Atmosphere/libraries/libexosphere/include/exosphere/se/se_suspend.hpp

/*
 * Copyright (c) 2018-2020 Atmosphère-NX
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms and conditions of the GNU General Public License,
 * version 2, as published by the Free Software Foundation.
 *
 * This program is distributed in the hope it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
 * more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
#pragma once
#include <vapours.hpp>
#include <exosphere/se/se_aes.hpp>
#include <exosphere/se/se_rsa.hpp>

namespace ams::se {

    /* 256-bit AES keyslots are two 128-bit keys. */
    constexpr inline int AesKeySlotPartCount = 2;

    /* RSA keys are both a modulus and an exponent. */
    constexpr inline int RsaKeySlotPartCount = 2;

    constexpr inline size_t StickyBitContextSize = 2 * AesBlockSize;

    struct Context {
        u8 random[AesBlockSize];
        u8 sticky_bits[StickyBitContextSize / AesBlockSize][AesBlockSize];
        u8 aes_key[AesKeySlotCount][AesKeySlotPartCount][AesBlockSize];
        u8 aes_oiv[AesKeySlotCount][AesBlockSize];
        u8 aes_uiv[AesKeySlotCount][AesBlockSize];
        u8 rsa_key[RsaKeySlotCount][RsaKeySlotPartCount][RsaSize / AesBlockSize][AesBlockSize];
        u8 fixed_pattern[AesBlockSize];
    };
    static_assert(sizeof(Context) == 0x840);
    static_assert(util::is_pod<Context>::value);

    struct StickyBits {
        u8 se_security;
        u8 tzram_security;
        u16 crypto_security_perkey;
        u8 crypto_keytable_access[AesKeySlotCount];
        u8 rsa_security_perkey;
        u8 rsa_keytable_access[RsaKeySlotCount];
    };
    static_assert(util::is_pod<StickyBits>::value);

    bool ValidateStickyBits(const StickyBits &bits);
    void SaveContext(Context *dst);

    void ConfigureAutomaticContextSave();
    void SaveContextAutomatic();
    void SaveTzramAutomatic();

}
exo2: Initial work on the exosphere rewrite. exo2: Implement uncompressor stub and boot code up to Main(). exo2: implement some more init (uart/gic) exo2: implement more of init exo2: improve reg api, add keyslot flag setters exo2: implement se aes decryption/enc exo2: fix bugs in loader stub/mmu mappings exo2: start skeletoning bootconfig/global context types arch: fix makefile flags exo2: implement through master key derivation exo2: implement device master keygen exo2: more init through start of SetupSocSecurity exo2: implement pmc secure scratch management se: implement sticky bit validation libexosphere: fix building for arm32 libexo: fix makefile flags libexo: support building for arm64/arm sc7fw: skeleton binary sc7fw: skeleton a little more sc7fw: implement all non-dram functionality exo2: fix DivideUp error sc7fw: implement more dram code, fix reg library errors sc7fw: complete sc7fw impl. exo2: skeleton the rest of SetupSocSecurity exo2: implement fiq interrupt handler exo2: implement all exception handlers exo2: skeleton the entire smc api, implement the svc invoker exo2: implement rest of SetupSocSecurity exo2: correct slave security errors exo2: fix register definition exo2: minor fixes 2020-05-05 06:33:16 +00:00			`/*`
			`* Copyright (c) 2018-2020 Atmosphère-NX`
			`*`
			`* This program is free software; you can redistribute it and/or modify it`
			`* under the terms and conditions of the GNU General Public License,`
			`* version 2, as published by the Free Software Foundation.`
			`*`
			`* This program is distributed in the hope it will be useful, but WITHOUT`
			`* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or`
			`* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for`
			`* more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`*/`
			`#pragma once`
			`#include <vapours.hpp>`
			`#include <exosphere/se/se_aes.hpp>`
			`#include <exosphere/se/se_rsa.hpp>`

			`namespace ams::se {`

			`/* 256-bit AES keyslots are two 128-bit keys. */`
			`constexpr inline int AesKeySlotPartCount = 2;`

			`/* RSA keys are both a modulus and an exponent. */`
			`constexpr inline int RsaKeySlotPartCount = 2;`

			`constexpr inline size_t StickyBitContextSize = 2 * AesBlockSize;`

			`struct Context {`
			`u8 random[AesBlockSize];`
			`u8 sticky_bits[StickyBitContextSize / AesBlockSize][AesBlockSize];`
			`u8 aes_key[AesKeySlotCount][AesKeySlotPartCount][AesBlockSize];`
			`u8 aes_oiv[AesKeySlotCount][AesBlockSize];`
			`u8 aes_uiv[AesKeySlotCount][AesBlockSize];`
			`u8 rsa_key[RsaKeySlotCount][RsaKeySlotPartCount][RsaSize / AesBlockSize][AesBlockSize];`
			`u8 fixed_pattern[AesBlockSize];`
			`};`
			`static_assert(sizeof(Context) == 0x840);`
			`static_assert(util::is_pod<Context>::value);`

			`struct StickyBits {`
			`u8 se_security;`
			`u8 tzram_security;`
			`u16 crypto_security_perkey;`
			`u8 crypto_keytable_access[AesKeySlotCount];`
			`u8 rsa_security_perkey;`
			`u8 rsa_keytable_access[RsaKeySlotCount];`
			`};`
			`static_assert(util::is_pod<StickyBits>::value);`

			`bool ValidateStickyBits(const StickyBits &bits);`
exo2: implement the rest of cpu suspend (security checks TODO) 2020-06-08 07:41:27 +00:00			`void SaveContext(Context *dst);`
exo2: Initial work on the exosphere rewrite. exo2: Implement uncompressor stub and boot code up to Main(). exo2: implement some more init (uart/gic) exo2: implement more of init exo2: improve reg api, add keyslot flag setters exo2: implement se aes decryption/enc exo2: fix bugs in loader stub/mmu mappings exo2: start skeletoning bootconfig/global context types arch: fix makefile flags exo2: implement through master key derivation exo2: implement device master keygen exo2: more init through start of SetupSocSecurity exo2: implement pmc secure scratch management se: implement sticky bit validation libexosphere: fix building for arm32 libexo: fix makefile flags libexo: support building for arm64/arm sc7fw: skeleton binary sc7fw: skeleton a little more sc7fw: implement all non-dram functionality exo2: fix DivideUp error sc7fw: implement more dram code, fix reg library errors sc7fw: complete sc7fw impl. exo2: skeleton the rest of SetupSocSecurity exo2: implement fiq interrupt handler exo2: implement all exception handlers exo2: skeleton the entire smc api, implement the svc invoker exo2: implement rest of SetupSocSecurity exo2: correct slave security errors exo2: fix register definition exo2: minor fixes 2020-05-05 06:33:16 +00:00
exo: implement mariko se/tzram context save 2020-06-29 03:32:45 +00:00			`void ConfigureAutomaticContextSave();`
			`void SaveContextAutomatic();`
			`void SaveTzramAutomatic();`

exo2: implement the rest of cpu suspend (security checks TODO) 2020-06-08 07:41:27 +00:00			`}`