mirror of
https://github.com/Atmosphere-NX/Atmosphere
synced 2025-01-11 23:34:50 +00:00
spl: implement ManuService
This commit is contained in:
parent
99106076e6
commit
5633444d5e
5 changed files with 130 additions and 6 deletions
|
@ -27,6 +27,7 @@
|
||||||
#include "spl_crypto_service.hpp"
|
#include "spl_crypto_service.hpp"
|
||||||
#include "spl_ssl_service.hpp"
|
#include "spl_ssl_service.hpp"
|
||||||
#include "spl_es_service.hpp"
|
#include "spl_es_service.hpp"
|
||||||
|
#include "spl_manu_service.hpp"
|
||||||
|
|
||||||
extern "C" {
|
extern "C" {
|
||||||
extern u32 __start__;
|
extern u32 __start__;
|
||||||
|
@ -91,6 +92,7 @@ static const auto MakeGeneralService = []() { return std::make_shared<GeneralSer
|
||||||
static const auto MakeCryptoService = []() { return std::make_shared<CryptoService>(&s_secmon_wrapper); };
|
static const auto MakeCryptoService = []() { return std::make_shared<CryptoService>(&s_secmon_wrapper); };
|
||||||
static const auto MakeSslService = []() { return std::make_shared<SslService>(&s_secmon_wrapper); };
|
static const auto MakeSslService = []() { return std::make_shared<SslService>(&s_secmon_wrapper); };
|
||||||
static const auto MakeEsService = []() { return std::make_shared<EsService>(&s_secmon_wrapper); };
|
static const auto MakeEsService = []() { return std::make_shared<EsService>(&s_secmon_wrapper); };
|
||||||
|
static const auto MakeManuService = []() { return std::make_shared<ManuService>(&s_secmon_wrapper); };
|
||||||
|
|
||||||
int main(int argc, char **argv)
|
int main(int argc, char **argv)
|
||||||
{
|
{
|
||||||
|
@ -106,10 +108,13 @@ int main(int argc, char **argv)
|
||||||
s_server_manager.AddWaitable(new ServiceServer<RandomService, +MakeRandomService>("csrng", 3));
|
s_server_manager.AddWaitable(new ServiceServer<RandomService, +MakeRandomService>("csrng", 3));
|
||||||
if (GetRuntimeFirmwareVersion() >= FirmwareVersion_400) {
|
if (GetRuntimeFirmwareVersion() >= FirmwareVersion_400) {
|
||||||
s_server_manager.AddWaitable(new ServiceServer<GeneralService, +MakeGeneralService>("spl:", 9));
|
s_server_manager.AddWaitable(new ServiceServer<GeneralService, +MakeGeneralService>("spl:", 9));
|
||||||
s_server_manager.AddWaitable(new ServiceServer<GeneralService, +MakeCryptoService>("spl:mig", 6));
|
s_server_manager.AddWaitable(new ServiceServer<CryptoService, +MakeCryptoService>("spl:mig", 6));
|
||||||
s_server_manager.AddWaitable(new ServiceServer<GeneralService, +MakeSslService>("spl:ssl", 2));
|
s_server_manager.AddWaitable(new ServiceServer<SslService, +MakeSslService>("spl:ssl", 2));
|
||||||
s_server_manager.AddWaitable(new ServiceServer<GeneralService, +MakeEsService>("spl:es", 2));
|
s_server_manager.AddWaitable(new ServiceServer<EsService, +MakeEsService>("spl:es", 2));
|
||||||
/* TODO: Other services. */
|
/* TODO: spl:fs. */
|
||||||
|
if (GetRuntimeFirmwareVersion() >= FirmwareVersion_500) {
|
||||||
|
s_server_manager.AddWaitable(new ServiceServer<ManuService, +MakeManuService>("spl:manu", 1));
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
/* TODO, DeprecatedGeneralService */
|
/* TODO, DeprecatedGeneralService */
|
||||||
}
|
}
|
||||||
|
|
24
stratosphere/spl/source/spl_manu_service.cpp
Normal file
24
stratosphere/spl/source/spl_manu_service.cpp
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
/*
|
||||||
|
* Copyright (c) 2018-2019 Atmosphère-NX
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify it
|
||||||
|
* under the terms and conditions of the GNU General Public License,
|
||||||
|
* version 2, as published by the Free Software Foundation.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope it will be useful, but WITHOUT
|
||||||
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|
||||||
|
* more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <switch.h>
|
||||||
|
#include <stratosphere.hpp>
|
||||||
|
|
||||||
|
#include "spl_manu_service.hpp"
|
||||||
|
|
||||||
|
Result ManuService::ReEncryptRsaPrivateKey(OutPointerWithClientSize<u8> out, InPointer<u8> src, AccessKey access_key_dec, KeySource source_dec, AccessKey access_key_enc, KeySource source_enc, u32 option) {
|
||||||
|
return this->GetSecureMonitorWrapper()->ReEncryptRsaPrivateKey(out.pointer, out.num_elements, src.pointer, src.num_elements, access_key_dec, source_dec, access_key_enc, source_enc, option);
|
||||||
|
}
|
58
stratosphere/spl/source/spl_manu_service.hpp
Normal file
58
stratosphere/spl/source/spl_manu_service.hpp
Normal file
|
@ -0,0 +1,58 @@
|
||||||
|
/*
|
||||||
|
* Copyright (c) 2018-2019 Atmosphère-NX
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify it
|
||||||
|
* under the terms and conditions of the GNU General Public License,
|
||||||
|
* version 2, as published by the Free Software Foundation.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope it will be useful, but WITHOUT
|
||||||
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|
||||||
|
* more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#pragma once
|
||||||
|
#include <switch.h>
|
||||||
|
#include <stratosphere.hpp>
|
||||||
|
|
||||||
|
#include "spl_types.hpp"
|
||||||
|
#include "spl_rsa_service.hpp"
|
||||||
|
|
||||||
|
class ManuService : public RsaService {
|
||||||
|
public:
|
||||||
|
ManuService(SecureMonitorWrapper *sw) : RsaService(sw) {
|
||||||
|
/* ... */
|
||||||
|
}
|
||||||
|
|
||||||
|
virtual ~ManuService() {
|
||||||
|
/* ... */
|
||||||
|
}
|
||||||
|
protected:
|
||||||
|
/* Actual commands. */
|
||||||
|
virtual Result ReEncryptRsaPrivateKey(OutPointerWithClientSize<u8> out, InPointer<u8> src, AccessKey access_key_dec, KeySource source_dec, AccessKey access_key_enc, KeySource source_enc, u32 option);
|
||||||
|
public:
|
||||||
|
DEFINE_SERVICE_DISPATCH_TABLE {
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_GetConfig, &ManuService::GetConfig>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_ExpMod, &ManuService::ExpMod>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_SetConfig, &ManuService::SetConfig>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_GenerateRandomBytes, &ManuService::GenerateRandomBytes>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_IsDevelopment, &ManuService::IsDevelopment>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_SetBootReason, &ManuService::SetBootReason, FirmwareVersion_300>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_GetBootReason, &ManuService::GetBootReason, FirmwareVersion_300>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_GenerateAesKek, &ManuService::GenerateAesKek>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_LoadAesKey, &ManuService::LoadAesKey>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_GenerateAesKey, &ManuService::GenerateAesKey>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_DecryptAesKey, &ManuService::DecryptAesKey>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_CryptAesCtr, &ManuService::CryptAesCtr>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_ComputeCmac, &ManuService::ComputeCmac>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_AllocateAesKeyslot, &ManuService::AllocateAesKeyslot, FirmwareVersion_200>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_FreeAesKeyslot, &ManuService::FreeAesKeyslot, FirmwareVersion_200>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_GetAesKeyslotAvailableEvent, &ManuService::GetAesKeyslotAvailableEvent, FirmwareVersion_200>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_DecryptRsaPrivateKey, &ManuService::DecryptRsaPrivateKey>(),
|
||||||
|
MakeServiceCommandMeta<Spl_Cmd_ReEncryptRsaPrivateKey, &ManuService::ReEncryptRsaPrivateKey, FirmwareVersion_500>(),
|
||||||
|
|
||||||
|
};
|
||||||
|
};
|
|
@ -558,7 +558,7 @@ Result SecureMonitorWrapper::DecryptRsaPrivateKey(void *dst, size_t dst_size, co
|
||||||
|
|
||||||
Result SecureMonitorWrapper::ImportSecureExpModKey(const void *src, size_t src_size, const AccessKey &access_key, const KeySource &key_source, u32 option) {
|
Result SecureMonitorWrapper::ImportSecureExpModKey(const void *src, size_t src_size, const AccessKey &access_key, const KeySource &key_source, u32 option) {
|
||||||
struct ImportSecureExpModKeyLayout {
|
struct ImportSecureExpModKeyLayout {
|
||||||
u8 data[RsaPrivateKeyMetaSize + 2 * RsaPrivateKeySize];
|
u8 data[RsaPrivateKeyMetaSize + 2 * RsaPrivateKeySize + 0x10];
|
||||||
};
|
};
|
||||||
ImportSecureExpModKeyLayout *layout = reinterpret_cast<ImportSecureExpModKeyLayout *>(g_work_buffer);
|
ImportSecureExpModKeyLayout *layout = reinterpret_cast<ImportSecureExpModKeyLayout *>(g_work_buffer);
|
||||||
|
|
||||||
|
@ -639,7 +639,7 @@ Result SecureMonitorWrapper::ImportEsKey(const void *src, size_t src_size, const
|
||||||
return ImportSecureExpModKey(src, src_size, access_key, key_source, SmcDecryptOrImportMode_ImportEsKey);
|
return ImportSecureExpModKey(src, src_size, access_key, key_source, SmcDecryptOrImportMode_ImportEsKey);
|
||||||
} else {
|
} else {
|
||||||
struct ImportEsKeyLayout {
|
struct ImportEsKeyLayout {
|
||||||
u8 data[RsaPrivateKeyMetaSize + 2 * RsaPrivateKeySize];
|
u8 data[RsaPrivateKeyMetaSize + 2 * RsaPrivateKeySize + 0x10];
|
||||||
};
|
};
|
||||||
ImportEsKeyLayout *layout = reinterpret_cast<ImportEsKeyLayout *>(g_work_buffer);
|
ImportEsKeyLayout *layout = reinterpret_cast<ImportEsKeyLayout *>(g_work_buffer);
|
||||||
|
|
||||||
|
@ -734,6 +734,40 @@ Result SecureMonitorWrapper::LoadTitleKey(u32 keyslot, const void *owner, const
|
||||||
return ConvertToSplResult(SmcWrapper::LoadTitleKey(keyslot, access_key));
|
return ConvertToSplResult(SmcWrapper::LoadTitleKey(keyslot, access_key));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Result SecureMonitorWrapper::ReEncryptRsaPrivateKey(void *dst, size_t dst_size, const void *src, size_t src_size, const AccessKey &access_key_dec, const KeySource &source_dec, const AccessKey &access_key_enc, const KeySource &source_enc, u32 option) {
|
||||||
|
struct ReEncryptRsaPrivateKeyLayout {
|
||||||
|
u8 data[RsaPrivateKeyMetaSize + 2 * RsaPrivateKeySize + 0x10];
|
||||||
|
AccessKey access_key_dec;
|
||||||
|
KeySource source_dec;
|
||||||
|
AccessKey access_key_enc;
|
||||||
|
KeySource source_enc;
|
||||||
|
};
|
||||||
|
ReEncryptRsaPrivateKeyLayout *layout = reinterpret_cast<ReEncryptRsaPrivateKeyLayout *>(g_work_buffer);
|
||||||
|
|
||||||
|
/* Validate size. */
|
||||||
|
if (src_size < RsaPrivateKeyMetaSize || src_size > sizeof(ReEncryptRsaPrivateKeyLayout)) {
|
||||||
|
return ResultSplInvalidSize;
|
||||||
|
}
|
||||||
|
|
||||||
|
std::memcpy(layout, src, src_size);
|
||||||
|
layout->access_key_dec = access_key_dec;
|
||||||
|
layout->source_dec = source_dec;
|
||||||
|
layout->access_key_enc = access_key_enc;
|
||||||
|
layout->source_enc = source_enc;
|
||||||
|
|
||||||
|
armDCacheFlush(layout, sizeof(*layout));
|
||||||
|
|
||||||
|
SmcResult smc_res = SmcWrapper::ReEncryptRsaPrivateKey(layout->data, src_size, layout->access_key_dec, layout->source_dec, layout->access_key_enc, layout->source_enc, option);
|
||||||
|
if (smc_res == SmcResult_Success) {
|
||||||
|
size_t copy_size = std::min(dst_size, src_size);
|
||||||
|
armDCacheFlush(layout, copy_size);
|
||||||
|
std::memcpy(dst, layout->data, copy_size);
|
||||||
|
}
|
||||||
|
|
||||||
|
return ConvertToSplResult(smc_res);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
Result SecureMonitorWrapper::FreeAesKeyslots(const void *owner) {
|
Result SecureMonitorWrapper::FreeAesKeyslots(const void *owner) {
|
||||||
for (size_t i = 0; i < GetMaxKeyslots(); i++) {
|
for (size_t i = 0; i < GetMaxKeyslots(); i++) {
|
||||||
if (this->keyslot_owners[i] == owner) {
|
if (this->keyslot_owners[i] == owner) {
|
||||||
|
|
|
@ -95,6 +95,9 @@ class SecureMonitorWrapper {
|
||||||
/* FS */
|
/* FS */
|
||||||
Result LoadTitleKey(u32 keyslot, const void *owner, const AccessKey &access_key);
|
Result LoadTitleKey(u32 keyslot, const void *owner, const AccessKey &access_key);
|
||||||
|
|
||||||
|
/* Manu. */
|
||||||
|
Result ReEncryptRsaPrivateKey(void *dst, size_t dst_size, const void *src, size_t src_size, const AccessKey &access_key_dec, const KeySource &source_dec, const AccessKey &access_key_enc, const KeySource &source_enc, u32 option);
|
||||||
|
|
||||||
/* Helper. */
|
/* Helper. */
|
||||||
Result FreeAesKeyslots(const void *owner);
|
Result FreeAesKeyslots(const void *owner);
|
||||||
Handle GetAesKeyslotAvailableEventHandle();
|
Handle GetAesKeyslotAvailableEventHandle();
|
||||||
|
|
Loading…
Reference in a new issue