summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/core/crypto/key_manager.cpp91
-rw-r--r--src/core/crypto/key_manager.h50
-rw-r--r--src/core/hle/service/es/es.cpp4
3 files changed, 88 insertions, 57 deletions
diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp
index 3c51e3dc2..46aceec3d 100644
--- a/src/core/crypto/key_manager.cpp
+++ b/src/core/crypto/key_manager.cpp
@@ -56,6 +56,13 @@ const std::map<std::pair<S128KeyType, u64>, std::string> KEYS_VARIABLE_LENGTH{
{{S128KeyType::KeyblobMAC, 0}, "keyblob_mac_key_"},
};
+namespace {
+template <std::size_t Size>
+bool IsAllZeroArray(const std::array<u8, Size>& array) {
+ return std::all_of(array.begin(), array.end(), [](const auto& elem) { return elem == 0; });
+}
+} // namespace
+
u64 GetSignatureTypeDataSize(SignatureType type) {
switch (type) {
case SignatureType::RSA_4096_SHA1:
@@ -85,47 +92,61 @@ u64 GetSignatureTypePaddingSize(SignatureType type) {
UNREACHABLE();
}
+SignatureType Ticket::GetSignatureType() const {
+ if (auto ticket = std::get_if<RSA4096Ticket>(&data)) {
+ return ticket->sig_type;
+ }
+ if (auto ticket = std::get_if<RSA2048Ticket>(&data)) {
+ return ticket->sig_type;
+ }
+ if (auto ticket = std::get_if<ECDSATicket>(&data)) {
+ return ticket->sig_type;
+ }
+
+ UNREACHABLE();
+}
+
TicketData& Ticket::GetData() {
- switch (sig_type) {
- case SignatureType::RSA_4096_SHA1:
- case SignatureType::RSA_4096_SHA256:
- return rsa_4096.data;
- case SignatureType::RSA_2048_SHA1:
- case SignatureType::RSA_2048_SHA256:
- return rsa_2048.data;
- case SignatureType::ECDSA_SHA1:
- case SignatureType::ECDSA_SHA256:
- return ecdsa.data;
+ if (auto ticket = std::get_if<RSA4096Ticket>(&data)) {
+ return ticket->data;
}
+ if (auto ticket = std::get_if<RSA2048Ticket>(&data)) {
+ return ticket->data;
+ }
+ if (auto ticket = std::get_if<ECDSATicket>(&data)) {
+ return ticket->data;
+ }
+
UNREACHABLE();
}
const TicketData& Ticket::GetData() const {
- switch (sig_type) {
- case SignatureType::RSA_4096_SHA1:
- case SignatureType::RSA_4096_SHA256:
- return rsa_4096.data;
- case SignatureType::RSA_2048_SHA1:
- case SignatureType::RSA_2048_SHA256:
- return rsa_2048.data;
- case SignatureType::ECDSA_SHA1:
- case SignatureType::ECDSA_SHA256:
- return ecdsa.data;
+ if (auto ticket = std::get_if<RSA4096Ticket>(&data)) {
+ return ticket->data;
+ }
+ if (auto ticket = std::get_if<RSA2048Ticket>(&data)) {
+ return ticket->data;
}
+ if (auto ticket = std::get_if<ECDSATicket>(&data)) {
+ return ticket->data;
+ }
+
UNREACHABLE();
}
u64 Ticket::GetSize() const {
+ const auto sig_type = GetSignatureType();
+
return sizeof(SignatureType) + GetSignatureTypeDataSize(sig_type) +
GetSignatureTypePaddingSize(sig_type) + sizeof(TicketData);
}
-Ticket Ticket::SynthesizeCommon(Key128 title_key, std::array<u8, 16> rights_id) {
- Ticket out{};
+Ticket Ticket::SynthesizeCommon(Key128 title_key, const std::array<u8, 16>& rights_id) {
+ RSA2048Ticket out{};
out.sig_type = SignatureType::RSA_2048_SHA256;
- out.GetData().rights_id = rights_id;
- out.GetData().title_key_common = title_key;
- return out;
+ out.data.rights_id = rights_id;
+ out.data.title_key_common = title_key;
+ return Ticket{out};
}
Key128 GenerateKeyEncryptionKey(Key128 source, Key128 master, Key128 kek_seed, Key128 key_seed) {
@@ -208,14 +229,13 @@ void KeyManager::DeriveGeneralPurposeKeys(std::size_t crypto_revision) {
}
}
-RSAKeyPair<2048> KeyManager::GetETicketRSAKey() {
- if (eticket_extended_kek == std::array<u8, 576>{} || !HasKey(S128KeyType::ETicketRSAKek))
+RSAKeyPair<2048> KeyManager::GetETicketRSAKey() const {
+ if (IsAllZeroArray(eticket_extended_kek) || !HasKey(S128KeyType::ETicketRSAKek))
return {};
const auto eticket_final = GetKey(S128KeyType::ETicketRSAKek);
- std::vector<u8> extended_iv(0x10);
- std::memcpy(extended_iv.data(), eticket_extended_kek.data(), extended_iv.size());
+ std::vector<u8> extended_iv(eticket_extended_kek.begin(), eticket_extended_kek.begin() + 0x10);
std::array<u8, 0x230> extended_dec{};
AESCipher<Key128> rsa_1(eticket_final, Mode::CTR);
rsa_1.SetIV(extended_iv);
@@ -1001,13 +1021,14 @@ void KeyManager::PopulateTickets() {
void KeyManager::SynthesizeTickets() {
for (const auto& key : s128_keys) {
- if (key.first.type == S128KeyType::Titlekey) {
- u128 rights_id{key.first.field1, key.first.field2};
- Key128 rights_id_2;
- std::memcpy(rights_id_2.data(), rights_id.data(), rights_id_2.size());
- const auto ticket = Ticket::SynthesizeCommon(key.second, rights_id_2);
- common_tickets.insert_or_assign(rights_id, ticket);
+ if (key.first.type != S128KeyType::Titlekey) {
+ continue;
}
+ u128 rights_id{key.first.field1, key.first.field2};
+ Key128 rights_id_2;
+ std::memcpy(rights_id_2.data(), rights_id.data(), rights_id_2.size());
+ const auto ticket = Ticket::SynthesizeCommon(key.second, rights_id_2);
+ common_tickets.insert_or_assign(rights_id, ticket);
}
}
diff --git a/src/core/crypto/key_manager.h b/src/core/crypto/key_manager.h
index d4e89d35c..7265c4171 100644
--- a/src/core/crypto/key_manager.h
+++ b/src/core/crypto/key_manager.h
@@ -9,6 +9,7 @@
#include <optional>
#include <string>
+#include <variant>
#include <boost/container/flat_map.hpp>
#include <fmt/format.h>
#include "common/common_funcs.h"
@@ -73,33 +74,36 @@ struct TicketData {
};
static_assert(sizeof(TicketData) == 0x2C0, "TicketData has incorrect size.");
-struct Ticket {
+struct RSA4096Ticket {
SignatureType sig_type;
- union {
- struct {
- std::array<u8, 0x200> sig_data;
- INSERT_PADDING_BYTES(0x3C);
- TicketData data;
- } rsa_4096;
+ std::array<u8, 0x200> sig_data;
+ INSERT_PADDING_BYTES(0x3C);
+ TicketData data;
+};
- struct {
- std::array<u8, 0x100> sig_data;
- INSERT_PADDING_BYTES(0x3C);
- TicketData data;
- } rsa_2048;
+struct RSA2048Ticket {
+ SignatureType sig_type;
+ std::array<u8, 0x100> sig_data;
+ INSERT_PADDING_BYTES(0x3C);
+ TicketData data;
+};
- struct {
- std::array<u8, 0x3C> sig_data;
- INSERT_PADDING_BYTES(0x40);
- TicketData data;
- } ecdsa;
- };
+struct ECDSATicket {
+ SignatureType sig_type;
+ std::array<u8, 0x3C> sig_data;
+ INSERT_PADDING_BYTES(0x40);
+ TicketData data;
+};
+
+struct Ticket {
+ std::variant<RSA4096Ticket, RSA2048Ticket, ECDSATicket> data;
+ SignatureType GetSignatureType() const;
TicketData& GetData();
const TicketData& GetData() const;
u64 GetSize() const;
- static Ticket SynthesizeCommon(Key128 title_key, std::array<u8, 0x10> rights_id);
+ static Ticket SynthesizeCommon(Key128 title_key, const std::array<u8, 0x10>& rights_id);
};
static_assert(sizeof(Key128) == 16, "Key128 must be 128 bytes big.");
@@ -120,6 +124,12 @@ bool operator==(const RSAKeyPair<bit_size, byte_size>& lhs,
std::tie(rhs.encryption_key, rhs.decryption_key, rhs.modulus, rhs.exponent);
}
+template <size_t bit_size, size_t byte_size>
+bool operator!=(const RSAKeyPair<bit_size, byte_size>& lhs,
+ const RSAKeyPair<bit_size, byte_size>& rhs) {
+ return !(lhs == rhs);
+}
+
enum class KeyCategory : u8 {
Standard,
Title,
@@ -268,7 +278,7 @@ private:
void DeriveGeneralPurposeKeys(std::size_t crypto_revision);
- RSAKeyPair<2048> GetETicketRSAKey();
+ RSAKeyPair<2048> GetETicketRSAKey() const;
void SetKeyWrapped(S128KeyType id, Key128 key, u64 field1 = 0, u64 field2 = 0);
void SetKeyWrapped(S256KeyType id, Key256 key, u64 field1 = 0, u64 field2 = 0);
diff --git a/src/core/hle/service/es/es.cpp b/src/core/hle/service/es/es.cpp
index 92fa2bef8..af70d174d 100644
--- a/src/core/hle/service/es/es.cpp
+++ b/src/core/hle/service/es/es.cpp
@@ -234,7 +234,7 @@ private:
const auto ticket = keys.GetCommonTickets().at(rights_id);
- const auto write_size = std::min(ticket.GetSize(), ctx.GetWriteBufferSize());
+ const auto write_size = std::min<u64>(ticket.GetSize(), ctx.GetWriteBufferSize());
ctx.WriteBuffer(&ticket, write_size);
IPC::ResponseBuilder rb{ctx, 4};
@@ -253,7 +253,7 @@ private:
const auto ticket = keys.GetPersonalizedTickets().at(rights_id);
- const auto write_size = std::min(ticket.GetSize(), ctx.GetWriteBufferSize());
+ const auto write_size = std::min<u64>(ticket.GetSize(), ctx.GetWriteBufferSize());
ctx.WriteBuffer(&ticket, write_size);
IPC::ResponseBuilder rb{ctx, 4};