diff options
| author | Mat M <mathew1800@gmail.com> | 2018-08-25 05:47:46 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-08-25 05:47:46 +0200 |
| commit | 6426b0f5514d6a7c5cc369368947eceb380bfc85 (patch) | |
| tree | b7acdc39a4344570a6f2c098c30ad20114bf84db /src/core/crypto | |
| parent | Merge pull request #1065 from DarkLordZach/window-title (diff) | |
| parent | file_sys/crypto: Fix missing/unnecessary includes (diff) | |
| download | yuzu-6426b0f5514d6a7c5cc369368947eceb380bfc85.tar yuzu-6426b0f5514d6a7c5cc369368947eceb380bfc85.tar.gz yuzu-6426b0f5514d6a7c5cc369368947eceb380bfc85.tar.bz2 yuzu-6426b0f5514d6a7c5cc369368947eceb380bfc85.tar.lz yuzu-6426b0f5514d6a7c5cc369368947eceb380bfc85.tar.xz yuzu-6426b0f5514d6a7c5cc369368947eceb380bfc85.tar.zst yuzu-6426b0f5514d6a7c5cc369368947eceb380bfc85.zip | |
Diffstat (limited to 'src/core/crypto')
| -rw-r--r-- | src/core/crypto/aes_util.cpp | 7 | ||||
| -rw-r--r-- | src/core/crypto/ctr_encryption_layer.cpp | 8 | ||||
| -rw-r--r-- | src/core/crypto/key_manager.cpp | 172 | ||||
| -rw-r--r-- | src/core/crypto/key_manager.h | 68 | ||||
| -rw-r--r-- | src/core/crypto/xts_encryption_layer.cpp | 58 | ||||
| -rw-r--r-- | src/core/crypto/xts_encryption_layer.h | 25 |
6 files changed, 288 insertions, 50 deletions
diff --git a/src/core/crypto/aes_util.cpp b/src/core/crypto/aes_util.cpp index a9876c83e..72e4bed67 100644 --- a/src/core/crypto/aes_util.cpp +++ b/src/core/crypto/aes_util.cpp @@ -99,10 +99,7 @@ void AESCipher<Key, KeySize>::Transcode(const u8* src, size_t size, u8* dest, Op template <typename Key, size_t KeySize> void AESCipher<Key, KeySize>::XTSTranscode(const u8* src, size_t size, u8* dest, size_t sector_id, size_t sector_size, Op op) { - if (size % sector_size > 0) { - LOG_CRITICAL(Crypto, "Data size must be a multiple of sector size."); - return; - } + ASSERT_MSG(size % sector_size == 0, "XTS decryption size must be a multiple of sector size."); for (size_t i = 0; i < size; i += sector_size) { SetIV(CalculateNintendoTweak(sector_id++)); @@ -112,4 +109,4 @@ void AESCipher<Key, KeySize>::XTSTranscode(const u8* src, size_t size, u8* dest, template class AESCipher<Key128>; template class AESCipher<Key256>; -} // namespace Core::Crypto
\ No newline at end of file +} // namespace Core::Crypto diff --git a/src/core/crypto/ctr_encryption_layer.cpp b/src/core/crypto/ctr_encryption_layer.cpp index 106db02b3..3ea60dbd0 100644 --- a/src/core/crypto/ctr_encryption_layer.cpp +++ b/src/core/crypto/ctr_encryption_layer.cpp @@ -20,10 +20,8 @@ size_t CTREncryptionLayer::Read(u8* data, size_t length, size_t offset) const { if (sector_offset == 0) { UpdateIV(base_offset + offset); std::vector<u8> raw = base->ReadBytes(length, offset); - if (raw.size() != length) - return Read(data, raw.size(), offset); - cipher.Transcode(raw.data(), length, data, Op::Decrypt); - return length; + cipher.Transcode(raw.data(), raw.size(), data, Op::Decrypt); + return raw.size(); } // offset does not fall on block boundary (0x10) @@ -34,7 +32,7 @@ size_t CTREncryptionLayer::Read(u8* data, size_t length, size_t offset) const { if (length + sector_offset < 0x10) { std::memcpy(data, block.data() + sector_offset, std::min<u64>(length, read)); - return read; + return std::min<u64>(length, read); } std::memcpy(data, block.data() + sector_offset, read); return read + Read(data + read, length - read, offset + read); diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index db8b22c85..0b6c07de8 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp @@ -12,11 +12,112 @@ #include "common/file_util.h" #include "common/hex_util.h" #include "common/logging/log.h" +#include "core/crypto/aes_util.h" #include "core/crypto/key_manager.h" #include "core/settings.h" namespace Core::Crypto { +Key128 GenerateKeyEncryptionKey(Key128 source, Key128 master, Key128 kek_seed, Key128 key_seed) { + Key128 out{}; + + AESCipher<Key128> cipher1(master, Mode::ECB); + cipher1.Transcode(kek_seed.data(), kek_seed.size(), out.data(), Op::Decrypt); + AESCipher<Key128> cipher2(out, Mode::ECB); + cipher2.Transcode(source.data(), source.size(), out.data(), Op::Decrypt); + + if (key_seed != Key128{}) { + AESCipher<Key128> cipher3(out, Mode::ECB); + cipher3.Transcode(key_seed.data(), key_seed.size(), out.data(), Op::Decrypt); + } + + return out; +} + +boost::optional<Key128> DeriveSDSeed() { + const FileUtil::IOFile save_43(FileUtil::GetUserPath(FileUtil::UserPath::NANDDir) + + "/system/save/8000000000000043", + "rb+"); + if (!save_43.IsOpen()) + return boost::none; + const FileUtil::IOFile sd_private( + FileUtil::GetUserPath(FileUtil::UserPath::SDMCDir) + "/Nintendo/Contents/private", "rb+"); + if (!sd_private.IsOpen()) + return boost::none; + + sd_private.Seek(0, SEEK_SET); + std::array<u8, 0x10> private_seed{}; + if (sd_private.ReadBytes(private_seed.data(), private_seed.size()) != 0x10) + return boost::none; + + std::array<u8, 0x10> buffer{}; + size_t offset = 0; + for (; offset + 0x10 < save_43.GetSize(); ++offset) { + save_43.Seek(offset, SEEK_SET); + save_43.ReadBytes(buffer.data(), buffer.size()); + if (buffer == private_seed) + break; + } + + if (offset + 0x10 >= save_43.GetSize()) + return boost::none; + + Key128 seed{}; + save_43.Seek(offset + 0x10, SEEK_SET); + save_43.ReadBytes(seed.data(), seed.size()); + return seed; +} + +Loader::ResultStatus DeriveSDKeys(std::array<Key256, 2>& sd_keys, const KeyManager& keys) { + if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::SDKEK))) + return Loader::ResultStatus::ErrorMissingSDKEKSource; + if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKEKGeneration))) + return Loader::ResultStatus::ErrorMissingAESKEKGenerationSource; + if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKeyGeneration))) + return Loader::ResultStatus::ErrorMissingAESKeyGenerationSource; + + const auto sd_kek_source = + keys.GetKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::SDKEK)); + const auto aes_kek_gen = + keys.GetKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKEKGeneration)); + const auto aes_key_gen = + keys.GetKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKeyGeneration)); + const auto master_00 = keys.GetKey(S128KeyType::Master); + const auto sd_kek = + GenerateKeyEncryptionKey(sd_kek_source, master_00, aes_kek_gen, aes_key_gen); + + if (!keys.HasKey(S128KeyType::SDSeed)) + return Loader::ResultStatus::ErrorMissingSDSeed; + const auto sd_seed = keys.GetKey(S128KeyType::SDSeed); + + if (!keys.HasKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::Save))) + return Loader::ResultStatus::ErrorMissingSDSaveKeySource; + if (!keys.HasKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::NCA))) + return Loader::ResultStatus::ErrorMissingSDNCAKeySource; + + std::array<Key256, 2> sd_key_sources{ + keys.GetKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::Save)), + keys.GetKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::NCA)), + }; + + // Combine sources and seed + for (auto& source : sd_key_sources) { + for (size_t i = 0; i < source.size(); ++i) + source[i] ^= sd_seed[i & 0xF]; + } + + AESCipher<Key128> cipher(sd_kek, Mode::ECB); + // The transform manipulates sd_keys as part of the Transcode, so the return/output is + // unnecessary. This does not alter sd_keys_sources. + std::transform(sd_key_sources.begin(), sd_key_sources.end(), sd_keys.begin(), + sd_key_sources.begin(), [&cipher](const Key256& source, Key256& out) { + cipher.Transcode(source.data(), source.size(), out.data(), Op::Decrypt); + return source; ///< Return unaltered source to satisfy output requirement. + }); + + return Loader::ResultStatus::Success; +} + KeyManager::KeyManager() { // Initialize keys const std::string hactool_keys_dir = FileUtil::GetHactoolConfigurationPath(); @@ -24,12 +125,15 @@ KeyManager::KeyManager() { if (Settings::values.use_dev_keys) { dev_mode = true; AttemptLoadKeyFile(yuzu_keys_dir, hactool_keys_dir, "dev.keys", false); + AttemptLoadKeyFile(yuzu_keys_dir, yuzu_keys_dir, "dev.keys_autogenerated", false); } else { dev_mode = false; AttemptLoadKeyFile(yuzu_keys_dir, hactool_keys_dir, "prod.keys", false); + AttemptLoadKeyFile(yuzu_keys_dir, yuzu_keys_dir, "prod.keys_autogenerated", false); } AttemptLoadKeyFile(yuzu_keys_dir, hactool_keys_dir, "title.keys", true); + AttemptLoadKeyFile(yuzu_keys_dir, yuzu_keys_dir, "title.keys_autogenerated", true); } void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { @@ -56,17 +160,17 @@ void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { u128 rights_id{}; std::memcpy(rights_id.data(), rights_id_raw.data(), rights_id_raw.size()); Key128 key = Common::HexStringToArray<16>(out[1]); - SetKey(S128KeyType::Titlekey, key, rights_id[1], rights_id[0]); + s128_keys[{S128KeyType::Titlekey, rights_id[1], rights_id[0]}] = key; } else { std::transform(out[0].begin(), out[0].end(), out[0].begin(), ::tolower); if (s128_file_id.find(out[0]) != s128_file_id.end()) { const auto index = s128_file_id.at(out[0]); Key128 key = Common::HexStringToArray<16>(out[1]); - SetKey(index.type, key, index.field1, index.field2); + s128_keys[{index.type, index.field1, index.field2}] = key; } else if (s256_file_id.find(out[0]) != s256_file_id.end()) { const auto index = s256_file_id.at(out[0]); Key256 key = Common::HexStringToArray<32>(out[1]); - SetKey(index.type, key, index.field1, index.field2); + s256_keys[{index.type, index.field1, index.field2}] = key; } } } @@ -100,11 +204,50 @@ Key256 KeyManager::GetKey(S256KeyType id, u64 field1, u64 field2) const { return s256_keys.at({id, field1, field2}); } +template <size_t Size> +void KeyManager::WriteKeyToFile(bool title_key, std::string_view keyname, + const std::array<u8, Size>& key) { + const std::string yuzu_keys_dir = FileUtil::GetUserPath(FileUtil::UserPath::KeysDir); + std::string filename = "title.keys_autogenerated"; + if (!title_key) + filename = dev_mode ? "dev.keys_autogenerated" : "prod.keys_autogenerated"; + const auto add_info_text = !FileUtil::Exists(yuzu_keys_dir + DIR_SEP + filename); + FileUtil::CreateFullPath(yuzu_keys_dir + DIR_SEP + filename); + std::ofstream file(yuzu_keys_dir + DIR_SEP + filename, std::ios::app); + if (!file.is_open()) + return; + if (add_info_text) { + file + << "# This file is autogenerated by Yuzu\n" + << "# It serves to store keys that were automatically generated from the normal keys\n" + << "# If you are experiencing issues involving keys, it may help to delete this file\n"; + } + + file << fmt::format("\n{} = {}", keyname, Common::HexArrayToString(key)); + AttemptLoadKeyFile(yuzu_keys_dir, yuzu_keys_dir, filename, title_key); +} + void KeyManager::SetKey(S128KeyType id, Key128 key, u64 field1, u64 field2) { + const auto iter = std::find_if( + s128_file_id.begin(), s128_file_id.end(), + [&id, &field1, &field2](const std::pair<std::string, KeyIndex<S128KeyType>> elem) { + return std::tie(elem.second.type, elem.second.field1, elem.second.field2) == + std::tie(id, field1, field2); + }); + if (iter != s128_file_id.end()) + WriteKeyToFile(id == S128KeyType::Titlekey, iter->first, key); s128_keys[{id, field1, field2}] = key; } void KeyManager::SetKey(S256KeyType id, Key256 key, u64 field1, u64 field2) { + const auto iter = std::find_if( + s256_file_id.begin(), s256_file_id.end(), + [&id, &field1, &field2](const std::pair<std::string, KeyIndex<S256KeyType>> elem) { + return std::tie(elem.second.type, elem.second.field1, elem.second.field2) == + std::tie(id, field1, field2); + }); + if (iter != s256_file_id.end()) + WriteKeyToFile(false, iter->first, key); s256_keys[{id, field1, field2}] = key; } @@ -125,7 +268,16 @@ bool KeyManager::KeyFileExists(bool title) { FileUtil::Exists(yuzu_keys_dir + DIR_SEP + "prod.keys"); } -const std::unordered_map<std::string, KeyIndex<S128KeyType>> KeyManager::s128_file_id = { +void KeyManager::DeriveSDSeedLazy() { + if (HasKey(S128KeyType::SDSeed)) + return; + + const auto res = DeriveSDSeed(); + if (res != boost::none) + SetKey(S128KeyType::SDSeed, res.get()); +} + +const boost::container::flat_map<std::string, KeyIndex<S128KeyType>> KeyManager::s128_file_id = { {"master_key_00", {S128KeyType::Master, 0, 0}}, {"master_key_01", {S128KeyType::Master, 1, 0}}, {"master_key_02", {S128KeyType::Master, 2, 0}}, @@ -167,11 +319,17 @@ const std::unordered_map<std::string, KeyIndex<S128KeyType>> KeyManager::s128_fi {"key_area_key_system_02", {S128KeyType::KeyArea, 2, static_cast<u64>(KeyAreaKeyType::System)}}, {"key_area_key_system_03", {S128KeyType::KeyArea, 3, static_cast<u64>(KeyAreaKeyType::System)}}, {"key_area_key_system_04", {S128KeyType::KeyArea, 4, static_cast<u64>(KeyAreaKeyType::System)}}, + {"sd_card_kek_source", {S128KeyType::Source, static_cast<u64>(SourceKeyType::SDKEK), 0}}, + {"aes_kek_generation_source", + {S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKEKGeneration), 0}}, + {"aes_key_generation_source", + {S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKeyGeneration), 0}}, + {"sd_seed", {S128KeyType::SDSeed, 0, 0}}, }; -const std::unordered_map<std::string, KeyIndex<S256KeyType>> KeyManager::s256_file_id = { +const boost::container::flat_map<std::string, KeyIndex<S256KeyType>> KeyManager::s256_file_id = { {"header_key", {S256KeyType::Header, 0, 0}}, - {"sd_card_save_key", {S256KeyType::SDSave, 0, 0}}, - {"sd_card_nca_key", {S256KeyType::SDNCA, 0, 0}}, + {"sd_card_save_key_source", {S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::Save), 0}}, + {"sd_card_nca_key_source", {S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::NCA), 0}}, }; } // namespace Core::Crypto diff --git a/src/core/crypto/key_manager.h b/src/core/crypto/key_manager.h index 0c62d4421..7ca3e6cbc 100644 --- a/src/core/crypto/key_manager.h +++ b/src/core/crypto/key_manager.h @@ -6,11 +6,13 @@ #include <array> #include <string> +#include <string_view> #include <type_traits> -#include <unordered_map> #include <vector> +#include <boost/container/flat_map.hpp> #include <fmt/format.h> #include "common/common_types.h" +#include "core/loader/loader.h" namespace Core::Crypto { @@ -22,9 +24,8 @@ static_assert(sizeof(Key128) == 16, "Key128 must be 128 bytes big."); static_assert(sizeof(Key256) == 32, "Key128 must be 128 bytes big."); enum class S256KeyType : u64 { - Header, // - SDSave, // - SDNCA, // + Header, // + SDKeySource, // f1=SDKeyType }; enum class S128KeyType : u64 { @@ -36,6 +37,7 @@ enum class S128KeyType : u64 { KeyArea, // f1=crypto revision f2=type {app, ocean, system} SDSeed, // Titlekey, // f1=rights id LSB f2=rights id MSB + Source, // f1=source type, f2= sub id }; enum class KeyAreaKeyType : u8 { @@ -44,6 +46,17 @@ enum class KeyAreaKeyType : u8 { System, }; +enum class SourceKeyType : u8 { + SDKEK, + AESKEKGeneration, + AESKeyGeneration, +}; + +enum class SDKeyType : u8 { + Save, + NCA, +}; + template <typename KeyType> struct KeyIndex { KeyType type; @@ -59,34 +72,12 @@ struct KeyIndex { } }; -// The following two (== and hash) are so KeyIndex can be a key in unordered_map - +// boost flat_map requires operator< for O(log(n)) lookups. template <typename KeyType> -bool operator==(const KeyIndex<KeyType>& lhs, const KeyIndex<KeyType>& rhs) { - return std::tie(lhs.type, lhs.field1, lhs.field2) == std::tie(rhs.type, rhs.field1, rhs.field2); +bool operator<(const KeyIndex<KeyType>& lhs, const KeyIndex<KeyType>& rhs) { + return std::tie(lhs.type, lhs.field1, lhs.field2) < std::tie(rhs.type, rhs.field1, rhs.field2); } -template <typename KeyType> -bool operator!=(const KeyIndex<KeyType>& lhs, const KeyIndex<KeyType>& rhs) { - return !operator==(lhs, rhs); -} - -} // namespace Core::Crypto - -namespace std { -template <typename KeyType> -struct hash<Core::Crypto::KeyIndex<KeyType>> { - size_t operator()(const Core::Crypto::KeyIndex<KeyType>& k) const { - using std::hash; - - return ((hash<u64>()(static_cast<u64>(k.type)) ^ (hash<u64>()(k.field1) << 1)) >> 1) ^ - (hash<u64>()(k.field2) << 1); - } -}; -} // namespace std - -namespace Core::Crypto { - class KeyManager { public: KeyManager(); @@ -102,16 +93,27 @@ public: static bool KeyFileExists(bool title); + // Call before using the sd seed to attempt to derive it if it dosen't exist. Needs system save + // 8*43 and the private file to exist. + void DeriveSDSeedLazy(); + private: - std::unordered_map<KeyIndex<S128KeyType>, Key128> s128_keys; - std::unordered_map<KeyIndex<S256KeyType>, Key256> s256_keys; + boost::container::flat_map<KeyIndex<S128KeyType>, Key128> s128_keys; + boost::container::flat_map<KeyIndex<S256KeyType>, Key256> s256_keys; bool dev_mode; void LoadFromFile(const std::string& filename, bool is_title_keys); void AttemptLoadKeyFile(const std::string& dir1, const std::string& dir2, const std::string& filename, bool title); + template <size_t Size> + void WriteKeyToFile(bool title_key, std::string_view keyname, const std::array<u8, Size>& key); - static const std::unordered_map<std::string, KeyIndex<S128KeyType>> s128_file_id; - static const std::unordered_map<std::string, KeyIndex<S256KeyType>> s256_file_id; + static const boost::container::flat_map<std::string, KeyIndex<S128KeyType>> s128_file_id; + static const boost::container::flat_map<std::string, KeyIndex<S256KeyType>> s256_file_id; }; + +Key128 GenerateKeyEncryptionKey(Key128 source, Key128 master, Key128 kek_seed, Key128 key_seed); +boost::optional<Key128> DeriveSDSeed(); +Loader::ResultStatus DeriveSDKeys(std::array<Key256, 2>& sd_keys, const KeyManager& keys); + } // namespace Core::Crypto diff --git a/src/core/crypto/xts_encryption_layer.cpp b/src/core/crypto/xts_encryption_layer.cpp new file mode 100644 index 000000000..c10832cfe --- /dev/null +++ b/src/core/crypto/xts_encryption_layer.cpp @@ -0,0 +1,58 @@ +// Copyright 2018 yuzu emulator team +// Licensed under GPLv2 or any later version +// Refer to the license.txt file included. + +#include <algorithm> +#include <cstring> +#include "common/assert.h" +#include "core/crypto/xts_encryption_layer.h" + +namespace Core::Crypto { + +constexpr u64 XTS_SECTOR_SIZE = 0x4000; + +XTSEncryptionLayer::XTSEncryptionLayer(FileSys::VirtualFile base_, Key256 key_) + : EncryptionLayer(std::move(base_)), cipher(key_, Mode::XTS) {} + +size_t XTSEncryptionLayer::Read(u8* data, size_t length, size_t offset) const { + if (length == 0) + return 0; + + const auto sector_offset = offset & 0x3FFF; + if (sector_offset == 0) { + if (length % XTS_SECTOR_SIZE == 0) { + std::vector<u8> raw = base->ReadBytes(length, offset); + cipher.XTSTranscode(raw.data(), raw.size(), data, offset / XTS_SECTOR_SIZE, + XTS_SECTOR_SIZE, Op::Decrypt); + return raw.size(); + } + if (length > XTS_SECTOR_SIZE) { + const auto rem = length % XTS_SECTOR_SIZE; + const auto read = length - rem; + return Read(data, read, offset) + Read(data + read, rem, offset + read); + } + std::vector<u8> buffer = base->ReadBytes(XTS_SECTOR_SIZE, offset); + if (buffer.size() < XTS_SECTOR_SIZE) + buffer.resize(XTS_SECTOR_SIZE); + cipher.XTSTranscode(buffer.data(), buffer.size(), buffer.data(), offset / XTS_SECTOR_SIZE, + XTS_SECTOR_SIZE, Op::Decrypt); + std::memcpy(data, buffer.data(), std::min(buffer.size(), length)); + return std::min(buffer.size(), length); + } + + // offset does not fall on block boundary (0x4000) + std::vector<u8> block = base->ReadBytes(0x4000, offset - sector_offset); + if (block.size() < XTS_SECTOR_SIZE) + block.resize(XTS_SECTOR_SIZE); + cipher.XTSTranscode(block.data(), block.size(), block.data(), + (offset - sector_offset) / XTS_SECTOR_SIZE, XTS_SECTOR_SIZE, Op::Decrypt); + const size_t read = XTS_SECTOR_SIZE - sector_offset; + + if (length + sector_offset < XTS_SECTOR_SIZE) { + std::memcpy(data, block.data() + sector_offset, std::min<u64>(length, read)); + return std::min<u64>(length, read); + } + std::memcpy(data, block.data() + sector_offset, read); + return read + Read(data + read, length - read, offset + read); +} +} // namespace Core::Crypto diff --git a/src/core/crypto/xts_encryption_layer.h b/src/core/crypto/xts_encryption_layer.h new file mode 100644 index 000000000..7a1f1dc64 --- /dev/null +++ b/src/core/crypto/xts_encryption_layer.h @@ -0,0 +1,25 @@ +// Copyright 2018 yuzu emulator team +// Licensed under GPLv2 or any later version +// Refer to the license.txt file included. + +#pragma once + +#include "core/crypto/aes_util.h" +#include "core/crypto/encryption_layer.h" +#include "core/crypto/key_manager.h" + +namespace Core::Crypto { + +// Sits on top of a VirtualFile and provides XTS-mode AES decription. +class XTSEncryptionLayer : public EncryptionLayer { +public: + XTSEncryptionLayer(FileSys::VirtualFile base, Key256 key); + + size_t Read(u8* data, size_t length, size_t offset) const override; + +private: + // Must be mutable as operations modify cipher contexts. + mutable AESCipher<Key256> cipher; +}; + +} // namespace Core::Crypto |