1
0
Fork 0
mirror of https://github.com/DarkMatterCore/nxdumptool.git synced 2024-11-29 21:52:22 +00:00
Commit graph

31 commits

Author SHA1 Message Date
Pablo Curiel
fc5226bfce [skip ci] Update copyright year. 2024-04-12 11:49:03 +02:00
Pablo Curiel
5e333bb92e keys: make latest mkey non-mandatory for older FWs 2024-04-09 02:05:44 +02:00
Pablo Curiel
54c5677cd0 QoL changes
* codebase: remove all references to Lockpick / Lockpick_RCM.

* keys: retrieve Atmosphère's key generation in keysLoadKeyset().
* keys: replace all "key_gen_val" references with "mkey_index".
* keys: move latest master key checks in keysReadKeysFromFile() to keysDeriveMasterKeys().
* keys: update latest master key checks to determine if nxdumptool's hardcoded master key vectors are outdated, using the key generation value from Atmosphère. If the master key vectors are outdated, and the newer master key(s) are not available, an error will be displayed.

* nxdt_utils: update logic in utilsReplaceIllegalCharacters() to replace consecutive illegal characters with a single underscore.
* nxdt_utils: move servicesGetExosphereApiVersion() to nxdt_utils as utilsGetExosphereApiVersion().
* nxdt_utils: define internal UtilsExosphereApiVersion struct, which is used to parse the output from utilsGetExosphereApiVersion().
* nxdt_utils: add utilsGetAtmosphereVersion(), utilsGetAtmosphereKeyGeneration() and utilsGetAtmosphereTargetFirmware() functions.

* services: remove servicesGetExosphereApiVersion().
* services: Atmosphère version is now retrieved via utilsGetAtmosphereVersion().
2024-04-05 23:25:32 +02:00
Pablo Curiel
9e75a019a9 keys/nca: add new keydata for HOS 18.0.0. 2024-03-31 12:16:37 +02:00
Pablo Curiel
1445faf17f I should really stop coding as soon as I arrive back home from work. 2023-11-04 12:38:09 +01:00
Pablo Curiel
e1df86fb27 Fix building with latest libnx + QoL changes.
libnx now implements fsDeviceOperatorGetGameCardIdSet(), so I got rid of my own implementation.

Other changes include:

* cnmt: add cnmtVerifyContentHash().

* defines: add SHA256_HASH_STR_SIZE.

* fs_ext: add FsCardId1MakerCode, FsCardId1MemoryType and FsCardId2CardType enums.
* fs_ext: update FsCardId* structs.

* gamecard: change all package_id definitions from u64 -> u8[0x8].
* gamecard: fix misleading struct member names in GameCardHeader.
* gamecard: rename gamecardGetIdSet() -> gamecardGetCardIdSet().

* gamecard_tab: fix Package ID printing.
* gamecard_tab: add Card ID Set printing.

* host: add executable flag to Python scripts.

* keys: detect if we're dealing with a wiped eTicket RSA device key (e.g. via set:cal blanking). If so, the application will still launch, but all operations related to personalized titlekey crypto are disabled.

* pfs: rename PartitionFileSystemFileContext -> PartitionFileSystemImageContext and propagate the change throughout the codebase.
* pfs: rename PFS_FULL_HEADER_ALIGNMENT -> PFS_HEADER_PADDING_ALIGNMENT and update pfsWriteImageContextHeaderToMemoryBuffer() accordingly.

* poc: print certain button prompts with reversed colors, in the hopes of getting the user's attention.
* poc: NSP, Ticket and NCA submenus for updates and DLC updates now display the highest available title by default.
* poc: simplified output path generation for extracted NCA FS section dumps.
* poc: handle edge cases where a specific NCA from an update has no matching equivalent by type/ID offset in its base title (e.g. Fall Guys' HtmlDocument NCA).
* poc: implement NCA checksum validation while generating NSP dumps.

* romfs: update romfsInitializeContext() to allow its base_nca_fs_ctx argument to be NULL.

* usb: use USB_BOS_SIZE only once.

* workflow: update commit hash referenced by "rewrite-prerelease" tag on update.
2023-11-03 02:22:47 +01:00
Pablo Curiel
32bb5fd46e nxdt_utils: add more helpers.
Implement utilsParseHexString() and utilsAppletLoopDelay().

Other changes include:

* defines: add THIRTY_FPS_DELAY define.
* defines: remove unused CERT_PATH define.

* gamecard: restore original reserved_2 field in GameCardInfo struct. The last 16 bytes weren't being properly due to an issue within libnx's AES-CBC implementation.
* gamecard: rename GAMECARD_ACCESS_WAIT_TIME -> GAMECARD_ACCESS_DELAY.

* host: improve ABI documentation (thanks @v1993).

* keys: remove keysConvertHexDigitToBinary().
* keys: change keysParseHexKey() function signature + update it to use utilsParseHexString() instead.

* nso: change "NRO" to "NSO" in some misleading log error messages (thanks @liamadvance).

* nxdt_rw_poc: replace svcSleepThread() calls with utilsAppletLoopDelay().

* nxdt_utils: rename utilsGenerateHexStringFromData() -> utilsGenerateHexString().
* nxdt_utils: add static utilsConvertHexDigitToBinary() function, used by utilsParseHexString().
* nxdt_utils: update utilsAppendFormattedStringToBuffer() to avoid logging an error string if resources haven't been initialized.
* nxdt_utils: use a single call to sprintf() with a variable precision argument in utilsGenerateFormattedSizeString().
* nxdt_utils: call utilsAppletLoopDelay() in the while loop from utilsPrintConsoleError().
* nxdt_utils: remove unused utilsCloseFileDescriptor() function.

* tik: log input rights ID at the start of tikRetrieveTicketByRightsId().
2023-10-23 00:44:40 +02:00
Pablo Curiel
c1b76fb2d9 Rework signature/cert/tik interfaces.
* signature: add comments to SignatureType enum entries about the exact signing algorithms and padding schemes used.
* signature: rename signatureGetSigType() -> signatureGetTypeFromSignedBlob().
* signature: rename signatureIsValidSigType() -> signatureIsValidType().
* signature: rename signatureGetSigSize() -> signatureGetSigSizeByType().
* signature: rename signatureGetBlockSize() -> signatureGetBlockSizeByType().
* signature: rename signatureGetSig() -> signatureGetSigFromSignedBlob().
* signature: rename signatureGetPayload() -> signatureGetPayloadFromSignedBlob().
* signature: add signatureGetBlockSizeFromSignedBlob().

* cert: add more comments to the code.
* cert: update code to match signature interface changes.
* cert: add CERT_RSA_PUB_EXP_SIZE macro.
* cert: change public_exponent field in CertPublicKeyBlockRsa* structs from u32 to u8 array.
* cert: add size field to CertificateChain struct.
* cert: rename certGetCommonBlock() -> certGetCommonBlockFromSignedCertBlob.
* cert: rename certGetPublicKeySize() -> certGetPublicKeySizeByType().
* cert: rename certGetPublicKeyBlockSize() -> certGetPublicKeyBlockSizeByType().
* cert: rename certIsValidCertificate() -> certIsValidSignedCertBlob().
* cert: rename certGetSignedCertificateSize() -> certGetSignedCertBlobSize().
* cert: rename certGetSignedCertificateHashAreaSize() -> certGetSignedCertBlobHashAreaSize().
* cert: remove certGetPublicKey(), certGetPublicExponent() and certCalculateRawCertificateChainSize().
* cert: add certGetPublicKeyTypeFromCommonBlock(), certGetPublicKeyTypeFromSignedCertBlob(), certGetPublicKeySizeFromSignedCertBlob(), certGetPublicKeyBlockSizeFromSignedCertBlob(), certGetPublicKeyFromSignedCertBlob(), certGetPublicExponentFromSignedCertBlob(), certIsValidCertificate() (w/diff func sig), certGetCommonBlockFromCertificate(), certGetPublicKeyTypeFromCertificate(), certGetPublicKeySizeFromCertificate(), certGetPublicKeyBlockSizeFromCertificate(), certGetPublicKeyFromCertificate(), certGetPublicExponentFromCertificate() and certGetHashAreaSizeFromCertificate() functions.
* cert: avoid byteswapping the public key type value in multiple places -- it is now only being done in certGetPublicKeyTypeFromCommonBlock().
* cert: call certFreeCertificateChain() in _certRetrieveCertificateChainBySignatureIssuer() before attempting to retrieve the certificate chain.
* cert: other minor changes and corrections.

* tik: update code to match signature interface changes.
* tik: add missing comments to TikPropertyMask enum entries.
* tik: add key_generation, enc_titlekey_str and dec_titlekey_str fields to Ticket struct.
* tik: update tikRetrieveTicketByRightsId() to also take in a key_generation argument, instead of getting it from the rights ID (which could fail if it's using a key generation lower than HOS 3.0.1) or the key_generation field from the common ticket block (which could fail if the ticket has been tampered by certain tools).
* tik: rename tikGetCommonBlock() -> tikGetCommonBlockFromSignedTicketBlob().
* tik: change function signature for tikGetTicketSectionRecordsBlockSize().
* tik: rename tikIsValidTicket() -> tikIsValidSignedTicketBlob().
* tik: rename tikGetSignedTicketSize() -> tikGetSignedTicketBlobSize().
* tik: rename tikGetSignedTicketHashAreaSize() -> tikGetSignedTicketBlobHashAreaSize().
* tik: rename tikGetEncryptedTitleKeyFromTicket() -> tikGetEncryptedTitleKey().
* tik: add tikIsValidTicket() (w/diff func sig), tikGetCommonBlockFromTicket(), tikGetHashAreaSizeFromTicket(), tikFixTamperedCommonTicket(), tikVerifyRsa2048Sha256Signature() and tikDecryptVolatileTicket() functions. Ticket signature verification is only carried out for common tickets in tikFixTamperedCommonTicket().
* tik: change argument order in tikGetTicketEntryOffsetFromTicketList() and tikRetrieveTicketEntryFromTicketBin().
* tik: add TIK_COMMON_CERT_NAME and TIK_DEV_CERT_ISSUER macros.
* tik: use a scoped lock when calling tikRetrieveTicketFromEsSaveDataByRightsId().
* tik: simplify certificate chain retrieval steps in tikConvertPersonalizedTicketToCommonTicket() by always using the XS00000020 certificate.
* tik: wipe license_type and property_mask fields in tikConvertPersonalizedTicketToCommonTicket().
* tik: other minor changes and corrections.

Other changes include:

* keys: fix key generation checks in keysGetNcaKeyAreaKeyEncryptionKey() and keysGetTicketCommonKey().

* rsa: move core logic from rsa2048VerifySha256BasedPssSignature() into a new function: rsa2048VerifySha256BasedSignature().
* rsa: add rsa2048VerifySha256BasedPkcs1v15Signature() function.
2023-10-15 17:53:46 +02:00
Pablo Curiel
9a4b8b573d Update copyright year 2023-04-08 13:42:22 +02:00
Pablo Curiel
f79680184d Runtime key derivation with hardcoded key sources
* aes: add aes128EcbCrypt() as a one-shot function to perform AES-128-ECB crypto. The rest of the codebase now calls this function whenever suitable.

* fs_ext: add const keyword to IPC input structs wherever suitable.

* key_sources: add hardcoded master key vectors (prod, dev); master KEK sources (Erista, Mariko); master key source; ticket common key source; SMC key type sources; SMC seal key masks; AES key generation source; NCA header KEK source; NCA header key source and NCA KAEK sources. Also fixed the hardcoded gamecard CardInfo key source for dev units (it was previously generated using retail keydata, my bad).

* keys: remove keysGetNcaMainSignatureModulus(); remove keysDecryptNcaKeyAreaEntry(); repurpose keyset struct to only hold keys that can actually be used for the current hardware type; remove KeysGameCardKeyset; remove keysIsXXModulusYYMandatory() helpers; remove keysRetrieveKeysFromProgramMemory(); remove keysDeriveSealedNcaKeyAreaEncryptionKeys(); add keysDeriveMasterKeys() and keysDerivePerGenerationKeys(); rename keysDeriveGameCardKeys() -> keysDeriveGcCardInfoKey(); add small reimplementations of GenerateAesKek, LoadAesKey and GenerateAesKey; add keysLoadAesKeyFromAesKek() and keysGenerateAesKeyFromAesKek() wrappers. Furthermore, master key derivation is now carried out manually using hardcoded key sources and the last known master key, which is loaded from the Lockpick_RCM keys file -- if the last known master key is unavailable, the key derivation algorithm will then fallback to TSEC root key / Mariko KEK based key derivation, depending on the hardware type.

* nca: add hardcoded NCA man signature moduli (prod, dev); merge ncaDecryptKeyArea() and ncaEncryptKeyArea() into ncaKeyAreaCrypt().

* nxdt_utils: add utilsIsMarikoUnit(); remove _utilsAppletModeCheck(); rename utilsAppletModeCheck() -> utilsIsAppletMode().

* services: remove spl:mig dependency (yay).

* smc: add SmcKeyType enum; add SmcSealKey enum; add SmcGenerateAesKekOption struct; add smcPrepareGenerateAesKekOption().
2023-04-08 13:38:28 +02:00
Pablo Curiel
978ed292f2 Support for HOS 16.x changes.
* cnmt: add ContentMetaInstallState_Count to prepare for any future bitflags; add ContentMetaContentAccessibility enum; remove comment about unknown extended data size for DataPatch CNMTs.
* nacp: rename NacpSupportingLimitedLicenses -> NacpSupportingLimitedApplicationLicenses everywhere; don't allow empty strings for StartupUserAccountOption field in XML; remove ApplicationId field from XML.
* nca: update NcaKeyGeneration enum; update comments; properly handle NcaHashType_None in parsed NCA FS sections.
* npdm: update comments.
* keys: removed sealed key entries from structs; add keysGenerateAesKey() as a GenerateAesKek + GenerateAesKey wrapper; update Lockpick_RCM key block hashes.
* title: update hardcoded system title list.
2023-03-29 23:14:21 +02:00
Pablo Curiel
0f1055c84e Preliminar 15.x support.
This commit uses my yet unmerged libnx PR to update ncm_types.h.

PoC code hasn't been updated yet, so proper support for DLC updates will arrive at a later time.

Note to self: implement a way to provide access to loaded DataPatch TitleInfo entries (linked list hell).

* bktr: renamed bktrBucketInitializeSubStorageReadParams to bktrInitializeSubStorageReadParams to avoid redundancy, added debug code to dump BucketInfo and BucketTree tables if BucketTree storage initialization fails.

* cnmt: updated ContentMetaAddOnContentMetaExtendedHeader struct to its 15.x equivalent, added ContentMetaLegacyAddOnContentMetaExtendedHeader struct, added ContentMetaDataPatchMetaExtendedHeader struct, updated the cnmtGetRequiredTitleId and cnmtGetRequiredTitleVersion functions to support DataPatch titles, updated cnmtInitializeContext to support both the new AddOnContent extended header and DataPatch titles, added debug code to dump the whole CNMT if context initialization fails, updated cnmtGenerateAuthoringToolXml to support DataPatch titles.

* keys: updated block hashes to match 15.x keyset, use case-insensitive comparison while looking for entry names in keysReadKeysFromFile, make sure the eticket_rsa_kek is non-zero before proceeding in keysGetDecryptedEticketRsaDeviceKey.

* nca: updated NcaKeyGeneration enum, added reminder about updating NcaSignatureKeyGeneration if necessary, replaced ncaFsSectionCheckHashRegionAccess with ncaFsSectionCheckPlaintextHashRegionAccess, removed all extents checks on Patch RomFS and sparse sections, updated ncaGetFsSectionTypeName to reflect if a FS section holds a sparse layer or not.

* nca_storage: updated ncaStorageInitializeContext to avoid initializing a compressed storage if a sparse layer is also used (fixes issues with Them's Fightin' Herds), updated ncaStorageSetPatchOriginalSubStorage to enforce the presence of a compressed storage in a patch if the base FS holds a compressed storage.

* npdm: added reminder about updating NpdmSignatureKeyGeneration if necessary, updated NpdmFsAccessControlFlags enum, updated NpdmAccessibility enum, updated NpdmSystemCallId enum, fixed typos.

* title: updated all relevant functions that deal with NcmContentMetaType values to also handle DataPatch titles, added functions to handle DataPatchId values, removed titleConvertNcmContentSizeToU64 and titleConvertU64ToNcmContentSize functions in favor of ncmContentInfoSizeToU64 and ncmU64ToContentInfoSize from my unmerged libnx PR, updated internal arrays to match 15.x changes, renamed titleOrphanTitleInfoSortFunction to titleInfoEntrySortFunction and updated it to also sort entries by version and storage ID, updated titleGenerateTitleInfoEntriesForTitleStorage to sort TitleInfo entries, simplified titleDuplicateTitleInfo a bit by using macros.
2022-10-23 16:44:47 +02:00
Pablo Curiel
5be5a7b16d keys: implement NCA KAEK and titlekek validation.
Keyslots beyond the hardcoded "current" one won't be validated.
2022-09-13 02:22:15 +02:00
Pablo Curiel
5cc83491c1 Use verbosity-level-based log macros everywhere.
Also, Result codes are now just printed using %X.
2022-07-12 18:34:49 +02:00
Pablo Curiel
942a407247 Codebase cleanup.
Remove legacy code and trailing whitespace from all files.
2022-07-05 03:04:28 +02:00
Pablo Curiel
2c4ddac4c6 nca: skip hash layer crypto operations if needed.
ncaInitializeContext(), _ncaReadFsSection() and ncaGenerateHashDataPatch() were all updated to reflect this change.

SHA3-256 support is still missing.
2022-06-25 08:03:27 +02:00
Pablo Curiel
37b63aee60 More NCA parsing changes. 2022-06-24 02:22:01 +02:00
Pablo Curiel
b8992d1fdc Follow latest Switchbrew changes. 2022-04-18 23:59:25 +02:00
Pablo Curiel
215b677f02 keys: use __getline() to parse keys file.
* keysGetKeyAndValueFromFile() is now thread-safe -- may be useful for people reusing code from nxdumptool. The dynamic buffer allocated by __getline() must be freed by the caller. Furthermore, this fixes an out-of-bounds issue while writing data to the static array that was being used with fgets().
* Empty lines are now considered failures.
* keysGetKeyAndValueFromFile() now validates the value string and converts it to lowercase as well.
* Adjusted the example regex in the description for keysGetKeyAndValueFromFile() to accurately match what the function actually does.
* Added helper macros to keysReadKeysFromFile().
2022-04-18 23:38:18 +02:00
Pablo Curiel
2fa61dc228 Update copyright year. 2022-03-17 13:58:40 +01:00
Pablo Curiel
c99f6776a7 keys: use dev.keys instead of prod.keys under dev units. 2022-02-10 19:05:07 +01:00
Pablo Curiel
376199b5cb keys: don't look up a key entry if it's not mandatory. 2022-02-09 05:38:13 +01:00
Pablo Curiel
9cc1d64694 Update references to latest HOS version. 2022-01-20 18:09:03 +01:00
Pablo Curiel
64ab1705bc Implement JSON configuration handler.
* Thread-safe.
* Provides getter/setter functions for the data types used by nxdumptool's configuration.
* Each setter function writes the modified JSON configuration back to the SD card.
* Configuration is validated on interface initialization. If validation fails, a default JSON template is loaded from the application's RomFS and written back to the SD card.

Other changes:

* Implement directory creation.
* Moved more preprocessor definitions to defines.h.
* Replaced strtok() calls throughout the code with strtok_r() to guarantee thread-safety.
2021-07-21 11:04:18 -04:00
Pablo Curiel
c0e82b3686 Tidy up GameCardFwVersion, NcaKeyGeneration and NcaMainSignatureKeyGeneration enums.
Thanks @0Liam
2021-06-03 10:46:21 -04:00
Pablo Curiel
21d1b001ee LAFW shenanigans.
* Added custom key sources to derive CardInfo keys at runtime using SPL.

* Implemented CardInfo area decryption.

* Implemented LAFW blob lookup in FS .data segment to retrieve the current LAFW version.

P.S.: still need to move around code to perform the LAFW version check at the places we need. But the current code is good enough for a test.
2021-05-22 04:45:40 -04:00
Pablo Curiel
f526d4e6f4 Crypto changes.
* Implemented RSA-2048-PSS + SHA256 signature verification.

* Refactored RSA-2048-OAEP decryption steps to use mbedtls function calls.

* Implemented NCA header main signature verification.

* Replaced Björn Samuelsson's CRC32 algorithm with the hardware accelerated CRC32 checksum calculation from libnx (latest commit with support for calculation in blocks).
2021-05-21 09:34:43 -04:00
Pablo Curiel
f82d7a3db4 Small code refactor (part 2).
* Rewrote mutex handling throughout the code to use a small, macro-based scoped lock implementation.

* Removed extern variables from common.h - launch path management is now completely handled in utils.c.

* Updated NpdmSystemCallId_Count to reflect changes introduced in 12.0.0.

* Added NcaMainSignatureKeyGeneration enum.

* NCA main signature moduli are now retrieved from FS .rodata at runtime.

* Simplified lock management in usb.c by using a single global mutex with scoped locks instead of three different r/w locks.

* Updated FatFs to R0.14b.

* Enabled 64-bit LBA support in FatFs to potentially support custom eMMC replacements / resized USER partitions in the future.

* Updated LZ4 to v1.9.3.

* Fixed typos.

* USB gamecard dumper PoC now only dumps the Initial Data area.

* Updated to-do list.
2021-05-18 08:32:43 -04:00
Pablo Curiel
4c0c7d2c56 Small code refactor.
* Refactored keydata handling.

* Sealed NCA KAEKs are now generated at startup, and NCA key area entries are now decrypted by keysDecryptNcaKeyAreaEntry(), reducing the number of calls to spl functions.

* The eTicket RSA device key is now retrieved and decrypted at startup. RSA-OAEP wrapped titlekeys are now decrypted by keysDecryptRsaOaepWrappedTitleKey().

* Renamed titlekek -> ticket common key throughout the codebase.

* Added NcaKeyAreaEncryptionKeyIndex_Count and NcaKeyGeneration_Max enum values to nca.h.

* Proper usage of strcasecmp() in some functions.

* Moved syscall hint checks from keys.c to mem.c.

* Define illegal FS characters as an array rather than a char pointer.

* Services are now initialized before the CFW type checks.

* Fixed pcv/clkrst service initialization.

* Implemented additional thread safety and logfile output to service functions.

* Slightly tweaked running service checks.

* Added proper Markdown documentation for the USB ABI.
2021-05-11 02:00:33 -04:00
Pablo Curiel
11da814fb2 Fix building issues with Borealis. 2021-03-26 00:35:14 -04:00
Pablo Curiel
c6c5667bf0 Change project layout + upgrade license to GPLv3. 2021-03-25 15:26:58 -04:00
Renamed from source/keys.c (Browse further)