mirror of
https://github.com/DarkMatterCore/nxdumptool.git
synced 2025-01-24 18:23:14 -03:00
keys: relax mkey requirements on older firmwares.
A hardcoded table with HOS version numbers and master key indexes is now used to determine the HOS key generation at runtime, whenever possible. This allows the application to more accurately determine the key generation that's actually required by the console it's running on. Most parts of the code that relied on the Atmosphère key generation value have been updated to use the HOS key generation value instead. If the HOS version is too high/unknown, the code will fallback to the Atmosphère key generation value. Furthermore, if the HOS key generation value is lower than our last known key generation, the code will now try to look for the highest available master key it can use to derive all lower master keys, beginning with the last known master key and ending with the master key that matches the HOS key generation value. Previous behavior only checked the availability of the master key that matched the Atmosphère key generation, which isn't completely reliable nor accurate. If this process fails, current master key derivation will be carried out as a last resort, which wasn't being done either under this specific scenario. Other changes include: * keys: add keysGetHorizonOsKeyGeneration(). * keys: move current master key derivation logic into its own function, keysDeriveCurrentMasterKey(), which is now used if both Atmosphère and HOS and up-to-date, or if a lower master key is required (as a last resort method).
This commit is contained in:
parent
94c396af19
commit
f376eb6db4
3 changed files with 131 additions and 67 deletions
|
@ -56,7 +56,7 @@ static const u8 g_masterKeyVectorsProd[NcaKeyGeneration_Current][AES_128_KEY_SIZ
|
||||||
{ 0xAF, 0x11, 0x4C, 0x67, 0x17, 0x7A, 0x52, 0x43, 0xF7, 0x70, 0x2F, 0xC7, 0xEF, 0x81, 0x72, 0x16 }, ///< Master key 0E encrypted with master key 0F.
|
{ 0xAF, 0x11, 0x4C, 0x67, 0x17, 0x7A, 0x52, 0x43, 0xF7, 0x70, 0x2F, 0xC7, 0xEF, 0x81, 0x72, 0x16 }, ///< Master key 0E encrypted with master key 0F.
|
||||||
{ 0x25, 0x12, 0x8B, 0xCB, 0xB5, 0x46, 0xA1, 0xF8, 0xE0, 0x52, 0x15, 0xB7, 0x0B, 0x57, 0x00, 0xBD }, ///< Master key 0F encrypted with master key 10.
|
{ 0x25, 0x12, 0x8B, 0xCB, 0xB5, 0x46, 0xA1, 0xF8, 0xE0, 0x52, 0x15, 0xB7, 0x0B, 0x57, 0x00, 0xBD }, ///< Master key 0F encrypted with master key 10.
|
||||||
{ 0x58, 0x15, 0xD2, 0xF6, 0x8A, 0xE8, 0x19, 0xAB, 0xFB, 0x2D, 0x52, 0x9D, 0xE7, 0x55, 0xF3, 0x93 }, ///< Master key 10 encrypted with master key 11.
|
{ 0x58, 0x15, 0xD2, 0xF6, 0x8A, 0xE8, 0x19, 0xAB, 0xFB, 0x2D, 0x52, 0x9D, 0xE7, 0x55, 0xF3, 0x93 }, ///< Master key 10 encrypted with master key 11.
|
||||||
{ 0x4A, 0x01, 0x3B, 0xC7, 0x44, 0x6E, 0x45, 0xBD, 0xE6, 0x5E, 0x2B, 0xEC, 0x07, 0x37, 0x52, 0x86 }, ///< Master key 11 encrypted with master key 12.
|
{ 0x4A, 0x01, 0x3B, 0xC7, 0x44, 0x6E, 0x45, 0xBD, 0xE6, 0x5E, 0x2B, 0xEC, 0x07, 0x37, 0x52, 0x86 } ///< Master key 11 encrypted with master key 12.
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Used to derive all previous master keys using the latest master key on development units. */
|
/* Used to derive all previous master keys using the latest master key on development units. */
|
||||||
|
@ -80,7 +80,7 @@ static const u8 g_masterKeyVectorsDev[NcaKeyGeneration_Current][AES_128_KEY_SIZE
|
||||||
{ 0x78, 0x66, 0x19, 0xBD, 0x86, 0xE7, 0xC1, 0x09, 0x9B, 0x6F, 0x92, 0xB2, 0x58, 0x7D, 0xCF, 0x26 }, ///< Master key 0E encrypted with master key 0F.
|
{ 0x78, 0x66, 0x19, 0xBD, 0x86, 0xE7, 0xC1, 0x09, 0x9B, 0x6F, 0x92, 0xB2, 0x58, 0x7D, 0xCF, 0x26 }, ///< Master key 0E encrypted with master key 0F.
|
||||||
{ 0x39, 0x1E, 0x7E, 0xF8, 0x7E, 0x73, 0xEA, 0x6F, 0xAF, 0x00, 0x3A, 0xB4, 0xAA, 0xB8, 0xB7, 0x59 }, ///< Master key 0F encrypted with master key 10.
|
{ 0x39, 0x1E, 0x7E, 0xF8, 0x7E, 0x73, 0xEA, 0x6F, 0xAF, 0x00, 0x3A, 0xB4, 0xAA, 0xB8, 0xB7, 0x59 }, ///< Master key 0F encrypted with master key 10.
|
||||||
{ 0x0C, 0x75, 0x39, 0x15, 0x53, 0xEA, 0x81, 0x11, 0xA3, 0xE0, 0xDC, 0x3D, 0x0E, 0x76, 0xC6, 0xB8 }, ///< Master key 10 encrypted with master key 11.
|
{ 0x0C, 0x75, 0x39, 0x15, 0x53, 0xEA, 0x81, 0x11, 0xA3, 0xE0, 0xDC, 0x3D, 0x0E, 0x76, 0xC6, 0xB8 }, ///< Master key 10 encrypted with master key 11.
|
||||||
{ 0x90, 0x64, 0xF9, 0x08, 0x29, 0x88, 0xD4, 0xDC, 0x73, 0xA4, 0xA1, 0x13, 0x9E, 0x59, 0x85, 0xA0 }, ///< Master key 11 encrypted with master key 12.
|
{ 0x90, 0x64, 0xF9, 0x08, 0x29, 0x88, 0xD4, 0xDC, 0x73, 0xA4, 0xA1, 0x13, 0x9E, 0x59, 0x85, 0xA0 } ///< Master key 11 encrypted with master key 12.
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Used to derive a master KEK using the TSEC root key on Erista units. */
|
/* Used to derive a master KEK using the TSEC root key on Erista units. */
|
||||||
|
@ -134,7 +134,7 @@ static const u8 g_smcKeyTypeSources[SmcKeyType_Count][AES_128_KEY_SIZE] = {
|
||||||
[SmcKeyType_Default] = { 0x4D, 0x87, 0x09, 0x86, 0xC4, 0x5D, 0x20, 0x72, 0x2F, 0xBA, 0x10, 0x53, 0xDA, 0x92, 0xE8, 0xA9 }, ///< Also known as "aes_kek_generation_source".
|
[SmcKeyType_Default] = { 0x4D, 0x87, 0x09, 0x86, 0xC4, 0x5D, 0x20, 0x72, 0x2F, 0xBA, 0x10, 0x53, 0xDA, 0x92, 0xE8, 0xA9 }, ///< Also known as "aes_kek_generation_source".
|
||||||
[SmcKeyType_NormalOnly] = { 0x25, 0x03, 0x31, 0xFB, 0x25, 0x26, 0x0B, 0x79, 0x8C, 0x80, 0xD2, 0x69, 0x98, 0xE2, 0x22, 0x77 },
|
[SmcKeyType_NormalOnly] = { 0x25, 0x03, 0x31, 0xFB, 0x25, 0x26, 0x0B, 0x79, 0x8C, 0x80, 0xD2, 0x69, 0x98, 0xE2, 0x22, 0x77 },
|
||||||
[SmcKeyType_RecoveryOnly] = { 0x76, 0x14, 0x1D, 0x34, 0x93, 0x2D, 0xE1, 0x84, 0x24, 0x7B, 0x66, 0x65, 0x55, 0x04, 0x65, 0x81 },
|
[SmcKeyType_RecoveryOnly] = { 0x76, 0x14, 0x1D, 0x34, 0x93, 0x2D, 0xE1, 0x84, 0x24, 0x7B, 0x66, 0x65, 0x55, 0x04, 0x65, 0x81 },
|
||||||
[SmcKeyType_NormalAndRecovery] = { 0xAF, 0x3D, 0xB7, 0xF3, 0x08, 0xA2, 0xD8, 0xA2, 0x08, 0xCA, 0x18, 0xA8, 0x69, 0x46, 0xC9, 0x0B },
|
[SmcKeyType_NormalAndRecovery] = { 0xAF, 0x3D, 0xB7, 0xF3, 0x08, 0xA2, 0xD8, 0xA2, 0x08, 0xCA, 0x18, 0xA8, 0x69, 0x46, 0xC9, 0x0B }
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Used by GenerateAesKek to derive keys. Found in TrustZone / Secure Monitor. */
|
/* Used by GenerateAesKek to derive keys. Found in TrustZone / Secure Monitor. */
|
||||||
|
|
|
@ -84,13 +84,16 @@ NXDT_ASSERT(EticketRsaDeviceKey, 0x240);
|
||||||
|
|
||||||
/* Function prototypes. */
|
/* Function prototypes. */
|
||||||
|
|
||||||
static bool keysIsKeyEmpty(const void *key);
|
NX_INLINE u8 keysGetHorizonOsKeyGeneration(void);
|
||||||
|
|
||||||
|
NX_INLINE bool keysIsKeyEmpty(const void *key);
|
||||||
|
|
||||||
static int keysGetKeyAndValueFromFile(FILE *f, char **line, char **key, char **value);
|
static int keysGetKeyAndValueFromFile(FILE *f, char **line, char **key, char **value);
|
||||||
static bool keysParseHexKey(u8 *out, size_t out_size, const char *key, const char *value);
|
static bool keysParseHexKey(u8 *out, size_t out_size, const char *key, const char *value);
|
||||||
static bool keysReadKeysFromFile(void);
|
static bool keysReadKeysFromFile(void);
|
||||||
|
|
||||||
static bool keysDeriveMasterKeys(void);
|
static bool keysDeriveMasterKeys(void);
|
||||||
|
static bool keysDeriveCurrentMasterKey(void);
|
||||||
static bool keysDeriveNcaHeaderKey(void);
|
static bool keysDeriveNcaHeaderKey(void);
|
||||||
static bool keysDerivePerGenerationKeys(void);
|
static bool keysDerivePerGenerationKeys(void);
|
||||||
static bool keysDeriveGcCardInfoKey(void);
|
static bool keysDeriveGcCardInfoKey(void);
|
||||||
|
@ -110,7 +113,30 @@ static bool keysGenerateAesKeyFromAesKek(const u8 *kek_src, u8 key_generation, S
|
||||||
static bool g_keysetLoaded = false;
|
static bool g_keysetLoaded = false;
|
||||||
static Mutex g_keysetMutex = 0;
|
static Mutex g_keysetMutex = 0;
|
||||||
|
|
||||||
static u8 g_atmosphereKeyGeneration = 0, g_currentMasterKeyIndex = 0;
|
/* TODO: update on master key changes. */
|
||||||
|
static const u32 g_hosMasterKeyIndexTable[NcaKeyGeneration_Current] = {
|
||||||
|
[NcaKeyGeneration_Since100NUP] = 0,
|
||||||
|
[NcaKeyGeneration_Since300NUP - 1] = MAKEHOSVERSION(3, 0, 0),
|
||||||
|
[NcaKeyGeneration_Since301NUP - 1] = MAKEHOSVERSION(3, 0, 1),
|
||||||
|
[NcaKeyGeneration_Since400NUP - 1] = MAKEHOSVERSION(4, 0, 0),
|
||||||
|
[NcaKeyGeneration_Since500NUP - 1] = MAKEHOSVERSION(5, 0, 0),
|
||||||
|
[NcaKeyGeneration_Since600NUP - 1] = MAKEHOSVERSION(6, 0, 0),
|
||||||
|
[NcaKeyGeneration_Since620NUP - 1] = MAKEHOSVERSION(6, 2, 0),
|
||||||
|
[NcaKeyGeneration_Since700NUP - 1] = MAKEHOSVERSION(7, 0, 0),
|
||||||
|
[NcaKeyGeneration_Since810NUP - 1] = MAKEHOSVERSION(8, 1, 0),
|
||||||
|
[NcaKeyGeneration_Since900NUP - 1] = MAKEHOSVERSION(9, 0, 0),
|
||||||
|
[NcaKeyGeneration_Since910NUP - 1] = MAKEHOSVERSION(9, 1, 0),
|
||||||
|
[NcaKeyGeneration_Since1210NUP - 1] = MAKEHOSVERSION(12, 1, 0),
|
||||||
|
[NcaKeyGeneration_Since1300NUP - 1] = MAKEHOSVERSION(13, 0, 0),
|
||||||
|
[NcaKeyGeneration_Since1400NUP - 1] = MAKEHOSVERSION(14, 0, 0),
|
||||||
|
[NcaKeyGeneration_Since1500NUP - 1] = MAKEHOSVERSION(15, 0, 0),
|
||||||
|
[NcaKeyGeneration_Since1600NUP - 1] = MAKEHOSVERSION(16, 0, 0),
|
||||||
|
[NcaKeyGeneration_Since1700NUP - 1] = MAKEHOSVERSION(17, 0, 0),
|
||||||
|
[NcaKeyGeneration_Since1800NUP - 1] = MAKEHOSVERSION(18, 0, 0),
|
||||||
|
[NcaKeyGeneration_Since1900NUP - 1] = MAKEHOSVERSION(19, 0, 0)
|
||||||
|
};
|
||||||
|
|
||||||
|
static u8 g_atmosphereKeyGeneration = 0, g_currentMasterKeyIndex = 0, g_hosKeyGeneration = 0;
|
||||||
static bool g_outdatedMasterKeyVectors = false, g_lowMasterKeyRequirement = false;
|
static bool g_outdatedMasterKeyVectors = false, g_lowMasterKeyRequirement = false;
|
||||||
|
|
||||||
static SetCalRsa2048DeviceKey g_eTicketRsaDeviceKey = {0};
|
static SetCalRsa2048DeviceKey g_eTicketRsaDeviceKey = {0};
|
||||||
|
@ -136,11 +162,18 @@ bool keysLoadKeyset(void)
|
||||||
/* Get current master key index. */
|
/* Get current master key index. */
|
||||||
g_currentMasterKeyIndex = (NcaKeyGeneration_Current - 1);
|
g_currentMasterKeyIndex = (NcaKeyGeneration_Current - 1);
|
||||||
|
|
||||||
/* Determine if our master key vectors are outdated. */
|
/* Get Horizon OS key generation. This also represents an index. */
|
||||||
g_outdatedMasterKeyVectors = (g_atmosphereKeyGeneration > g_currentMasterKeyIndex);
|
/* If needed, we'll manually adjust it -- it shall never exceed Atmosphère's key generation, for obvious reasons. */
|
||||||
|
g_hosKeyGeneration = keysGetHorizonOsKeyGeneration();
|
||||||
|
if (g_hosKeyGeneration > g_atmosphereKeyGeneration) g_hosKeyGeneration = g_atmosphereKeyGeneration;
|
||||||
|
|
||||||
/* Determine if we're dealing with a lower master key requirement. */
|
/* Determine if we're dealing with a lower master key requirement. */
|
||||||
g_lowMasterKeyRequirement = (g_atmosphereKeyGeneration < g_currentMasterKeyIndex);
|
g_lowMasterKeyRequirement = (g_hosKeyGeneration < g_currentMasterKeyIndex);
|
||||||
|
|
||||||
|
/* Determine if our master key vectors are outdated. */
|
||||||
|
g_outdatedMasterKeyVectors = (!g_lowMasterKeyRequirement && g_atmosphereKeyGeneration > g_currentMasterKeyIndex);
|
||||||
|
|
||||||
|
LOG_MSG_DEBUG("AMS key generation: %02X | Last known master key index: %02X | HOS key generation: %02X.", g_atmosphereKeyGeneration, g_currentMasterKeyIndex, g_hosKeyGeneration);
|
||||||
|
|
||||||
/* Get eTicket RSA device key. */
|
/* Get eTicket RSA device key. */
|
||||||
Result rc = setcalGetEticketDeviceKey(&g_eTicketRsaDeviceKey);
|
Result rc = setcalGetEticketDeviceKey(&g_eTicketRsaDeviceKey);
|
||||||
|
@ -176,10 +209,8 @@ bool keysLoadKeyset(void)
|
||||||
ret = g_keysetLoaded = true;
|
ret = g_keysetLoaded = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if LOG_LEVEL == LOG_LEVEL_DEBUG
|
//LOG_DATA_DEBUG(&g_eTicketRsaDeviceKey, sizeof(SetCalRsa2048DeviceKey), "eTicket RSA device key dump:");
|
||||||
LOG_DATA_DEBUG(&g_eTicketRsaDeviceKey, sizeof(SetCalRsa2048DeviceKey), "eTicket RSA device key dump:");
|
//LOG_DATA_DEBUG(&g_nxKeyset, sizeof(KeysNxKeyset), "NX keyset dump:");
|
||||||
LOG_DATA_DEBUG(&g_nxKeyset, sizeof(KeysNxKeyset), "NX keyset dump:");
|
|
||||||
#endif
|
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
@ -306,7 +337,23 @@ const u8 *keysGetGameCardInfoKey(void)
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool keysIsKeyEmpty(const void *key)
|
NX_INLINE u8 keysGetHorizonOsKeyGeneration(void)
|
||||||
|
{
|
||||||
|
u32 version = hosversionGet();
|
||||||
|
|
||||||
|
/* Short-circuit: return NcaKeyGeneration_Max if we're running under a HOS version we don't know about. */
|
||||||
|
if (version > g_hosMasterKeyIndexTable[NcaKeyGeneration_Current - 1]) return NcaKeyGeneration_Max;
|
||||||
|
|
||||||
|
/* Look for a matching HOS version entry and return its index as the master key generation. */
|
||||||
|
for(u8 i = (NcaKeyGeneration_Current - 1); i > NcaKeyGeneration_Since100NUP; i--)
|
||||||
|
{
|
||||||
|
if (version >= g_hosMasterKeyIndexTable[i]) return i;
|
||||||
|
}
|
||||||
|
|
||||||
|
return NcaKeyGeneration_Since100NUP;
|
||||||
|
}
|
||||||
|
|
||||||
|
NX_INLINE bool keysIsKeyEmpty(const void *key)
|
||||||
{
|
{
|
||||||
const u8 null_key[AES_128_KEY_SIZE] = {0};
|
const u8 null_key[AES_128_KEY_SIZE] = {0};
|
||||||
return (memcmp(key, null_key, AES_128_KEY_SIZE) == 0);
|
return (memcmp(key, null_key, AES_128_KEY_SIZE) == 0);
|
||||||
|
@ -612,7 +659,7 @@ static bool keysReadKeysFromFile(void)
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Parse master keys, starting with the minimum required one (if dealing with a lower master key requirement) or the last known one. */
|
/* Parse master keys, starting with the minimum required one (if dealing with a lower master key requirement) or the last known one. */
|
||||||
for(u8 i = (g_lowMasterKeyRequirement ? g_atmosphereKeyGeneration : g_currentMasterKeyIndex); i < NcaKeyGeneration_Max; i++)
|
for(u8 i = (g_lowMasterKeyRequirement ? g_hosKeyGeneration : g_currentMasterKeyIndex); i < NcaKeyGeneration_Max; i++)
|
||||||
{
|
{
|
||||||
PARSE_HEX_KEY_WITH_INDEX("master_key", i, g_nxKeyset.master_keys[i], break);
|
PARSE_HEX_KEY_WITH_INDEX("master_key", i, g_nxKeyset.master_keys[i], break);
|
||||||
}
|
}
|
||||||
|
@ -648,15 +695,13 @@ static bool keysReadKeysFromFile(void)
|
||||||
static bool keysDeriveMasterKeys(void)
|
static bool keysDeriveMasterKeys(void)
|
||||||
{
|
{
|
||||||
u8 tmp[AES_128_KEY_SIZE] = {0}, current_mkey_index = g_currentMasterKeyIndex;
|
u8 tmp[AES_128_KEY_SIZE] = {0}, current_mkey_index = g_currentMasterKeyIndex;
|
||||||
const bool is_dev = utilsIsDevelopmentUnit(), is_mariko = utilsIsMarikoUnit();
|
const bool is_dev = utilsIsDevelopmentUnit();
|
||||||
bool current_mkey_available = false;
|
bool current_mkey_available = false;
|
||||||
|
|
||||||
if (current_mkey_index != g_atmosphereKeyGeneration) LOG_MSG_WARNING("Current key generation mismatch detected (%02X != %02X).", current_mkey_index, g_atmosphereKeyGeneration);
|
|
||||||
|
|
||||||
if (g_outdatedMasterKeyVectors)
|
if (g_outdatedMasterKeyVectors)
|
||||||
{
|
{
|
||||||
/* Our master key vectors are outdated. */
|
/* Our master key vectors are outdated. */
|
||||||
/* This means the user is running both a HOS version with a newer master key generation and an Atmosphère release with support for said HOS version. */
|
/* This means the console is running both a HOS version with a newer master key generation and an Atmosphère release with support for said HOS version. */
|
||||||
/* Not everything is lost, though. We just need to check if we parsed all master keys between the last one we know and the one Atmosphère supports (inclusive range). */
|
/* Not everything is lost, though. We just need to check if we parsed all master keys between the last one we know and the one Atmosphère supports (inclusive range). */
|
||||||
/* However, since we have no master key vectors for the additional master key(s), we can't reliably test them. */
|
/* However, since we have no master key vectors for the additional master key(s), we can't reliably test them. */
|
||||||
current_mkey_available = true;
|
current_mkey_available = true;
|
||||||
|
@ -680,59 +725,37 @@ static bool keysDeriveMasterKeys(void)
|
||||||
g_atmosphereKeyGeneration, current_mkey_index, PRERELEASE_URL, DISCORD_SERVER_URL);
|
g_atmosphereKeyGeneration, current_mkey_index, PRERELEASE_URL, DISCORD_SERVER_URL);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
} else {
|
} else
|
||||||
|
if (g_lowMasterKeyRequirement)
|
||||||
|
{
|
||||||
/* Our master key vectors are up-to-date. */
|
/* Our master key vectors are up-to-date. */
|
||||||
/* However, we may also be running under a console with an older HOS version and a lower master key generation. */
|
/* However, we are running under a console with an older HOS version and a lower master key generation. */
|
||||||
/* If this is the case, we'll need to adjust the current master key index to match Atmosphére's key generation value. */
|
|
||||||
/* There really is no point in demanding the most up-to-date master key under lower firmware versions. */
|
/* There really is no point in demanding the most up-to-date master key under lower firmware versions. */
|
||||||
if (g_lowMasterKeyRequirement) current_mkey_index = g_atmosphereKeyGeneration;
|
/* In other words, we'll need to adjust the current master key index. We'll just look for the highest available master key we can use. */
|
||||||
|
for(u8 i = current_mkey_index; i >= g_hosKeyGeneration; i--)
|
||||||
/* Now then, just checking if we have the current master key should suffice. */
|
|
||||||
current_mkey_available = !keysIsKeyEmpty(g_nxKeyset.master_keys[current_mkey_index]);
|
|
||||||
|
|
||||||
/* Bail out if we're dealing with a lower master key generation and we don't have its master key. */
|
|
||||||
/* This is because current master key derivation depends on generation-specific master KEKs, and we only hardcode the last known one. */
|
|
||||||
if (!current_mkey_available && g_lowMasterKeyRequirement)
|
|
||||||
{
|
{
|
||||||
LOG_MSG_ERROR("\"master_key_%02x\" unavailable! Unable to derive lower\r\n" \
|
if (!keysIsKeyEmpty(g_nxKeyset.master_keys[i]))
|
||||||
"master keys. Please redump your console keys and try again.", current_mkey_index);
|
{
|
||||||
|
current_mkey_index = i;
|
||||||
|
current_mkey_available = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Try to derive the current master key as a last resort if we couldn't find a valid master key. */
|
||||||
|
/* If that fails too, we'll just bail out. */
|
||||||
|
if (!current_mkey_available && !keysDeriveCurrentMasterKey())
|
||||||
|
{
|
||||||
|
LOG_MSG_ERROR("HOS key generation (%02X) is lower than the last known\r\n" \
|
||||||
|
"key generation (%02X). Furthermore, none of the master keys within that\r\n" \
|
||||||
|
"range was available in the keys file. Current master key derivation\r\n" \
|
||||||
|
"also failed. Please redump your console keys and try again.", g_hosKeyGeneration, current_mkey_index);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
/* Derive current master key if it's not populated. */
|
|
||||||
/* We should only enter this conditional block if Atmosphère's key generation matches our last known master key generation. */
|
|
||||||
if (!current_mkey_available)
|
|
||||||
{
|
|
||||||
LOG_MSG_WARNING("Current master key (%02X) unavailable. It will be derived.", current_mkey_index);
|
|
||||||
|
|
||||||
/* Derive the current master KEK. */
|
|
||||||
if (is_mariko)
|
|
||||||
{
|
|
||||||
if (!g_marikoKekAvailable)
|
|
||||||
{
|
|
||||||
LOG_MSG_ERROR("\"mariko_kek\" unavailable! Unable to derive current\r\n" \
|
|
||||||
"master key. You may need to manually derive it using PartialAesKeyCrack,\r\n" \
|
|
||||||
"and/or redump your console keys. Please try again afterwards.");
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Derive the current master KEK using the hardcoded Mariko master KEK source and the Mariko KEK. */
|
|
||||||
aes128EcbCrypt(tmp, is_dev ? g_marikoMasterKekSourceDev : g_marikoMasterKekSourceProd, g_nxKeyset.mariko_kek, false);
|
|
||||||
} else {
|
} else {
|
||||||
if (!g_tsecRootKeyAvailable)
|
/* Our master key vectors are up-to-date and we're running under an up-to-date Atmosphère build / HOS version. */
|
||||||
{
|
/* We'll just try to derive the current master key -- if it's already available, this will return true immediately. */
|
||||||
LOG_MSG_ERROR("\"tsec_root_key_%02x\" unavailable! Unable to derive\r\n" \
|
if (!keysDeriveCurrentMasterKey()) return false;
|
||||||
"current master key. Please redump your console keys and try again.", TSEC_ROOT_KEY_VERSION);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Derive the current master KEK using the hardcoded Erista master KEK source and the TSEC root key. */
|
|
||||||
aes128EcbCrypt(tmp, g_eristaMasterKekSource, g_nxKeyset.tsec_root_key, false);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Derive the current master key using the hardcoded master key source and the current master KEK. */
|
|
||||||
aes128EcbCrypt(g_nxKeyset.master_keys[current_mkey_index], g_masterKeySource, tmp, false);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Derive all lower master keys using the current master key and the master key vectors. */
|
/* Derive all lower master keys using the current master key and the master key vectors. */
|
||||||
|
@ -749,6 +772,47 @@ static bool keysDeriveMasterKeys(void)
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static bool keysDeriveCurrentMasterKey(void)
|
||||||
|
{
|
||||||
|
u8 master_kek[AES_128_KEY_SIZE] = {0};
|
||||||
|
const bool is_dev = utilsIsDevelopmentUnit(), is_mariko = utilsIsMarikoUnit();
|
||||||
|
|
||||||
|
/* Make sure we don't already have the current master key. */
|
||||||
|
if (!keysIsKeyEmpty(g_nxKeyset.master_keys[g_currentMasterKeyIndex])) return true;
|
||||||
|
|
||||||
|
LOG_MSG_WARNING("Current master key (%02X) unavailable. It will be derived.", g_currentMasterKeyIndex);
|
||||||
|
|
||||||
|
/* Derive the current master KEK. */
|
||||||
|
if (is_mariko)
|
||||||
|
{
|
||||||
|
if (!g_marikoKekAvailable)
|
||||||
|
{
|
||||||
|
LOG_MSG_ERROR("\"mariko_kek\" unavailable! Unable to derive current\r\n" \
|
||||||
|
"master key. You may need to manually derive it using PartialAesKeyCrack,\r\n" \
|
||||||
|
"and/or redump your console keys. Please try again afterwards.");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Derive the current master KEK using the hardcoded Mariko master KEK source and the Mariko KEK. */
|
||||||
|
aes128EcbCrypt(master_kek, is_dev ? g_marikoMasterKekSourceDev : g_marikoMasterKekSourceProd, g_nxKeyset.mariko_kek, false);
|
||||||
|
} else {
|
||||||
|
if (!g_tsecRootKeyAvailable)
|
||||||
|
{
|
||||||
|
LOG_MSG_ERROR("\"tsec_root_key_%02x\" unavailable! Unable to derive\r\n" \
|
||||||
|
"current master key. Please redump your console keys and try again.", TSEC_ROOT_KEY_VERSION);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Derive the current master KEK using the hardcoded Erista master KEK source and the TSEC root key. */
|
||||||
|
aes128EcbCrypt(master_kek, g_eristaMasterKekSource, g_nxKeyset.tsec_root_key, false);
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Derive the current master key using the hardcoded master key source and the current master KEK. */
|
||||||
|
aes128EcbCrypt(g_nxKeyset.master_keys[g_currentMasterKeyIndex], g_masterKeySource, master_kek, false);
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
static bool keysDeriveNcaHeaderKey(void)
|
static bool keysDeriveNcaHeaderKey(void)
|
||||||
{
|
{
|
||||||
u8 nca_header_kek[AES_128_KEY_SIZE] = {0};
|
u8 nca_header_kek[AES_128_KEY_SIZE] = {0};
|
||||||
|
|
|
@ -201,7 +201,7 @@ bool utilsInitializeResources(void)
|
||||||
"- Horizon OS version: %u.%u.%u.\r\n" \
|
"- Horizon OS version: %u.%u.%u.\r\n" \
|
||||||
"- CFW: %s.\r\n" \
|
"- CFW: %s.\r\n" \
|
||||||
"- eMMC type: %s.\r\n" \
|
"- eMMC type: %s.\r\n" \
|
||||||
"- SoC type: %s\r\n" \
|
"- SoC type: %s.\r\n" \
|
||||||
"- Development unit: %s.\r\n" \
|
"- Development unit: %s.\r\n" \
|
||||||
"- Terra flag: %s.\r\n" \
|
"- Terra flag: %s.\r\n" \
|
||||||
"- Execution mode: %s.", \
|
"- Execution mode: %s.", \
|
||||||
|
|
Loading…
Add table
Reference in a new issue