diff options
Diffstat (limited to 'src/core/crypto')
-rw-r--r-- | src/core/crypto/aes_util.cpp | 23 | ||||
-rw-r--r-- | src/core/crypto/aes_util.h | 9 | ||||
-rw-r--r-- | src/core/crypto/ctr_encryption_layer.cpp | 9 | ||||
-rw-r--r-- | src/core/crypto/ctr_encryption_layer.h | 9 | ||||
-rw-r--r-- | src/core/crypto/key_manager.cpp | 449 | ||||
-rw-r--r-- | src/core/crypto/key_manager.h | 8 | ||||
-rw-r--r-- | src/core/crypto/partition_data_manager.cpp | 216 |
7 files changed, 412 insertions, 311 deletions
diff --git a/src/core/crypto/aes_util.cpp b/src/core/crypto/aes_util.cpp index 4be76bb43..6a9734812 100644 --- a/src/core/crypto/aes_util.cpp +++ b/src/core/crypto/aes_util.cpp @@ -2,6 +2,7 @@ // Licensed under GPLv2 or any later version // Refer to the license.txt file included. +#include <array> #include <mbedtls/cipher.h> #include "common/assert.h" #include "common/logging/log.h" @@ -10,8 +11,10 @@ namespace Core::Crypto { namespace { -std::vector<u8> CalculateNintendoTweak(std::size_t sector_id) { - std::vector<u8> out(0x10); +using NintendoTweak = std::array<u8, 16>; + +NintendoTweak CalculateNintendoTweak(std::size_t sector_id) { + NintendoTweak out{}; for (std::size_t i = 0xF; i <= 0xF; --i) { out[i] = sector_id & 0xFF; sector_id >>= 8; @@ -64,13 +67,6 @@ AESCipher<Key, KeySize>::~AESCipher() { } template <typename Key, std::size_t KeySize> -void AESCipher<Key, KeySize>::SetIV(std::vector<u8> iv) { - ASSERT_MSG((mbedtls_cipher_set_iv(&ctx->encryption_context, iv.data(), iv.size()) || - mbedtls_cipher_set_iv(&ctx->decryption_context, iv.data(), iv.size())) == 0, - "Failed to set IV on mbedtls ciphers."); -} - -template <typename Key, std::size_t KeySize> void AESCipher<Key, KeySize>::Transcode(const u8* src, std::size_t size, u8* dest, Op op) const { auto* const context = op == Op::Encrypt ? &ctx->encryption_context : &ctx->decryption_context; @@ -120,10 +116,17 @@ void AESCipher<Key, KeySize>::XTSTranscode(const u8* src, std::size_t size, u8* for (std::size_t i = 0; i < size; i += sector_size) { SetIV(CalculateNintendoTweak(sector_id++)); - Transcode<u8, u8>(src + i, sector_size, dest + i, op); + Transcode(src + i, sector_size, dest + i, op); } } +template <typename Key, std::size_t KeySize> +void AESCipher<Key, KeySize>::SetIVImpl(const u8* data, std::size_t size) { + ASSERT_MSG((mbedtls_cipher_set_iv(&ctx->encryption_context, data, size) || + mbedtls_cipher_set_iv(&ctx->decryption_context, data, size)) == 0, + "Failed to set IV on mbedtls ciphers."); +} + template class AESCipher<Key128>; template class AESCipher<Key256>; } // namespace Core::Crypto diff --git a/src/core/crypto/aes_util.h b/src/core/crypto/aes_util.h index edc4ab910..e2a304186 100644 --- a/src/core/crypto/aes_util.h +++ b/src/core/crypto/aes_util.h @@ -6,7 +6,6 @@ #include <memory> #include <type_traits> -#include <vector> #include "common/common_types.h" #include "core/file_sys/vfs.h" @@ -32,10 +31,12 @@ class AESCipher { public: AESCipher(Key key, Mode mode); - ~AESCipher(); - void SetIV(std::vector<u8> iv); + template <typename ContiguousContainer> + void SetIV(const ContiguousContainer& container) { + SetIVImpl(std::data(container), std::size(container)); + } template <typename Source, typename Dest> void Transcode(const Source* src, std::size_t size, Dest* dest, Op op) const { @@ -59,6 +60,8 @@ public: std::size_t sector_size, Op op); private: + void SetIVImpl(const u8* data, std::size_t size); + std::unique_ptr<CipherContext> ctx; }; } // namespace Core::Crypto diff --git a/src/core/crypto/ctr_encryption_layer.cpp b/src/core/crypto/ctr_encryption_layer.cpp index 902841c77..5c84bb0a4 100644 --- a/src/core/crypto/ctr_encryption_layer.cpp +++ b/src/core/crypto/ctr_encryption_layer.cpp @@ -2,6 +2,7 @@ // Licensed under GPLv2 or any later version // Refer to the license.txt file included. +#include <algorithm> #include <cstring> #include "common/assert.h" #include "core/crypto/ctr_encryption_layer.h" @@ -10,8 +11,7 @@ namespace Core::Crypto { CTREncryptionLayer::CTREncryptionLayer(FileSys::VirtualFile base_, Key128 key_, std::size_t base_offset) - : EncryptionLayer(std::move(base_)), base_offset(base_offset), cipher(key_, Mode::CTR), - iv(16, 0) {} + : EncryptionLayer(std::move(base_)), base_offset(base_offset), cipher(key_, Mode::CTR) {} std::size_t CTREncryptionLayer::Read(u8* data, std::size_t length, std::size_t offset) const { if (length == 0) @@ -39,9 +39,8 @@ std::size_t CTREncryptionLayer::Read(u8* data, std::size_t length, std::size_t o return read + Read(data + read, length - read, offset + read); } -void CTREncryptionLayer::SetIV(const std::vector<u8>& iv_) { - const auto length = std::min(iv_.size(), iv.size()); - iv.assign(iv_.cbegin(), iv_.cbegin() + length); +void CTREncryptionLayer::SetIV(const IVData& iv_) { + iv = iv_; } void CTREncryptionLayer::UpdateIV(std::size_t offset) const { diff --git a/src/core/crypto/ctr_encryption_layer.h b/src/core/crypto/ctr_encryption_layer.h index a7bf810f4..a2429f001 100644 --- a/src/core/crypto/ctr_encryption_layer.h +++ b/src/core/crypto/ctr_encryption_layer.h @@ -4,7 +4,8 @@ #pragma once -#include <vector> +#include <array> + #include "core/crypto/aes_util.h" #include "core/crypto/encryption_layer.h" #include "core/crypto/key_manager.h" @@ -14,18 +15,20 @@ namespace Core::Crypto { // Sits on top of a VirtualFile and provides CTR-mode AES decription. class CTREncryptionLayer : public EncryptionLayer { public: + using IVData = std::array<u8, 16>; + CTREncryptionLayer(FileSys::VirtualFile base, Key128 key, std::size_t base_offset); std::size_t Read(u8* data, std::size_t length, std::size_t offset) const override; - void SetIV(const std::vector<u8>& iv); + void SetIV(const IVData& iv); private: std::size_t base_offset; // Must be mutable as operations modify cipher contexts. mutable AESCipher<Key128> cipher; - mutable std::vector<u8> iv; + mutable IVData iv{}; void UpdateIV(std::size_t offset) const; }; diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index f87fe0abc..dc591c730 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp @@ -36,18 +36,86 @@ #include "core/settings.h" namespace Core::Crypto { +namespace { constexpr u64 CURRENT_CRYPTO_REVISION = 0x5; constexpr u64 FULL_TICKET_SIZE = 0x400; -using namespace Common; +using Common::AsArray; -const std::array<SHA256Hash, 2> eticket_source_hashes{ - "B71DB271DC338DF380AA2C4335EF8873B1AFD408E80B3582D8719FC81C5E511C"_array32, // eticket_rsa_kek_source - "E8965A187D30E57869F562D04383C996DE487BBA5761363D2D4D32391866A85C"_array32, // eticket_rsa_kekek_source +// clang-format off +constexpr std::array eticket_source_hashes{ + AsArray("B71DB271DC338DF380AA2C4335EF8873B1AFD408E80B3582D8719FC81C5E511C"), // eticket_rsa_kek_source + AsArray("E8965A187D30E57869F562D04383C996DE487BBA5761363D2D4D32391866A85C"), // eticket_rsa_kekek_source }; +// clang-format on -const std::map<std::pair<S128KeyType, u64>, std::string> KEYS_VARIABLE_LENGTH{ +constexpr std::array<std::pair<std::string_view, KeyIndex<S128KeyType>>, 30> s128_file_id{{ + {"eticket_rsa_kek", {S128KeyType::ETicketRSAKek, 0, 0}}, + {"eticket_rsa_kek_source", + {S128KeyType::Source, static_cast<u64>(SourceKeyType::ETicketKek), 0}}, + {"eticket_rsa_kekek_source", + {S128KeyType::Source, static_cast<u64>(SourceKeyType::ETicketKekek), 0}}, + {"rsa_kek_mask_0", {S128KeyType::RSAKek, static_cast<u64>(RSAKekType::Mask0), 0}}, + {"rsa_kek_seed_3", {S128KeyType::RSAKek, static_cast<u64>(RSAKekType::Seed3), 0}}, + {"rsa_oaep_kek_generation_source", + {S128KeyType::Source, static_cast<u64>(SourceKeyType::RSAOaepKekGeneration), 0}}, + {"sd_card_kek_source", {S128KeyType::Source, static_cast<u64>(SourceKeyType::SDKek), 0}}, + {"aes_kek_generation_source", + {S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKekGeneration), 0}}, + {"aes_key_generation_source", + {S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKeyGeneration), 0}}, + {"package2_key_source", {S128KeyType::Source, static_cast<u64>(SourceKeyType::Package2), 0}}, + {"master_key_source", {S128KeyType::Source, static_cast<u64>(SourceKeyType::Master), 0}}, + {"header_kek_source", {S128KeyType::Source, static_cast<u64>(SourceKeyType::HeaderKek), 0}}, + {"key_area_key_application_source", + {S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyAreaKey), + static_cast<u64>(KeyAreaKeyType::Application)}}, + {"key_area_key_ocean_source", + {S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyAreaKey), + static_cast<u64>(KeyAreaKeyType::Ocean)}}, + {"key_area_key_system_source", + {S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyAreaKey), + static_cast<u64>(KeyAreaKeyType::System)}}, + {"titlekek_source", {S128KeyType::Source, static_cast<u64>(SourceKeyType::Titlekek), 0}}, + {"keyblob_mac_key_source", + {S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyblobMAC), 0}}, + {"tsec_key", {S128KeyType::TSEC, 0, 0}}, + {"secure_boot_key", {S128KeyType::SecureBoot, 0, 0}}, + {"sd_seed", {S128KeyType::SDSeed, 0, 0}}, + {"bis_key_0_crypt", {S128KeyType::BIS, 0, static_cast<u64>(BISKeyType::Crypto)}}, + {"bis_key_0_tweak", {S128KeyType::BIS, 0, static_cast<u64>(BISKeyType::Tweak)}}, + {"bis_key_1_crypt", {S128KeyType::BIS, 1, static_cast<u64>(BISKeyType::Crypto)}}, + {"bis_key_1_tweak", {S128KeyType::BIS, 1, static_cast<u64>(BISKeyType::Tweak)}}, + {"bis_key_2_crypt", {S128KeyType::BIS, 2, static_cast<u64>(BISKeyType::Crypto)}}, + {"bis_key_2_tweak", {S128KeyType::BIS, 2, static_cast<u64>(BISKeyType::Tweak)}}, + {"bis_key_3_crypt", {S128KeyType::BIS, 3, static_cast<u64>(BISKeyType::Crypto)}}, + {"bis_key_3_tweak", {S128KeyType::BIS, 3, static_cast<u64>(BISKeyType::Tweak)}}, + {"header_kek", {S128KeyType::HeaderKek, 0, 0}}, + {"sd_card_kek", {S128KeyType::SDKek, 0, 0}}, +}}; + +auto Find128ByName(std::string_view name) { + return std::find_if(s128_file_id.begin(), s128_file_id.end(), + [&name](const auto& pair) { return pair.first == name; }); +} + +constexpr std::array<std::pair<std::string_view, KeyIndex<S256KeyType>>, 6> s256_file_id{{ + {"header_key", {S256KeyType::Header, 0, 0}}, + {"sd_card_save_key_source", {S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::Save), 0}}, + {"sd_card_nca_key_source", {S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::NCA), 0}}, + {"header_key_source", {S256KeyType::HeaderSource, 0, 0}}, + {"sd_card_save_key", {S256KeyType::SDKey, static_cast<u64>(SDKeyType::Save), 0}}, + {"sd_card_nca_key", {S256KeyType::SDKey, static_cast<u64>(SDKeyType::NCA), 0}}, +}}; + +auto Find256ByName(std::string_view name) { + return std::find_if(s256_file_id.begin(), s256_file_id.end(), + [&name](const auto& pair) { return pair.first == name; }); +} + +using KeyArray = std::array<std::pair<std::pair<S128KeyType, u64>, std::string_view>, 7>; +constexpr KeyArray KEYS_VARIABLE_LENGTH{{ {{S128KeyType::Master, 0}, "master_key_"}, {{S128KeyType::Package1, 0}, "package1_key_"}, {{S128KeyType::Package2, 0}, "package2_key_"}, @@ -55,14 +123,13 @@ const std::map<std::pair<S128KeyType, u64>, std::string> KEYS_VARIABLE_LENGTH{ {{S128KeyType::Source, static_cast<u64>(SourceKeyType::Keyblob)}, "keyblob_key_source_"}, {{S128KeyType::Keyblob, 0}, "keyblob_key_"}, {{S128KeyType::KeyblobMAC, 0}, "keyblob_mac_key_"}, -}; +}}; -namespace { template <std::size_t Size> bool IsAllZeroArray(const std::array<u8, Size>& array) { return std::all_of(array.begin(), array.end(), [](const auto& elem) { return elem == 0; }); } -} // namespace +} // Anonymous namespace u64 GetSignatureTypeDataSize(SignatureType type) { switch (type) { @@ -94,13 +161,13 @@ u64 GetSignatureTypePaddingSize(SignatureType type) { } SignatureType Ticket::GetSignatureType() const { - if (auto ticket = std::get_if<RSA4096Ticket>(&data)) { + if (const auto* ticket = std::get_if<RSA4096Ticket>(&data)) { return ticket->sig_type; } - if (auto ticket = std::get_if<RSA2048Ticket>(&data)) { + if (const auto* ticket = std::get_if<RSA2048Ticket>(&data)) { return ticket->sig_type; } - if (auto ticket = std::get_if<ECDSATicket>(&data)) { + if (const auto* ticket = std::get_if<ECDSATicket>(&data)) { return ticket->sig_type; } @@ -108,13 +175,13 @@ SignatureType Ticket::GetSignatureType() const { } TicketData& Ticket::GetData() { - if (auto ticket = std::get_if<RSA4096Ticket>(&data)) { + if (auto* ticket = std::get_if<RSA4096Ticket>(&data)) { return ticket->data; } - if (auto ticket = std::get_if<RSA2048Ticket>(&data)) { + if (auto* ticket = std::get_if<RSA2048Ticket>(&data)) { return ticket->data; } - if (auto ticket = std::get_if<ECDSATicket>(&data)) { + if (auto* ticket = std::get_if<ECDSATicket>(&data)) { return ticket->data; } @@ -122,13 +189,13 @@ TicketData& Ticket::GetData() { } const TicketData& Ticket::GetData() const { - if (auto ticket = std::get_if<RSA4096Ticket>(&data)) { + if (const auto* ticket = std::get_if<RSA4096Ticket>(&data)) { return ticket->data; } - if (auto ticket = std::get_if<RSA2048Ticket>(&data)) { + if (const auto* ticket = std::get_if<RSA2048Ticket>(&data)) { return ticket->data; } - if (auto ticket = std::get_if<ECDSATicket>(&data)) { + if (const auto* ticket = std::get_if<ECDSATicket>(&data)) { return ticket->data; } @@ -231,8 +298,9 @@ void KeyManager::DeriveGeneralPurposeKeys(std::size_t crypto_revision) { } RSAKeyPair<2048> KeyManager::GetETicketRSAKey() const { - if (IsAllZeroArray(eticket_extended_kek) || !HasKey(S128KeyType::ETicketRSAKek)) + if (IsAllZeroArray(eticket_extended_kek) || !HasKey(S128KeyType::ETicketRSAKek)) { return {}; + } const auto eticket_final = GetKey(S128KeyType::ETicketRSAKek); @@ -259,27 +327,30 @@ Key128 DeriveKeyblobMACKey(const Key128& keyblob_key, const Key128& mac_source) } std::optional<Key128> DeriveSDSeed() { - const FileUtil::IOFile save_43(FileUtil::GetUserPath(FileUtil::UserPath::NANDDir) + - "/system/save/8000000000000043", - "rb+"); - if (!save_43.IsOpen()) - return {}; + const Common::FS::IOFile save_43(Common::FS::GetUserPath(Common::FS::UserPath::NANDDir) + + "/system/save/8000000000000043", + "rb+"); + if (!save_43.IsOpen()) { + return std::nullopt; + } - const FileUtil::IOFile sd_private( - FileUtil::GetUserPath(FileUtil::UserPath::SDMCDir) + "/Nintendo/Contents/private", "rb+"); - if (!sd_private.IsOpen()) - return {}; + const Common::FS::IOFile sd_private(Common::FS::GetUserPath(Common::FS::UserPath::SDMCDir) + + "/Nintendo/Contents/private", + "rb+"); + if (!sd_private.IsOpen()) { + return std::nullopt; + } std::array<u8, 0x10> private_seed{}; if (sd_private.ReadBytes(private_seed.data(), private_seed.size()) != private_seed.size()) { - return {}; + return std::nullopt; } std::array<u8, 0x10> buffer{}; std::size_t offset = 0; for (; offset + 0x10 < save_43.GetSize(); ++offset) { if (!save_43.Seek(offset, SEEK_SET)) { - return {}; + return std::nullopt; } save_43.ReadBytes(buffer.data(), buffer.size()); @@ -289,23 +360,26 @@ std::optional<Key128> DeriveSDSeed() { } if (!save_43.Seek(offset + 0x10, SEEK_SET)) { - return {}; + return std::nullopt; } Key128 seed{}; if (save_43.ReadBytes(seed.data(), seed.size()) != seed.size()) { - return {}; + return std::nullopt; } return seed; } Loader::ResultStatus DeriveSDKeys(std::array<Key256, 2>& sd_keys, KeyManager& keys) { - if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::SDKek))) + if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::SDKek))) { return Loader::ResultStatus::ErrorMissingSDKEKSource; - if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKekGeneration))) + } + if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKekGeneration))) { return Loader::ResultStatus::ErrorMissingAESKEKGenerationSource; - if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKeyGeneration))) + } + if (!keys.HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKeyGeneration))) { return Loader::ResultStatus::ErrorMissingAESKeyGenerationSource; + } const auto sd_kek_source = keys.GetKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::SDKek)); @@ -318,14 +392,17 @@ Loader::ResultStatus DeriveSDKeys(std::array<Key256, 2>& sd_keys, KeyManager& ke GenerateKeyEncryptionKey(sd_kek_source, master_00, aes_kek_gen, aes_key_gen); keys.SetKey(S128KeyType::SDKek, sd_kek); - if (!keys.HasKey(S128KeyType::SDSeed)) + if (!keys.HasKey(S128KeyType::SDSeed)) { return Loader::ResultStatus::ErrorMissingSDSeed; + } const auto sd_seed = keys.GetKey(S128KeyType::SDSeed); - if (!keys.HasKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::Save))) + if (!keys.HasKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::Save))) { return Loader::ResultStatus::ErrorMissingSDSaveKeySource; - if (!keys.HasKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::NCA))) + } + if (!keys.HasKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::NCA))) { return Loader::ResultStatus::ErrorMissingSDNCAKeySource; + } std::array<Key256, 2> sd_key_sources{ keys.GetKey(S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::Save)), @@ -334,8 +411,9 @@ Loader::ResultStatus DeriveSDKeys(std::array<Key256, 2>& sd_keys, KeyManager& ke // Combine sources and seed for (auto& source : sd_key_sources) { - for (std::size_t i = 0; i < source.size(); ++i) + for (std::size_t i = 0; i < source.size(); ++i) { source[i] ^= sd_seed[i & 0xF]; + } } AESCipher<Key128> cipher(sd_kek, Mode::ECB); @@ -353,9 +431,10 @@ Loader::ResultStatus DeriveSDKeys(std::array<Key256, 2>& sd_keys, KeyManager& ke return Loader::ResultStatus::Success; } -std::vector<Ticket> GetTicketblob(const FileUtil::IOFile& ticket_save) { - if (!ticket_save.IsOpen()) +std::vector<Ticket> GetTicketblob(const Common::FS::IOFile& ticket_save) { + if (!ticket_save.IsOpen()) { return {}; + } std::vector<u8> buffer(ticket_save.GetSize()); if (ticket_save.ReadBytes(buffer.data(), buffer.size()) != buffer.size()) { @@ -415,7 +494,7 @@ static std::optional<u64> FindTicketOffset(const std::array<u8, size>& data) { offset = i + 1; break; } else if (data[i] != 0x0) { - return {}; + return std::nullopt; } } @@ -425,16 +504,18 @@ static std::optional<u64> FindTicketOffset(const std::array<u8, size>& data) { std::optional<std::pair<Key128, Key128>> ParseTicket(const Ticket& ticket, const RSAKeyPair<2048>& key) { const auto issuer = ticket.GetData().issuer; - if (IsAllZeroArray(issuer)) - return {}; + if (IsAllZeroArray(issuer)) { + return std::nullopt; + } if (issuer[0] != 'R' || issuer[1] != 'o' || issuer[2] != 'o' || issuer[3] != 't') { LOG_INFO(Crypto, "Attempting to parse ticket with non-standard certificate authority."); } Key128 rights_id = ticket.GetData().rights_id; - if (rights_id == Key128{}) - return {}; + if (rights_id == Key128{}) { + return std::nullopt; + } if (!std::any_of(ticket.GetData().title_key_common_pad.begin(), ticket.GetData().title_key_common_pad.end(), [](u8 b) { return b != 0; })) { @@ -466,15 +547,17 @@ std::optional<std::pair<Key128, Key128>> ParseTicket(const Ticket& ticket, std::array<u8, 0xDF> m_2; std::memcpy(m_2.data(), rsa_step.data() + 0x21, m_2.size()); - if (m_0 != 0) - return {}; + if (m_0 != 0) { + return std::nullopt; + } m_1 = m_1 ^ MGF1<0x20>(m_2); m_2 = m_2 ^ MGF1<0xDF>(m_1); const auto offset = FindTicketOffset(m_2); - if (!offset) - return {}; + if (!offset) { + return std::nullopt; + } ASSERT(*offset > 0); Key128 key_temp{}; @@ -485,8 +568,8 @@ std::optional<std::pair<Key128, Key128>> ParseTicket(const Ticket& ticket, KeyManager::KeyManager() { // Initialize keys - const std::string hactool_keys_dir = FileUtil::GetHactoolConfigurationPath(); - const std::string yuzu_keys_dir = FileUtil::GetUserPath(FileUtil::UserPath::KeysDir); + const std::string hactool_keys_dir = Common::FS::GetHactoolConfigurationPath(); + const std::string yuzu_keys_dir = Common::FS::GetUserPath(Common::FS::UserPath::KeysDir); if (Settings::values.use_dev_keys) { dev_mode = true; AttemptLoadKeyFile(yuzu_keys_dir, hactool_keys_dir, "dev.keys", false); @@ -504,34 +587,39 @@ KeyManager::KeyManager() { } static bool ValidCryptoRevisionString(std::string_view base, size_t begin, size_t length) { - if (base.size() < begin + length) + if (base.size() < begin + length) { return false; + } return std::all_of(base.begin() + begin, base.begin() + begin + length, [](u8 c) { return std::isxdigit(c); }); } void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { std::ifstream file; - OpenFStream(file, filename, std::ios_base::in); - if (!file.is_open()) + Common::FS::OpenFStream(file, filename, std::ios_base::in); + if (!file.is_open()) { return; + } std::string line; while (std::getline(file, line)) { std::vector<std::string> out; std::stringstream stream(line); std::string item; - while (std::getline(stream, item, '=')) + while (std::getline(stream, item, '=')) { out.push_back(std::move(item)); + } - if (out.size() != 2) + if (out.size() != 2) { continue; + } out[0].erase(std::remove(out[0].begin(), out[0].end(), ' '), out[0].end()); out[1].erase(std::remove(out[1].begin(), out[1].end(), ' '), out[1].end()); - if (out[0].compare(0, 1, "#") == 0) + if (out[0].compare(0, 1, "#") == 0) { continue; + } if (is_title_keys) { auto rights_id_raw = Common::HexStringToArray<16>(out[0]); @@ -541,24 +629,26 @@ void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { s128_keys[{S128KeyType::Titlekey, rights_id[1], rights_id[0]}] = key; } else { out[0] = Common::ToLower(out[0]); - if (s128_file_id.find(out[0]) != s128_file_id.end()) { - const auto index = s128_file_id.at(out[0]); - Key128 key = Common::HexStringToArray<16>(out[1]); + if (const auto iter128 = Find128ByName(out[0]); iter128 != s128_file_id.end()) { + const auto& index = iter128->second; + const Key128 key = Common::HexStringToArray<16>(out[1]); s128_keys[{index.type, index.field1, index.field2}] = key; - } else if (s256_file_id.find(out[0]) != s256_file_id.end()) { - const auto index = s256_file_id.at(out[0]); - Key256 key = Common::HexStringToArray<32>(out[1]); + } else if (const auto iter256 = Find256ByName(out[0]); iter256 != s256_file_id.end()) { + const auto& index = iter256->second; + const Key256 key = Common::HexStringToArray<32>(out[1]); s256_keys[{index.type, index.field1, index.field2}] = key; } else if (out[0].compare(0, 8, "keyblob_") == 0 && out[0].compare(0, 9, "keyblob_k") != 0) { - if (!ValidCryptoRevisionString(out[0], 8, 2)) + if (!ValidCryptoRevisionString(out[0], 8, 2)) { continue; + } const auto index = std::stoul(out[0].substr(8, 2), nullptr, 16); keyblobs[index] = Common::HexStringToArray<0x90>(out[1]); } else if (out[0].compare(0, 18, "encrypted_keyblob_") == 0) { - if (!ValidCryptoRevisionString(out[0], 18, 2)) + if (!ValidCryptoRevisionString(out[0], 18, 2)) { continue; + } const auto index = std::stoul(out[0].substr(18, 2), nullptr, 16); encrypted_keyblobs[index] = Common::HexStringToArray<0xB0>(out[1]); @@ -566,8 +656,9 @@ void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { eticket_extended_kek = Common::HexStringToArray<576>(out[1]); } else { for (const auto& kv : KEYS_VARIABLE_LENGTH) { - if (!ValidCryptoRevisionString(out[0], kv.second.size(), 2)) + if (!ValidCryptoRevisionString(out[0], kv.second.size(), 2)) { continue; + } if (out[0].compare(0, kv.second.size(), kv.second) == 0) { const auto index = std::stoul(out[0].substr(kv.second.size(), 2), nullptr, 16); @@ -602,10 +693,11 @@ void KeyManager::LoadFromFile(const std::string& filename, bool is_title_keys) { void KeyManager::AttemptLoadKeyFile(const std::string& dir1, const std::string& dir2, const std::string& filename, bool title) { - if (FileUtil::Exists(dir1 + DIR_SEP + filename)) + if (Common::FS::Exists(dir1 + DIR_SEP + filename)) { LoadFromFile(dir1 + DIR_SEP + filename, title); - else if (FileUtil::Exists(dir2 + DIR_SEP + filename)) + } else if (Common::FS::Exists(dir2 + DIR_SEP + filename)) { LoadFromFile(dir2 + DIR_SEP + filename, title); + } } bool KeyManager::BaseDeriveNecessary() const { @@ -613,8 +705,9 @@ bool KeyManager::BaseDeriveNecessary() const { return !HasKey(key_type, index1, index2); }; - if (check_key_existence(S256KeyType::Header)) + if (check_key_existence(S256KeyType::Header)) { return true; + } for (size_t i = 0; i < CURRENT_CRYPTO_REVISION; ++i) { if (check_key_existence(S128KeyType::Master, i) || @@ -639,14 +732,16 @@ bool KeyManager::HasKey(S256KeyType id, u64 field1, u64 field2) const { } Key128 KeyManager::GetKey(S128KeyType id, u64 field1, u64 field2) const { - if (!HasKey(id, field1, field2)) + if (!HasKey(id, field1, field2)) { return {}; + } return s128_keys.at({id, field1, field2}); } Key256 KeyManager::GetKey(S256KeyType id, u64 field1, u64 field2) const { - if (!HasKey(id, field1, field2)) + if (!HasKey(id, field1, field2)) { return {}; + } return s256_keys.at({id, field1, field2}); } @@ -668,7 +763,7 @@ Key256 KeyManager::GetBISKey(u8 partition_id) const { template <size_t Size> void KeyManager::WriteKeyToFile(KeyCategory category, std::string_view keyname, const std::array<u8, Size>& key) { - const std::string yuzu_keys_dir = FileUtil::GetUserPath(FileUtil::UserPath::KeysDir); + const std::string yuzu_keys_dir = Common::FS::GetUserPath(Common::FS::UserPath::KeysDir); std::string filename = "title.keys_autogenerated"; if (category == KeyCategory::Standard) { filename = dev_mode ? "dev.keys_autogenerated" : "prod.keys_autogenerated"; @@ -677,9 +772,9 @@ void KeyManager::WriteKeyToFile(KeyCategory category, std::string_view keyname, } const auto path = yuzu_keys_dir + DIR_SEP + filename; - const auto add_info_text = !FileUtil::Exists(path); - FileUtil::CreateFullPath(path); - FileUtil::IOFile file{path, "a"}; + const auto add_info_text = !Common::FS::Exists(path); + Common::FS::CreateFullPath(path); + Common::FS::IOFile file{path, "a"}; if (!file.IsOpen()) { return; } @@ -712,8 +807,7 @@ void KeyManager::SetKey(S128KeyType id, Key128 key, u64 field1, u64 field2) { } const auto iter2 = std::find_if( - s128_file_id.begin(), s128_file_id.end(), - [&id, &field1, &field2](const std::pair<std::string, KeyIndex<S128KeyType>> elem) { + s128_file_id.begin(), s128_file_id.end(), [&id, &field1, &field2](const auto& elem) { return std::tie(elem.second.type, elem.second.field1, elem.second.field2) == std::tie(id, field1, field2); }); @@ -723,9 +817,11 @@ void KeyManager::SetKey(S128KeyType id, Key128 key, u64 field1, u64 field2) { // Variable cases if (id == S128KeyType::KeyArea) { - static constexpr std::array<const char*, 3> kak_names = {"key_area_key_application_{:02X}", - "key_area_key_ocean_{:02X}", - "key_area_key_system_{:02X}"}; + static constexpr std::array<const char*, 3> kak_names = { + "key_area_key_application_{:02X}", + "key_area_key_ocean_{:02X}", + "key_area_key_system_{:02X}", + }; WriteKeyToFile(category, fmt::format(kak_names.at(field2), field1), key); } else if (id == S128KeyType::Master) { WriteKeyToFile(category, fmt::format("master_key_{:02X}", field1), key); @@ -751,8 +847,7 @@ void KeyManager::SetKey(S256KeyType id, Key256 key, u64 field1, u64 field2) { return; } const auto iter = std::find_if( - s256_file_id.begin(), s256_file_id.end(), - [&id, &field1, &field2](const std::pair<std::string, KeyIndex<S256KeyType>> elem) { + s256_file_id.begin(), s256_file_id.end(), [&id, &field1, &field2](const auto& elem) { return std::tie(elem.second.type, elem.second.field1, elem.second.field2) == std::tie(id, field1, field2); }); @@ -763,29 +858,31 @@ void KeyManager::SetKey(S256KeyType id, Key256 key, u64 field1, u64 field2) { } bool KeyManager::KeyFileExists(bool title) { - const std::string hactool_keys_dir = FileUtil::GetHactoolConfigurationPath(); - const std::string yuzu_keys_dir = FileUtil::GetUserPath(FileUtil::UserPath::KeysDir); + const std::string hactool_keys_dir = Common::FS::GetHactoolConfigurationPath(); + const std::string yuzu_keys_dir = Common::FS::GetUserPath(Common::FS::UserPath::KeysDir); if (title) { - return FileUtil::Exists(hactool_keys_dir + DIR_SEP + "title.keys") || - FileUtil::Exists(yuzu_keys_dir + DIR_SEP + "title.keys"); + return Common::FS::Exists(hactool_keys_dir + DIR_SEP + "title.keys") || + Common::FS::Exists(yuzu_keys_dir + DIR_SEP + "title.keys"); } if (Settings::values.use_dev_keys) { - return FileUtil::Exists(hactool_keys_dir + DIR_SEP + "dev.keys") || - FileUtil::Exists(yuzu_keys_dir + DIR_SEP + "dev.keys"); + return Common::FS::Exists(hactool_keys_dir + DIR_SEP + "dev.keys") || + Common::FS::Exists(yuzu_keys_dir + DIR_SEP + "dev.keys"); } - return FileUtil::Exists(hactool_keys_dir + DIR_SEP + "prod.keys") || - FileUtil::Exists(yuzu_keys_dir + DIR_SEP + "prod.keys"); + return Common::FS::Exists(hactool_keys_dir + DIR_SEP + "prod.keys") || + Common::FS::Exists(yuzu_keys_dir + DIR_SEP + "prod.keys"); } void KeyManager::DeriveSDSeedLazy() { - if (HasKey(S128KeyType::SDSeed)) + if (HasKey(S128KeyType::SDSeed)) { return; + } const auto res = DeriveSDSeed(); - if (res) + if (res) { SetKey(S128KeyType::SDSeed, *res); + } } static Key128 CalculateCMAC(const u8* source, size_t size, const Key128& key) { @@ -797,11 +894,13 @@ static Key128 CalculateCMAC(const u8* source, size_t size, const Key128& key) { } void KeyManager::DeriveBase() { - if (!BaseDeriveNecessary()) + if (!BaseDeriveNecessary()) { return; + } - if (!HasKey(S128KeyType::SecureBoot) || !HasKey(S128KeyType::TSEC)) + if (!HasKey(S128KeyType::SecureBoot) || !HasKey(S128KeyType::TSEC)) { return; + } const auto has_bis = [this](u64 id) { return HasKey(S128KeyType::BIS, id, static_cast<u64>(BISKeyType::Crypto)) && @@ -818,10 +917,11 @@ void KeyManager::DeriveBase() { static_cast<u64>(BISKeyType::Tweak)); }; - if (has_bis(2) && !has_bis(3)) + if (has_bis(2) && !has_bis(3)) { copy_bis(2, 3); - else if (has_bis(3) && !has_bis(2)) + } else if (has_bis(3) && !has_bis(2)) { copy_bis(3, 2); + } std::bitset<32> revisions(0xFFFFFFFF); for (size_t i = 0; i < revisions.size(); ++i) { @@ -831,15 +931,17 @@ void KeyManager::DeriveBase() { } } - if (!revisions.any()) + if (!revisions.any()) { return; + } const auto sbk = GetKey(S128KeyType::SecureBoot); const auto tsec = GetKey(S128KeyType::TSEC); for (size_t i = 0; i < revisions.size(); ++i) { - if (!revisions[i]) + if (!revisions[i]) { continue; + } // Derive keyblob key const auto key = DeriveKeyblobKey( @@ -848,16 +950,18 @@ void KeyManager::DeriveBase() { SetKey(S128KeyType::Keyblob, key, i); // Derive keyblob MAC key - if (!HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyblobMAC))) + if (!HasKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyblobMAC))) { continue; + } const auto mac_key = DeriveKeyblobMACKey( key, GetKey(S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyblobMAC))); SetKey(S128KeyType::KeyblobMAC, mac_key, i); Key128 cmac = CalculateCMAC(encrypted_keyblobs[i].data() + 0x10, 0xA0, mac_key); - if (std::memcmp(cmac.data(), encrypted_keyblobs[i].data(), cmac.size()) != 0) + if (std::memcmp(cmac.data(), encrypted_keyblobs[i].data(), cmac.size()) != 0) { continue; + } // Decrypt keyblob if (keyblobs[i] == std::array<u8, 0x90>{}) { @@ -881,16 +985,19 @@ void KeyManager::DeriveBase() { revisions.set(); for (size_t i = 0; i < revisions.size(); ++i) { - if (!HasKey(S128KeyType::Master, i)) + if (!HasKey(S128KeyType::Master, i)) { revisions.reset(i); + } } - if (!revisions.any()) + if (!revisions.any()) { return; + } for (size_t i = 0; i < revisions.size(); ++i) { - if (!revisions[i]) + if (!revisions[i]) { continue; + } // Derive general purpose keys DeriveGeneralPurposeKeys(i); @@ -920,16 +1027,19 @@ void KeyManager::DeriveETicket(PartitionDataManager& data) { const auto es = Core::System::GetInstance().GetContentProvider().GetEntry( 0x0100000000000033, FileSys::ContentRecordType::Program); - if (es == nullptr) + if (es == nullptr) { return; + } const auto exefs = es->GetExeFS(); - if (exefs == nullptr) + if (exefs == nullptr) { return; + } const auto main = exefs->GetFile("main"); - if (main == nullptr) + if (main == nullptr) { return; + } const auto bytes = main->ReadAllBytes(); @@ -939,16 +1049,19 @@ void KeyManager::DeriveETicket(PartitionDataManager& data) { const auto seed3 = data.GetRSAKekSeed3(); const auto mask0 = data.GetRSAKekMask0(); - if (eticket_kek != Key128{}) + if (eticket_kek != Key128{}) { SetKey(S128KeyType::Source, eticket_kek, static_cast<size_t>(SourceKeyType::ETicketKek)); + } if (eticket_kekek != Key128{}) { SetKey(S128KeyType::Source, eticket_kekek, static_cast<size_t>(SourceKeyType::ETicketKekek)); } - if (seed3 != Key128{}) + if (seed3 != Key128{}) { SetKey(S128KeyType::RSAKek, seed3, static_cast<size_t>(RSAKekType::Seed3)); - if (mask0 != Key128{}) + } + if (mask0 != Key128{}) { SetKey(S128KeyType::RSAKek, mask0, static_cast<size_t>(RSAKekType::Mask0)); + } if (eticket_kek == Key128{} || eticket_kekek == Key128{} || seed3 == Key128{} || mask0 == Key128{}) { return; @@ -974,8 +1087,9 @@ void KeyManager::DeriveETicket(PartitionDataManager& data) { AESCipher<Key128> es_kek(temp_kekek, Mode::ECB); es_kek.Transcode(eticket_kek.data(), eticket_kek.size(), eticket_final.data(), Op::Decrypt); - if (eticket_final == Key128{}) + if (eticket_final == Key128{}) { return; + } SetKey(S128KeyType::ETicketRSAKek, eticket_final); @@ -990,18 +1104,20 @@ void KeyManager::DeriveETicket(PartitionDataManager& data) { void KeyManager::PopulateTickets() { const auto rsa_key = GetETicketRSAKey(); - if (rsa_key == RSAKeyPair<2048>{}) + if (rsa_key == RSAKeyPair<2048>{}) { return; + } - if (!common_tickets.empty() && !personal_tickets.empty()) + if (!common_tickets.empty() && !personal_tickets.empty()) { return; + } - const FileUtil::IOFile save1(FileUtil::GetUserPath(FileUtil::UserPath::NANDDir) + - "/system/save/80000000000000e1", - "rb+"); - const FileUtil::IOFile save2(FileUtil::GetUserPath(FileUtil::UserPath::NANDDir) + - "/system/save/80000000000000e2", - "rb+"); + const Common::FS::IOFile save1(Common::FS::GetUserPath(Common::FS::UserPath::NANDDir) + + "/system/save/80000000000000e1", + "rb+"); + const Common::FS::IOFile save2(Common::FS::GetUserPath(Common::FS::UserPath::NANDDir) + + "/system/save/80000000000000e2", + "rb+"); const auto blob2 = GetTicketblob(save2); auto res = GetTicketblob(save1); @@ -1011,8 +1127,10 @@ void KeyManager::PopulateTickets() { for (std::size_t i = 0; i < res.size(); ++i) { const auto common = i < idx; const auto pair = ParseTicket(res[i], rsa_key); - if (!pair) + if (!pair) { continue; + } + const auto& [rid, key] = *pair; u128 rights_id; std::memcpy(rights_id.data(), rid.data(), rid.size()); @@ -1041,27 +1159,33 @@ void KeyManager::SynthesizeTickets() { } void KeyManager::SetKeyWrapped(S128KeyType id, Key128 key, u64 field1, u64 field2) { - if (key == Key128{}) + if (key == Key128{}) { return; + } SetKey(id, key, field1, field2); } void KeyManager::SetKeyWrapped(S256KeyType id, Key256 key, u64 field1, u64 field2) { - if (key == Key256{}) + if (key == Key256{}) { return; + } + SetKey(id, key, field1, field2); } void KeyManager::PopulateFromPartitionData(PartitionDataManager& data) { - if (!BaseDeriveNecessary()) + if (!BaseDeriveNecessary()) { return; + } - if (!data.HasBoot0()) + if (!data.HasBoot0()) { return; + } for (size_t i = 0; i < encrypted_keyblobs.size(); ++i) { - if (encrypted_keyblobs[i] != std::array<u8, 0xB0>{}) + if (encrypted_keyblobs[i] != std::array<u8, 0xB0>{}) { continue; + } encrypted_keyblobs[i] = data.GetEncryptedKeyblob(i); WriteKeyToFile<0xB0>(KeyCategory::Console, fmt::format("encrypted_keyblob_{:02X}", i), encrypted_keyblobs[i]); @@ -1083,8 +1207,9 @@ void KeyManager::PopulateFromPartitionData(PartitionDataManager& data) { static_cast<u64>(SourceKeyType::Keyblob), i); } - if (data.HasFuses()) + if (data.HasFuses()) { SetKeyWrapped(S128KeyType::SecureBoot, data.GetSecureBootKey()); + } DeriveBase(); @@ -1098,8 +1223,9 @@ void KeyManager::PopulateFromPartitionData(PartitionDataManager& data) { const auto masters = data.GetTZMasterKeys(latest_master); for (size_t i = 0; i < masters.size(); ++i) { - if (masters[i] != Key128{} && !HasKey(S128KeyType::Master, i)) + if (masters[i] != Key128{} && !HasKey(S128KeyType::Master, i)) { SetKey(S128KeyType::Master, masters[i], i); + } } DeriveBase(); @@ -1109,8 +1235,9 @@ void KeyManager::PopulateFromPartitionData(PartitionDataManager& data) { std::array<Key128, 0x20> package2_keys{}; for (size_t i = 0; i < package2_keys.size(); ++i) { - if (HasKey(S128KeyType::Package2, i)) + if (HasKey(S128KeyType::Package2, i)) { package2_keys[i] = GetKey(S128KeyType::Package2, i); + } } data.DecryptPackage2(package2_keys, Package2Type::NormalMain); @@ -1148,12 +1275,15 @@ const std::map<u128, Ticket>& KeyManager::GetPersonalizedTickets() const { bool KeyManager::AddTicketCommon(Ticket raw) { const auto rsa_key = GetETicketRSAKey(); - if (rsa_key == RSAKeyPair<2048>{}) + if (rsa_key == RSAKeyPair<2048>{}) { return false; + } const auto pair = ParseTicket(raw, rsa_key); - if (!pair) + if (!pair) { return false; + } + const auto& [rid, key] = *pair; u128 rights_id; std::memcpy(rights_id.data(), rid.data(), rid.size()); @@ -1164,12 +1294,15 @@ bool KeyManager::AddTicketCommon(Ticket raw) { bool KeyManager::AddTicketPersonalized(Ticket raw) { const auto rsa_key = GetETicketRSAKey(); - if (rsa_key == RSAKeyPair<2048>{}) + if (rsa_key == RSAKeyPair<2048>{}) { return false; + } const auto pair = ParseTicket(raw, rsa_key); - if (!pair) + if (!pair) { return false; + } + const auto& [rid, key] = *pair; u128 rights_id; std::memcpy(rights_id.data(), rid.data(), rid.size()); @@ -1177,58 +1310,4 @@ bool KeyManager::AddTicketPersonalized(Ticket raw) { SetKey(S128KeyType::Titlekey, key, rights_id[1], rights_id[0]); return true; } - -const boost::container::flat_map<std::string, KeyIndex<S128KeyType>> KeyManager::s128_file_id = { - {"eticket_rsa_kek", {S128KeyType::ETicketRSAKek, 0, 0}}, - {"eticket_rsa_kek_source", - {S128KeyType::Source, static_cast<u64>(SourceKeyType::ETicketKek), 0}}, - {"eticket_rsa_kekek_source", - {S128KeyType::Source, static_cast<u64>(SourceKeyType::ETicketKekek), 0}}, - {"rsa_kek_mask_0", {S128KeyType::RSAKek, static_cast<u64>(RSAKekType::Mask0), 0}}, - {"rsa_kek_seed_3", {S128KeyType::RSAKek, static_cast<u64>(RSAKekType::Seed3), 0}}, - {"rsa_oaep_kek_generation_source", - {S128KeyType::Source, static_cast<u64>(SourceKeyType::RSAOaepKekGeneration), 0}}, - {"sd_card_kek_source", {S128KeyType::Source, static_cast<u64>(SourceKeyType::SDKek), 0}}, - {"aes_kek_generation_source", - {S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKekGeneration), 0}}, - {"aes_key_generation_source", - {S128KeyType::Source, static_cast<u64>(SourceKeyType::AESKeyGeneration), 0}}, - {"package2_key_source", {S128KeyType::Source, static_cast<u64>(SourceKeyType::Package2), 0}}, - {"master_key_source", {S128KeyType::Source, static_cast<u64>(SourceKeyType::Master), 0}}, - {"header_kek_source", {S128KeyType::Source, static_cast<u64>(SourceKeyType::HeaderKek), 0}}, - {"key_area_key_application_source", - {S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyAreaKey), - static_cast<u64>(KeyAreaKeyType::Application)}}, - {"key_area_key_ocean_source", - {S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyAreaKey), - static_cast<u64>(KeyAreaKeyType::Ocean)}}, - {"key_area_key_system_source", - {S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyAreaKey), - static_cast<u64>(KeyAreaKeyType::System)}}, - {"titlekek_source", {S128KeyType::Source, static_cast<u64>(SourceKeyType::Titlekek), 0}}, - {"keyblob_mac_key_source", - {S128KeyType::Source, static_cast<u64>(SourceKeyType::KeyblobMAC), 0}}, - {"tsec_key", {S128KeyType::TSEC, 0, 0}}, - {"secure_boot_key", {S128KeyType::SecureBoot, 0, 0}}, - {"sd_seed", {S128KeyType::SDSeed, 0, 0}}, - {"bis_key_0_crypt", {S128KeyType::BIS, 0, static_cast<u64>(BISKeyType::Crypto)}}, - {"bis_key_0_tweak", {S128KeyType::BIS, 0, static_cast<u64>(BISKeyType::Tweak)}}, - {"bis_key_1_crypt", {S128KeyType::BIS, 1, static_cast<u64>(BISKeyType::Crypto)}}, - {"bis_key_1_tweak", {S128KeyType::BIS, 1, static_cast<u64>(BISKeyType::Tweak)}}, - {"bis_key_2_crypt", {S128KeyType::BIS, 2, static_cast<u64>(BISKeyType::Crypto)}}, - {"bis_key_2_tweak", {S128KeyType::BIS, 2, static_cast<u64>(BISKeyType::Tweak)}}, - {"bis_key_3_crypt", {S128KeyType::BIS, 3, static_cast<u64>(BISKeyType::Crypto)}}, - {"bis_key_3_tweak", {S128KeyType::BIS, 3, static_cast<u64>(BISKeyType::Tweak)}}, - {"header_kek", {S128KeyType::HeaderKek, 0, 0}}, - {"sd_card_kek", {S128KeyType::SDKek, 0, 0}}, -}; - -const boost::container::flat_map<std::string, KeyIndex<S256KeyType>> KeyManager::s256_file_id = { - {"header_key", {S256KeyType::Header, 0, 0}}, - {"sd_card_save_key_source", {S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::Save), 0}}, - {"sd_card_nca_key_source", {S256KeyType::SDKeySource, static_cast<u64>(SDKeyType::NCA), 0}}, - {"header_key_source", {S256KeyType::HeaderSource, 0, 0}}, - {"sd_card_save_key", {S256KeyType::SDKey, static_cast<u64>(SDKeyType::Save), 0}}, - {"sd_card_nca_key", {S256KeyType::SDKey, static_cast<u64>(SDKeyType::NCA), 0}}, -}; } // namespace Core::Crypto diff --git a/src/core/crypto/key_manager.h b/src/core/crypto/key_manager.h index 9269a73f2..321b75323 100644 --- a/src/core/crypto/key_manager.h +++ b/src/core/crypto/key_manager.h @@ -10,14 +10,13 @@ #include <string> #include <variant> -#include <boost/container/flat_map.hpp> #include <fmt/format.h> #include "common/common_funcs.h" #include "common/common_types.h" #include "core/crypto/partition_data_manager.h" #include "core/file_sys/vfs_types.h" -namespace FileUtil { +namespace Common::FS { class IOFile; } @@ -293,9 +292,6 @@ private: void SetKeyWrapped(S128KeyType id, Key128 key, u64 field1 = 0, u64 field2 = 0); void SetKeyWrapped(S256KeyType id, Key256 key, u64 field1 = 0, u64 field2 = 0); - - static const boost::container::flat_map<std::string, KeyIndex<S128KeyType>> s128_file_id; - static const boost::container::flat_map<std::string, KeyIndex<S256KeyType>> s256_file_id; }; Key128 GenerateKeyEncryptionKey(Key128 source, Key128 master, Key128 kek_seed, Key128 key_seed); @@ -308,7 +304,7 @@ std::array<u8, 0x90> DecryptKeyblob(const std::array<u8, 0xB0>& encrypted_keyblo std::optional<Key128> DeriveSDSeed(); Loader::ResultStatus DeriveSDKeys(std::array<Key256, 2>& sd_keys, KeyManager& keys); -std::vector<Ticket> GetTicketblob(const FileUtil::IOFile& ticket_save); +std::vector<Ticket> GetTicketblob(const Common::FS::IOFile& ticket_save); // Returns a pair of {rights_id, titlekey}. Fails if the ticket has no certificate authority // (offset 0x140-0x144 is zero) diff --git a/src/core/crypto/partition_data_manager.cpp b/src/core/crypto/partition_data_manager.cpp index 7ed71ac3a..5f1c86a09 100644 --- a/src/core/crypto/partition_data_manager.cpp +++ b/src/core/crypto/partition_data_manager.cpp @@ -26,8 +26,9 @@ #include "core/file_sys/vfs.h" #include "core/file_sys/vfs_offset.h" #include "core/file_sys/vfs_vector.h" +#include "core/loader/loader.h" -using namespace Common; +using Common::AsArray; namespace Core::Crypto { @@ -47,105 +48,123 @@ struct Package2Header { }; static_assert(sizeof(Package2Header) == 0x200, "Package2Header has incorrect size."); -const std::array<SHA256Hash, 0x10> source_hashes{ - "B24BD293259DBC7AC5D63F88E60C59792498E6FC5443402C7FFE87EE8B61A3F0"_array32, // keyblob_mac_key_source - "7944862A3A5C31C6720595EFD302245ABD1B54CCDCF33000557681E65C5664A4"_array32, // master_key_source - "21E2DF100FC9E094DB51B47B9B1D6E94ED379DB8B547955BEF8FE08D8DD35603"_array32, // package2_key_source - "FC02B9D37B42D7A1452E71444F1F700311D1132E301A83B16062E72A78175085"_array32, // aes_kek_generation_source - "FBD10056999EDC7ACDB96098E47E2C3606230270D23281E671F0F389FC5BC585"_array32, // aes_key_generation_source - "C48B619827986C7F4E3081D59DB2B460C84312650E9A8E6B458E53E8CBCA4E87"_array32, // titlekek_source - "04AD66143C726B2A139FB6B21128B46F56C553B2B3887110304298D8D0092D9E"_array32, // key_area_key_application_source - "FD434000C8FF2B26F8E9A9D2D2C12F6BE5773CBB9DC86300E1BD99F8EA33A417"_array32, // key_area_key_ocean_source - "1F17B1FD51AD1C2379B58F152CA4912EC2106441E51722F38700D5937A1162F7"_array32, // key_area_key_system_source - "6B2ED877C2C52334AC51E59ABFA7EC457F4A7D01E46291E9F2EAA45F011D24B7"_array32, // sd_card_kek_source - "D482743563D3EA5DCDC3B74E97C9AC8A342164FA041A1DC80F17F6D31E4BC01C"_array32, // sd_card_save_key_source - "2E751CECF7D93A2B957BD5FFCB082FD038CC2853219DD3092C6DAB9838F5A7CC"_array32, // sd_card_nca_key_source - "1888CAED5551B3EDE01499E87CE0D86827F80820EFB275921055AA4E2ABDFFC2"_array32, // header_kek_source - "8F783E46852DF6BE0BA4E19273C4ADBAEE16380043E1B8C418C4089A8BD64AA6"_array32, // header_key_source - "D1757E52F1AE55FA882EC690BC6F954AC46A83DC22F277F8806BD55577C6EED7"_array32, // rsa_kek_seed3 - "FC02B9D37B42D7A1452E71444F1F700311D1132E301A83B16062E72A78175085"_array32, // rsa_kek_mask0 +// clang-format off +constexpr std::array source_hashes{ + AsArray("B24BD293259DBC7AC5D63F88E60C59792498E6FC5443402C7FFE87EE8B61A3F0"), // keyblob_mac_key_source + AsArray("7944862A3A5C31C6720595EFD302245ABD1B54CCDCF33000557681E65C5664A4"), // master_key_source + AsArray("21E2DF100FC9E094DB51B47B9B1D6E94ED379DB8B547955BEF8FE08D8DD35603"), // package2_key_source + AsArray("FC02B9D37B42D7A1452E71444F1F700311D1132E301A83B16062E72A78175085"), // aes_kek_generation_source + AsArray("FBD10056999EDC7ACDB96098E47E2C3606230270D23281E671F0F389FC5BC585"), // aes_key_generation_source + AsArray("C48B619827986C7F4E3081D59DB2B460C84312650E9A8E6B458E53E8CBCA4E87"), // titlekek_source + AsArray("04AD66143C726B2A139FB6B21128B46F56C553B2B3887110304298D8D0092D9E"), // key_area_key_application_source + AsArray("FD434000C8FF2B26F8E9A9D2D2C12F6BE5773CBB9DC86300E1BD99F8EA33A417"), // key_area_key_ocean_source + AsArray("1F17B1FD51AD1C2379B58F152CA4912EC2106441E51722F38700D5937A1162F7"), // key_area_key_system_source + AsArray("6B2ED877C2C52334AC51E59ABFA7EC457F4A7D01E46291E9F2EAA45F011D24B7"), // sd_card_kek_source + AsArray("D482743563D3EA5DCDC3B74E97C9AC8A342164FA041A1DC80F17F6D31E4BC01C"), // sd_card_save_key_source + AsArray("2E751CECF7D93A2B957BD5FFCB082FD038CC2853219DD3092C6DAB9838F5A7CC"), // sd_card_nca_key_source + AsArray("1888CAED5551B3EDE01499E87CE0D86827F80820EFB275921055AA4E2ABDFFC2"), // header_kek_source + AsArray("8F783E46852DF6BE0BA4E19273C4ADBAEE16380043E1B8C418C4089A8BD64AA6"), // header_key_source + AsArray("D1757E52F1AE55FA882EC690BC6F954AC46A83DC22F277F8806BD55577C6EED7"), // rsa_kek_seed3 + AsArray("FC02B9D37B42D7A1452E71444F1F700311D1132E301A83B16062E72A78175085"), // rsa_kek_mask0 }; - -const std::array<SHA256Hash, 0x20> keyblob_source_hashes{ - "8A06FE274AC491436791FDB388BCDD3AB9943BD4DEF8094418CDAC150FD73786"_array32, // keyblob_key_source_00 - "2D5CAEB2521FEF70B47E17D6D0F11F8CE2C1E442A979AD8035832C4E9FBCCC4B"_array32, // keyblob_key_source_01 - "61C5005E713BAE780641683AF43E5F5C0E03671117F702F401282847D2FC6064"_array32, // keyblob_key_source_02 - "8E9795928E1C4428E1B78F0BE724D7294D6934689C11B190943923B9D5B85903"_array32, // keyblob_key_source_03 - "95FA33AF95AFF9D9B61D164655B32710ED8D615D46C7D6CC3CC70481B686B402"_array32, // keyblob_key_source_04 - "3F5BE7B3C8B1ABD8C10B4B703D44766BA08730562C172A4FE0D6B866B3E2DB3E"_array32, // keyblob_key_source_05 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_06 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_07 - - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_08 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_09 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_0A - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_0B - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_0C - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_0D - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_0E - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_0F - - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_10 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_11 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_12 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_13 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_14 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_15 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_16 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_17 - - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_18 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_19 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_1A - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_1B - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_1C - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_1D - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_1E - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // keyblob_key_source_1F +// clang-format on + +// clang-format off +constexpr std::array keyblob_source_hashes{ + AsArray("8A06FE274AC491436791FDB388BCDD3AB9943BD4DEF8094418CDAC150FD73786"), // keyblob_key_source_00 + AsArray("2D5CAEB2521FEF70B47E17D6D0F11F8CE2C1E442A979AD8035832C4E9FBCCC4B"), // keyblob_key_source_01 + AsArray("61C5005E713BAE780641683AF43E5F5C0E03671117F702F401282847D2FC6064"), // keyblob_key_source_02 + AsArray("8E9795928E1C4428E1B78F0BE724D7294D6934689C11B190943923B9D5B85903"), // keyblob_key_source_03 + AsArray("95FA33AF95AFF9D9B61D164655B32710ED8D615D46C7D6CC3CC70481B686B402"), // keyblob_key_source_04 + AsArray("3F5BE7B3C8B1ABD8C10B4B703D44766BA08730562C172A4FE0D6B866B3E2DB3E"), // keyblob_key_source_05 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_06 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_07 + + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_08 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_09 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_0A + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_0B + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_0C + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_0D + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_0E + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_0F + + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_10 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_11 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_12 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_13 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_14 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_15 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_16 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_17 + + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_18 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_19 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_1A + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_1B + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_1C + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_1D + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_1E + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // keyblob_key_source_1F }; - -const std::array<SHA256Hash, 0x20> master_key_hashes{ - "0EE359BE3C864BB0782E1D70A718A0342C551EED28C369754F9C4F691BECF7CA"_array32, // master_key_00 - "4FE707B7E4ABDAF727C894AAF13B1351BFE2AC90D875F73B2E20FA94B9CC661E"_array32, // master_key_01 - "79277C0237A2252EC3DFAC1F7C359C2B3D121E9DB15BB9AB4C2B4408D2F3AE09"_array32, // master_key_02 - "4F36C565D13325F65EE134073C6A578FFCB0008E02D69400836844EAB7432754"_array32, // master_key_03 - "75FF1D95D26113550EE6FCC20ACB58E97EDEB3A2FF52543ED5AEC63BDCC3DA50"_array32, // master_key_04 - "EBE2BCD6704673EC0F88A187BB2AD9F1CC82B718C389425941BDC194DC46B0DD"_array32, // master_key_05 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_06 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_07 - - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_08 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_09 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_0A - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_0B - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_0C - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_0D - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_0E - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_0F - - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_10 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_11 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_12 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_13 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_14 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_15 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_16 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_17 - - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_18 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_19 - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_1A - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_1B - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_1C - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_1D - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_1E - "0000000000000000000000000000000000000000000000000000000000000000"_array32, // master_key_1F +// clang-format on + +// clang-format off +constexpr std::array master_key_hashes{ + AsArray("0EE359BE3C864BB0782E1D70A718A0342C551EED28C369754F9C4F691BECF7CA"), // master_key_00 + AsArray("4FE707B7E4ABDAF727C894AAF13B1351BFE2AC90D875F73B2E20FA94B9CC661E"), // master_key_01 + AsArray("79277C0237A2252EC3DFAC1F7C359C2B3D121E9DB15BB9AB4C2B4408D2F3AE09"), // master_key_02 + AsArray("4F36C565D13325F65EE134073C6A578FFCB0008E02D69400836844EAB7432754"), // master_key_03 + AsArray("75FF1D95D26113550EE6FCC20ACB58E97EDEB3A2FF52543ED5AEC63BDCC3DA50"), // master_key_04 + AsArray("EBE2BCD6704673EC0F88A187BB2AD9F1CC82B718C389425941BDC194DC46B0DD"), // master_key_05 + AsArray("9497E6779F5D840F2BBA1DE4E95BA1D6F21EFC94717D5AE5CA37D7EC5BD37A19"), // master_key_06 + AsArray("4EC96B8CB01B8DCE382149443430B2B6EBCB2983348AFA04A25E53609DABEDF6"), // master_key_07 + + AsArray("2998E2E23609BC2675FF062A2D64AF5B1B78DFF463B24119D64A1B64F01B2D51"), // master_key_08 + AsArray("9D486A98067C44B37CF173D3BF577891EB6081FF6B4A166347D9DBBF7025076B"), // master_key_09 + AsArray("4EC5A237A75A083A9C5F6CF615601522A7F822D06BD4BA32612C9CEBBB29BD45"), // master_key_0A + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_0B + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_0C + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_0D + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_0E + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_0F + + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_10 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_11 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_12 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_13 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_14 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_15 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_16 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_17 + + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_18 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_19 + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_1A + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_1B + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_1C + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_1D + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_1E + AsArray("0000000000000000000000000000000000000000000000000000000000000000"), // master_key_1F }; +// clang-format on + +static constexpr u8 CalculateMaxKeyblobSourceHash() { + const auto is_zero = [](const auto& data) { + // TODO: Replace with std::all_of whenever mingw decides to update their + // libraries to include the constexpr variant of it. + for (const auto element : data) { + if (element != 0) { + return false; + } + } + return true; + }; -static u8 CalculateMaxKeyblobSourceHash() { for (s8 i = 0x1F; i >= 0; --i) { - if (keyblob_source_hashes[i] != SHA256Hash{}) + if (!is_zero(keyblob_source_hashes[i])) { return static_cast<u8>(i + 1); + } } return 0; @@ -346,12 +365,11 @@ FileSys::VirtualFile PartitionDataManager::GetPackage2Raw(Package2Type type) con } static bool AttemptDecrypt(const std::array<u8, 16>& key, Package2Header& header) { - const std::vector<u8> iv(header.header_ctr.begin(), header.header_ctr.end()); Package2Header temp = header; AESCipher<Key128> cipher(key, Mode::CTR); - cipher.SetIV(iv); - cipher.Transcode(&temp.header_ctr, sizeof(Package2Header) - 0x100, &temp.header_ctr, - Op::Decrypt); + cipher.SetIV(header.header_ctr); + cipher.Transcode(&temp.header_ctr, sizeof(Package2Header) - sizeof(Package2Header::signature), + &temp.header_ctr, Op::Decrypt); if (temp.magic == Common::MakeMagic('P', 'K', '2', '1')) { header = temp; return true; @@ -388,7 +406,7 @@ void PartitionDataManager::DecryptPackage2(const std::array<Key128, 0x20>& packa auto c = a->ReadAllBytes(); AESCipher<Key128> cipher(package2_keys[revision], Mode::CTR); - cipher.SetIV({header.section_ctr[1].begin(), header.section_ctr[1].end()}); + cipher.SetIV(header.section_ctr[1]); cipher.Transcode(c.data(), c.size(), c.data(), Op::Decrypt); const auto ini_file = std::make_shared<FileSys::VectorVfsFile>(c); |