nold/Atmosphere
1
0
Fork 0
mirror of https://github.com/Atmosphere-NX/Atmosphere synced 2024-11-09 22:56:35 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix minor build issues in gcm.c, etc.

Browse source
This commit is contained in:
TuxSH 2018-02-20 19:29:44 +01:00
parent 25e6317272
commit 81b874cc14
2 changed files with 36 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
exosphere/gcm.c
View file

@ -7,14 +7,14 @@
#include "se.h" #include "se.h"
/* Shifts right a little endian 128-bit value. */ /* Shifts right a little endian 128-bit value. */
void shr_128(uint64_t *val) { static void shr_128(uint64_t *val) {
val[0] >>= 1; val[0] >>= 1;
val[0] |= (val[1] & 1) << 63; val[0] |= (val[1] & 1) << 63;
val[1] >>= 1; val[1] >>= 1;
} }
/* Shifts left a little endian 128-bit value. */ /* Shifts left a little endian 128-bit value. */
void shl_128(uint64_t *val) { static void shl_128(uint64_t *val) {
val[1] <<= 1; val[1] <<= 1;
val[1] |= (val[0] & (1ULL << 63)) >> 63; val[1] |= (val[0] & (1ULL << 63)) >> 63;
val[0] <<= 1; val[0] <<= 1;
@ -22,7 +22,7 @@ void shl_128(uint64_t *val) {
/* Multiplies two 128-bit numbers X,Y in the GF(128) Galois Field. */ /* Multiplies two 128-bit numbers X,Y in the GF(128) Galois Field. */
void gf128_mul(uint8_t *dst, const uint8_t *x, const uint8_t *y) { static void gf128_mul(uint8_t *dst, const uint8_t *x, const uint8_t *y) {
uint8_t x_work[0x10]; uint8_t x_work[0x10];
uint8_t y_work[0x10]; uint8_t y_work[0x10];
uint8_t dst_work[0x10]; uint8_t dst_work[0x10];
@ -43,9 +43,9 @@ void gf128_mul(uint8_t *dst, const uint8_t *x, const uint8_t *y) {
p_dst[0] ^= p_x[0] * ((y_work[0xF] & 0x80) >> 7); p_dst[0] ^= p_x[0] * ((y_work[0xF] & 0x80) >> 7);
p_dst[1] ^= p_x[1] * ((y_work[0xF] & 0x80) >> 7); p_dst[1] ^= p_x[1] * ((y_work[0xF] & 0x80) >> 7);
shl_128(p_y); shl_128(p_y);
uint8_t xor = 0xE1 * (x_work[0] & 1); uint8_t xval = 0xE1 * (x_work[0] & 1);
shr_128(p_x); shr_128(p_x);
x_work[0xF] ^= xor; x_work[0xF] ^= xval;
} }
for (unsigned int i = 0; i < 0x10; i++) { for (unsigned int i = 0; i < 0x10; i++) {
@ -56,16 +56,14 @@ void gf128_mul(uint8_t *dst, const uint8_t *x, const uint8_t *y) {
/* Performs an AES-GCM GHASH operation over the data into dst. */ /* Performs an AES-GCM GHASH operation over the data into dst. */
void ghash(void *dst, const void *data, size_t data_size, const void *j_block, int encrypt) { static void ghash(void *dst, const void *data, size_t data_size, const void *j_block, int encrypt) {
uint8_t x[0x10]; uint8_t x[0x10];
uint8_t h[0x10]; uint8_t h[0x10];
uint64_t *p_x = (uint64_t *)(&x[0]); uint64_t *p_x = (uint64_t *)(&x[0]);
uint64_t *p_data = (uint64_t *)data; uint64_t *p_data = (uint64_t *)data;
for (unsigned int i = 0; i < 0x10; i++) { memset(x, 0, 0x10);
x[i] = 0;
}
/* H = aes_ecb_encrypt(zeroes) */ /* H = aes_ecb_encrypt(zeroes) */
se_aes_ecb_encrypt_block(KEYSLOT_SWITCH_TEMPKEY, h, 0x10, x, 0x10); se_aes_ecb_encrypt_block(KEYSLOT_SWITCH_TEMPKEY, h, 0x10, x, 0x10);
@ -77,7 +75,7 @@ void ghash(void *dst, const void *data, size_t data_size, const void *j_block, i
p_x[0] ^= p_data[0]; p_x[0] ^= p_data[0];
p_x[1] ^= p_data[1]; p_x[1] ^= p_data[1];
gf128_mul(x, x, h) gf128_mul(x, x, h);
/* Increment p_data by 0x10 bytes. */ /* Increment p_data by 0x10 bytes. */
p_data += 2; p_data += 2;
@ -88,7 +86,7 @@ void ghash(void *dst, const void *data, size_t data_size, const void *j_block, i
/* And treats that block as though it were all-zero. */ /* And treats that block as though it were all-zero. */
/* This is a bug, they just forget to XOR with the copy of the last block they save. */ /* This is a bug, they just forget to XOR with the copy of the last block they save. */
if (data_size & 0xF) { if (data_size & 0xF) {
gf128_mul(x, x, h) gf128_mul(x, x, h);
} }
/* Due to a Nintendo bug, the wrong QWORD gets XOR'd in the "final output block" case. */ /* Due to a Nintendo bug, the wrong QWORD gets XOR'd in the "final output block" case. */
@ -98,7 +96,7 @@ void ghash(void *dst, const void *data, size_t data_size, const void *j_block, i
p_x[0] ^= (uint64_t)(total_size << 3); p_x[0] ^= (uint64_t)(total_size << 3);
} }
gf128_mul(x, x, h) gf128_mul(x, x, h);
/* If final output block, XOR with encrypted J block. */ /* If final output block, XOR with encrypted J block. */
if (encrypt) { if (encrypt) {
@ -109,17 +107,12 @@ void ghash(void *dst, const void *data, size_t data_size, const void *j_block, i
} }
/* Copy output. */ /* Copy output. */
for (unsigned int i = 0; i < 0x10; i++) { memcpy(dst, x, 0x10);
((uint8_t *)dst)[i] = x[i];
}
} }
/* This function is a doozy. It decrypts and validates a (non-standard) AES-GCM wrapped keypair. */ /* This function is a doozy. It decrypts and validates a (non-standard) AES-GCM wrapped keypair. */
int gcm_decrypt_key(unsigned int keyslot, void *dst, size_t dst_size, const void *src, size_t src_size, const void *sealed_kek, size_t kek_size, const void *wrapped_key, size_t key_size, unsigned int usecase, int is_personalized) { size_t gcm_decrypt_key(unsigned int keyslot, void *dst, size_t dst_size, const void *src, size_t src_size, const void *sealed_kek, size_t kek_size, const void *wrapped_key, size_t key_size, unsigned int usecase, int is_personalized) {
if (is_personalized == 0) { if (is_personalized == 0) {
/* Devkit keys use a different keyformat without a MAC/Device ID. */ /* Devkit keys use a different keyformat without a MAC/Device ID. */
if (src_size <= 0x10 || src_size - 0x10 > dst_size) { if (src_size <= 0x10 || src_size - 0x10 > dst_size) {

2
exosphere/gcm.h
View file

@ -3,6 +3,6 @@
#include <stdint.h> #include <stdint.h>
int gcm_decrypt_key(unsigned int keyslot, void *dst, size_t dst_size, const void *src, size_t src_size, const void *sealed_kek, size_t kek_size, const void *wrapped_key, size_t key_size, unsigned int usecase, int is_personalized); size_t gcm_decrypt_key(unsigned int keyslot, void *dst, size_t dst_size, const void *src, size_t src_size, const void *sealed_kek, size_t kek_size, const void *wrapped_key, size_t key_size, unsigned int usecase, int is_personalized);
#endif #endif