mirror of
https://github.com/DarkMatterCore/nxdumptool.git
synced 2025-01-10 03:27:23 -03:00
c1b76fb2d9
* signature: add comments to SignatureType enum entries about the exact signing algorithms and padding schemes used. * signature: rename signatureGetSigType() -> signatureGetTypeFromSignedBlob(). * signature: rename signatureIsValidSigType() -> signatureIsValidType(). * signature: rename signatureGetSigSize() -> signatureGetSigSizeByType(). * signature: rename signatureGetBlockSize() -> signatureGetBlockSizeByType(). * signature: rename signatureGetSig() -> signatureGetSigFromSignedBlob(). * signature: rename signatureGetPayload() -> signatureGetPayloadFromSignedBlob(). * signature: add signatureGetBlockSizeFromSignedBlob(). * cert: add more comments to the code. * cert: update code to match signature interface changes. * cert: add CERT_RSA_PUB_EXP_SIZE macro. * cert: change public_exponent field in CertPublicKeyBlockRsa* structs from u32 to u8 array. * cert: add size field to CertificateChain struct. * cert: rename certGetCommonBlock() -> certGetCommonBlockFromSignedCertBlob. * cert: rename certGetPublicKeySize() -> certGetPublicKeySizeByType(). * cert: rename certGetPublicKeyBlockSize() -> certGetPublicKeyBlockSizeByType(). * cert: rename certIsValidCertificate() -> certIsValidSignedCertBlob(). * cert: rename certGetSignedCertificateSize() -> certGetSignedCertBlobSize(). * cert: rename certGetSignedCertificateHashAreaSize() -> certGetSignedCertBlobHashAreaSize(). * cert: remove certGetPublicKey(), certGetPublicExponent() and certCalculateRawCertificateChainSize(). * cert: add certGetPublicKeyTypeFromCommonBlock(), certGetPublicKeyTypeFromSignedCertBlob(), certGetPublicKeySizeFromSignedCertBlob(), certGetPublicKeyBlockSizeFromSignedCertBlob(), certGetPublicKeyFromSignedCertBlob(), certGetPublicExponentFromSignedCertBlob(), certIsValidCertificate() (w/diff func sig), certGetCommonBlockFromCertificate(), certGetPublicKeyTypeFromCertificate(), certGetPublicKeySizeFromCertificate(), certGetPublicKeyBlockSizeFromCertificate(), certGetPublicKeyFromCertificate(), certGetPublicExponentFromCertificate() and certGetHashAreaSizeFromCertificate() functions. * cert: avoid byteswapping the public key type value in multiple places -- it is now only being done in certGetPublicKeyTypeFromCommonBlock(). * cert: call certFreeCertificateChain() in _certRetrieveCertificateChainBySignatureIssuer() before attempting to retrieve the certificate chain. * cert: other minor changes and corrections. * tik: update code to match signature interface changes. * tik: add missing comments to TikPropertyMask enum entries. * tik: add key_generation, enc_titlekey_str and dec_titlekey_str fields to Ticket struct. * tik: update tikRetrieveTicketByRightsId() to also take in a key_generation argument, instead of getting it from the rights ID (which could fail if it's using a key generation lower than HOS 3.0.1) or the key_generation field from the common ticket block (which could fail if the ticket has been tampered by certain tools). * tik: rename tikGetCommonBlock() -> tikGetCommonBlockFromSignedTicketBlob(). * tik: change function signature for tikGetTicketSectionRecordsBlockSize(). * tik: rename tikIsValidTicket() -> tikIsValidSignedTicketBlob(). * tik: rename tikGetSignedTicketSize() -> tikGetSignedTicketBlobSize(). * tik: rename tikGetSignedTicketHashAreaSize() -> tikGetSignedTicketBlobHashAreaSize(). * tik: rename tikGetEncryptedTitleKeyFromTicket() -> tikGetEncryptedTitleKey(). * tik: add tikIsValidTicket() (w/diff func sig), tikGetCommonBlockFromTicket(), tikGetHashAreaSizeFromTicket(), tikFixTamperedCommonTicket(), tikVerifyRsa2048Sha256Signature() and tikDecryptVolatileTicket() functions. Ticket signature verification is only carried out for common tickets in tikFixTamperedCommonTicket(). * tik: change argument order in tikGetTicketEntryOffsetFromTicketList() and tikRetrieveTicketEntryFromTicketBin(). * tik: add TIK_COMMON_CERT_NAME and TIK_DEV_CERT_ISSUER macros. * tik: use a scoped lock when calling tikRetrieveTicketFromEsSaveDataByRightsId(). * tik: simplify certificate chain retrieval steps in tikConvertPersonalizedTicketToCommonTicket() by always using the XS00000020 certificate. * tik: wipe license_type and property_mask fields in tikConvertPersonalizedTicketToCommonTicket(). * tik: other minor changes and corrections. Other changes include: * keys: fix key generation checks in keysGetNcaKeyAreaKeyEncryptionKey() and keysGetTicketCommonKey(). * rsa: move core logic from rsa2048VerifySha256BasedPssSignature() into a new function: rsa2048VerifySha256BasedSignature(). * rsa: add rsa2048VerifySha256BasedPkcs1v15Signature() function.
263 lines
10 KiB
C
263 lines
10 KiB
C
/*
|
|
* tik.h
|
|
*
|
|
* Copyright (c) 2020-2023, DarkMatterCore <pabloacurielz@gmail.com>.
|
|
*
|
|
* This file is part of nxdumptool (https://github.com/DarkMatterCore/nxdumptool).
|
|
*
|
|
* nxdumptool is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* nxdumptool is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
#ifndef __TIK_H__
|
|
#define __TIK_H__
|
|
|
|
#include "signature.h"
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
#define SIGNED_TIK_MIN_SIZE sizeof(TikSigHmac160) /* Assuming no ESV1/ESV2 records are available. */
|
|
#define SIGNED_TIK_MAX_SIZE 0x400 /* Max ticket entry size in the ES ticket system savedata file. */
|
|
|
|
#define GENERATE_TIK_STRUCT(sigtype, tiksize) \
|
|
typedef struct { \
|
|
SignatureBlock##sigtype sig_block; \
|
|
TikCommonBlock tik_common_block; \
|
|
u8 es_section_record_data[]; \
|
|
} TikSig##sigtype; \
|
|
NXDT_ASSERT(TikSig##sigtype, tiksize);
|
|
|
|
typedef enum {
|
|
TikTitleKeyType_Common = 0,
|
|
TikTitleKeyType_Personalized = 1,
|
|
TikTitleKeyType_Count = 2 ///< Total values supported by this enum.
|
|
} TikTitleKeyType;
|
|
|
|
typedef enum {
|
|
TikLicenseType_Permanent = 0,
|
|
TikLicenseType_Demo = 1,
|
|
TikLicenseType_Trial = 2,
|
|
TikLicenseType_Rental = 3,
|
|
TikLicenseType_Subscription = 4,
|
|
TikLicenseType_Service = 5,
|
|
TikLicenseType_Count = 6 ///< Total values supported by this enum.
|
|
} TikLicenseType;
|
|
|
|
typedef enum {
|
|
TikPropertyMask_None = 0,
|
|
TikPropertyMask_PreInstallation = BIT(0), ///< Determines if the title comes pre-installed on the device. Most likely unused -- a remnant from previous ticket formats.
|
|
TikPropertyMask_SharedTitle = BIT(1), ///< Determines if the title holds shared contents only. Most likely unused -- a remnant from previous ticket formats.
|
|
TikPropertyMask_AllContents = BIT(2), ///< Determines if the content index mask shall be bypassed. Most likely unused -- a remnant from previous ticket formats.
|
|
TikPropertyMask_DeviceLinkIndepedent = BIT(3), ///< Determines if the console should *not* connect to the Internet to verify if the title's being used by the primary console.
|
|
TikPropertyMask_Volatile = BIT(4), ///< Determines if the ticket copy inside ticket.bin should be encrypted or not.
|
|
TikPropertyMask_ELicenseRequired = BIT(5), ///< Determines if the console should connect to the Internet to perform license verification.
|
|
TikPropertyMask_Count = 6 ///< Total values supported by this enum.
|
|
} TikPropertyMask;
|
|
|
|
/// Placed after the ticket signature block.
|
|
typedef struct {
|
|
char issuer[0x40];
|
|
u8 titlekey_block[0x100];
|
|
u8 format_version;
|
|
u8 titlekey_type; ///< TikTitleKeyType.
|
|
u16 ticket_version;
|
|
u8 license_type; ///< TikLicenseType.
|
|
u8 key_generation; ///< NcaKeyGeneration.
|
|
u16 property_mask; ///< TikPropertyMask.
|
|
u8 reserved[0x8];
|
|
u64 ticket_id;
|
|
u64 device_id;
|
|
FsRightsId rights_id;
|
|
u32 account_id;
|
|
u32 sect_total_size;
|
|
u32 sect_hdr_offset;
|
|
u16 sect_hdr_count;
|
|
u16 sect_hdr_entry_size;
|
|
} TikCommonBlock;
|
|
|
|
NXDT_ASSERT(TikCommonBlock, 0x180);
|
|
|
|
/// ESV1/ESV2 section records are placed right after the ticket data. These aren't available in TikTitleKeyType_Common tickets.
|
|
/// These are only used if the sect_* fields from the common block are non-zero (other than 'sect_hdr_offset').
|
|
/// Each ESV2 section record is followed by a 'record_count' number of ESV1 records, each one of 'record_size' size.
|
|
|
|
typedef enum {
|
|
TikSectionType_None = 0,
|
|
TikSectionType_Permanent = 1,
|
|
TikSectionType_Subscription = 2,
|
|
TikSectionType_Content = 3,
|
|
TikSectionType_ContentConsumption = 4,
|
|
TikSectionType_AccessTitle = 5,
|
|
TikSectionType_LimitedResource = 6,
|
|
TikSectionType_Count = 7 ///< Total values supported by this enum.
|
|
} TikSectionType;
|
|
|
|
typedef struct {
|
|
u32 sect_offset;
|
|
u32 record_size;
|
|
u32 section_size;
|
|
u16 record_count;
|
|
u16 section_type; ///< TikSectionType.
|
|
} TikESV2SectionRecord;
|
|
|
|
/// Used with TikSectionType_Permanent.
|
|
typedef struct {
|
|
u8 ref_id[0x10];
|
|
u32 ref_id_attr;
|
|
} TikESV1PermanentRecord;
|
|
|
|
/// Used with TikSectionType_Subscription.
|
|
typedef struct {
|
|
u32 limit;
|
|
u8 ref_id[0x10];
|
|
u32 ref_id_attr;
|
|
} TikESV1SubscriptionRecord;
|
|
|
|
/// Used with TikSectionType_Content.
|
|
typedef struct {
|
|
u32 offset;
|
|
u8 access_mask[0x80];
|
|
} TikESV1ContentRecord;
|
|
|
|
/// Used with TikSectionType_ContentConsumption.
|
|
typedef struct {
|
|
u16 index;
|
|
u16 code;
|
|
u32 limit;
|
|
} TikESV1ContentConsumptionRecord;
|
|
|
|
/// Used with TikSectionType_AccessTitle.
|
|
typedef struct {
|
|
u64 access_title_id;
|
|
u64 access_title_mask;
|
|
} TikESV1AccessTitleRecord;
|
|
|
|
/// Used with TikSectionType_LimitedResource.
|
|
typedef struct {
|
|
u32 limit;
|
|
u8 ref_id[0x10];
|
|
u32 ref_id_attr;
|
|
} TikESV1LimitedResourceRecord;
|
|
|
|
/// All tickets generated below use a little endian sig_type field.
|
|
GENERATE_TIK_STRUCT(Rsa4096, 0x3C0); /// RSA-4096 signature.
|
|
GENERATE_TIK_STRUCT(Rsa2048, 0x2C0); /// RSA-2048 signature.
|
|
GENERATE_TIK_STRUCT(Ecc480, 0x200); /// ECC signature.
|
|
GENERATE_TIK_STRUCT(Hmac160, 0x1C0); /// HMAC signature.
|
|
|
|
/// Ticket type.
|
|
typedef enum {
|
|
TikType_None = 0,
|
|
TikType_SigRsa4096 = 1,
|
|
TikType_SigRsa2048 = 2,
|
|
TikType_SigEcc480 = 3,
|
|
TikType_SigHmac160 = 4,
|
|
TikType_Count = 5 ///< Total values supported by this enum.
|
|
} TikType;
|
|
|
|
/// Used to store ticket type, size and raw data, as well as titlekey data.
|
|
typedef struct {
|
|
u8 type; ///< TikType.
|
|
u64 size; ///< Raw ticket size.
|
|
u8 data[SIGNED_TIK_MAX_SIZE]; ///< Raw ticket data.
|
|
u8 key_generation; ///< NcaKeyGeneration.
|
|
u8 enc_titlekey[0x10]; ///< Titlekey with titlekek crypto (RSA-OAEP unwrapped if dealing with a TikTitleKeyType_Personalized ticket).
|
|
char enc_titlekey_str[0x21]; ///< Character string representation of enc_titlekey.
|
|
u8 dec_titlekey[0x10]; ///< Titlekey without titlekek crypto. Ready to use for NCA FS section decryption.
|
|
char dec_titlekey_str[0x21]; ///< Character string representation of dec_titlekey.
|
|
char rights_id_str[0x21]; ///< Character string representation of the rights ID from the ticket.
|
|
} Ticket;
|
|
|
|
/// Retrieves a ticket from either the ES ticket system savedata file (eMMC BIS System partition) or the secure Hash FS partition from an inserted gamecard.
|
|
/// Both the input rights ID and key generation values must have been retrieved from a NCA that depends on the desired ticket.
|
|
/// Titlekey is also RSA-OAEP unwrapped (if needed) and titlekek-decrypted right away.
|
|
bool tikRetrieveTicketByRightsId(Ticket *dst, const FsRightsId *id, u8 key_generation, bool use_gamecard);
|
|
|
|
/// Converts a TikTitleKeyType_Personalized ticket into a TikTitleKeyType_Common ticket and optionally generates a raw certificate chain for the new signature issuer.
|
|
/// Bear in mind the 'size' member from the Ticket parameter will be updated by this function to remove any possible references to ESV1/ESV2 records.
|
|
/// If both 'out_raw_cert_chain' and 'out_raw_cert_chain_size' pointers are provided, raw certificate chain data will be saved to them.
|
|
/// certGenerateRawCertificateChainBySignatureIssuer() is used internally, so the output buffer must be freed by the user.
|
|
bool tikConvertPersonalizedTicketToCommonTicket(Ticket *tik, u8 **out_raw_cert_chain, u64 *out_raw_cert_chain_size);
|
|
|
|
/// Helper inline functions for signed ticket blobs.
|
|
|
|
NX_INLINE TikCommonBlock *tikGetCommonBlockFromSignedTicketBlob(void *buf)
|
|
{
|
|
return (TikCommonBlock*)signatureGetPayloadFromSignedBlob(buf, false);
|
|
}
|
|
|
|
NX_INLINE u64 tikGetSectionRecordsSizeFromSignedTicketBlob(void *buf)
|
|
{
|
|
TikCommonBlock *tik_common_block = tikGetCommonBlockFromSignedTicketBlob(buf);
|
|
if (!tik_common_block) return 0;
|
|
|
|
u64 offset = sizeof(TikCommonBlock), out_size = 0;
|
|
|
|
for(u32 i = 0; i < tik_common_block->sect_hdr_count; i++)
|
|
{
|
|
TikESV2SectionRecord *rec = (TikESV2SectionRecord*)((u8*)tik_common_block + offset);
|
|
offset += (sizeof(TikESV2SectionRecord) + ((u64)rec->record_count * (u64)rec->record_size));
|
|
out_size += offset;
|
|
}
|
|
|
|
return out_size;
|
|
}
|
|
|
|
NX_INLINE bool tikIsValidSignedTicketBlob(void *buf)
|
|
{
|
|
u64 ticket_size = (signatureGetBlockSizeFromSignedBlob(buf, false) + sizeof(TikCommonBlock));
|
|
return (ticket_size > sizeof(TikCommonBlock) && (ticket_size + tikGetSectionRecordsSizeFromSignedTicketBlob(buf)) <= SIGNED_TIK_MAX_SIZE);
|
|
}
|
|
|
|
NX_INLINE u64 tikGetSignedTicketBlobSize(void *buf)
|
|
{
|
|
return (tikIsValidSignedTicketBlob(buf) ? (signatureGetBlockSizeFromSignedBlob(buf, false) + sizeof(TikCommonBlock) + tikGetSectionRecordsSizeFromSignedTicketBlob(buf)) : 0);
|
|
}
|
|
|
|
NX_INLINE u64 tikGetSignedTicketBlobHashAreaSize(void *buf)
|
|
{
|
|
return (tikIsValidSignedTicketBlob(buf) ? (sizeof(TikCommonBlock) + tikGetSectionRecordsSizeFromSignedTicketBlob(buf)) : 0);
|
|
}
|
|
|
|
/// Helper inline functions for Ticket elements.
|
|
|
|
NX_INLINE bool tikIsValidTicket(Ticket *tik)
|
|
{
|
|
return (tik && tik->type > TikType_None && tik->type < TikType_Count && tik->size >= SIGNED_TIK_MIN_SIZE && tik->size <= SIGNED_TIK_MAX_SIZE && tikIsValidSignedTicketBlob(tik->data));
|
|
}
|
|
|
|
NX_INLINE TikCommonBlock *tikGetCommonBlockFromTicket(Ticket *tik)
|
|
{
|
|
return (tikIsValidTicket(tik) ? tikGetCommonBlockFromSignedTicketBlob(tik->data) : NULL);
|
|
}
|
|
|
|
NX_INLINE bool tikIsPersonalizedTicket(Ticket *tik)
|
|
{
|
|
TikCommonBlock *tik_common_block = tikGetCommonBlockFromTicket(tik);
|
|
return (tik_common_block ? (tik_common_block->titlekey_type == TikTitleKeyType_Personalized) : false);
|
|
}
|
|
|
|
NX_INLINE u64 tikGetHashAreaSizeFromTicket(Ticket *tik)
|
|
{
|
|
return (tikIsValidTicket(tik) ? tikGetSignedTicketBlobHashAreaSize(tik->data) : 0);
|
|
}
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
#endif /* __TIK_H__ */
|