mirror of
https://github.com/Atmosphere-NX/Atmosphere
synced 2025-01-11 15:24:46 +00:00
spl: implement ManuService
This commit is contained in:
parent
99106076e6
commit
5633444d5e
5 changed files with 130 additions and 6 deletions
|
@ -27,6 +27,7 @@
|
|||
#include "spl_crypto_service.hpp"
|
||||
#include "spl_ssl_service.hpp"
|
||||
#include "spl_es_service.hpp"
|
||||
#include "spl_manu_service.hpp"
|
||||
|
||||
extern "C" {
|
||||
extern u32 __start__;
|
||||
|
@ -91,6 +92,7 @@ static const auto MakeGeneralService = []() { return std::make_shared<GeneralSer
|
|||
static const auto MakeCryptoService = []() { return std::make_shared<CryptoService>(&s_secmon_wrapper); };
|
||||
static const auto MakeSslService = []() { return std::make_shared<SslService>(&s_secmon_wrapper); };
|
||||
static const auto MakeEsService = []() { return std::make_shared<EsService>(&s_secmon_wrapper); };
|
||||
static const auto MakeManuService = []() { return std::make_shared<ManuService>(&s_secmon_wrapper); };
|
||||
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
|
@ -106,10 +108,13 @@ int main(int argc, char **argv)
|
|||
s_server_manager.AddWaitable(new ServiceServer<RandomService, +MakeRandomService>("csrng", 3));
|
||||
if (GetRuntimeFirmwareVersion() >= FirmwareVersion_400) {
|
||||
s_server_manager.AddWaitable(new ServiceServer<GeneralService, +MakeGeneralService>("spl:", 9));
|
||||
s_server_manager.AddWaitable(new ServiceServer<GeneralService, +MakeCryptoService>("spl:mig", 6));
|
||||
s_server_manager.AddWaitable(new ServiceServer<GeneralService, +MakeSslService>("spl:ssl", 2));
|
||||
s_server_manager.AddWaitable(new ServiceServer<GeneralService, +MakeEsService>("spl:es", 2));
|
||||
/* TODO: Other services. */
|
||||
s_server_manager.AddWaitable(new ServiceServer<CryptoService, +MakeCryptoService>("spl:mig", 6));
|
||||
s_server_manager.AddWaitable(new ServiceServer<SslService, +MakeSslService>("spl:ssl", 2));
|
||||
s_server_manager.AddWaitable(new ServiceServer<EsService, +MakeEsService>("spl:es", 2));
|
||||
/* TODO: spl:fs. */
|
||||
if (GetRuntimeFirmwareVersion() >= FirmwareVersion_500) {
|
||||
s_server_manager.AddWaitable(new ServiceServer<ManuService, +MakeManuService>("spl:manu", 1));
|
||||
}
|
||||
} else {
|
||||
/* TODO, DeprecatedGeneralService */
|
||||
}
|
||||
|
|
24
stratosphere/spl/source/spl_manu_service.cpp
Normal file
24
stratosphere/spl/source/spl_manu_service.cpp
Normal file
|
@ -0,0 +1,24 @@
|
|||
/*
|
||||
* Copyright (c) 2018-2019 Atmosphère-NX
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms and conditions of the GNU General Public License,
|
||||
* version 2, as published by the Free Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope it will be useful, but WITHOUT
|
||||
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
||||
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|
||||
* more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <switch.h>
|
||||
#include <stratosphere.hpp>
|
||||
|
||||
#include "spl_manu_service.hpp"
|
||||
|
||||
Result ManuService::ReEncryptRsaPrivateKey(OutPointerWithClientSize<u8> out, InPointer<u8> src, AccessKey access_key_dec, KeySource source_dec, AccessKey access_key_enc, KeySource source_enc, u32 option) {
|
||||
return this->GetSecureMonitorWrapper()->ReEncryptRsaPrivateKey(out.pointer, out.num_elements, src.pointer, src.num_elements, access_key_dec, source_dec, access_key_enc, source_enc, option);
|
||||
}
|
58
stratosphere/spl/source/spl_manu_service.hpp
Normal file
58
stratosphere/spl/source/spl_manu_service.hpp
Normal file
|
@ -0,0 +1,58 @@
|
|||
/*
|
||||
* Copyright (c) 2018-2019 Atmosphère-NX
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms and conditions of the GNU General Public License,
|
||||
* version 2, as published by the Free Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope it will be useful, but WITHOUT
|
||||
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
||||
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|
||||
* more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#pragma once
|
||||
#include <switch.h>
|
||||
#include <stratosphere.hpp>
|
||||
|
||||
#include "spl_types.hpp"
|
||||
#include "spl_rsa_service.hpp"
|
||||
|
||||
class ManuService : public RsaService {
|
||||
public:
|
||||
ManuService(SecureMonitorWrapper *sw) : RsaService(sw) {
|
||||
/* ... */
|
||||
}
|
||||
|
||||
virtual ~ManuService() {
|
||||
/* ... */
|
||||
}
|
||||
protected:
|
||||
/* Actual commands. */
|
||||
virtual Result ReEncryptRsaPrivateKey(OutPointerWithClientSize<u8> out, InPointer<u8> src, AccessKey access_key_dec, KeySource source_dec, AccessKey access_key_enc, KeySource source_enc, u32 option);
|
||||
public:
|
||||
DEFINE_SERVICE_DISPATCH_TABLE {
|
||||
MakeServiceCommandMeta<Spl_Cmd_GetConfig, &ManuService::GetConfig>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_ExpMod, &ManuService::ExpMod>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_SetConfig, &ManuService::SetConfig>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_GenerateRandomBytes, &ManuService::GenerateRandomBytes>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_IsDevelopment, &ManuService::IsDevelopment>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_SetBootReason, &ManuService::SetBootReason, FirmwareVersion_300>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_GetBootReason, &ManuService::GetBootReason, FirmwareVersion_300>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_GenerateAesKek, &ManuService::GenerateAesKek>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_LoadAesKey, &ManuService::LoadAesKey>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_GenerateAesKey, &ManuService::GenerateAesKey>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_DecryptAesKey, &ManuService::DecryptAesKey>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_CryptAesCtr, &ManuService::CryptAesCtr>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_ComputeCmac, &ManuService::ComputeCmac>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_AllocateAesKeyslot, &ManuService::AllocateAesKeyslot, FirmwareVersion_200>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_FreeAesKeyslot, &ManuService::FreeAesKeyslot, FirmwareVersion_200>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_GetAesKeyslotAvailableEvent, &ManuService::GetAesKeyslotAvailableEvent, FirmwareVersion_200>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_DecryptRsaPrivateKey, &ManuService::DecryptRsaPrivateKey>(),
|
||||
MakeServiceCommandMeta<Spl_Cmd_ReEncryptRsaPrivateKey, &ManuService::ReEncryptRsaPrivateKey, FirmwareVersion_500>(),
|
||||
|
||||
};
|
||||
};
|
|
@ -558,7 +558,7 @@ Result SecureMonitorWrapper::DecryptRsaPrivateKey(void *dst, size_t dst_size, co
|
|||
|
||||
Result SecureMonitorWrapper::ImportSecureExpModKey(const void *src, size_t src_size, const AccessKey &access_key, const KeySource &key_source, u32 option) {
|
||||
struct ImportSecureExpModKeyLayout {
|
||||
u8 data[RsaPrivateKeyMetaSize + 2 * RsaPrivateKeySize];
|
||||
u8 data[RsaPrivateKeyMetaSize + 2 * RsaPrivateKeySize + 0x10];
|
||||
};
|
||||
ImportSecureExpModKeyLayout *layout = reinterpret_cast<ImportSecureExpModKeyLayout *>(g_work_buffer);
|
||||
|
||||
|
@ -639,7 +639,7 @@ Result SecureMonitorWrapper::ImportEsKey(const void *src, size_t src_size, const
|
|||
return ImportSecureExpModKey(src, src_size, access_key, key_source, SmcDecryptOrImportMode_ImportEsKey);
|
||||
} else {
|
||||
struct ImportEsKeyLayout {
|
||||
u8 data[RsaPrivateKeyMetaSize + 2 * RsaPrivateKeySize];
|
||||
u8 data[RsaPrivateKeyMetaSize + 2 * RsaPrivateKeySize + 0x10];
|
||||
};
|
||||
ImportEsKeyLayout *layout = reinterpret_cast<ImportEsKeyLayout *>(g_work_buffer);
|
||||
|
||||
|
@ -734,6 +734,40 @@ Result SecureMonitorWrapper::LoadTitleKey(u32 keyslot, const void *owner, const
|
|||
return ConvertToSplResult(SmcWrapper::LoadTitleKey(keyslot, access_key));
|
||||
}
|
||||
|
||||
Result SecureMonitorWrapper::ReEncryptRsaPrivateKey(void *dst, size_t dst_size, const void *src, size_t src_size, const AccessKey &access_key_dec, const KeySource &source_dec, const AccessKey &access_key_enc, const KeySource &source_enc, u32 option) {
|
||||
struct ReEncryptRsaPrivateKeyLayout {
|
||||
u8 data[RsaPrivateKeyMetaSize + 2 * RsaPrivateKeySize + 0x10];
|
||||
AccessKey access_key_dec;
|
||||
KeySource source_dec;
|
||||
AccessKey access_key_enc;
|
||||
KeySource source_enc;
|
||||
};
|
||||
ReEncryptRsaPrivateKeyLayout *layout = reinterpret_cast<ReEncryptRsaPrivateKeyLayout *>(g_work_buffer);
|
||||
|
||||
/* Validate size. */
|
||||
if (src_size < RsaPrivateKeyMetaSize || src_size > sizeof(ReEncryptRsaPrivateKeyLayout)) {
|
||||
return ResultSplInvalidSize;
|
||||
}
|
||||
|
||||
std::memcpy(layout, src, src_size);
|
||||
layout->access_key_dec = access_key_dec;
|
||||
layout->source_dec = source_dec;
|
||||
layout->access_key_enc = access_key_enc;
|
||||
layout->source_enc = source_enc;
|
||||
|
||||
armDCacheFlush(layout, sizeof(*layout));
|
||||
|
||||
SmcResult smc_res = SmcWrapper::ReEncryptRsaPrivateKey(layout->data, src_size, layout->access_key_dec, layout->source_dec, layout->access_key_enc, layout->source_enc, option);
|
||||
if (smc_res == SmcResult_Success) {
|
||||
size_t copy_size = std::min(dst_size, src_size);
|
||||
armDCacheFlush(layout, copy_size);
|
||||
std::memcpy(dst, layout->data, copy_size);
|
||||
}
|
||||
|
||||
return ConvertToSplResult(smc_res);
|
||||
|
||||
}
|
||||
|
||||
Result SecureMonitorWrapper::FreeAesKeyslots(const void *owner) {
|
||||
for (size_t i = 0; i < GetMaxKeyslots(); i++) {
|
||||
if (this->keyslot_owners[i] == owner) {
|
||||
|
|
|
@ -95,6 +95,9 @@ class SecureMonitorWrapper {
|
|||
/* FS */
|
||||
Result LoadTitleKey(u32 keyslot, const void *owner, const AccessKey &access_key);
|
||||
|
||||
/* Manu. */
|
||||
Result ReEncryptRsaPrivateKey(void *dst, size_t dst_size, const void *src, size_t src_size, const AccessKey &access_key_dec, const KeySource &source_dec, const AccessKey &access_key_enc, const KeySource &source_enc, u32 option);
|
||||
|
||||
/* Helper. */
|
||||
Result FreeAesKeyslots(const void *owner);
|
||||
Handle GetAesKeyslotAvailableEventHandle();
|
||||
|
|
Loading…
Reference in a new issue