slots. - { - memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 13 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); - memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 12 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); - } - - // Encrypt EKS blob. - u8 *eks = calloc(512 , 1); - memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t)); - se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t)); - - // Write EKS blob to SD. - memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t)); - hos_eks_rw_try(mbr, true); - - free(eks); - free(keys); -out: - free(mbr); - } - } -} - -void hos_eks_clear(u32 kb) -{ - // Check if Erista based unit. - if (h_cfg.t210b01) - return; - - if (h_cfg.eks && kb >= KB_FIRMWARE_VERSION_700) - { - u32 key_idx = 0; - if (kb >= KB_FIRMWARE_VERSION_810) - key_idx = 1; - - // Check if Current Master key is enabled. - if (h_cfg.eks->enabled[key_idx]) - { - // Read EKS blob. - u8 *mbr = calloc(512 , 1); - if (!hos_eks_rw_try(mbr, false)) - goto out; - - // Disable current Master key version. - h_cfg.eks->enabled[key_idx] = 0; - - // Encrypt EKS blob. - u8 *eks = calloc(512 , 1); - memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t)); - se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t)); - - // Write EKS blob to SD. - memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t)); - hos_eks_rw_try(mbr, true); - - EMC(EMC_SCRATCH0) &= ~EMC_SEPT_RUN; - h_cfg.sept_run = false; - - free(eks); -out: - free(mbr); - } - } -} - -void hos_eks_bis_save() +static void _hos_eks_save(u32 kb) { // Check if Erista based unit. if (h_cfg.t210b01) return; + // EKS save. Only for 7.0.0 and up. bool new_eks = false; if (!h_cfg.eks) { @@ -352,7 +239,7 @@ void hos_eks_bis_save() } // If matching blob doesn't exist, create it. - if (!h_cfg.eks->enabled_bis) + if (h_cfg.eks->enabled < kb) { // Read EKS blob. u8 *mbr = calloc(512 , 1); @@ -367,73 +254,75 @@ void hos_eks_bis_save() goto out; } + // Get keys. + u8 *keys = (u8 *)calloc(0x2000, 1); + se_get_aes_keys(keys + 0x1000, keys, SE_KEY_128_SIZE); + // Set magic and personalized info. h_cfg.eks->magic = HOS_EKS_MAGIC; - h_cfg.eks->enabled_bis = 1; + h_cfg.eks->enabled = KB_FIRMWARE_VERSION_MAX; h_cfg.eks->lot0 = FUSE(FUSE_OPT_LOT_CODE_0); // Copy new keys. - memcpy(h_cfg.eks->bis_keys[0].crypt, bis_keys + (0 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); - memcpy(h_cfg.eks->bis_keys[0].tweak, bis_keys + (1 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); - - memcpy(h_cfg.eks->bis_keys[1].crypt, bis_keys + (2 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); - memcpy(h_cfg.eks->bis_keys[1].tweak, bis_keys + (3 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); - - memcpy(h_cfg.eks->bis_keys[2].crypt, bis_keys + (4 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); - memcpy(h_cfg.eks->bis_keys[2].tweak, bis_keys + (5 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); + memcpy(h_cfg.eks->tsec, keys + 12 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); + memcpy(h_cfg.eks->troot, keys + 13 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); + memcpy(h_cfg.eks->troot_dev, keys + 11 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); // Encrypt EKS blob. u8 *eks = calloc(512 , 1); memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t)); - se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t)); + se_aes_crypt_ecb(14, ENCRYPT, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t)); // Write EKS blob to SD. memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t)); hos_eks_rw_try(mbr, true); - free(eks); + free(keys); out: free(mbr); } } -void hos_eks_bis_clear() +void hos_eks_clear(u32 kb) { // Check if Erista based unit. if (h_cfg.t210b01) return; - // Check if BIS keys are enabled. - if (h_cfg.eks && h_cfg.eks->enabled_bis) + if (h_cfg.eks && kb >= KB_FIRMWARE_VERSION_700) { - // Read EKS blob. - u8 *mbr = calloc(512 , 1); - if (!hos_eks_rw_try(mbr, false)) - goto out; + // Check if current Master key is enabled. + if (h_cfg.eks->enabled) + { + // Read EKS blob. + u8 *mbr = calloc(512 , 1); + if (!hos_eks_rw_try(mbr, false)) + goto out; - // Disable BIS storage. - h_cfg.eks->enabled_bis = 0; + // Disable current Master key version. + h_cfg.eks->enabled = 0; - // Encrypt EKS blob. - u8 *eks = calloc(512 , 1); - memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t)); - se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t)); + // Encrypt EKS blob. + u8 *eks = calloc(512 , 1); + memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t)); + se_aes_crypt_ecb(14, ENCRYPT, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t)); - // Write EKS blob to SD. - memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t)); - hos_eks_rw_try(mbr, true); + // Write EKS blob to SD. + memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t)); + hos_eks_rw_try(mbr, true); - free(eks); + free(eks); out: - free(mbr); + free(mbr); + } } } int hos_keygen_t210b01(u32 kb) { // Use SBK as Device key 4x unsealer and KEK for mkey in T210B01 units. - se_aes_unwrap_key(10, 14, console_keyseed_4xx_5xx); + se_aes_unwrap_key(10, 14, console_keyseed_4xx); // Derive master key. se_aes_unwrap_key(7, 12, &master_kekseed_t210b01[kb - KB_FIRMWARE_VERSION_600]); @@ -448,6 +337,7 @@ int hos_keygen_t210b01(u32 kb) int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) { u32 retries = 0; + bool use_tsec = false; tsec_keys_t tsec_keys; kb_t *kb_data = (kb_t *)keyblob; @@ -457,63 +347,95 @@ int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) if (h_cfg.t210b01) return hos_keygen_t210b01(kb); - if (kb <= KB_FIRMWARE_VERSION_600) - tsec_ctxt->size = 0xF00; - else if (kb == KB_FIRMWARE_VERSION_620) - tsec_ctxt->size = 0x2900; - else if (kb == KB_FIRMWARE_VERSION_700) - tsec_ctxt->size = 0x3000; - else - tsec_ctxt->size = 0x3300; + // Do Erista keygen. - // Prepare smmu tsec page for 6.2.0. - if (kb == KB_FIRMWARE_VERSION_620) + // Use HOS EKS if it exists. + _hos_eks_get(); + + // Use tsec keygen for old firmware or if EKS keys do not exist for newer. + if (kb <= KB_FIRMWARE_VERSION_620 || !h_cfg.eks || (h_cfg.eks && h_cfg.eks->enabled < kb)) + use_tsec = true; + + if (kb <= KB_FIRMWARE_VERSION_600) { + tsec_ctxt->size = 0xF00; + tsec_ctxt->type = TSEC_FW_TYPE_OLD; + } + else if (kb == KB_FIRMWARE_VERSION_620) + { + tsec_ctxt->size = 0x2900; + tsec_ctxt->type = TSEC_FW_TYPE_EMU; + + // Prepare smmu tsec page for 6.2.0. u8 *tsec_paged = (u8 *)page_alloc(3); memcpy(tsec_paged, (void *)tsec_ctxt->fw, tsec_ctxt->size); tsec_ctxt->fw = tsec_paged; } + else if (use_tsec) // 7.0.0+ + { + /* + * 7.0.0/8.1.0 tsec fw are 0x3000/0x3300. + * Unused here because of THK. + */ + + // Use custom TSEC Hovi Keygen firmware. + tsec_ctxt->fw = sd_file_read("bootloader/sys/thk.bin", NULL); + if (!tsec_ctxt->fw) + { + EPRINTF("\nFailed to load thk.bin"); + return 0; + } + + tsec_ctxt->size = 0x1F00; + tsec_ctxt->type = TSEC_FW_TYPE_NEW; + } + else if (h_cfg.eks) + { + // EKS found. Set TSEC keys. + se_aes_key_set(12, h_cfg.eks->tsec, SE_KEY_128_SIZE); + se_aes_key_set(13, h_cfg.eks->troot, SE_KEY_128_SIZE); + se_aes_key_set(11, h_cfg.eks->troot_dev, SE_KEY_128_SIZE); + } // Get TSEC key. - if (kb <= KB_FIRMWARE_VERSION_620) + while (use_tsec && tsec_query(&tsec_keys, tsec_ctxt) < 0) { - while (tsec_query(&tsec_keys, kb, tsec_ctxt) < 0) - { - memset(&tsec_keys, 0x00, 0x20); - retries++; + memset(&tsec_keys, 0x00, 0x20); + retries++; - // We rely on racing conditions, make sure we cover even the unluckiest cases. - if (retries > 15) - { - EPRINTF("\nFailed to get TSEC keys. Please try again.\n"); - return 0; - } + // We rely on racing conditions, make sure we cover even the unluckiest cases. + if (retries > 15) + { + EPRINTF("\nFailed to get TSEC keys. Please try again."); + return 0; } } if (kb >= KB_FIRMWARE_VERSION_700) { - // Use HOS EKS if it exists. - u32 key_idx = 0; - if (kb >= KB_FIRMWARE_VERSION_810) - key_idx = 1; - - if (h_cfg.eks && h_cfg.eks->enabled[key_idx] >= kb) + // For 7.0.0 and up, save EKS slot if it doesn't exist. + if (use_tsec) { - // Set Device keygen key to slot 10. - se_aes_key_set(10, h_cfg.eks->dkg, SE_KEY_128_SIZE); - // Set Master key to slot 12. - se_aes_key_set(12, h_cfg.eks->keys[key_idx].mkk, SE_KEY_128_SIZE); - // Set FW Device key key to slot 13. - se_aes_key_set(13, h_cfg.eks->keys[key_idx].fdk, SE_KEY_128_SIZE); - // Set Device key to slot 15. - se_aes_key_set(15, h_cfg.eks->dkk, SE_KEY_128_SIZE); + _hos_eks_save(kb); + free(tsec_ctxt->fw); } - else - h_cfg.aes_slots_new = se_key_acc_ctrl_get(12) == 0x6A; - se_aes_key_clear(8); - se_aes_unwrap_key(8, !h_cfg.aes_slots_new ? 12 : 13, package2_keyseed); + // Decrypt keyblob and set keyslots. + se_aes_crypt_block_ecb(12, DECRYPT, tsec_keys.tmp, keyblob_keyseeds[0]); + se_aes_unwrap_key(15, 14, tsec_keys.tmp); + + // Derive device keys. + se_aes_unwrap_key(10, 15, console_keyseed_4xx); + se_aes_unwrap_key(15, 15, console_keyseed); + + // Derive master kek. + se_aes_unwrap_key(7, 13, master_kekseed_t210_max); + + // Derive master key. + se_aes_unwrap_key(7, 7, master_keyseed_retail); + + // Package2 key. + se_aes_unwrap_key(8, 7, package2_keyseed); } else if (kb == KB_FIRMWARE_VERSION_620) { @@ -522,16 +444,22 @@ int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) // Set TSEC root key. se_aes_key_set(13, tsec_keys.tsec_root, SE_KEY_128_SIZE); - // Decrypt keyblob and set keyslots - se_aes_crypt_block_ecb(12, 0, tsec_keys.tmp, keyblob_keyseeds[0]); + // Decrypt keyblob and set keyslots. + se_aes_crypt_block_ecb(12, DECRYPT, tsec_keys.tmp, keyblob_keyseeds[0]); se_aes_unwrap_key(15, 14, tsec_keys.tmp); - se_aes_unwrap_key(10, 15, console_keyseed_4xx_5xx); + + // Derive device keys. + se_aes_unwrap_key(10, 15, console_keyseed_4xx); se_aes_unwrap_key(15, 15, console_keyseed); + // Derive master kek. + se_aes_unwrap_key(7, 13, master_kekseed_620); + + // Derive master key. + se_aes_unwrap_key(7, 7, master_keyseed_retail); + // Package2 key. - se_aes_unwrap_key(8, 13, master_keyseed_620); - se_aes_unwrap_key(9, 8, master_keyseed_retail); - se_aes_unwrap_key(8, 9, package2_keyseed); + se_aes_unwrap_key(8, 7, package2_keyseed); } else { @@ -539,15 +467,11 @@ int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) se_aes_key_set(13, tsec_keys.tsec, SE_KEY_128_SIZE); // Derive keyblob keys from TSEC+SBK. - se_aes_crypt_block_ecb(13, 0, tsec_keys.tsec, keyblob_keyseeds[0]); + se_aes_crypt_block_ecb(13, DECRYPT, tsec_keys.tsec, keyblob_keyseeds[0]); se_aes_unwrap_key(15, 14, tsec_keys.tsec); - se_aes_crypt_block_ecb(13, 0, tsec_keys.tsec, keyblob_keyseeds[kb]); + se_aes_crypt_block_ecb(13, DECRYPT, tsec_keys.tsec, keyblob_keyseeds[kb]); se_aes_unwrap_key(13, 14, tsec_keys.tsec); - // Clear SBK. - if (!h_cfg.sbk_set) - se_aes_key_clear(14); - /* // Verify keyblob CMAC. u8 cmac[SE_KEY_128_SIZE]; @@ -557,16 +481,16 @@ int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) return 0; */ - se_aes_crypt_block_ecb(13, 0, tsec_keys.tsec, cmac_keyseed); + se_aes_crypt_block_ecb(13, DECRYPT, tsec_keys.tsec, cmac_keyseed); se_aes_unwrap_key(11, 13, cmac_keyseed); // Decrypt keyblob and set keyslots. - se_aes_crypt_ctr(13, &kb_data->keys, sizeof(kb_data->keys), &kb_data->keys, sizeof(kb_data->keys), kb_data->ctr); + se_aes_crypt_ctr(13, &kb_data->keys, sizeof(kb_keys_t), &kb_data->keys, sizeof(kb_keys_t), kb_data->ctr); se_aes_key_set(11, kb_data->keys.package1_key, SE_KEY_128_SIZE); - se_aes_key_set(12, kb_data->keys.master_keyseed, SE_KEY_128_SIZE); - se_aes_key_set(13, kb_data->keys.master_keyseed, SE_KEY_128_SIZE); + se_aes_key_set(12, kb_data->keys.master_kekseed, SE_KEY_128_SIZE); + se_aes_key_set(13, kb_data->keys.master_kekseed, SE_KEY_128_SIZE); - se_aes_crypt_block_ecb(12, 0, tsec_keys.tsec, master_keyseed_retail); + se_aes_crypt_block_ecb(12, DECRYPT, tsec_keys.tsec, master_keyseed_retail); switch (kb) { @@ -577,18 +501,16 @@ int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) se_aes_unwrap_key(12, 12, master_keyseed_retail); break; case KB_FIRMWARE_VERSION_400: - se_aes_unwrap_key(13, 15, console_keyseed_4xx_5xx); + se_aes_unwrap_key(13, 15, console_keyseed_4xx); se_aes_unwrap_key(15, 15, console_keyseed); - if (!h_cfg.sbk_set) // Do not clear SBK if patched. In this context the below key is useless. - se_aes_unwrap_key(14, 12, master_keyseed_4xx_5xx_610); + //se_aes_unwrap_key(14, 12, master_keyseed_4xx); // In this context it's useless. So don't kill SBK. se_aes_unwrap_key(12, 12, master_keyseed_retail); break; case KB_FIRMWARE_VERSION_500: case KB_FIRMWARE_VERSION_600: - se_aes_unwrap_key(10, 15, console_keyseed_4xx_5xx); + se_aes_unwrap_key(10, 15, console_keyseed_4xx); se_aes_unwrap_key(15, 15, console_keyseed); - if (!h_cfg.sbk_set) // Do not clear SBK if patched. In this context the below key is useless. - se_aes_unwrap_key(14, 12, master_keyseed_4xx_5xx_610); + //se_aes_unwrap_key(14, 12, master_keyseed_4xx); // In this context it's useless. So don't kill SBK. se_aes_unwrap_key(12, 12, master_keyseed_retail); break; } @@ -600,32 +522,30 @@ int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) return 1; } -static void _hos_validate_sept_mkey(u32 kb) +static void _hos_validate_mkey() { u8 tmp_mkey[SE_KEY_128_SIZE]; u32 mkey_idx = sizeof(mkey_vectors) / SE_KEY_128_SIZE; - u8 mkey_slot = !h_cfg.aes_slots_new ? 12 : 13; do { mkey_idx--; - se_aes_crypt_ecb(mkey_slot, 0, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx], SE_KEY_128_SIZE); + se_aes_crypt_ecb(7, DECRYPT, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx], SE_KEY_128_SIZE); for (u32 idx = 0; idx < mkey_idx; idx++) { se_aes_key_clear(2); se_aes_key_set(2, tmp_mkey, SE_KEY_128_SIZE); - se_aes_crypt_ecb(2, 0, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx - 1 - idx], SE_KEY_128_SIZE); + se_aes_crypt_ecb(2, DECRYPT, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx - 1 - idx], SE_KEY_128_SIZE); } if (!memcmp(tmp_mkey, "\x00\x00\x00\x00\x00\x00\x00\x00", 8)) { se_aes_key_clear(2); - hos_eks_save(kb); return; } } while (mkey_idx - 1); se_aes_key_clear(2); - hos_eks_clear(kb); + hos_eks_clear(KB_FIRMWARE_VERSION_MAX); } static void _hos_bis_print_key(u32 idx, u8 *key) @@ -641,105 +561,90 @@ static void _hos_bis_print_key(u32 idx, u8 *key) gfx_puts("\n"); } -int hos_bis_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) +int hos_bis_keygen() { u32 keygen_rev = 0; - u32 console_key_slot = kb >= KB_FIRMWARE_VERSION_400 ? 15 : 13; + u32 console_key_slot = 15; // KB_FIRMWARE_VERSION_MAX. Only for Erista. + tsec_ctxt_t tsec_ctxt = {0}; if (!bis_keys) bis_keys = malloc(SE_KEY_128_SIZE * 6); - if (!h_cfg.eks || !h_cfg.eks->enabled_bis) + // Run initial keygen. + hos_keygen(NULL, KB_FIRMWARE_VERSION_MAX, &tsec_ctxt); + + // All Mariko use new device keygen. New keygen was introduced in 4.0.0. + // We check unconditionally in order to support downgrades. + keygen_rev = fuse_read_odm_keygen_rev(); + + gfx_printf("Keygen rev: %d\n", keygen_rev); + + if (keygen_rev) { - hos_keygen(keyblob, kb, tsec_ctxt); + u8 tmp_mkey[SE_KEY_128_SIZE]; + u32 mkey_idx = sizeof(mkey_vectors) / SE_KEY_128_SIZE; - // All Mariko use new device keygen. New keygen was introduced in 4.0.0. - // We check unconditionally in order to support downgrades. - keygen_rev = fuse_read_odm_keygen_rev(); + // Keygen revision uses bootloader version, which starts from 1. + keygen_rev -= (KB_FIRMWARE_VERSION_400 + 1); - gfx_printf("Keygen rev: %d\n", keygen_rev); - - if (keygen_rev) + // Derive mkey 0. + do { - u8 tmp_mkey[SE_KEY_128_SIZE]; - u32 mkey_idx = sizeof(mkey_vectors) / SE_KEY_128_SIZE; - u8 mkey_slot = kb >= KB_FIRMWARE_VERSION_700 ? (!h_cfg.aes_slots_new ? 12 : 13) : (kb == KB_FIRMWARE_VERSION_620 ? 9 : 12); - - // Keygen revision uses bootloader version, which starts from 1. - keygen_rev -= (KB_FIRMWARE_VERSION_400 + 1); - - // Use SBK as Device key 4x unsealer and KEK for mkey in T210B01 units. - if (h_cfg.t210b01) - mkey_slot = 7; - - // Derive mkey 0. - do + mkey_idx--; + se_aes_crypt_ecb(7, DECRYPT, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx], SE_KEY_128_SIZE); + for (u32 idx = 0; idx < mkey_idx; idx++) { - mkey_idx--; - se_aes_crypt_ecb(mkey_slot, 0, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx], SE_KEY_128_SIZE); - for (u32 idx = 0; idx < mkey_idx; idx++) - { - se_aes_key_clear(2); - se_aes_key_set(2, tmp_mkey, SE_KEY_128_SIZE); - se_aes_crypt_ecb(2, 0, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx - 1 - idx], SE_KEY_128_SIZE); - } - } while (memcmp(tmp_mkey, "\x00\x00\x00\x00\x00\x00\x00\x00", 8) != 0 && (mkey_idx - 1)); + se_aes_key_clear(2); + se_aes_key_set(2, tmp_mkey, SE_KEY_128_SIZE); + se_aes_crypt_ecb(2, DECRYPT, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx - 1 - idx], SE_KEY_128_SIZE); + } + } while (memcmp(tmp_mkey, "\x00\x00\x00\x00\x00\x00\x00\x00", 8) != 0 && (mkey_idx - 1)); - // Derive new device key. - se_aes_key_clear(1); - se_aes_unwrap_key(1, 10, new_console_keyseed[keygen_rev]); // Uses Device key 4x. - se_aes_crypt_ecb(10, 0, tmp_mkey, SE_KEY_128_SIZE, new_console_keyseed[keygen_rev], SE_KEY_128_SIZE); // Uses Device key 4x. - se_aes_unwrap_key(1, 2, new_console_kekseed[keygen_rev]); // Uses Master Key 0. - se_aes_unwrap_key(1, 1, tmp_mkey); + // Derive new device key. + se_aes_key_clear(1); + se_aes_unwrap_key(1, 10, new_console_keyseed[keygen_rev]); // Uses Device key 4x. + se_aes_crypt_ecb(10, DECRYPT, tmp_mkey, SE_KEY_128_SIZE, new_console_keyseed[keygen_rev], SE_KEY_128_SIZE); // Uses Device key 4x. + se_aes_unwrap_key(1, 2, new_console_kekseed[keygen_rev]); // Uses Master Key 0. + se_aes_unwrap_key(1, 1, tmp_mkey); - console_key_slot = 1; - } - - // Generate generic kek. - se_aes_key_clear(2); - se_aes_unwrap_key(2, console_key_slot, gen_keyseed_retail); - - // Clear bis keys storage. - memset(bis_keys, 0, SE_KEY_128_SIZE * 6); - - // Generate BIS 0 Keys. - se_aes_crypt_block_ecb(2, 0, bis_keys + (0 * SE_KEY_128_SIZE), bis_keyseed[0]); - se_aes_crypt_block_ecb(2, 0, bis_keys + (1 * SE_KEY_128_SIZE), bis_keyseed[1]); - - // Generate generic kek. - se_aes_key_clear(2); - se_aes_unwrap_key(2, console_key_slot, gen_kekseed); - se_aes_unwrap_key(2, 2, bis_kekseed); - se_aes_unwrap_key(2, 2, gen_keyseed); - - // Generate BIS 1 Keys. - se_aes_crypt_block_ecb(2, 0, bis_keys + (2 * SE_KEY_128_SIZE), bis_keyseed[2]); - se_aes_crypt_block_ecb(2, 0, bis_keys + (3 * SE_KEY_128_SIZE), bis_keyseed[3]); - - // Generate BIS 2/3 Keys. - se_aes_crypt_block_ecb(2, 0, bis_keys + (4 * SE_KEY_128_SIZE), bis_keyseed[4]); - se_aes_crypt_block_ecb(2, 0, bis_keys + (5 * SE_KEY_128_SIZE), bis_keyseed[5]); - - if (!h_cfg.t210b01 && kb >= KB_FIRMWARE_VERSION_700) - _hos_validate_sept_mkey(kb); - } - else - { - memcpy(bis_keys + (0 * SE_KEY_128_SIZE), h_cfg.eks->bis_keys[0].crypt, SE_KEY_128_SIZE); - memcpy(bis_keys + (1 * SE_KEY_128_SIZE), h_cfg.eks->bis_keys[0].tweak, SE_KEY_128_SIZE); - - memcpy(bis_keys + (2 * SE_KEY_128_SIZE), h_cfg.eks->bis_keys[1].crypt, SE_KEY_128_SIZE); - memcpy(bis_keys + (3 * SE_KEY_128_SIZE), h_cfg.eks->bis_keys[1].tweak, SE_KEY_128_SIZE); - - memcpy(bis_keys + (4 * SE_KEY_128_SIZE), h_cfg.eks->bis_keys[2].crypt, SE_KEY_128_SIZE); - memcpy(bis_keys + (5 * SE_KEY_128_SIZE), h_cfg.eks->bis_keys[2].tweak, SE_KEY_128_SIZE); + console_key_slot = 1; } + // Generate generic key. + se_aes_key_clear(2); + se_aes_unwrap_key(2, console_key_slot, gen_keyseed_retail); + + // Clear bis keys storage. + memset(bis_keys, 0, SE_KEY_128_SIZE * 6); + + // Generate BIS 0 Keys. + se_aes_crypt_block_ecb(2, DECRYPT, bis_keys + (0 * SE_KEY_128_SIZE), bis_keyseed[0]); + se_aes_crypt_block_ecb(2, DECRYPT, bis_keys + (1 * SE_KEY_128_SIZE), bis_keyseed[1]); + + // Generate generic kek. + se_aes_key_clear(2); + se_aes_unwrap_key(2, console_key_slot, gen_kekseed); + se_aes_unwrap_key(2, 2, bis_kekseed); + se_aes_unwrap_key(2, 2, gen_keyseed); + + // Generate BIS 1 Keys. + se_aes_crypt_block_ecb(2, DECRYPT, bis_keys + (2 * SE_KEY_128_SIZE), bis_keyseed[2]); + se_aes_crypt_block_ecb(2, DECRYPT, bis_keys + (3 * SE_KEY_128_SIZE), bis_keyseed[3]); + + // Generate BIS 2/3 Keys. + se_aes_crypt_block_ecb(2, DECRYPT, bis_keys + (4 * SE_KEY_128_SIZE), bis_keyseed[4]); + se_aes_crypt_block_ecb(2, DECRYPT, bis_keys + (5 * SE_KEY_128_SIZE), bis_keyseed[5]); + + // Validate key because KB_FIRMWARE_VERSION_MAX. + if (!h_cfg.t210b01) + _hos_validate_mkey(); + + // Print keys to console. _hos_bis_print_key(0, bis_keys); _hos_bis_print_key(1, bis_keys); _hos_bis_print_key(2, bis_keys); - // Clear all AES keyslots. + // Clear all AES tmp and bis keyslots. for (u32 i = 0; i < 6; i++) se_aes_key_clear(i); @@ -758,27 +663,7 @@ int hos_bis_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) void hos_bis_keys_clear() { - // Clear all aes keyslots. + // Clear all aes bis keyslots. for (u32 i = 0; i < 6; i++) se_aes_key_clear(i); - - // Check if Erista based unit. - if (h_cfg.t210b01) - return; - - // Set SBK back. - if (!h_cfg.sbk_set) - { - u32 sbk[4] = { - FUSE(FUSE_PRIVATE_KEY0), - FUSE(FUSE_PRIVATE_KEY1), - FUSE(FUSE_PRIVATE_KEY2), - FUSE(FUSE_PRIVATE_KEY3) - }; - // Set SBK to slot 14. - se_aes_key_set(14, sbk, SE_KEY_128_SIZE); - - // Lock SBK from being read. - se_key_acc_ctrl(14, SE_KEY_TBL_DIS_KEYREAD_FLAG); - } } \ No newline at end of file diff --git a/nyx/nyx_gui/hos/hos.h b/nyx/nyx_gui/hos/hos.h index 8d5d28e..b81146e 100644 --- a/nyx/nyx_gui/hos/hos.h +++ b/nyx/nyx_gui/hos/hos.h @@ -42,34 +42,20 @@ #define KB_FIRMWARE_VERSION_MAX KB_FIRMWARE_VERSION_1210 #define HOS_PKG11_MAGIC 0x31314B50 -#define HOS_EKS_MAGIC 0x30534B45 - -typedef struct _hos_eks_keys_t -{ - u8 mkk[SE_KEY_128_SIZE]; - u8 fdk[SE_KEY_128_SIZE]; -} hos_eks_keys_t; - -typedef struct _hos_eks_bis_keys_t -{ - u8 crypt[SE_KEY_128_SIZE]; - u8 tweak[SE_KEY_128_SIZE]; -} hos_eks_bis_keys_t; +#define HOS_EKS_MAGIC 0x31534B45 // EKS1. typedef struct _hos_eks_mbr_t { u32 magic; - u8 enabled[5]; - u8 enabled_bis; - u8 rsvd[2]; + u32 enabled; u32 lot0; - u8 dkg[SE_KEY_128_SIZE]; - u8 dkk[SE_KEY_128_SIZE]; - hos_eks_keys_t keys[5]; - hos_eks_bis_keys_t bis_keys[3]; + u32 rsvd; + u8 tsec[SE_KEY_128_SIZE]; + u8 troot[SE_KEY_128_SIZE]; + u8 troot_dev[SE_KEY_128_SIZE]; } hos_eks_mbr_t; -static_assert(sizeof(hos_eks_mbr_t) == 304, "HOS EKS size is wrong!"); +static_assert(sizeof(hos_eks_mbr_t) == 64, "HOS EKS size is wrong!"); typedef struct _launch_ctxt_t { @@ -95,13 +81,9 @@ typedef struct _launch_ctxt_t ini_sec_t *cfg; } launch_ctxt_t; -void hos_eks_get(); -void hos_eks_save(u32 kb); void hos_eks_clear(u32 kb); -void hos_eks_bis_save(); -void hos_eks_bis_clear(); int hos_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt); -int hos_bis_keygen(void *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt); +int hos_bis_keygen(); void hos_bis_keys_clear(); #endif diff --git a/nyx/nyx_gui/hos/pkg1.c b/nyx/nyx_gui/hos/pkg1.c index 545c7b6..29bd1e0 100644 --- a/nyx/nyx_gui/hos/pkg1.c +++ b/nyx/nyx_gui/hos/pkg1.c @@ -99,7 +99,7 @@ int pkg1_decrypt(const pkg1_id_t *id, u8 *pkg1) // Use BEK for T210B01. // Additionally, skip 0x20 bytes from decryption to maintain the header. se_aes_iv_clear(13); - se_aes_crypt_cbc(13, 0, pkg1 + 0x20, oem_hdr->size - 0x20, pkg1 + 0x20, oem_hdr->size - 0x20); + se_aes_crypt_cbc(13, DECRYPT, pkg1 + 0x20, oem_hdr->size - 0x20, pkg1 + 0x20, oem_hdr->size - 0x20); } // Return if header is valid. diff --git a/nyx/nyx_gui/hos/pkg2.c b/nyx/nyx_gui/hos/pkg2.c index 9a339f2..104511d 100644 --- a/nyx/nyx_gui/hos/pkg2.c +++ b/nyx/nyx_gui/hos/pkg2.c @@ -1,6 +1,6 @@ /* * Copyright (c) 2018 naehrwert - * Copyright (c) 2018-2020 CTCaer + * Copyright (c) 2018-2021 CTCaer * * This program is free software; you can redistribute it and/or modify it * under the terms and conditions of the GNU General Public License, @@ -112,8 +112,11 @@ DPRINTF(" kip1 %d:%s @ %08X (%08X)\n", i, kip1->name, (u32)kip1, ki->size); return true; } -static const u8 mkey_vector_8xx[][SE_KEY_128_SIZE] = +//!TODO: Update on mkey changes. +static const u8 mkey_vector_7xx[][SE_KEY_128_SIZE] = { + // Master key 7 encrypted with 8. (7.0.0 with 8.1.0) + { 0xEA, 0x60, 0xB3, 0xEA, 0xCE, 0x8F, 0x24, 0x46, 0x7D, 0x33, 0x9C, 0xD1, 0xBC, 0x24, 0x98, 0x29 }, // Master key 8 encrypted with 9. (8.1.0 with 9.0.0) { 0x4D, 0xD9, 0x98, 0x42, 0x45, 0x0D, 0xB1, 0x3C, 0x52, 0x0C, 0x9A, 0x44, 0xBB, 0xAD, 0xAF, 0x80 }, // Master key 9 encrypted with 10. (9.0.0 with 9.1.0) @@ -125,9 +128,8 @@ static const u8 mkey_vector_8xx[][SE_KEY_128_SIZE] = static bool _pkg2_key_unwrap_validate(pkg2_hdr_t *tmp_test, pkg2_hdr_t *hdr, u8 src_slot, u8 *mkey, const u8 *key_seed) { // Decrypt older encrypted mkey. - se_aes_crypt_ecb(src_slot, 0, mkey, SE_KEY_128_SIZE, key_seed, SE_KEY_128_SIZE); + se_aes_crypt_ecb(src_slot, DECRYPT, mkey, SE_KEY_128_SIZE, key_seed, SE_KEY_128_SIZE); // Set and unwrap pkg2 key. - se_aes_key_clear(9); se_aes_key_set(9, mkey, SE_KEY_128_SIZE); se_aes_unwrap_key(9, 9, package2_keyseed); @@ -142,7 +144,7 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb) { pkg2_hdr_t mkey_test; u8 *pdata = (u8 *)data; - u8 keyslot = 8; + u8 pkg2_keyslot = 8; // Skip signature. pdata += 0x100; @@ -152,18 +154,18 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb) // Skip header. pdata += sizeof(pkg2_hdr_t); - // Check if we need to decrypt with newer mkeys. Valid for sept for 8.1.0 and up. + // Check if we need to decrypt with newer mkeys. Valid for THK for 7.0.0 and up. se_aes_crypt_ctr(8, &mkey_test, sizeof(pkg2_hdr_t), hdr, sizeof(pkg2_hdr_t), hdr); if (mkey_test.magic == PKG2_MAGIC) goto key_found; // Decrypt older pkg2 via new mkeys. - if ((kb >= KB_FIRMWARE_VERSION_810) && (kb < KB_FIRMWARE_VERSION_MAX)) + if ((kb >= KB_FIRMWARE_VERSION_700) && (kb < KB_FIRMWARE_VERSION_MAX)) { u8 tmp_mkey[SE_KEY_128_SIZE]; - u8 decr_slot = !h_cfg.t210b01 ? (!h_cfg.aes_slots_new ? 12 : 13) : 7; // Sept mkey or T210B01 mkey. - u8 mkey_seeds_cnt = sizeof(mkey_vector_8xx) / SE_KEY_128_SIZE; + u8 decr_slot = 7; // THK mkey or T210B01 mkey. + u8 mkey_seeds_cnt = sizeof(mkey_vector_7xx) / SE_KEY_128_SIZE; u8 mkey_seeds_idx = mkey_seeds_cnt; // Real index + 1. u8 mkey_seeds_min_idx = mkey_seeds_cnt - (KB_FIRMWARE_VERSION_MAX - kb); @@ -171,41 +173,36 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb) { // Decrypt and validate mkey. int res = _pkg2_key_unwrap_validate(&mkey_test, hdr, decr_slot, - tmp_mkey, mkey_vector_8xx[mkey_seeds_idx - 1]); + tmp_mkey, mkey_vector_7xx[mkey_seeds_idx - 1]); if (res) { - keyslot = 9; + pkg2_keyslot = 9; goto key_found; } else { // Set current mkey in order to decrypt a lower mkey. mkey_seeds_idx--; - se_aes_key_clear(9); se_aes_key_set(9, tmp_mkey, SE_KEY_128_SIZE); decr_slot = 9; // Temp key. // Check if we tried last key for that pkg2 version. - // And start with a lower mkey in case sept is older. + // And start with a lower mkey in case mkey is older. if (mkey_seeds_idx == mkey_seeds_min_idx) { mkey_seeds_cnt--; mkey_seeds_idx = mkey_seeds_cnt; - decr_slot = !h_cfg.aes_slots_new ? 12 : 13; // Sept mkey. + decr_slot = 7; // THK mkey or T210B01 mkey. } - - // Out of keys. pkg2 is latest or process failed. - if (!mkey_seeds_cnt) - se_aes_key_clear(9); } } } key_found: // Decrypt header. - se_aes_crypt_ctr(keyslot, hdr, sizeof(pkg2_hdr_t), hdr, sizeof(pkg2_hdr_t), hdr); + se_aes_crypt_ctr(pkg2_keyslot, hdr, sizeof(pkg2_hdr_t), hdr, sizeof(pkg2_hdr_t), hdr); //gfx_hexdump((u32)hdr, hdr, 0x100); if (hdr->magic != PKG2_MAGIC) @@ -217,14 +214,11 @@ DPRINTF("sec %d has size %08X\n", i, hdr->sec_size[i]); if (!hdr->sec_size[i]) continue; - se_aes_crypt_ctr(keyslot, pdata, hdr->sec_size[i], pdata, hdr->sec_size[i], &hdr->sec_ctr[i * SE_AES_IV_SIZE]); + se_aes_crypt_ctr(pkg2_keyslot, pdata, hdr->sec_size[i], pdata, hdr->sec_size[i], &hdr->sec_ctr[i * SE_AES_IV_SIZE]); //gfx_hexdump((u32)pdata, pdata, 0x100); pdata += hdr->sec_size[i]; } - if (keyslot != 8) - se_aes_key_clear(9); - return hdr; } diff --git a/nyx/nyx_gui/hos/sept.c b/nyx/nyx_gui/hos/sept.c deleted file mode 100644 index 5b0fbcf..0000000 --- a/nyx/nyx_gui/hos/sept.c +++ /dev/null @@ -1,175 +0,0 @@ -/* - * Copyright (c) 2019-2021 CTCaer - * - * This program is free software; you can redistribute it and/or modify it - * under the terms and conditions of the GNU General Public License, - * version 2, as published by the Free Software Foundation. - * - * This program is distributed in the hope it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -#include - -#include "hos.h" -#include "sept.h" -#include "../config.h" -#include -#include -#include -#include -#include -#include -#include -#include "../storage/nx_emmc.h" -#include -#include -#include -#include -#include - -#include - -#define RELOC_META_OFF 0x7C -#define PATCHED_RELOC_SZ 0x94 - -#define WB_RST_ADDR 0x40010ED0 -#define WB_RST_SIZE 0x30 - -u8 warmboot_reboot[] = { - 0x14, 0x00, 0x9F, 0xE5, // LDR R0, =0x7000E450 - 0x01, 0x10, 0xB0, 0xE3, // MOVS R1, #1 - 0x00, 0x10, 0x80, 0xE5, // STR R1, [R0] - 0x0C, 0x00, 0x9F, 0xE5, // LDR R0, =0x7000E400 - 0x10, 0x10, 0xB0, 0xE3, // MOVS R1, #0x10 - 0x00, 0x10, 0x80, 0xE5, // STR R1, [R0] - 0xFE, 0xFF, 0xFF, 0xEA, // LOOP - 0x50, 0xE4, 0x00, 0x70, // #0x7000E450 - 0x00, 0xE4, 0x00, 0x70 // #0x7000E400 -}; - -#define SEPT_PRI_ADDR 0x4003F000 - -#define SEPT_PK1T_ADDR 0xC0400000 -#define SEPT_TCSZ_ADDR (SEPT_PK1T_ADDR - 0x4) -#define SEPT_STG1_ADDR (SEPT_PK1T_ADDR + 0x2E100) -#define SEPT_STG2_ADDR (SEPT_PK1T_ADDR + 0x60E0) -#define SEPT_PKG_SZ (0x2F100 + WB_RST_SIZE) - -extern volatile boot_cfg_t *b_cfg; -extern hekate_config h_cfg; -extern volatile nyx_storage_t *nyx_str; - -extern bool is_ipl_updated(void *buf); -extern void reloc_patcher(u32 payload_dst, u32 payload_src, u32 payload_size); - -int reboot_to_sept(const u8 *tsec_fw, u32 kb) -{ - FIL fp; - - // Copy warmboot reboot code and TSEC fw. - u32 tsec_fw_size = 0x3000; - if (kb > KB_FIRMWARE_VERSION_700) - tsec_fw_size = 0x3300; - memcpy((u8 *)(SEPT_PK1T_ADDR - WB_RST_SIZE), (u8 *)warmboot_reboot, sizeof(warmboot_reboot)); - memcpy((void *)SEPT_PK1T_ADDR, tsec_fw, tsec_fw_size); - *(vu32 *)SEPT_TCSZ_ADDR = tsec_fw_size; - - // Copy sept-primary. - if (f_open(&fp, "sept/sept-primary.bin", FA_READ)) - goto error; - - if (f_read(&fp, (u8 *)SEPT_STG1_ADDR, f_size(&fp), NULL)) - { - f_close(&fp); - goto error; - } - f_close(&fp); - - // Copy sept-secondary. - if (kb < KB_FIRMWARE_VERSION_810) - { - if (f_open(&fp, "sept/sept-secondary_00.enc", FA_READ)) - goto error; - } - else - { - if (f_open(&fp, "sept/sept-secondary_01.enc", FA_READ)) - goto error; - } - - if (f_read(&fp, (u8 *)SEPT_STG2_ADDR, f_size(&fp), NULL)) - { - f_close(&fp); - goto error; - } - f_close(&fp); - - b_cfg->boot_cfg |= (BOOT_CFG_AUTOBOOT_EN | BOOT_CFG_SEPT_RUN); - - bool update_sept_payload = true; - if (!f_open(&fp, "sept/payload.bin", FA_READ | FA_WRITE)) - { - ipl_ver_meta_t tmp_ver; - ipl_ver_meta_t heka_ver; - f_lseek(&fp, PATCHED_RELOC_SZ + sizeof(boot_cfg_t)); - f_read(&fp, &tmp_ver, sizeof(ipl_ver_meta_t), NULL); - memcpy(&heka_ver, (u8 *)nyx_str->hekate + 0x118, sizeof(ipl_ver_meta_t)); - - if (tmp_ver.magic == heka_ver.magic) - { - if (tmp_ver.version == heka_ver.version) - { - // Save auto boot config to sept payload, if any. - boot_cfg_t *tmp_cfg = malloc(sizeof(boot_cfg_t)); - memcpy(tmp_cfg, (boot_cfg_t *)b_cfg, sizeof(boot_cfg_t)); - f_lseek(&fp, PATCHED_RELOC_SZ); - f_write(&fp, tmp_cfg, sizeof(boot_cfg_t), NULL); - update_sept_payload = false; - } - - f_close(&fp); - } - else - { - f_close(&fp); - f_rename("sept/payload.bin", "sept/payload.bak"); // Backup foreign payload. - } - } - - if (update_sept_payload) - { - volatile reloc_meta_t *reloc = (reloc_meta_t *)(nyx_str->hekate + RELOC_META_OFF); - f_mkdir("sept"); - f_open(&fp, "sept/payload.bin", FA_WRITE | FA_CREATE_ALWAYS); - f_write(&fp, (u8 *)nyx_str->hekate, reloc->end - reloc->start, NULL); - f_close(&fp); - } - - sd_end(); - - u32 pk1t_sept = SEPT_PK1T_ADDR - (ALIGN(PATCHED_RELOC_SZ, 0x10) + WB_RST_SIZE); - - void (*sept)() = (void *)pk1t_sept; - - reloc_patcher(WB_RST_ADDR, pk1t_sept, SEPT_PKG_SZ); - - // Patch SDRAM init to perform an SVC immediately after second write. - PMC(APBDEV_PMC_SCRATCH45) = 0x2E38DFFF; - PMC(APBDEV_PMC_SCRATCH46) = 0x6001DC28; - // Set SVC handler to jump to sept-primary in IRAM. - PMC(APBDEV_PMC_SCRATCH33) = SEPT_PRI_ADDR; - PMC(APBDEV_PMC_SCRATCH40) = 0x6000F208; - - hw_reinit_workaround(false, 0); - - (*sept)(); - -error: - return 0; -} \ No newline at end of file diff --git a/nyx/nyx_gui/hos/sept.h b/nyx/nyx_gui/hos/sept.h deleted file mode 100644 index 0614d58..0000000 --- a/nyx/nyx_gui/hos/sept.h +++ /dev/null @@ -1,26 +0,0 @@ -/* - * Copyright (c) 2019-2021 CTCaer - * - * This program is free software; you can redistribute it and/or modify it - * under the terms and conditions of the GNU General Public License, - * version 2, as published by the Free Software Foundation. - * - * This program is distributed in the hope it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -#ifndef _SEPT_H_ -#define _SEPT_H_ - -#include - -#define SEPT_PRI_ENTRY 0x40010340 - -int reboot_to_sept(const u8 *tsec_fw, u32 kb); - -#endif diff --git a/nyx/nyx_gui/storage/nx_emmc_bis.c b/nyx/nyx_gui/storage/nx_emmc_bis.c index 5e9b2ea..fae5d00 100644 --- a/nyx/nyx_gui/storage/nx_emmc_bis.c +++ b/nyx/nyx_gui/storage/nx_emmc_bis.c @@ -87,7 +87,7 @@ static int _nx_aes_xts_crypt_sec(u32 tweak_ks, u32 crypt_ks, u32 enc, u8 *tweak, tweak[i] = sec & 0xFF; sec >>= 8; } - if (!se_aes_crypt_block_ecb(tweak_ks, 1, tweak, tweak)) + if (!se_aes_crypt_block_ecb(tweak_ks, ENCRYPT, tweak, tweak)) return 0; }