From a7bf8bf118ee7a38ec5561c4b0b4e3d62a1d3e30 Mon Sep 17 00:00:00 2001 From: CTCaer Date: Sat, 6 Feb 2021 02:55:58 +0200 Subject: [PATCH] se: Refactor with proper names Additionally fix some bugs in rsa access control --- bdk/sec/se.c | 275 ++++++------ bdk/sec/se.h | 47 +- bdk/sec/se_t210.h | 637 ++++++++++++---------------- bdk/sec/tsec.c | 10 +- bdk/soc/hw_init.c | 6 +- bootloader/frontend/fe_emmc_tools.c | 5 +- bootloader/frontend/fe_info.c | 13 +- bootloader/frontend/fe_tools.c | 3 +- bootloader/hos/hos.c | 90 ++-- bootloader/hos/pkg2.c | 23 +- nyx/nyx_gui/hos/hos.c | 155 ++++--- nyx/nyx_gui/hos/pkg2.c | 15 +- 12 files changed, 604 insertions(+), 675 deletions(-) diff --git a/bdk/sec/se.c b/bdk/sec/se.c index 3a97ddd..01d14ab 100644 --- a/bdk/sec/se.c +++ b/bdk/sec/se.c @@ -1,6 +1,6 @@ /* * Copyright (c) 2018 naehrwert - * Copyright (c) 2018-2020 CTCaer + * Copyright (c) 2018-2021 CTCaer * * This program is free software; you can redistribute it and/or modify it * under the terms and conditions of the GNU General Public License, @@ -57,17 +57,17 @@ static void _se_ll_init(se_ll_t *ll, u32 addr, u32 size) static void _se_ll_set(se_ll_t *dst, se_ll_t *src) { - SE(SE_IN_LL_ADDR_REG_OFFSET) = (u32)src; - SE(SE_OUT_LL_ADDR_REG_OFFSET) = (u32)dst; + SE(SE_IN_LL_ADDR_REG) = (u32)src; + SE(SE_OUT_LL_ADDR_REG) = (u32)dst; } static int _se_wait() { - while (!(SE(SE_INT_STATUS_REG_OFFSET) & SE_INT_OP_DONE(INT_SET))) + while (!(SE(SE_INT_STATUS_REG) & SE_INT_OP_DONE)) ; - if (SE(SE_INT_STATUS_REG_OFFSET) & SE_INT_ERROR(INT_SET) || - SE(SE_STATUS_0) & SE_STATUS_0_STATE_WAIT_IN || - SE(SE_ERR_STATUS_0) != SE_ERR_STATUS_0_SE_NS_ACCESS_CLEAR) + if (SE(SE_INT_STATUS_REG) & SE_INT_ERR_STAT || + (SE(SE_STATUS_REG) & SE_STATUS_STATE_MASK) != SE_STATUS_STATE_IDLE || + SE(SE_ERR_STATUS_REG) != 0) return 0; return 1; } @@ -92,12 +92,12 @@ static int _se_execute(u32 op, void *dst, u32 dst_size, const void *src, u32 src _se_ll_set(ll_dst, ll_src); - SE(SE_ERR_STATUS_0) = SE(SE_ERR_STATUS_0); - SE(SE_INT_STATUS_REG_OFFSET) = SE(SE_INT_STATUS_REG_OFFSET); + SE(SE_ERR_STATUS_REG) = SE(SE_ERR_STATUS_REG); + SE(SE_INT_STATUS_REG) = SE(SE_INT_STATUS_REG); bpmp_mmu_maintenance(BPMP_MMU_MAINT_CLN_INV_WAY, false); - SE(SE_OPERATION_REG_OFFSET) = SE_OPERATION(op); + SE(SE_OPERATION_REG) = op; if (is_oneshot) { @@ -146,13 +146,13 @@ static int _se_execute_one_block(u32 op, void *dst, u32 dst_size, const void *sr if (!src || !dst) return 0; - u8 *block = (u8 *)malloc(0x10); - memset(block, 0, 0x10); + u8 *block = (u8 *)malloc(SE_AES_BLOCK_SIZE); + memset(block, 0, SE_AES_BLOCK_SIZE); - SE(SE_BLOCK_COUNT_REG_OFFSET) = 0; + SE(SE_CRYPTO_BLOCK_COUNT_REG) = 1 - 1; memcpy(block, src, src_size); - int res = _se_execute_oneshot(op, block, 0x10, block, 0x10); + int res = _se_execute_oneshot(op, block, SE_AES_BLOCK_SIZE, block, SE_AES_BLOCK_SIZE); memcpy(dst, block, dst_size); free(block); @@ -161,68 +161,68 @@ static int _se_execute_one_block(u32 op, void *dst, u32 dst_size, const void *sr static void _se_aes_ctr_set(void *ctr) { - u32 data[TEGRA_SE_AES_BLOCK_SIZE / 4]; - memcpy(data, ctr, TEGRA_SE_AES_BLOCK_SIZE); + u32 data[SE_AES_IV_SIZE / 4]; + memcpy(data, ctr, SE_AES_IV_SIZE); - for (u32 i = 0; i < (TEGRA_SE_AES_BLOCK_SIZE / 4); i++) - SE(SE_CRYPTO_CTR_REG_OFFSET + (4 * i)) = data[i]; + for (u32 i = 0; i < SE_CRYPTO_LINEAR_CTR_REG_COUNT; i++) + SE(SE_CRYPTO_LINEAR_CTR_REG + (4 * i)) = data[i]; } void se_rsa_acc_ctrl(u32 rs, u32 flags) { - if (flags & SE_RSA_KEY_TBL_DIS_KEY_ALL_FLAG) - SE(SE_RSA_KEYTABLE_ACCESS_REG_OFFSET + 4 * rs) = - ((flags >> SE_RSA_KEY_TBL_DIS_KEYUSE_FLAG_SHIFT) & SE_RSA_KEY_TBL_DIS_KEYUSE_FLAG) | - ((flags & SE_RSA_KEY_TBL_DIS_KEY_READ_UPDATE_FLAG) ^ SE_RSA_KEY_TBL_DIS_KEY_ALL_COMMON_FLAG); - if (flags & SE_RSA_KEY_TBL_DIS_KEY_LOCK_FLAG) - SE(SE_RSA_KEYTABLE_ACCESS_LOCK_OFFSET) &= ~BIT(rs); + if (flags & SE_RSA_KEY_TBL_DIS_KEY_ACCESS_FLAG) + SE(SE_RSA_KEYTABLE_ACCESS_REG + 4 * rs) = + (((flags >> 4) & SE_RSA_KEY_TBL_DIS_KEYUSE_FLAG) |(flags & SE_RSA_KEY_TBL_DIS_KEY_READ_UPDATE_FLAG)) ^ + SE_RSA_KEY_TBL_DIS_KEY_READ_UPDATE_USE_FLAG; + if (flags & SE_RSA_KEY_LOCK_FLAG) + SE(SE_RSA_SECURITY_PERKEY_REG) &= ~BIT(rs); } void se_key_acc_ctrl(u32 ks, u32 flags) { if (flags & SE_KEY_TBL_DIS_KEY_ACCESS_FLAG) - SE(SE_KEY_TABLE_ACCESS_REG_OFFSET + 4 * ks) = ~flags; - if (flags & SE_KEY_TBL_DIS_KEY_LOCK_FLAG) - SE(SE_KEY_TABLE_ACCESS_LOCK_OFFSET) &= ~BIT(ks); + SE(SE_CRYPTO_KEYTABLE_ACCESS_REG + 4 * ks) = ~flags; + if (flags & SE_KEY_LOCK_FLAG) + SE(SE_CRYPTO_SECURITY_PERKEY_REG) &= ~BIT(ks); } u32 se_key_acc_ctrl_get(u32 ks) { - return SE(SE_KEY_TABLE_ACCESS_REG_OFFSET + 4 * ks); + return SE(SE_CRYPTO_KEYTABLE_ACCESS_REG + 4 * ks); } void se_aes_key_set(u32 ks, void *key, u32 size) { - u32 data[TEGRA_SE_AES_MAX_KEY_SIZE / 4]; + u32 data[SE_AES_MAX_KEY_SIZE / 4]; memcpy(data, key, size); for (u32 i = 0; i < (size / 4); i++) { - SE(SE_KEYTABLE_REG_OFFSET) = SE_KEYTABLE_SLOT(ks) | i; - SE(SE_KEYTABLE_DATA0_REG_OFFSET) = data[i]; + SE(SE_CRYPTO_KEYTABLE_ADDR_REG) = SE_KEYTABLE_SLOT(ks) | SE_KEYTABLE_PKT(i); // QUAD is automatically set by PKT. + SE(SE_CRYPTO_KEYTABLE_DATA_REG) = data[i]; } } void se_aes_iv_set(u32 ks, void *iv) { - u32 data[TEGRA_SE_AES_BLOCK_SIZE / 4]; - memcpy(data, iv, TEGRA_SE_AES_BLOCK_SIZE); + u32 data[SE_AES_IV_SIZE / 4]; + memcpy(data, iv, SE_AES_IV_SIZE); - for (u32 i = 0; i < (TEGRA_SE_AES_BLOCK_SIZE / 4); i++) + for (u32 i = 0; i < (SE_AES_IV_SIZE / 4); i++) { - SE(SE_KEYTABLE_REG_OFFSET) = SE_KEYTABLE_SLOT(ks) | SE_KEYTABLE_QUAD(QUAD_ORG_IV) | i; - SE(SE_KEYTABLE_DATA0_REG_OFFSET) = data[i]; + SE(SE_CRYPTO_KEYTABLE_ADDR_REG) = SE_KEYTABLE_SLOT(ks) | SE_KEYTABLE_QUAD(ORIGINAL_IV) | SE_KEYTABLE_PKT(i); + SE(SE_CRYPTO_KEYTABLE_DATA_REG) = data[i]; } } void se_aes_key_get(u32 ks, void *key, u32 size) { - u32 data[TEGRA_SE_AES_MAX_KEY_SIZE / 4]; + u32 data[SE_AES_MAX_KEY_SIZE / 4]; for (u32 i = 0; i < (size / 4); i++) { - SE(SE_KEYTABLE_REG_OFFSET) = SE_KEYTABLE_SLOT(ks) | i; - data[i] = SE(SE_KEYTABLE_DATA0_REG_OFFSET); + SE(SE_CRYPTO_KEYTABLE_ADDR_REG) = SE_KEYTABLE_SLOT(ks) | SE_KEYTABLE_PKT(i); // QUAD is automatically set by PKT. + data[i] = SE(SE_CRYPTO_KEYTABLE_DATA_REG); } memcpy(key, data, size); @@ -230,78 +230,78 @@ void se_aes_key_get(u32 ks, void *key, u32 size) void se_aes_key_clear(u32 ks) { - for (u32 i = 0; i < (TEGRA_SE_AES_MAX_KEY_SIZE / 4); i++) + for (u32 i = 0; i < (SE_AES_MAX_KEY_SIZE / 4); i++) { - SE(SE_KEYTABLE_REG_OFFSET) = SE_KEYTABLE_SLOT(ks) | i; - SE(SE_KEYTABLE_DATA0_REG_OFFSET) = 0; + SE(SE_CRYPTO_KEYTABLE_ADDR_REG) = SE_KEYTABLE_SLOT(ks) | SE_KEYTABLE_PKT(i); // QUAD is automatically set by PKT. + SE(SE_CRYPTO_KEYTABLE_DATA_REG) = 0; } } void se_aes_iv_clear(u32 ks) { - for (u32 i = 0; i < (TEGRA_SE_AES_BLOCK_SIZE / 4); i++) + for (u32 i = 0; i < (SE_AES_IV_SIZE / 4); i++) { - SE(SE_KEYTABLE_REG_OFFSET) = SE_KEYTABLE_SLOT(ks) | SE_KEYTABLE_QUAD(QUAD_ORG_IV) | i; - SE(SE_KEYTABLE_DATA0_REG_OFFSET) = 0; + SE(SE_CRYPTO_KEYTABLE_ADDR_REG) = SE_KEYTABLE_SLOT(ks) | SE_KEYTABLE_QUAD(ORIGINAL_IV) | SE_KEYTABLE_PKT(i); + SE(SE_CRYPTO_KEYTABLE_DATA_REG) = 0; } } int se_aes_unwrap_key(u32 ks_dst, u32 ks_src, const void *input) { - SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_DEC_ALG(ALG_AES_DEC) | SE_CONFIG_DST(DST_KEYTAB); - SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_KEY_INDEX(ks_src) | SE_CRYPTO_CORE_SEL(CORE_DECRYPT); - SE(SE_BLOCK_COUNT_REG_OFFSET) = 0; - SE(SE_CRYPTO_KEYTABLE_DST_REG_OFFSET) = SE_CRYPTO_KEYTABLE_DST_KEY_INDEX(ks_dst); + SE(SE_CONFIG_REG) = SE_CONFIG_DEC_ALG(ALG_AES_DEC) | SE_CONFIG_DST(DST_KEYTABLE); + SE(SE_CRYPTO_CONFIG_REG) = SE_CRYPTO_KEY_INDEX(ks_src) | SE_CRYPTO_CORE_SEL(CORE_DECRYPT); + SE(SE_CRYPTO_BLOCK_COUNT_REG) = 1 - 1; + SE(SE_CRYPTO_KEYTABLE_DST_REG) = SE_KEYTABLE_DST_KEY_INDEX(ks_dst) | SE_KEYTABLE_DST_WORD_QUAD(KEYS_0_3); - return _se_execute_oneshot(OP_START, NULL, 0, input, 0x10); + return _se_execute_oneshot(SE_OP_START, NULL, 0, input, SE_KEY_128_SIZE); } int se_aes_crypt_ecb(u32 ks, u32 enc, void *dst, u32 dst_size, const void *src, u32 src_size) { if (enc) { - SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_ALG(ALG_AES_ENC) | SE_CONFIG_DST(DST_MEMORY); - SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_KEY_INDEX(ks) | SE_CRYPTO_CORE_SEL(CORE_ENCRYPT); + SE(SE_CONFIG_REG) = SE_CONFIG_ENC_ALG(ALG_AES_ENC) | SE_CONFIG_DST(DST_MEMORY); + SE(SE_CRYPTO_CONFIG_REG) = SE_CRYPTO_KEY_INDEX(ks) | SE_CRYPTO_CORE_SEL(CORE_ENCRYPT); } else { - SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_DEC_ALG(ALG_AES_DEC) | SE_CONFIG_DST(DST_MEMORY); - SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_KEY_INDEX(ks) | SE_CRYPTO_CORE_SEL(CORE_DECRYPT); + SE(SE_CONFIG_REG) = SE_CONFIG_DEC_ALG(ALG_AES_DEC) | SE_CONFIG_DST(DST_MEMORY); + SE(SE_CRYPTO_CONFIG_REG) = SE_CRYPTO_KEY_INDEX(ks) | SE_CRYPTO_CORE_SEL(CORE_DECRYPT); } - SE(SE_BLOCK_COUNT_REG_OFFSET) = (src_size >> 4) - 1; - return _se_execute_oneshot(OP_START, dst, dst_size, src, src_size); + SE(SE_CRYPTO_BLOCK_COUNT_REG) = (src_size >> 4) - 1; + return _se_execute_oneshot(SE_OP_START, dst, dst_size, src, src_size); } int se_aes_crypt_cbc(u32 ks, u32 enc, void *dst, u32 dst_size, const void *src, u32 src_size) { if (enc) { - SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_ALG(ALG_AES_ENC) | SE_CONFIG_DST(DST_MEMORY); - SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_KEY_INDEX(ks) | SE_CRYPTO_VCTRAM_SEL(VCTRAM_AESOUT) | + SE(SE_CONFIG_REG) = SE_CONFIG_ENC_ALG(ALG_AES_ENC) | SE_CONFIG_DST(DST_MEMORY); + SE(SE_CRYPTO_CONFIG_REG) = SE_CRYPTO_KEY_INDEX(ks) | SE_CRYPTO_VCTRAM_SEL(VCTRAM_AESOUT) | SE_CRYPTO_CORE_SEL(CORE_ENCRYPT) | SE_CRYPTO_XOR_POS(XOR_TOP); } else { - SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_DEC_ALG(ALG_AES_DEC) | SE_CONFIG_DST(DST_MEMORY); - SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_KEY_INDEX(ks) | SE_CRYPTO_VCTRAM_SEL(VCTRAM_PREVAHB) | + SE(SE_CONFIG_REG) = SE_CONFIG_DEC_ALG(ALG_AES_DEC) | SE_CONFIG_DST(DST_MEMORY); + SE(SE_CRYPTO_CONFIG_REG) = SE_CRYPTO_KEY_INDEX(ks) | SE_CRYPTO_VCTRAM_SEL(VCTRAM_PREVMEM) | SE_CRYPTO_CORE_SEL(CORE_DECRYPT) | SE_CRYPTO_XOR_POS(XOR_BOTTOM); } - SE(SE_BLOCK_COUNT_REG_OFFSET) = (src_size >> 4) - 1; - return _se_execute_oneshot(OP_START, dst, dst_size, src, src_size); + SE(SE_CRYPTO_BLOCK_COUNT_REG) = (src_size >> 4) - 1; + return _se_execute_oneshot(SE_OP_START, dst, dst_size, src, src_size); } int se_aes_crypt_block_ecb(u32 ks, u32 enc, void *dst, const void *src) { - return se_aes_crypt_ecb(ks, enc, dst, 0x10, src, 0x10); + return se_aes_crypt_ecb(ks, enc, dst, SE_AES_BLOCK_SIZE, src, SE_AES_BLOCK_SIZE); } int se_aes_crypt_ctr(u32 ks, void *dst, u32 dst_size, const void *src, u32 src_size, void *ctr) { - SE(SE_SPARE_0_REG_OFFSET) = 1; - SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_ALG(ALG_AES_ENC) | SE_CONFIG_DST(DST_MEMORY); - SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_KEY_INDEX(ks) | SE_CRYPTO_CORE_SEL(CORE_ENCRYPT) | - SE_CRYPTO_XOR_POS(XOR_BOTTOM) | SE_CRYPTO_INPUT_SEL(INPUT_LNR_CTR) | SE_CRYPTO_CTR_VAL(1); + SE(SE_SPARE_REG) = SE_ECO(SE_ERRATA_FIX_ENABLE); + SE(SE_CONFIG_REG) = SE_CONFIG_ENC_ALG(ALG_AES_ENC) | SE_CONFIG_DST(DST_MEMORY); + SE(SE_CRYPTO_CONFIG_REG) = SE_CRYPTO_KEY_INDEX(ks) | SE_CRYPTO_CORE_SEL(CORE_ENCRYPT) | + SE_CRYPTO_XOR_POS(XOR_BOTTOM) | SE_CRYPTO_INPUT_SEL(INPUT_LNR_CTR) | SE_CRYPTO_CTR_CNTN(1); _se_aes_ctr_set(ctr); u32 src_size_aligned = src_size & 0xFFFFFFF0; @@ -309,13 +309,13 @@ int se_aes_crypt_ctr(u32 ks, void *dst, u32 dst_size, const void *src, u32 src_s if (src_size_aligned) { - SE(SE_BLOCK_COUNT_REG_OFFSET) = (src_size >> 4) - 1; - if (!_se_execute_oneshot(OP_START, dst, dst_size, src, src_size_aligned)) + SE(SE_CRYPTO_BLOCK_COUNT_REG) = (src_size >> 4) - 1; + if (!_se_execute_oneshot(SE_OP_START, dst, dst_size, src, src_size_aligned)) return 0; } if (src_size - src_size_aligned && src_size_aligned < dst_size) - return _se_execute_one_block(OP_START, dst + src_size_aligned, + return _se_execute_one_block(SE_OP_START, dst + src_size_aligned, MIN(src_size_delta, dst_size - src_size_aligned), src + src_size_aligned, src_size_delta); @@ -325,11 +325,11 @@ int se_aes_crypt_ctr(u32 ks, void *dst, u32 dst_size, const void *src, u32 src_s int se_aes_xts_crypt_sec(u32 ks1, u32 ks2, u32 enc, u64 sec, void *dst, void *src, u32 secsize) { int res = 0; - u8 *tweak = (u8 *)malloc(0x10); + u8 *tweak = (u8 *)malloc(SE_AES_BLOCK_SIZE); u8 *pdst = (u8 *)dst; u8 *psrc = (u8 *)src; - //Generate tweak. + // Generate tweak. for (int i = 0xF; i >= 0; i--) { tweak[i] = sec & 0xFF; @@ -338,18 +338,18 @@ int se_aes_xts_crypt_sec(u32 ks1, u32 ks2, u32 enc, u64 sec, void *dst, void *sr if (!se_aes_crypt_block_ecb(ks1, 1, tweak, tweak)) goto out; - //We are assuming a 0x10-aligned sector size in this implementation. - for (u32 i = 0; i < secsize / 0x10; i++) + // We are assuming a 0x10-aligned sector size in this implementation. + for (u32 i = 0; i < secsize / SE_AES_BLOCK_SIZE; i++) { - for (u32 j = 0; j < 0x10; j++) + for (u32 j = 0; j < SE_AES_BLOCK_SIZE; j++) pdst[j] = psrc[j] ^ tweak[j]; if (!se_aes_crypt_block_ecb(ks2, enc, pdst, pdst)) goto out; - for (u32 j = 0; j < 0x10; j++) + for (u32 j = 0; j < SE_AES_BLOCK_SIZE; j++) pdst[j] = pdst[j] ^ tweak[j]; _gf256_mul_x(tweak); - psrc += 0x10; - pdst += 0x10; + psrc += SE_AES_BLOCK_SIZE; + pdst += SE_AES_BLOCK_SIZE; } res = 1; @@ -374,62 +374,62 @@ int se_aes_xts_crypt(u32 ks1, u32 ks2, u32 enc, u64 sec, void *dst, void *src, u int se_calc_sha256(void *hash, u32 *msg_left, const void *src, u32 src_size, u64 total_size, u32 sha_cfg, bool is_oneshot) { int res; - u32 hash32[TEGRA_SE_SHA_256_SIZE / 4]; + u32 hash32[SE_SHA_256_SIZE / 4]; //! TODO: src_size must be 512 bit aligned if continuing and not last block for SHA256. if (src_size > 0xFFFFFF || !hash) // Max 16MB - 1 chunks and aligned x4 hash buffer. return 0; // Setup config for SHA256. - SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_MODE(MODE_SHA256) | SE_CONFIG_ENC_ALG(ALG_SHA) | SE_CONFIG_DST(DST_HASHREG); - SE(SE_SHA_CONFIG_REG_OFFSET) = sha_cfg; - SE(SE_BLOCK_COUNT_REG_OFFSET) = 0; + SE(SE_CONFIG_REG) = SE_CONFIG_ENC_MODE(MODE_SHA256) | SE_CONFIG_ENC_ALG(ALG_SHA) | SE_CONFIG_DST(DST_HASHREG); + SE(SE_SHA_CONFIG_REG) = sha_cfg; + SE(SE_CRYPTO_BLOCK_COUNT_REG) = 1 - 1; // Set total size to current buffer size if empty. if (!total_size) total_size = src_size; // Set total size: BITS(src_size), up to 2 EB. - SE(SE_SHA_MSG_LENGTH_0_REG_OFFSET) = (u32)(total_size << 3); - SE(SE_SHA_MSG_LENGTH_1_REG_OFFSET) = (u32)(total_size >> 29); - SE(SE_SHA_MSG_LENGTH_2_REG_OFFSET) = 0; - SE(SE_SHA_MSG_LENGTH_3_REG_OFFSET) = 0; + SE(SE_SHA_MSG_LENGTH_0_REG) = (u32)(total_size << 3); + SE(SE_SHA_MSG_LENGTH_1_REG) = (u32)(total_size >> 29); + SE(SE_SHA_MSG_LENGTH_2_REG) = 0; + SE(SE_SHA_MSG_LENGTH_3_REG) = 0; // Set size left to hash. - SE(SE_SHA_MSG_LEFT_0_REG_OFFSET) = (u32)(total_size << 3); - SE(SE_SHA_MSG_LEFT_1_REG_OFFSET) = (u32)(total_size >> 29); - SE(SE_SHA_MSG_LEFT_2_REG_OFFSET) = 0; - SE(SE_SHA_MSG_LEFT_3_REG_OFFSET) = 0; + SE(SE_SHA_MSG_LEFT_0_REG) = (u32)(total_size << 3); + SE(SE_SHA_MSG_LEFT_1_REG) = (u32)(total_size >> 29); + SE(SE_SHA_MSG_LEFT_2_REG) = 0; + SE(SE_SHA_MSG_LEFT_3_REG) = 0; // If we hash in chunks, copy over the intermediate. if (sha_cfg == SHA_CONTINUE && msg_left) { // Restore message left to process. - SE(SE_SHA_MSG_LEFT_0_REG_OFFSET) = msg_left[0]; - SE(SE_SHA_MSG_LEFT_1_REG_OFFSET) = msg_left[1]; + SE(SE_SHA_MSG_LEFT_0_REG) = msg_left[0]; + SE(SE_SHA_MSG_LEFT_1_REG) = msg_left[1]; // Restore hash reg. - memcpy(hash32, hash, TEGRA_SE_SHA_256_SIZE); - for (u32 i = 0; i < (TEGRA_SE_SHA_256_SIZE / 4); i++) - SE(SE_HASH_RESULT_REG_OFFSET + (i << 2)) = byte_swap_32(hash32[i]); + memcpy(hash32, hash, SE_SHA_256_SIZE); + for (u32 i = 0; i < (SE_SHA_256_SIZE / 4); i++) + SE(SE_HASH_RESULT_REG + (i * 4)) = byte_swap_32(hash32[i]); } // Trigger the operation. - res = _se_execute(OP_START, NULL, 0, src, src_size, is_oneshot); + res = _se_execute(SE_OP_START, NULL, 0, src, src_size, is_oneshot); if (is_oneshot) { // Backup message left. if (msg_left) { - msg_left[0] = SE(SE_SHA_MSG_LEFT_0_REG_OFFSET); - msg_left[1] = SE(SE_SHA_MSG_LEFT_1_REG_OFFSET); + msg_left[0] = SE(SE_SHA_MSG_LEFT_0_REG); + msg_left[1] = SE(SE_SHA_MSG_LEFT_1_REG); } // Copy output hash. - for (u32 i = 0; i < (TEGRA_SE_SHA_256_SIZE / 4); i++) - hash32[i] = byte_swap_32(SE(SE_HASH_RESULT_REG_OFFSET + (i << 2))); - memcpy(hash, hash32, TEGRA_SE_SHA_256_SIZE); + for (u32 i = 0; i < (SE_SHA_256_SIZE / 4); i++) + hash32[i] = byte_swap_32(SE(SE_HASH_RESULT_REG + (i * 4))); + memcpy(hash, hash32, SE_SHA_256_SIZE); } return res; @@ -442,20 +442,20 @@ int se_calc_sha256_oneshot(void *hash, const void *src, u32 src_size) int se_calc_sha256_finalize(void *hash, u32 *msg_left) { - u32 hash32[TEGRA_SE_SHA_256_SIZE / 4]; + u32 hash32[SE_SHA_256_SIZE / 4]; int res = _se_execute_finalize(); // Backup message left. if (msg_left) { - msg_left[0] = SE(SE_SHA_MSG_LEFT_0_REG_OFFSET); - msg_left[1] = SE(SE_SHA_MSG_LEFT_1_REG_OFFSET); + msg_left[0] = SE(SE_SHA_MSG_LEFT_0_REG); + msg_left[1] = SE(SE_SHA_MSG_LEFT_1_REG); } // Copy output hash. - for (u32 i = 0; i < (TEGRA_SE_SHA_256_SIZE / 4); i++) - hash32[i] = byte_swap_32(SE(SE_HASH_RESULT_REG_OFFSET + (i << 2))); - memcpy(hash, hash32, TEGRA_SE_SHA_256_SIZE); + for (u32 i = 0; i < (SE_SHA_256_SIZE / 4); i++) + hash32[i] = byte_swap_32(SE(SE_HASH_RESULT_REG + (i * 4))); + memcpy(hash, hash32, SE_SHA_256_SIZE); return res; } @@ -463,18 +463,17 @@ int se_calc_sha256_finalize(void *hash, u32 *msg_left) int se_gen_prng128(void *dst) { // Setup config for X931 PRNG. - SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_MODE(MODE_KEY128) | SE_CONFIG_ENC_ALG(ALG_RNG) | SE_CONFIG_DST(DST_MEMORY); - SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_HASH(HASH_DISABLE) | SE_CRYPTO_XOR_POS(XOR_BYPASS) | SE_CRYPTO_INPUT_SEL(INPUT_RANDOM); + SE(SE_CONFIG_REG) = SE_CONFIG_ENC_MODE(MODE_KEY128) | SE_CONFIG_ENC_ALG(ALG_RNG) | SE_CONFIG_DST(DST_MEMORY); + SE(SE_CRYPTO_CONFIG_REG) = SE_CRYPTO_HASH(HASH_DISABLE) | SE_CRYPTO_XOR_POS(XOR_BYPASS) | SE_CRYPTO_INPUT_SEL(INPUT_RANDOM); + SE(SE_RNG_CONFIG_REG) = SE_RNG_CONFIG_SRC(SRC_ENTROPY) | SE_RNG_CONFIG_MODE(MODE_NORMAL); + //SE(SE_RNG_SRC_CONFIG_REG) = + // SE_RNG_SRC_CONFIG_ENTR_SRC(RO_ENTR_ENABLE) | SE_RNG_SRC_CONFIG_ENTR_SRC_LOCK(RO_ENTR_LOCK_ENABLE); + SE(SE_RNG_RESEED_INTERVAL_REG) = 1; - SE(SE_RNG_CONFIG_REG_OFFSET) = SE_RNG_CONFIG_SRC(RNG_SRC_ENTROPY) | SE_RNG_CONFIG_MODE(RNG_MODE_NORMAL); - //SE(SE_RNG_SRC_CONFIG_REG_OFFSET) = - // SE_RNG_SRC_CONFIG_ENT_SRC(RNG_SRC_RO_ENT_ENABLE) | SE_RNG_SRC_CONFIG_ENT_SRC_LOCK(RNG_SRC_RO_ENT_LOCK_ENABLE); - SE(SE_RNG_RESEED_INTERVAL_REG_OFFSET) = 1; - - SE(SE_BLOCK_COUNT_REG_OFFSET) = (16 >> 4) - 1; + SE(SE_CRYPTO_BLOCK_COUNT_REG) = (16 >> 4) - 1; // Trigger the operation. - return _se_execute_oneshot(OP_START, dst, 16, NULL, 0); + return _se_execute_oneshot(SE_OP_START, dst, 16, NULL, 0); } void se_get_aes_keys(u8 *buf, u8 *keys, u32 keysize) @@ -482,43 +481,43 @@ void se_get_aes_keys(u8 *buf, u8 *keys, u32 keysize) u8 *aligned_buf = (u8 *)ALIGN((u32)buf, 0x40); // Set Secure Random Key. - SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_MODE(MODE_KEY128) | SE_CONFIG_ENC_ALG(ALG_RNG) | SE_CONFIG_DST(DST_SRK); - SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_KEY_INDEX(0) | SE_CRYPTO_CORE_SEL(CORE_ENCRYPT) | SE_CRYPTO_INPUT_SEL(INPUT_RANDOM); - SE(SE_RNG_CONFIG_REG_OFFSET) = SE_RNG_CONFIG_SRC(RNG_SRC_ENTROPY) | SE_RNG_CONFIG_MODE(RNG_MODE_FORCE_RESEED); + SE(SE_CONFIG_REG) = SE_CONFIG_ENC_MODE(MODE_KEY128) | SE_CONFIG_ENC_ALG(ALG_RNG) | SE_CONFIG_DST(DST_SRK); + SE(SE_CRYPTO_CONFIG_REG) = SE_CRYPTO_KEY_INDEX(0) | SE_CRYPTO_CORE_SEL(CORE_ENCRYPT) | SE_CRYPTO_INPUT_SEL(INPUT_RANDOM); + SE(SE_RNG_CONFIG_REG) = SE_RNG_CONFIG_SRC(SRC_ENTROPY) | SE_RNG_CONFIG_MODE(MODE_FORCE_RESEED); SE(SE_CRYPTO_LAST_BLOCK) = 0; - _se_execute_oneshot(OP_START, NULL, 0, NULL, 0); + _se_execute_oneshot(SE_OP_START, NULL, 0, NULL, 0); // Save AES keys. - SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_MODE(MODE_KEY128) | SE_CONFIG_ENC_ALG(ALG_AES_ENC) | SE_CONFIG_DST(DST_MEMORY); + SE(SE_CONFIG_REG) = SE_CONFIG_ENC_MODE(MODE_KEY128) | SE_CONFIG_ENC_ALG(ALG_AES_ENC) | SE_CONFIG_DST(DST_MEMORY); - for (u32 i = 0; i < TEGRA_SE_KEYSLOT_COUNT; i++) + for (u32 i = 0; i < SE_AES_KEYSLOT_COUNT; i++) { - SE(SE_CONTEXT_SAVE_CONFIG_REG_OFFSET) = SE_CONTEXT_SAVE_SRC(AES_KEYTABLE) | - (i << SE_KEY_INDEX_SHIFT) | SE_CONTEXT_SAVE_WORD_QUAD(KEYS_0_3); + SE(SE_CONTEXT_SAVE_CONFIG_REG) = SE_CONTEXT_SRC(AES_KEYTABLE) | SE_KEYTABLE_DST_KEY_INDEX(i) | + SE_CONTEXT_AES_KEY_INDEX(0) | SE_CONTEXT_AES_WORD_QUAD(KEYS_0_3); SE(SE_CRYPTO_LAST_BLOCK) = 0; - _se_execute_oneshot(OP_CTX_SAVE, aligned_buf, 0x10, NULL, 0); - memcpy(keys + i * keysize, aligned_buf, 0x10); + _se_execute_oneshot(SE_OP_CTX_SAVE, aligned_buf, SE_AES_BLOCK_SIZE, NULL, 0); + memcpy(keys + i * keysize, aligned_buf, SE_AES_BLOCK_SIZE); - if (keysize > 0x10) + if (keysize > SE_KEY_128_SIZE) { - SE(SE_CONTEXT_SAVE_CONFIG_REG_OFFSET) = SE_CONTEXT_SAVE_SRC(AES_KEYTABLE) | - (i << SE_KEY_INDEX_SHIFT) | SE_CONTEXT_SAVE_WORD_QUAD(KEYS_4_7); + SE(SE_CONTEXT_SAVE_CONFIG_REG) = SE_CONTEXT_SRC(AES_KEYTABLE) | SE_KEYTABLE_DST_KEY_INDEX(i) | + SE_CONTEXT_AES_KEY_INDEX(0) | SE_CONTEXT_AES_WORD_QUAD(KEYS_4_7); SE(SE_CRYPTO_LAST_BLOCK) = 0; - _se_execute_oneshot(OP_CTX_SAVE, aligned_buf, 0x10, NULL, 0); - memcpy(keys + i * keysize + 0x10, aligned_buf, 0x10); + _se_execute_oneshot(SE_OP_CTX_SAVE, aligned_buf, SE_AES_BLOCK_SIZE, NULL, 0); + memcpy(keys + i * keysize + SE_AES_BLOCK_SIZE, aligned_buf, SE_AES_BLOCK_SIZE); } } // Save SRK to PMC secure scratches. - SE(SE_CONTEXT_SAVE_CONFIG_REG_OFFSET) = SE_CONTEXT_SAVE_SRC(SRK); - SE(SE_CRYPTO_LAST_BLOCK) = 0; - _se_execute_oneshot(OP_CTX_SAVE, NULL, 0, NULL, 0); + SE(SE_CONTEXT_SAVE_CONFIG_REG) = SE_CONTEXT_SRC(SRK); + SE(SE_CRYPTO_LAST_BLOCK) = 0; + _se_execute_oneshot(SE_OP_CTX_SAVE, NULL, 0, NULL, 0); // End context save. - SE(SE_CONFIG_REG_OFFSET) = 0; - _se_execute_oneshot(OP_CTX_SAVE, NULL, 0, NULL, 0); + SE(SE_CONFIG_REG) = 0; + _se_execute_oneshot(SE_OP_CTX_SAVE, NULL, 0, NULL, 0); // Get SRK. u32 srk[4]; @@ -529,7 +528,7 @@ void se_get_aes_keys(u8 *buf, u8 *keys, u32 keysize) // Decrypt context. se_aes_key_clear(3); - se_aes_key_set(3, srk, 0x10); - se_aes_crypt_cbc(3, 0, keys, TEGRA_SE_KEYSLOT_COUNT * keysize, keys, TEGRA_SE_KEYSLOT_COUNT * keysize); + se_aes_key_set(3, srk, SE_KEY_128_SIZE); + se_aes_crypt_cbc(3, 0, keys, SE_AES_KEYSLOT_COUNT * keysize, keys, SE_AES_KEYSLOT_COUNT * keysize); se_aes_key_clear(3); } diff --git a/bdk/sec/se.h b/bdk/sec/se.h index 4d3a92c..3dd8df3 100644 --- a/bdk/sec/se.h +++ b/bdk/sec/se.h @@ -1,18 +1,19 @@ /* -* Copyright (c) 2018 naehrwert -* -* This program is free software; you can redistribute it and/or modify it -* under the terms and conditions of the GNU General Public License, -* version 2, as published by the Free Software Foundation. -* -* This program is distributed in the hope it will be useful, but WITHOUT -* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or -* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for -* more details. -* -* You should have received a copy of the GNU General Public License -* along with this program. If not, see . -*/ + * Copyright (c) 2018 naehrwert + * Copyright (c) 2019-2021 CTCaer + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ #ifndef _SE_H_ #define _SE_H_ @@ -28,14 +29,14 @@ void se_aes_iv_set(u32 ks, void *iv); void se_aes_key_get(u32 ks, void *key, u32 size); void se_aes_key_clear(u32 ks); void se_aes_iv_clear(u32 ks); -int se_aes_unwrap_key(u32 ks_dst, u32 ks_src, const void *input); -int se_aes_crypt_cbc(u32 ks, u32 enc, void *dst, u32 dst_size, const void *src, u32 src_size); -int se_aes_crypt_ecb(u32 ks, u32 enc, void *dst, u32 dst_size, const void *src, u32 src_size); -int se_aes_crypt_block_ecb(u32 ks, u32 enc, void *dst, const void *src); -int se_aes_crypt_ctr(u32 ks, void *dst, u32 dst_size, const void *src, u32 src_size, void *ctr); -int se_calc_sha256(void *hash, u32 *msg_left, const void *src, u32 src_size, u64 total_size, u32 sha_cfg, bool is_oneshot); -int se_calc_sha256_oneshot(void *hash, const void *src, u32 src_size); -int se_calc_sha256_finalize(void *hash, u32 *msg_left); -int se_gen_prng128(void *dst); +int se_aes_unwrap_key(u32 ks_dst, u32 ks_src, const void *input); +int se_aes_crypt_cbc(u32 ks, u32 enc, void *dst, u32 dst_size, const void *src, u32 src_size); +int se_aes_crypt_ecb(u32 ks, u32 enc, void *dst, u32 dst_size, const void *src, u32 src_size); +int se_aes_crypt_block_ecb(u32 ks, u32 enc, void *dst, const void *src); +int se_aes_crypt_ctr(u32 ks, void *dst, u32 dst_size, const void *src, u32 src_size, void *ctr); +int se_calc_sha256(void *hash, u32 *msg_left, const void *src, u32 src_size, u64 total_size, u32 sha_cfg, bool is_oneshot); +int se_calc_sha256_oneshot(void *hash, const void *src, u32 src_size); +int se_calc_sha256_finalize(void *hash, u32 *msg_left); +int se_gen_prng128(void *dst); #endif diff --git a/bdk/sec/se_t210.h b/bdk/sec/se_t210.h index 6fbf1b0..0233e1d 100644 --- a/bdk/sec/se_t210.h +++ b/bdk/sec/se_t210.h @@ -1,400 +1,323 @@ /* -* Driver for Tegra Security Engine -* -* Copyright (c) 2011-2013, NVIDIA Corporation. All Rights Reserved. -* -* This program is free software; you can redistribute it and/or modify -* it under the terms of the GNU General Public License as published by -* the Free Software Foundation; either version 2 of the License, or -* (at your option) any later version. -* -* This program is distributed in the hope that it will be useful, but WITHOUT -* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or -* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for -* more details. -* -* You should have received a copy of the GNU General Public License along -* with this program; if not, write to the Free Software Foundation, Inc., -* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -*/ + * Copyright (c) 2018 naehrwert + * Copyright (c) 2018-2021 CTCaer + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ -#ifndef _CRYPTO_TEGRA_SE_H -#define _CRYPTO_TEGRA_SE_H +#ifndef _SE_T210_H +#define _SE_T210_H #include -#define TEGRA_SE_CRA_PRIORITY 300 -#define TEGRA_SE_COMPOSITE_PRIORITY 400 -#define TEGRA_SE_CRYPTO_QUEUE_LENGTH 50 -#define SE_MAX_SRC_SG_COUNT 50 -#define SE_MAX_DST_SG_COUNT 50 +#define SE_CRYPTO_QUEUE_LENGTH 50 +#define SE_MAX_SRC_SG_COUNT 50 +#define SE_MAX_DST_SG_COUNT 50 -#define TEGRA_SE_KEYSLOT_COUNT 16 -#define SE_MAX_LAST_BLOCK_SIZE 0xFFFFF +#define SE_AES_KEYSLOT_COUNT 16 +#define SE_RSA_KEYSLOT_COUNT 2 +#define SE_MAX_LAST_BLOCK_SIZE 0xFFFFF + +#define SE_AES_BLOCK_SIZE 16 +#define SE_AES_IV_SIZE 16 +#define SE_AES_MIN_KEY_SIZE 16 +#define SE_AES_MAX_KEY_SIZE 32 +#define SE_KEY_128_SIZE 16 +#define SE_KEY_192_SIZE 24 +#define SE_KEY_256_SIZE 32 +#define SE_SHA_192_SIZE 24 +#define SE_SHA_256_SIZE 32 +#define SE_SHA_384_SIZE 48 +#define SE_SHA_512_SIZE 64 +#define SE_RNG_IV_SIZE 16 +#define SE_RNG_DT_SIZE 16 +#define SE_RNG_KEY_SIZE 16 +#define SE_RNG_SEED_SIZE (SE_RNG_IV_SIZE + SE_RNG_KEY_SIZE + SE_RNG_DT_SIZE) + +#define SE_AES_CMAC_DIGEST_SIZE 16 +#define SE_RSA512_DIGEST_SIZE 64 +#define SE_RSA1024_DIGEST_SIZE 128 +#define SE_RSA1536_DIGEST_SIZE 192 +#define SE_RSA2048_DIGEST_SIZE 256 /* SE register definitions */ -#define SE_SECURITY_0 0x000 -#define SE_KEY_SCHED_READ_SHIFT 3 +#define SE_SE_SECURITY_REG 0x000 +#define SE_HARD_SETTING BIT(0) +#define SE_ENG_DIS BIT(1) +#define SE_PERKEY_SETTING BIT(2) +#define SE_SOFT_SETTING BIT(16) -#define SE_TZRAM_SECURITY_0 0x004 +#define SE_TZRAM_SECURITY_REG 0x004 +#define SE_TZRAM_HARD_SETTING BIT(0) +#define SE_TZRAM_ENG_DIS BIT(1) -#define SE_CONFIG_REG_OFFSET 0x014 -#define SE_CONFIG_ENC_ALG_SHIFT 12 -#define SE_CONFIG_DEC_ALG_SHIFT 8 -#define ALG_AES_ENC 1 -#define ALG_RNG 2 -#define ALG_SHA 3 -#define ALG_RSA 4 -#define ALG_NOP 0 -#define ALG_AES_DEC 1 -#define SE_CONFIG_ENC_ALG(x) ((x) << SE_CONFIG_ENC_ALG_SHIFT) -#define SE_CONFIG_DEC_ALG(x) ((x) << SE_CONFIG_DEC_ALG_SHIFT) -#define SE_CONFIG_DST_SHIFT 2 -#define DST_MEMORY 0 -#define DST_HASHREG 1 -#define DST_KEYTAB 2 -#define DST_SRK 3 -#define DST_RSAREG 4 -#define SE_CONFIG_DST(x) ((x) << SE_CONFIG_DST_SHIFT) -#define SE_CONFIG_ENC_MODE_SHIFT 24 -#define SE_CONFIG_DEC_MODE_SHIFT 16 -#define MODE_KEY128 0 -#define MODE_KEY192 1 -#define MODE_KEY256 2 -#define MODE_SHA1 0 -#define MODE_SHA224 4 -#define MODE_SHA256 5 -#define MODE_SHA384 6 -#define MODE_SHA512 7 -#define SE_CONFIG_ENC_MODE(x) ((x) << SE_CONFIG_ENC_MODE_SHIFT) -#define SE_CONFIG_DEC_MODE(x) ((x) << SE_CONFIG_DEC_MODE_SHIFT) +#define SE_OPERATION_REG 0x008 +#define SE_OP_ABORT 0 +#define SE_OP_START 1 +#define SE_OP_RESTART_OUT 2 +#define SE_OP_CTX_SAVE 3 +#define SE_OP_RESTART_IN 4 -#define SE_RNG_CONFIG_REG_OFFSET 0x340 -#define RNG_MODE_SHIFT 0 -#define RNG_MODE_NORMAL 0 -#define RNG_MODE_FORCE_INSTANTION 1 -#define RNG_MODE_FORCE_RESEED 2 -#define SE_RNG_CONFIG_MODE(x) ((x) << RNG_MODE_SHIFT) -#define RNG_SRC_SHIFT 2 -#define RNG_SRC_NONE 0 -#define RNG_SRC_ENTROPY 1 -#define RNG_SRC_LFSR 2 -#define SE_RNG_CONFIG_SRC(x) ((x) << RNG_SRC_SHIFT) +#define SE_INT_ENABLE_REG 0x00C +#define SE_INT_STATUS_REG 0x010 +#define SE_INT_IN_LL_BUF_RD BIT(0) +#define SE_INT_IN_DONE BIT(1) +#define SE_INT_OUT_LL_BUF_WR BIT(2) +#define SE_INT_OUT_DONE BIT(3) +#define SE_INT_OP_DONE BIT(4) +#define SE_INT_RESEED_NEEDED BIT(5) +#define SE_INT_ERR_STAT BIT(16) -#define SE_RNG_SRC_CONFIG_REG_OFFSET 0x344 -#define RNG_SRC_RO_ENT_SHIFT 1 -#define RNG_SRC_RO_ENT_ENABLE 1 -#define RNG_SRC_RO_ENT_DISABLE 0 -#define SE_RNG_SRC_CONFIG_ENT_SRC(x) ((x) << RNG_SRC_RO_ENT_SHIFT) -#define RNG_SRC_RO_ENT_LOCK_SHIFT 0 -#define RNG_SRC_RO_ENT_LOCK_ENABLE 1 -#define RNG_SRC_RO_ENT_LOCK_DISABLE 0 -#define SE_RNG_SRC_CONFIG_ENT_SRC_LOCK(x) ((x) << RNG_SRC_RO_ENT_LOCK_SHIFT) +#define SE_CONFIG_REG 0x014 +#define DST_MEMORY 0 +#define DST_HASHREG 1 +#define DST_KEYTABLE 2 +#define DST_SRK 3 +#define DST_RSAREG 4 +#define SE_CONFIG_DST(x) ((x) << 2) +#define ALG_NOP 0 +#define ALG_AES_DEC 1 +#define SE_CONFIG_DEC_ALG(x) ((x) << 8) +#define ALG_NOP 0 +#define ALG_AES_ENC 1 +#define ALG_RNG 2 +#define ALG_SHA 3 +#define ALG_RSA 4 +#define SE_CONFIG_ENC_ALG(x) ((x) << 12) +#define MODE_KEY128 0 +#define MODE_KEY192 1 +#define MODE_KEY256 2 +#define MODE_SHA1 0 +#define MODE_SHA224 4 +#define MODE_SHA256 5 +#define MODE_SHA384 6 +#define MODE_SHA512 7 +#define SE_CONFIG_DEC_MODE(x) ((x) << 16) +#define SE_CONFIG_ENC_MODE(x) ((x) << 24) -#define SE_RNG_RESEED_INTERVAL_REG_OFFSET 0x348 +#define SE_IN_LL_ADDR_REG 0x018 +#define SE_IN_CUR_BYTE_ADDR_REG 0x01C +#define SE_IN_CUR_LL_ID_REG 0x020 +#define SE_OUT_LL_ADDR_REG 0x024 +#define SE_OUT_CUR_BYTE_ADDR_REG 0x028 +#define SE_OUT_CUR_LL_ID_REG 0x02C -#define SE_KEYTABLE_REG_OFFSET 0x31c -#define SE_KEYTABLE_SLOT_SHIFT 4 -#define SE_KEYTABLE_SLOT(x) ((x) << SE_KEYTABLE_SLOT_SHIFT) -#define SE_KEYTABLE_QUAD_SHIFT 2 -#define QUAD_KEYS_128 0 -#define QUAD_KEYS_192 1 -#define QUAD_KEYS_256 1 -#define QUAD_ORG_IV 2 -#define QUAD_UPDTD_IV 3 -#define SE_KEYTABLE_QUAD(x) ((x) << SE_KEYTABLE_QUAD_SHIFT) -#define SE_KEYTABLE_OP_TYPE_SHIFT 9 -#define OP_READ 0 -#define OP_WRITE 1 -#define SE_KEYTABLE_OP_TYPE(x) ((x) << SE_KEYTABLE_OP_TYPE_SHIFT) -#define SE_KEYTABLE_TABLE_SEL_SHIFT 8 -#define TABLE_KEYIV 0 -#define TABLE_SCHEDULE 1 -#define SE_KEYTABLE_TABLE_SEL(x) ((x) << SE_KEYTABLE_TABLE_SEL_SHIFT) -#define SE_KEYTABLE_PKT_SHIFT 0 -#define SE_KEYTABLE_PKT(x) ((x) << SE_KEYTABLE_PKT_SHIFT) +#define SE_HASH_RESULT_REG 0x030 +#define SE_HASH_RESULT_REG_COUNT 16 -#define SE_OP_DONE_SHIFT 4 -#define OP_DONE 1 -#define SE_OP_DONE(x, y) ((x) && ((y) << SE_OP_DONE_SHIFT)) +#define SE_CONTEXT_SAVE_CONFIG_REG 0x070 +#define KEYS_0_3 0 +#define KEYS_4_7 1 +#define ORIGINAL_IV 2 +#define UPDATED_IV 3 +#define SE_CONTEXT_AES_WORD_QUAD(x) ((x) << 0) +#define SE_CONTEXT_AES_KEY_INDEX(x) ((x) << 8) +#define KEYS_0_3 0 +#define KEYS_4_7 1 +#define KEYS_8_11 2 +#define KEYS_12_15 3 +#define SE_CONTEXT_RSA_WORD_QUAD(x) ((x) << 12) +#define SLOT0_EXPONENT 0 +#define SLOT0_MODULUS 1 +#define SLOT1_EXPONENT 2 +#define SLOT1_MODULUS 3 +#define SE_CONTEXT_RSA_KEY_INDEX(x) ((x) << 16) +#define STICKY_0_3 0 +#define STICKY_4_7 1 +#define SE_CONTEXT_STICKY_WORD_QUAD(x) ((x) << 24) +#define STICKY_BITS 0 +#define RSA_KEYTABLE 1 +#define AES_KEYTABLE 2 +#define MEM 4 +#define SRK 6 +#define SE_CONTEXT_SRC(x) ((x) << 29) -#define SE_CRYPTO_LAST_BLOCK 0x080 +#define SE_CTX_SAVE_AUTO_T210B01_REG 0x074 +#define SE_CTX_SAVE_AUTO_ENABLE BIT(0) +#define SE_CTX_SAVE_AUTO_LOCK BIT(8) +#define SE_CTX_SAVE_AUTO_CURR_CNT_MASK (0x3FF << 16) -#define SE_CRYPTO_REG_OFFSET 0x304 -#define SE_CRYPTO_HASH_SHIFT 0 -#define HASH_DISABLE 0 -#define HASH_ENABLE 1 -#define SE_CRYPTO_HASH(x) ((x) << SE_CRYPTO_HASH_SHIFT) -#define SE_CRYPTO_XOR_POS_SHIFT 1 -#define XOR_BYPASS 0 -#define XOR_TOP 2 -#define XOR_BOTTOM 3 -#define SE_CRYPTO_XOR_POS(x) ((x) << SE_CRYPTO_XOR_POS_SHIFT) -#define SE_CRYPTO_INPUT_SEL_SHIFT 3 -#define INPUT_AHB 0 -#define INPUT_RANDOM 1 -#define INPUT_AESOUT 2 -#define INPUT_LNR_CTR 3 -#define SE_CRYPTO_INPUT_SEL(x) ((x) << SE_CRYPTO_INPUT_SEL_SHIFT) -#define SE_CRYPTO_VCTRAM_SEL_SHIFT 5 -#define VCTRAM_AHB 0 -#define VCTRAM_AESOUT 2 -#define VCTRAM_PREVAHB 3 -#define SE_CRYPTO_VCTRAM_SEL(x) ((x) << SE_CRYPTO_VCTRAM_SEL_SHIFT) -#define SE_CRYPTO_IV_SEL_SHIFT 7 -#define IV_ORIGINAL 0 -#define IV_UPDATED 1 -#define SE_CRYPTO_IV_SEL(x) ((x) << SE_CRYPTO_IV_SEL_SHIFT) -#define SE_CRYPTO_CORE_SEL_SHIFT 8 -#define CORE_DECRYPT 0 -#define CORE_ENCRYPT 1 -#define SE_CRYPTO_CORE_SEL(x) ((x) << SE_CRYPTO_CORE_SEL_SHIFT) -#define SE_CRYPTO_CTR_VAL_SHIFT 11 -#define SE_CRYPTO_CTR_VAL(x) ((x) << SE_CRYPTO_CTR_VAL_SHIFT) -#define SE_CRYPTO_KEY_INDEX_SHIFT 24 -#define SE_CRYPTO_KEY_INDEX(x) ((x) << SE_CRYPTO_KEY_INDEX_SHIFT) -#define SE_CRYPTO_CTR_CNTN_SHIFT 11 -#define SE_CRYPTO_CTR_CNTN(x) ((x) << SE_CRYPTO_CTR_CNTN_SHIFT) +#define SE_CRYPTO_LAST_BLOCK 0x080 -#define SE_CRYPTO_CTR_REG_COUNT 4 -#define SE_CRYPTO_CTR_REG_OFFSET 0x308 - -#define SE_OPERATION_REG_OFFSET 0x008 -#define SE_OPERATION_SHIFT 0 -#define OP_ABORT 0 -#define OP_START 1 -#define OP_RESTART 2 -#define OP_CTX_SAVE 3 -#define OP_RESTART_IN 4 -#define SE_OPERATION(x) ((x) << SE_OPERATION_SHIFT) - -#define SE_CONTEXT_SAVE_CONFIG_REG_OFFSET 0x070 -#define SE_CONTEXT_SAVE_WORD_QUAD_SHIFT 0 -#define KEYS_0_3 0 -#define KEYS_4_7 1 -#define ORIG_IV 2 -#define UPD_IV 3 -#define SE_CONTEXT_SAVE_WORD_QUAD(x) ((x) << SE_CONTEXT_SAVE_WORD_QUAD_SHIFT) - -#define SE_CONTEXT_SAVE_KEY_INDEX_SHIFT 8 -#define SE_CONTEXT_SAVE_KEY_INDEX(x) ((x) << SE_CONTEXT_SAVE_KEY_INDEX_SHIFT) - -#define SE_CONTEXT_SAVE_STICKY_WORD_QUAD_SHIFT 24 -#define STICKY_0_3 0 -#define STICKY_4_7 1 -#define SE_CONTEXT_SAVE_STICKY_WORD_QUAD(x) \ - ((x) << SE_CONTEXT_SAVE_STICKY_WORD_QUAD_SHIFT) - -#define SE_CONTEXT_SAVE_SRC_SHIFT 29 -#define STICKY_BITS 0 -#define KEYTABLE 2 -#define MEM 4 -#define SRK 6 - -#define RSA_KEYTABLE 1 -#define AES_KEYTABLE 2 -#define SE_CONTEXT_SAVE_SRC(x) ((x) << SE_CONTEXT_SAVE_SRC_SHIFT) - -#define SE_CONTEXT_SAVE_RSA_KEY_INDEX_SHIFT 16 -#define SE_CONTEXT_SAVE_RSA_KEY_INDEX(x) \ - ((x) << SE_CONTEXT_SAVE_RSA_KEY_INDEX_SHIFT) - -#define SE_CONTEXT_RSA_WORD_QUAD_SHIFT 12 -#define SE_CONTEXT_RSA_WORD_QUAD(x) \ - ((x) << SE_CONTEXT_RSA_WORD_QUAD_SHIFT) - -#define SE_CTX_SAVE_AUTO 0x074 -#define CTX_SAVE_AUTO_ENABLE BIT(0) -#define CTX_SAVE_AUTO_LOCK BIT(8) -#define CTX_SAVE_AUTO_CURR_CNT_MASK (0x3FF << 16) - -#define SE_INT_ENABLE_REG_OFFSET 0x00c -#define SE_INT_STATUS_REG_OFFSET 0x010 -#define INT_DISABLE 0 -#define INT_ENABLE 1 -#define INT_UNSET 0 -#define INT_SET 1 -#define SE_INT_OP_DONE_SHIFT 4 -#define SE_INT_OP_DONE(x) ((x) << SE_INT_OP_DONE_SHIFT) -#define SE_INT_ERROR_SHIFT 16 -#define SE_INT_ERROR(x) ((x) << SE_INT_ERROR_SHIFT) - -#define SE_STATUS_0 0x800 -#define SE_STATUS_0_STATE_WAIT_IN 3 - -#define SE_ERR_STATUS_0 0x804 -#define SE_ERR_STATUS_0_SE_NS_ACCESS_CLEAR 0 - -#define SE_CRYPTO_KEYTABLE_DST_REG_OFFSET 0X330 -#define SE_CRYPTO_KEYTABLE_DST_WORD_QUAD_SHIFT 0 -#define SE_CRYPTO_KEYTABLE_DST_WORD_QUAD(x) \ - ((x) << SE_CRYPTO_KEYTABLE_DST_WORD_QUAD_SHIFT) - -#define SE_KEY_INDEX_SHIFT 8 -#define SE_CRYPTO_KEYTABLE_DST_KEY_INDEX(x) ((x) << SE_KEY_INDEX_SHIFT) - -#define SE_IN_LL_ADDR_REG_OFFSET 0x018 -#define SE_OUT_LL_ADDR_REG_OFFSET 0x024 - -#define SE_KEYTABLE_DATA0_REG_OFFSET 0x320 -#define SE_KEYTABLE_REG_MAX_DATA 16 - -#define SE_BLOCK_COUNT_REG_OFFSET 0x318 - -#define SE_SPARE_0_REG_OFFSET 0x80c - -#define SE_SHA_CONFIG_REG_OFFSET 0x200 +#define SE_SHA_CONFIG_REG 0x200 #define SHA_CONTINUE 0 #define SHA_INIT_HASH 1 -#define SE_SHA_MSG_LENGTH_0_REG_OFFSET 0x204 -#define SE_SHA_MSG_LENGTH_1_REG_OFFSET 0x208 -#define SE_SHA_MSG_LENGTH_2_REG_OFFSET 0x20C -#define SE_SHA_MSG_LENGTH_3_REG_OFFSET 0x210 -#define SE_SHA_MSG_LEFT_0_REG_OFFSET 0x214 -#define SE_SHA_MSG_LEFT_1_REG_OFFSET 0x218 -#define SE_SHA_MSG_LEFT_2_REG_OFFSET 0x21C -#define SE_SHA_MSG_LEFT_3_REG_OFFSET 0x220 +#define SE_SHA_MSG_LENGTH_0_REG 0x204 +#define SE_SHA_MSG_LENGTH_1_REG 0x208 +#define SE_SHA_MSG_LENGTH_2_REG 0x20C +#define SE_SHA_MSG_LENGTH_3_REG 0x210 +#define SE_SHA_MSG_LEFT_0_REG 0x214 +#define SE_SHA_MSG_LEFT_1_REG 0x218 +#define SE_SHA_MSG_LEFT_2_REG 0x21C +#define SE_SHA_MSG_LEFT_3_REG 0x220 -#define SE_HASH_RESULT_REG_COUNT 16 -#define SE_HASH_RESULT_REG_OFFSET 0x030 -#define TEGRA_SE_KEY_256_SIZE 32 -#define TEGRA_SE_KEY_192_SIZE 24 -#define TEGRA_SE_KEY_128_SIZE 16 -#define TEGRA_SE_AES_BLOCK_SIZE 16 -#define TEGRA_SE_AES_MIN_KEY_SIZE 16 -#define TEGRA_SE_AES_MAX_KEY_SIZE 32 -#define TEGRA_SE_AES_IV_SIZE 16 -#define TEGRA_SE_SHA_512_SIZE 64 -#define TEGRA_SE_SHA_384_SIZE 48 -#define TEGRA_SE_SHA_256_SIZE 32 -#define TEGRA_SE_SHA_192_SIZE 24 -#define TEGRA_SE_RNG_IV_SIZE 16 -#define TEGRA_SE_RNG_DT_SIZE 16 -#define TEGRA_SE_RNG_KEY_SIZE 16 -#define TEGRA_SE_RNG_SEED_SIZE (TEGRA_SE_RNG_IV_SIZE + \ - TEGRA_SE_RNG_KEY_SIZE + \ - TEGRA_SE_RNG_DT_SIZE) +#define SE_CRYPTO_SECURITY_PERKEY_REG 0x280 +#define SE_KEY_LOCK_FLAG 0x80 +#define SE_CRYPTO_KEYTABLE_ACCESS_REG 0x284 +#define SE_CRYPTO_KEYTABLE_ACCESS_REG_COUNT 16 +#define SE_KEY_TBL_DIS_KEYREAD_FLAG BIT(0) +#define SE_KEY_TBL_DIS_KEYUPDATE_FLAG BIT(1) +#define SE_KEY_TBL_DIS_OIVREAD_FLAG BIT(2) +#define SE_KEY_TBL_DIS_OIVUPDATE_FLAG BIT(3) +#define SE_KEY_TBL_DIS_UIVREAD_FLAG BIT(4) +#define SE_KEY_TBL_DIS_UIVUPDATE_FLAG BIT(5) +#define SE_KEY_TBL_DIS_KEYUSE_FLAG BIT(6) +#define SE_KEY_TBL_DIS_KEY_ACCESS_FLAG 0x7F -#define TEGRA_SE_AES_CMAC_DIGEST_SIZE 16 -#define TEGRA_SE_RSA512_DIGEST_SIZE 64 -#define TEGRA_SE_RSA1024_DIGEST_SIZE 128 -#define TEGRA_SE_RSA1536_DIGEST_SIZE 192 -#define TEGRA_SE_RSA2048_DIGEST_SIZE 256 +#define SE_CRYPTO_CONFIG_REG 0x304 +#define HASH_DISABLE 0 +#define HASH_ENABLE 1 +#define SE_CRYPTO_HASH(x) ((x) << 0) +#define XOR_BYPASS 0 +#define XOR_TOP 2 +#define XOR_BOTTOM 3 +#define SE_CRYPTO_XOR_POS(x) ((x) << 1) +#define INPUT_MEMORY 0 +#define INPUT_RANDOM 1 +#define INPUT_AESOUT 2 +#define INPUT_LNR_CTR 3 +#define SE_CRYPTO_INPUT_SEL(x) ((x) << 3) +#define VCTRAM_MEM 0 +#define VCTRAM_AESOUT 2 +#define VCTRAM_PREVMEM 3 +#define SE_CRYPTO_VCTRAM_SEL(x) ((x) << 5) +#define IV_ORIGINAL 0 +#define IV_UPDATED 1 +#define SE_CRYPTO_IV_SEL(x) ((x) << 7) +#define CORE_DECRYPT 0 +#define CORE_ENCRYPT 1 +#define SE_CRYPTO_CORE_SEL(x) ((x) << 8) +#define SE_CRYPTO_KEYSCH_BYPASS BIT(10) +#define SE_CRYPTO_CTR_CNTN(x) ((x) << 11) +#define SE_CRYPTO_KEY_INDEX(x) ((x) << 24) +#define MEMIF_AHB 0 +#define MEMIF_MCCIF 1 +#define SE_CRYPTO_MEMIF(x) ((x) << 31) -#define SE_KEY_TABLE_ACCESS_LOCK_OFFSET 0x280 -#define SE_KEY_TBL_DIS_KEY_LOCK_FLAG 0x80 +#define SE_CRYPTO_LINEAR_CTR_REG 0x308 +#define SE_CRYPTO_LINEAR_CTR_REG_COUNT 4 -#define SE_KEY_TABLE_ACCESS_REG_OFFSET 0x284 -#define SE_KEY_TBL_DIS_KEYREAD_FLAG BIT(0) -#define SE_KEY_TBL_DIS_KEYUPDATE_FLAG BIT(1) -#define SE_KEY_TBL_DIS_OIVREAD_FLAG BIT(2) -#define SE_KEY_TBL_DIS_OIVUPDATE_FLAG BIT(3) -#define SE_KEY_TBL_DIS_UIVREAD_FLAG BIT(4) -#define SE_KEY_TBL_DIS_UIVUPDATE_FLAG BIT(5) -#define SE_KEY_TBL_DIS_KEYUSE_FLAG BIT(6) -#define SE_KEY_TBL_DIS_KEY_ACCESS_FLAG 0x7F +#define SE_CRYPTO_BLOCK_COUNT_REG 0x318 -#define SE_KEY_READ_DISABLE_SHIFT 0 -#define SE_KEY_UPDATE_DISABLE_SHIFT 1 +#define SE_CRYPTO_KEYTABLE_ADDR_REG 0x31C +#define SE_KEYTABLE_PKT(x) ((x) << 0) +#define KEYS_0_3 0 +#define KEYS_4_7 1 +#define ORIGINAL_IV 2 +#define UPDATED_IV 3 +#define SE_KEYTABLE_QUAD(x) ((x) << 2) +#define SE_KEYTABLE_SLOT(x) ((x) << 4) -#define SE_CONTEXT_BUFER_SIZE 1072 -#define SE_CONTEXT_DRBG_BUFER_SIZE 2112 +#define SE_CRYPTO_KEYTABLE_DATA_REG 0x320 -#define SE_CONTEXT_SAVE_RANDOM_DATA_OFFSET 0 -#define SE_CONTEXT_SAVE_RANDOM_DATA_SIZE 16 -#define SE_CONTEXT_SAVE_STICKY_BITS_OFFSET \ - (SE_CONTEXT_SAVE_RANDOM_DATA_OFFSET + SE_CONTEXT_SAVE_RANDOM_DATA_SIZE) -#define SE_CONTEXT_SAVE_STICKY_BITS_SIZE 16 +#define SE_CRYPTO_KEYTABLE_DST_REG 0x330 +#define KEYS_0_3 0 +#define KEYS_4_7 1 +#define ORIGINAL_IV 2 +#define UPDATED_IV 3 +#define SE_KEYTABLE_DST_WORD_QUAD(x) ((x) << 0) +#define SE_KEYTABLE_DST_KEY_INDEX(x) ((x) << 8) -#define SE_CONTEXT_SAVE_KEYS_OFFSET (SE_CONTEXT_SAVE_STICKY_BITS_OFFSET + \ - SE_CONTEXT_SAVE_STICKY_BITS_SIZE) -#define SE11_CONTEXT_SAVE_KEYS_OFFSET (SE_CONTEXT_SAVE_STICKY_BITS_OFFSET + \ - SE_CONTEXT_SAVE_STICKY_BITS_SIZE + \ - SE_CONTEXT_SAVE_STICKY_BITS_SIZE) +#define SE_RNG_CONFIG_REG 0x340 +#define MODE_NORMAL 0 +#define MODE_FORCE_INSTANTION 1 +#define MODE_FORCE_RESEED 2 +#define SE_RNG_CONFIG_MODE(x) ((x) << 0) +#define SRC_NONE 0 +#define SRC_ENTROPY 1 +#define SRC_LFSR 2 +#define SE_RNG_CONFIG_SRC(x) ((x) << 2) -#define SE_CONTEXT_SAVE_KEY_LENGTH 512 -#define SE_CONTEXT_ORIGINAL_IV_OFFSET (SE_CONTEXT_SAVE_KEYS_OFFSET + \ - SE_CONTEXT_SAVE_KEY_LENGTH) -#define SE11_CONTEXT_ORIGINAL_IV_OFFSET (SE11_CONTEXT_SAVE_KEYS_OFFSET + \ - SE_CONTEXT_SAVE_KEY_LENGTH) +#define SE_RNG_SRC_CONFIG_REG 0x344 +#define RO_ENTR_LOCK_DISABLE 0 +#define RO_ENTR_LOCK_ENABLE 1 +#define SE_RNG_SRC_CONFIG_ENTR_SRC_LOCK(x) ((x) << 0) +#define RO_ENTR_DISABLE 0 +#define RO_ENTR_ENABLE 1 +#define SE_RNG_SRC_CONFIG_ENTR_SRC(x) ((x) << 1) +#define RO_HW_DIS_CYA_DISABLE 0 +#define RO_HW_DIS_CYA_ENABLE 1 +#define SE_RNG_SRC_CONFIG_HW_DIS_CYA(x) ((x) << 2) +#define SE_RNG_SRC_CONFIG_ENTR_SUBSMPL(x) ((x) << 4) +#define SE_RNG_SRC_CONFIG_ENTR_DATA_FLUSH BIT(8) -#define SE_CONTEXT_ORIGINAL_IV_LENGTH 256 +#define SE_RNG_RESEED_INTERVAL_REG 0x348 -#define SE_CONTEXT_UPDATED_IV_OFFSET (SE_CONTEXT_ORIGINAL_IV_OFFSET + \ - SE_CONTEXT_ORIGINAL_IV_LENGTH) -#define SE11_CONTEXT_UPDATED_IV_OFFSET (SE11_CONTEXT_ORIGINAL_IV_OFFSET + \ - SE_CONTEXT_ORIGINAL_IV_LENGTH) +#define SE_RSA_CONFIG 0x400 +#define RSA_KEY_SLOT_ONE 0 +#define RSA_KEY_SLOT_TW0 1 +#define RSA_KEY_SLOT(x) ((x) << 24) -#define SE_CONTEXT_UPDATED_IV_LENGTH 256 +#define SE_RSA_KEY_SIZE_REG 0x404 +#define RSA_KEY_WIDTH_512 0 +#define RSA_KEY_WIDTH_1024 1 +#define RSA_KEY_WIDTH_1536 2 +#define RSA_KEY_WIDTH_2048 3 -#define SE_CONTEXT_SAVE_KNOWN_PATTERN_OFFSET (SE_CONTEXT_UPDATED_IV_OFFSET + \ - SE_CONTEXT_UPDATED_IV_LENGTH) -#define SE11_CONTEXT_SAVE_KNOWN_PATTERN_OFFSET \ - (SE11_CONTEXT_UPDATED_IV_OFFSET + \ - SE_CONTEXT_UPDATED_IV_LENGTH) +#define SE_RSA_EXP_SIZE_REG 0x408 -#define SE_CONTEXT_SAVE_RSA_KEYS_OFFSET SE11_CONTEXT_SAVE_KNOWN_PATTERN_OFFSET +#define SE_RSA_SECURITY_PERKEY_REG 0x40C +#define SE_RSA_KEY_LOCK_FLAG 0x80 +#define SE_RSA_KEYTABLE_ACCESS_REG 0x410 +#define SE_RSA_KEY_TBL_DIS_KEYREAD_FLAG BIT(0) +#define SE_RSA_KEY_TBL_DIS_KEYUPDATE_FLAG BIT(1) +#define SE_RSA_KEY_TBL_DIS_KEYUSE_FLAG BIT(2) +#define SE_RSA_KEY_TBL_DIS_KEY_ACCESS_FLAG 0x7F +#define SE_RSA_KEY_TBL_DIS_KEY_READ_UPDATE_FLAG (SE_RSA_KEY_TBL_DIS_KEYREAD_FLAG | SE_RSA_KEY_TBL_DIS_KEYUPDATE_FLAG) +#define SE_RSA_KEY_TBL_DIS_KEY_READ_UPDATE_USE_FLAG (SE_RSA_KEY_TBL_DIS_KEYREAD_FLAG | SE_RSA_KEY_TBL_DIS_KEYUPDATE_FLAG | SE_RSA_KEY_TBL_DIS_KEYUSE_FLAG) -#define SE_CONTEXT_SAVE_RSA_KEY_LENGTH 1024 +#define SE_RSA_KEYTABLE_ADDR_REG 0x420 +#define SE_RSA_KEYTABLE_PKT(x) ((x) << 0) +#define RSA_KEY_TYPE_EXP 0 +#define RSA_KEY_TYPE_MOD 1 +#define SE_RSA_KEYTABLE_TYPE(x) ((x) << 6) +#define RSA_KEY_NUM(x) ((x) << 7) +#define RSA_KEY_INPUT_MODE_REG 0 +#define RSA_KEY_INPUT_MODE_DMA 1 +#define SE_RSA_KEYTABLE_INPUT_MODE(x) ((x) << 8) +#define RSA_KEY_READ 0 +#define RSA_KEY_WRITE 1 +#define SE_RSA_KEY_OP(x) ((x) << 10) -#define SE_CONTEXT_SAVE_RSA_KNOWN_PATTERN_OFFSET \ - (SE_CONTEXT_SAVE_RSA_KEYS_OFFSET + SE_CONTEXT_SAVE_RSA_KEY_LENGTH) +#define SE_RSA_KEYTABLE_DATA_REG 0x424 -#define SE_CONTEXT_KNOWN_PATTERN_SIZE 16 +#define SE_RSA_OUTPUT_REG 0x428 +#define SE_RSA_OUTPUT_REG_COUNT 64 -#define TEGRA_SE_RSA_KEYSLOT_COUNT 2 +#define SE_STATUS_REG 0x800 +#define SE_STATUS_STATE_IDLE 0 +#define SE_STATUS_STATE_BUSY 1 +#define SE_STATUS_STATE_WAIT_OUT 2 +#define SE_STATUS_STATE_WAIT_IN 3 +#define SE_STATUS_STATE_MASK 3 -#define SE_RSA_KEYTABLE_ACCESS_LOCK_OFFSET 0x40C -#define SE_RSA_KEY_TBL_DIS_KEY_LOCK_FLAG 0x80 +#define SE_ERR_STATUS_REG 0x804 +#define SE_ERR_STATUS_SE_NS_ACCESS BIT(0) +#define SE_ERR_STATUS_BUSY_REG_WR BIT(1) +#define SE_ERR_STATUS_DST BIT(2) +#define SE_ERR_STATUS_SRK_USAGE_LIMIT BIT(3) +#define SE_ERR_STATUS_TZRAM_NS_ACCESS BIT(24) +#define SE_ERR_STATUS_TZRAM_ADDRESS BIT(25) -#define SE_RSA_KEYTABLE_ACCESS_REG_OFFSET 0x410 -#define SE_RSA_KEY_TBL_DIS_KEYREAD_FLAG BIT(0) -#define SE_RSA_KEY_TBL_DIS_KEYUPDATE_FLAG BIT(1) -#define SE_RSA_KEY_TBL_DIS_KEY_READ_UPDATE_FLAG (SE_RSA_KEY_TBL_DIS_KEYREAD_FLAG | SE_RSA_KEY_TBL_DIS_KEYUPDATE_FLAG) -#define SE_RSA_KEY_TBL_DIS_KEYUSE_FLAG BIT(2) -#define SE_RSA_KEY_TBL_DIS_KEYUSE_FLAG_SHIFT BIT(2) -#define SE_RSA_KEY_TBL_DIS_KEY_ALL_COMMON_FLAG 7 -#define SE_RSA_KEY_TBL_DIS_KEY_ALL_FLAG 0x7F +#define SE_MISC_REG 0x808 +#define SE_ENTROPY_NEXT_192BIT BIT(0) +#define SE_ENTROPY_VN_BYPASS BIT(1) +#define SE_CLK_OVR_ON BIT(2) -#define SE_RSA_KEYTABLE_ADDR 0x420 -#define SE_RSA_KEYTABLE_DATA 0x424 -#define SE_RSA_OUTPUT 0x428 +#define SE_SPARE_REG 0x80C +#define SE_ERRATA_FIX_DISABLE 0 +#define SE_ERRATA_FIX_ENABLE 1 +#define SE_ECO(x) ((x) << 0) -#define RSA_KEY_READ 0 -#define RSA_KEY_WRITE 1 -#define SE_RSA_KEY_OP_SHIFT 10 -#define SE_RSA_KEY_OP(x) ((x) << SE_RSA_KEY_OP_SHIFT) - -#define RSA_KEY_INPUT_MODE_REG 0 -#define RSA_KEY_INPUT_MODE_DMA 1 -#define RSA_KEY_INPUT_MODE_SHIFT 8 -#define RSA_KEY_INPUT_MODE(x) ((x) << RSA_KEY_INPUT_MODE_SHIFT) - -#define RSA_KEY_SLOT_ONE 0 -#define RSA_KEY_SLOT_TW0 1 -#define RSA_KEY_NUM_SHIFT 7 -#define RSA_KEY_NUM(x) ((x) << RSA_KEY_NUM_SHIFT) - -#define RSA_KEY_TYPE_EXP 0 -#define RSA_KEY_TYPE_MOD 1 -#define RSA_KEY_TYPE_SHIFT 6 -#define RSA_KEY_TYPE(x) ((x) << RSA_KEY_TYPE_SHIFT) - -#define SE_RSA_KEY_SIZE_REG_OFFSET 0x404 -#define SE_RSA_EXP_SIZE_REG_OFFSET 0x408 - -#define RSA_KEY_SLOT_SHIFT 24 -#define RSA_KEY_SLOT(x) ((x) << RSA_KEY_SLOT_SHIFT) -#define SE_RSA_CONFIG 0x400 - -#define RSA_KEY_PKT_WORD_ADDR_SHIFT 0 -#define RSA_KEY_PKT_WORD_ADDR(x) ((x) << RSA_KEY_PKT_WORD_ADDR_SHIFT) - -#define RSA_KEY_WORD_ADDR_SHIFT 0 -#define RSA_KEY_WORD_ADDR(x) ((x) << RSA_KEY_WORD_ADDR_SHIFT) - -#define SE_RSA_KEYTABLE_PKT_SHIFT 0 -#define SE_RSA_KEYTABLE_PKT(x) ((x) << SE_RSA_KEYTABLE_PKT_SHIFT) - -#endif /* _CRYPTO_TEGRA_SE_H */ +#endif diff --git a/bdk/sec/tsec.c b/bdk/sec/tsec.c index b4485b1..9236dc5 100644 --- a/bdk/sec/tsec.c +++ b/bdk/sec/tsec.c @@ -1,6 +1,6 @@ /* * Copyright (c) 2018 naehrwert - * Copyright (c) 2018-2019 CTCaer + * Copyright (c) 2018-2021 CTCaer * Copyright (c) 2018 balika011 * * This program is free software; you can redistribute it and/or modify it @@ -190,7 +190,7 @@ int tsec_query(u8 *tsec_keys, u8 kb, tsec_ctxt_t *tsec_ctxt) if (kb == KB_TSEC_FW_EMU_COMPAT) { u32 start = get_tmr_us(); - u32 k = se[SE_KEYTABLE_DATA0_REG_OFFSET / 4]; + u32 k = se[SE_CRYPTO_KEYTABLE_DATA_REG / 4]; u32 key[16] = {0}; u32 kidx = 0; @@ -198,9 +198,9 @@ int tsec_query(u8 *tsec_keys, u8 kb, tsec_ctxt_t *tsec_ctxt) { smmu_flush_all(); - if (k != se[SE_KEYTABLE_DATA0_REG_OFFSET / 4]) + if (k != se[SE_CRYPTO_KEYTABLE_DATA_REG / 4]) { - k = se[SE_KEYTABLE_DATA0_REG_OFFSET / 4]; + k = se[SE_CRYPTO_KEYTABLE_DATA_REG / 4]; key[kidx++] = k; } @@ -269,7 +269,7 @@ int tsec_query(u8 *tsec_keys, u8 kb, tsec_ctxt_t *tsec_ctxt) SOR1(SOR_NV_PDISP_SOR_TMDS_HDCP_CN_MSB) = 0; SOR1(SOR_NV_PDISP_SOR_TMDS_HDCP_CN_LSB) = 0; - memcpy(tsec_keys, &buf, 0x10); + memcpy(tsec_keys, &buf, SE_KEY_128_SIZE); } out_free:; diff --git a/bdk/soc/hw_init.c b/bdk/soc/hw_init.c index 3a35ece..d48bd70 100644 --- a/bdk/soc/hw_init.c +++ b/bdk/soc/hw_init.c @@ -1,6 +1,6 @@ /* * Copyright (c) 2018 naehrwert - * Copyright (c) 2018-2020 CTCaer + * Copyright (c) 2018-2021 CTCaer * * This program is free software; you can redistribute it and/or modify it * under the terms and conditions of the GNU General Public License, @@ -264,7 +264,7 @@ static void _config_se_brom() FUSE(FUSE_PRIVATE_KEY3) }; // Set SBK to slot 14. - se_aes_key_set(14, sbk, 0x10); + se_aes_key_set(14, sbk, SE_KEY_128_SIZE); // Lock SBK from being read. se_key_acc_ctrl(14, SE_KEY_TBL_DIS_KEYREAD_FLAG); @@ -276,7 +276,7 @@ static void _config_se_brom() // This memset needs to happen here, else TZRAM will behave weirdly later on. memset((void *)TZRAM_BASE, 0, 0x10000); PMC(APBDEV_PMC_CRYPTO_OP) = PMC_CRYPTO_OP_SE_ENABLE; - SE(SE_INT_STATUS_REG_OFFSET) = 0x1F; + SE(SE_INT_STATUS_REG) = 0x1F; // Clear all SE interrupts. // Clear the boot reason to avoid problems later PMC(APBDEV_PMC_SCRATCH200) = 0x0; diff --git a/bootloader/frontend/fe_emmc_tools.c b/bootloader/frontend/fe_emmc_tools.c index 9cb23d4..15364c4 100644 --- a/bootloader/frontend/fe_emmc_tools.c +++ b/bootloader/frontend/fe_emmc_tools.c @@ -1,7 +1,7 @@ /* * Copyright (c) 2018 naehrwert * Copyright (c) 2018 Rajko Stojadinovic - * Copyright (c) 2018-2019 CTCaer + * Copyright (c) 2018-2021 CTCaer * * This program is free software; you can redistribute it and/or modify it * under the terms and conditions of the GNU General Public License, @@ -27,6 +27,7 @@ #include #include #include +#include #include "../storage/nx_emmc.h" #include #include @@ -96,7 +97,7 @@ static int _dump_emmc_verify(sdmmc_storage_t *storage, u32 lba_curr, char *outFi se_calc_sha256_oneshot(hashEm, bufEm, num << 9); se_calc_sha256_oneshot(hashSd, bufSd, num << 9); - res = memcmp(hashEm, hashSd, 0x10); + res = memcmp(hashEm, hashSd, SE_SHA_256_SIZE / 2); if (res) { diff --git a/bootloader/frontend/fe_info.c b/bootloader/frontend/fe_info.c index d915550..a6a5d5a 100644 --- a/bootloader/frontend/fe_info.c +++ b/bootloader/frontend/fe_info.c @@ -1,6 +1,6 @@ /* * Copyright (c) 2018 naehrwert - * Copyright (c) 2018-2020 CTCaer + * Copyright (c) 2018-2021 CTCaer * Copyright (c) 2018 balika011 * * This program is free software; you can redistribute it and/or modify it @@ -27,6 +27,7 @@ #include #include #include +#include #include #include #include @@ -354,7 +355,7 @@ void print_tsec_key() goto out_wait; } - u8 keys[0x10 * 2]; + u8 keys[SE_KEY_128_SIZE * 2]; memset(keys, 0x00, 0x20); tsec_ctxt.fw = (u8 *)pkg1 + pkg1_id->tsec_off; @@ -401,14 +402,14 @@ void print_tsec_key() if (res >= 0) { - for (u32 j = 0; j < 0x10; j++) + for (u32 j = 0; j < SE_KEY_128_SIZE; j++) gfx_printf("%02X", keys[j]); if (pkg1_id->kb == KB_FIRMWARE_VERSION_620) { gfx_printf("\n%kTSEC root: %k", 0xFF00DDFF, 0xFFCCCCCC); - for (u32 j = 0; j < 0x10; j++) - gfx_printf("%02X", keys[0x10 + j]); + for (u32 j = 0; j < SE_KEY_128_SIZE; j++) + gfx_printf("%02X", keys[SE_KEY_128_SIZE + j]); } } else @@ -423,7 +424,7 @@ void print_tsec_key() { char path[64]; emmcsn_path_impl(path, "/dumps", "tsec_keys.bin", NULL); - if (!sd_save_to_file(keys, 0x10 * 2, path)) + if (!sd_save_to_file(keys, SE_KEY_128_SIZE * 2, path)) gfx_puts("\nDone!\n"); sd_end(); } diff --git a/bootloader/frontend/fe_tools.c b/bootloader/frontend/fe_tools.c index ff51094..269bfea 100644 --- a/bootloader/frontend/fe_tools.c +++ b/bootloader/frontend/fe_tools.c @@ -1,6 +1,6 @@ /* * Copyright (c) 2018 naehrwert - * Copyright (c) 2018-2019 CTCaer + * Copyright (c) 2018-2021 CTCaer * Copyright (c) 2018 Reisyukaku * * This program is free software; you can redistribute it and/or modify it @@ -31,6 +31,7 @@ #include #include #include +#include #include "../storage/nx_emmc.h" #include #include diff --git a/bootloader/hos/hos.c b/bootloader/hos/hos.c index b208013..44b4c5a 100644 --- a/bootloader/hos/hos.c +++ b/bootloader/hos/hos.c @@ -2,7 +2,7 @@ * Copyright (c) 2018 naehrwert * Copyright (c) 2018 st4rk * Copyright (c) 2018 Ced2911 - * Copyright (c) 2018-2020 CTCaer + * Copyright (c) 2018-2021 CTCaer * Copyright (c) 2018 balika011 * * This program is free software; you can redistribute it and/or modify it @@ -75,7 +75,7 @@ typedef struct _secmon_mailbox_t u32 out; } secmon_mailbox_t; -static const u8 keyblob_keyseeds[][0x10] = { +static const u8 keyblob_keyseeds[][SE_KEY_128_SIZE] = { { 0xDF, 0x20, 0x6F, 0x59, 0x44, 0x54, 0xEF, 0xDC, 0x70, 0x74, 0x48, 0x3B, 0x0D, 0xED, 0x9F, 0xD3 }, // 1.0.0. { 0x0C, 0x25, 0x61, 0x5D, 0x68, 0x4C, 0xEB, 0x42, 0x1C, 0x23, 0x79, 0xEA, 0x82, 0x25, 0x12, 0xAC }, // 3.0.0. { 0x33, 0x76, 0x85, 0xEE, 0x88, 0x4A, 0xAE, 0x0A, 0xC2, 0x8A, 0xFD, 0x7D, 0x63, 0xC0, 0x43, 0x3B }, // 3.0.1. @@ -84,19 +84,19 @@ static const u8 keyblob_keyseeds[][0x10] = { { 0xD8, 0xCC, 0xE1, 0x26, 0x6A, 0x35, 0x3F, 0xCC, 0x20, 0xF3, 0x2D, 0x3B, 0x51, 0x7D, 0xE9, 0xC0 } // 6.0.0. }; -static const u8 cmac_keyseed[0x10] = +static const u8 cmac_keyseed[SE_KEY_128_SIZE] = { 0x59, 0xC7, 0xFB, 0x6F, 0xBE, 0x9B, 0xBE, 0x87, 0x65, 0x6B, 0x15, 0xC0, 0x53, 0x73, 0x36, 0xA5 }; -static const u8 master_keyseed_retail[0x10] = +static const u8 master_keyseed_retail[SE_KEY_128_SIZE] = { 0xD8, 0xA2, 0x41, 0x0A, 0xC6, 0xC5, 0x90, 0x01, 0xC6, 0x1D, 0x6A, 0x26, 0x7C, 0x51, 0x3F, 0x3C }; -static const u8 master_keyseed_4xx_5xx_610[0x10] = +static const u8 master_keyseed_4xx_5xx_610[SE_KEY_128_SIZE] = { 0x2D, 0xC1, 0xF4, 0x8D, 0xF3, 0x5B, 0x69, 0x33, 0x42, 0x10, 0xAC, 0x65, 0xDA, 0x90, 0x46, 0x66 }; -static const u8 master_keyseed_620[0x10] = +static const u8 master_keyseed_620[SE_KEY_128_SIZE] = { 0x37, 0x4B, 0x77, 0x29, 0x59, 0xB4, 0x04, 0x30, 0x81, 0xF6, 0xE5, 0x8C, 0x6D, 0x36, 0x17, 0x9A }; -static const u8 master_kekseed_t210b01[][0x10] = { +static const u8 master_kekseed_t210b01[][SE_KEY_128_SIZE] = { { 0x77, 0x60, 0x5A, 0xD2, 0xEE, 0x6E, 0xF8, 0x3C, 0x3F, 0x72, 0xE2, 0x59, 0x9D, 0xAC, 0x5E, 0x56 }, // 6.0.0. { 0x1E, 0x80, 0xB8, 0x17, 0x3E, 0xC0, 0x60, 0xAA, 0x11, 0xBE, 0x1A, 0x4A, 0xA6, 0x6F, 0xE4, 0xAE }, // 6.2.0. { 0x94, 0x08, 0x67, 0xBD, 0x0A, 0x00, 0x38, 0x84, 0x11, 0xD3, 0x1A, 0xDB, 0xDD, 0x8D, 0xF1, 0x8A }, // 7.0.0. @@ -105,13 +105,13 @@ static const u8 master_kekseed_t210b01[][0x10] = { { 0x0E, 0x44, 0x0C, 0xED, 0xB4, 0x36, 0xC0, 0x3F, 0xAA, 0x1D, 0xAE, 0xBF, 0x62, 0xB1, 0x09, 0x82 }, // 9.1.0. }; -static const u8 console_keyseed[0x10] = +static const u8 console_keyseed[SE_KEY_128_SIZE] = { 0x4F, 0x02, 0x5F, 0x0E, 0xB6, 0x6D, 0x11, 0x0E, 0xDC, 0x32, 0x7D, 0x41, 0x86, 0xC2, 0xF4, 0x78 }; -static const u8 console_keyseed_4xx_5xx[0x10] = +static const u8 console_keyseed_4xx_5xx[SE_KEY_128_SIZE] = { 0x0C, 0x91, 0x09, 0xDB, 0x93, 0x93, 0x07, 0x81, 0x07, 0x3C, 0xC4, 0x16, 0x22, 0x7C, 0x6C, 0x28 }; -const u8 package2_keyseed[0x10] = +const u8 package2_keyseed[SE_KEY_128_SIZE] = { 0xFB, 0x8B, 0x6A, 0x9C, 0x79, 0x00, 0xC8, 0x49, 0xEF, 0xD2, 0x4D, 0x85, 0x4D, 0x30, 0xA0, 0xC7 }; static void _hos_crit_error(const char *text) @@ -124,30 +124,33 @@ static void _se_lock(bool lock_se) { if (lock_se) { + // Disable aes key read. for (u32 i = 0; i < 16; i++) se_key_acc_ctrl(i, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG); + // Disable RSA key read. for (u32 i = 0; i < 2; i++) se_rsa_acc_ctrl(i, SE_RSA_KEY_TBL_DIS_KEYREAD_FLAG); - SE(SE_TZRAM_SECURITY_0) = 0; // Make SE TZRAM secure only. - SE(SE_KEY_TABLE_ACCESS_LOCK_OFFSET) = 0; // Make all key access regs secure only. - SE(SE_RSA_KEYTABLE_ACCESS_LOCK_OFFSET) = 0; // Make all RSA access regs secure only. - SE(SE_SECURITY_0) &= 0xFFFFFFFB; // Make access lock regs secure only. + + SE(SE_TZRAM_SECURITY_REG) = 0; // Make SE TZRAM secure only. + SE(SE_CRYPTO_SECURITY_PERKEY_REG) = 0; // Make all AES keys access secure only. + SE(SE_RSA_SECURITY_PERKEY_REG) = 0; // Make all RSA keys access secure only. + SE(SE_SE_SECURITY_REG) &= ~SE_PERKEY_SETTING; // Make access lock regs secure only. } memset((void *)IPATCH_BASE, 0, 14 * sizeof(u32)); SB(SB_CSR) = SB_CSR_PIROM_DISABLE; // This is useful for documenting the bits in the SE config registers, so we can keep it around. - /*gfx_printf("SE(SE_SECURITY_0) = %08X\n", SE(SE_SECURITY_0)); + /*gfx_printf("SE(SE_SE_SECURITY_REG) = %08X\n", SE(SE_SE_SECURITY_REG)); gfx_printf("SE(0x4) = %08X\n", SE(0x4)); - gfx_printf("SE(SE_KEY_TABLE_ACCESS_LOCK_OFFSET) = %08X\n", SE(SE_KEY_TABLE_ACCESS_LOCK_OFFSET)); - gfx_printf("SE(SE_RSA_KEYTABLE_ACCESS_LOCK_OFFSET) = %08X\n", SE(SE_RSA_KEYTABLE_ACCESS_LOCK_OFFSET)); + gfx_printf("SE(SE_CRYPTO_SECURITY_PERKEY_REG) = %08X\n", SE(SE_CRYPTO_SECURITY_PERKEY_REG)); + gfx_printf("SE(SE_RSA_SECURITY_PERKEY_REG) = %08X\n", SE(SE_RSA_SECURITY_PERKEY_REG)); for(u32 i = 0; i < 16; i++) - gfx_printf("%02X ", SE(SE_KEY_TABLE_ACCESS_REG_OFFSET + i * 4) & 0xFF); + gfx_printf("%02X ", SE(SE_CRYPTO_KEYTABLE_ACCESS_REG + i * 4) & 0xFF); gfx_putc('\n'); for(u32 i = 0; i < 2; i++) - gfx_printf("%02X ", SE(SE_RSA_KEYTABLE_ACCESS_REG_OFFSET + i * 4) & 0xFF); + gfx_printf("%02X ", SE(SE_RSA_KEYTABLE_ACCESS_REG + i * 4) & 0xFF); gfx_putc('\n'); gfx_hexdump(SE_BASE, (void *)SE_BASE, 0x400);*/ } @@ -257,7 +260,7 @@ void hos_eks_save(u32 kb) // Get keys. u8 *keys = (u8 *)calloc(0x1000, 1); - se_get_aes_keys(keys + 0x800, keys, 0x10); + se_get_aes_keys(keys + 0x800, keys, SE_KEY_128_SIZE); // Set magic and personalized info. h_cfg.eks->magic = HOS_EKS_MAGIC; @@ -265,18 +268,18 @@ void hos_eks_save(u32 kb) h_cfg.eks->lot0 = FUSE(FUSE_OPT_LOT_CODE_0); // Copy new keys. - memcpy(h_cfg.eks->dkg, keys + 10 * 0x10, 0x10); - memcpy(h_cfg.eks->dkk, keys + 15 * 0x10, 0x10); + memcpy(h_cfg.eks->dkg, keys + 10 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); + memcpy(h_cfg.eks->dkk, keys + 15 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); if (!h_cfg.aes_slots_new) { - memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 12 * 0x10, 0x10); - memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 13 * 0x10, 0x10); + memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 12 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); + memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 13 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); } else // New sept slots. { - memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 13 * 0x10, 0x10); - memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 12 * 0x10, 0x10); + memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 13 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); + memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 12 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); } // Encrypt EKS blob. @@ -288,7 +291,6 @@ void hos_eks_save(u32 kb) memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t)); hos_eks_rw_try(mbr, true); - free(eks); free(keys); out: @@ -409,25 +411,25 @@ int hos_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, launch_ctxt_t *hos_c if (h_cfg.eks && h_cfg.eks->enabled[key_idx] >= kb) { // Set Device keygen key to slot 10. - se_aes_key_set(10, h_cfg.eks->dkg, 0x10); + se_aes_key_set(10, h_cfg.eks->dkg, SE_KEY_128_SIZE); // Set Device key to slot 15. - se_aes_key_set(15, h_cfg.eks->dkk, 0x10); + se_aes_key_set(15, h_cfg.eks->dkk, SE_KEY_128_SIZE); if (!h_cfg.aes_slots_new) { // Set Master key to slot 12. - se_aes_key_set(12, h_cfg.eks->keys[key_idx].mkk, 0x10); + se_aes_key_set(12, h_cfg.eks->keys[key_idx].mkk, SE_KEY_128_SIZE); // Set FW Device key key to slot 13. - se_aes_key_set(13, h_cfg.eks->keys[key_idx].fdk, 0x10); + se_aes_key_set(13, h_cfg.eks->keys[key_idx].fdk, SE_KEY_128_SIZE); // Lock FDK. se_key_acc_ctrl(13, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG); } else // New exosphere. { // Set Master key to slot 13. - se_aes_key_set(13, h_cfg.eks->keys[key_idx].mkk, 0x10); + se_aes_key_set(13, h_cfg.eks->keys[key_idx].mkk, SE_KEY_128_SIZE); // Set FW Device key key to slot 12. - se_aes_key_set(12, h_cfg.eks->keys[key_idx].fdk, 0x10); + se_aes_key_set(12, h_cfg.eks->keys[key_idx].fdk, SE_KEY_128_SIZE); // Lock FDK. se_key_acc_ctrl(12, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG); } @@ -439,14 +441,14 @@ int hos_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, launch_ctxt_t *hos_c else if (kb == KB_FIRMWARE_VERSION_620) { // Set TSEC key. - se_aes_key_set(12, tmp, 0x10); + se_aes_key_set(12, tmp, SE_KEY_128_SIZE); // Set TSEC root key. - se_aes_key_set(13, tmp + 0x10, 0x10); + se_aes_key_set(13, tmp + SE_KEY_128_SIZE, SE_KEY_128_SIZE); if (!(emu_cfg.enabled && !h_cfg.emummc_force_disable) && hos_ctxt->stock) { // Package2 key. - se_aes_key_set(8, tmp + 0x10, 0x10); + se_aes_key_set(8, tmp + SE_KEY_128_SIZE, SE_KEY_128_SIZE); se_aes_unwrap_key(8, 8, master_keyseed_620); se_aes_unwrap_key(8, 8, master_keyseed_retail); se_aes_unwrap_key(8, 8, package2_keyseed); @@ -484,7 +486,7 @@ int hos_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, launch_ctxt_t *hos_c se_key_acc_ctrl(14, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG); // Set TSEC key. - se_aes_key_set(13, tmp, 0x10); + se_aes_key_set(13, tmp, SE_KEY_128_SIZE); // Derive keyblob keys from TSEC+SBK. se_aes_crypt_block_ecb(13, 0, tmp, keyblob_keyseeds[0]); @@ -506,9 +508,9 @@ int hos_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt, launch_ctxt_t *hos_c // Decrypt keyblob and set keyslots. se_aes_crypt_ctr(13, keyblob + 0x20, 0x90, keyblob + 0x20, 0x90, keyblob + 0x10); - se_aes_key_set(11, keyblob + 0x20 + 0x80, 0x10); // Package1 key. - se_aes_key_set(12, keyblob + 0x20, 0x10); - se_aes_key_set(13, keyblob + 0x20, 0x10); + se_aes_key_set(11, keyblob + 0x20 + 0x80, SE_KEY_128_SIZE); // Package1 key. + se_aes_key_set(12, keyblob + 0x20, SE_KEY_128_SIZE); + se_aes_key_set(13, keyblob + 0x20, SE_KEY_128_SIZE); se_aes_crypt_block_ecb(12, 0, tmp, master_keyseed_retail); @@ -1016,16 +1018,16 @@ int hos_launch(ini_sec_t *cfg) case KB_FIRMWARE_VERSION_100_200: case KB_FIRMWARE_VERSION_300: case KB_FIRMWARE_VERSION_301: - se_key_acc_ctrl(12, SE_KEY_TBL_DIS_KEY_ACCESS_FLAG | SE_KEY_TBL_DIS_KEY_LOCK_FLAG); - se_key_acc_ctrl(13, SE_KEY_TBL_DIS_KEY_ACCESS_FLAG | SE_KEY_TBL_DIS_KEY_LOCK_FLAG); + se_key_acc_ctrl(12, SE_KEY_TBL_DIS_KEY_ACCESS_FLAG | SE_KEY_LOCK_FLAG); + se_key_acc_ctrl(13, SE_KEY_TBL_DIS_KEY_ACCESS_FLAG | SE_KEY_LOCK_FLAG); bootStateDramPkg2 = 2; bootStatePkg2Continue = 3; break; case KB_FIRMWARE_VERSION_400: case KB_FIRMWARE_VERSION_500: case KB_FIRMWARE_VERSION_600: - se_key_acc_ctrl(12, SE_KEY_TBL_DIS_KEY_ACCESS_FLAG | SE_KEY_TBL_DIS_KEY_LOCK_FLAG); - se_key_acc_ctrl(15, SE_KEY_TBL_DIS_KEY_ACCESS_FLAG | SE_KEY_TBL_DIS_KEY_LOCK_FLAG); + se_key_acc_ctrl(12, SE_KEY_TBL_DIS_KEY_ACCESS_FLAG | SE_KEY_LOCK_FLAG); + se_key_acc_ctrl(15, SE_KEY_TBL_DIS_KEY_ACCESS_FLAG | SE_KEY_LOCK_FLAG); default: bootStateDramPkg2 = 2; bootStatePkg2Continue = 4; diff --git a/bootloader/hos/pkg2.c b/bootloader/hos/pkg2.c index b00c186..b08ea0f 100644 --- a/bootloader/hos/pkg2.c +++ b/bootloader/hos/pkg2.c @@ -1,6 +1,6 @@ /* * Copyright (c) 2018 naehrwert - * Copyright (c) 2018-2020 CTCaer + * Copyright (c) 2018-2021 CTCaer * Copyright (c) 2018 Atmosphère-NX * * This program is free software; you can redistribute it and/or modify it @@ -27,6 +27,7 @@ #include #include #include +#include #include "../storage/emummc.h" #include #include @@ -1335,7 +1336,7 @@ const char* pkg2_patch_kips(link_t *info, char* patchNames) return NULL; } -static const u8 mkey_vector_8xx[][0x10] = +static const u8 mkey_vector_8xx[][SE_KEY_128_SIZE] = { // Master key 8 encrypted with 9. (8.1.0 with 9.0.0) { 0x4D, 0xD9, 0x98, 0x42, 0x45, 0x0D, 0xB1, 0x3C, 0x52, 0x0C, 0x9A, 0x44, 0xBB, 0xAD, 0xAF, 0x80 }, @@ -1346,10 +1347,10 @@ static const u8 mkey_vector_8xx[][0x10] = static bool _pkg2_key_unwrap_validate(pkg2_hdr_t *tmp_test, pkg2_hdr_t *hdr, u8 src_slot, u8 *mkey, const u8 *key_seed) { // Decrypt older encrypted mkey. - se_aes_crypt_ecb(src_slot, 0, mkey, 0x10, key_seed, 0x10); + se_aes_crypt_ecb(src_slot, 0, mkey, SE_KEY_128_SIZE, key_seed, SE_KEY_128_SIZE); // Set and unwrap pkg2 key. se_aes_key_clear(9); - se_aes_key_set(9, mkey, 0x10); + se_aes_key_set(9, mkey, SE_KEY_128_SIZE); se_aes_unwrap_key(9, 9, package2_keyseed); // Decrypt header. @@ -1383,9 +1384,9 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb) // Decrypt older pkg2 via new mkeys. if ((kb >= KB_FIRMWARE_VERSION_810) && (kb < KB_FIRMWARE_VERSION_MAX)) { - u8 tmp_mkey[0x10]; + u8 tmp_mkey[SE_KEY_128_SIZE]; u8 decr_slot = !h_cfg.t210b01 ? (!h_cfg.aes_slots_new ? 12 : 13) : 7; // Sept mkey or T210B01 mkey. - u8 mkey_seeds_cnt = sizeof(mkey_vector_8xx) / 0x10; + u8 mkey_seeds_cnt = sizeof(mkey_vector_8xx) / SE_KEY_128_SIZE; u8 mkey_seeds_idx = mkey_seeds_cnt; // Real index + 1. u8 mkey_seeds_min_idx = mkey_seeds_cnt - (KB_FIRMWARE_VERSION_MAX - kb); @@ -1405,7 +1406,7 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb) // Set current mkey in order to decrypt a lower mkey. mkey_seeds_idx--; se_aes_key_clear(9); - se_aes_key_set(9, tmp_mkey, 0x10); + se_aes_key_set(9, tmp_mkey, SE_KEY_128_SIZE); decr_slot = 9; // Temp key. @@ -1439,7 +1440,7 @@ DPRINTF("sec %d has size %08X\n", i, hdr->sec_size[i]); if (!hdr->sec_size[i]) continue; - se_aes_crypt_ctr(pkg2_keyslot, pdata, hdr->sec_size[i], pdata, hdr->sec_size[i], &hdr->sec_ctr[i * 0x10]); + se_aes_crypt_ctr(pkg2_keyslot, pdata, hdr->sec_size[i], pdata, hdr->sec_size[i], &hdr->sec_ctr[i * SE_AES_IV_SIZE]); //gfx_hexdump((u32)pdata, pdata, 0x100); pdata += hdr->sec_size[i]; @@ -1469,7 +1470,7 @@ DPRINTF("adding kip1 '%s' @ %08X (%08X)\n", ki->kip1->name, (u32)ki->kip1, ki->s { hdr->sec_size[PKG2_SEC_INI1] = ini1_size; hdr->sec_off[PKG2_SEC_INI1] = 0x14080000; - se_aes_crypt_ctr(8, ini1, ini1_size, ini1, ini1_size, &hdr->sec_ctr[PKG2_SEC_INI1 * 0x10]); + se_aes_crypt_ctr(8, ini1, ini1_size, ini1, ini1_size, &hdr->sec_ctr[PKG2_SEC_INI1 * SE_AES_IV_SIZE]); } else { @@ -1526,7 +1527,7 @@ DPRINTF("%s @ %08X (%08X)\n", is_meso ? "Mesosphere": "kernel",(u32)ctxt->kernel hdr->sec_off[PKG2_SEC_KERNEL] = 0x60000; } hdr->sec_size[PKG2_SEC_KERNEL] = kernel_size; - se_aes_crypt_ctr(pkg2_keyslot, pdst, kernel_size, pdst, kernel_size, &hdr->sec_ctr[PKG2_SEC_KERNEL * 0x10]); + se_aes_crypt_ctr(pkg2_keyslot, pdst, kernel_size, pdst, kernel_size, &hdr->sec_ctr[PKG2_SEC_KERNEL * SE_AES_IV_SIZE]); pdst += kernel_size; DPRINTF("kernel encrypted\n"); @@ -1549,7 +1550,7 @@ DPRINTF("INI1 encrypted\n"); *(u32 *)hdr->ctr = 0x100 + sizeof(pkg2_hdr_t) + kernel_size + ini1_size; hdr->ctr[4] = key_ver; se_aes_crypt_ctr(pkg2_keyslot, hdr, sizeof(pkg2_hdr_t), hdr, sizeof(pkg2_hdr_t), hdr); - memset(hdr->ctr, 0 , 0x10); + memset(hdr->ctr, 0 , SE_AES_IV_SIZE); *(u32 *)hdr->ctr = 0x100 + sizeof(pkg2_hdr_t) + kernel_size + ini1_size; hdr->ctr[4] = key_ver; diff --git a/nyx/nyx_gui/hos/hos.c b/nyx/nyx_gui/hos/hos.c index 5b571e4..dc9eb14 100644 --- a/nyx/nyx_gui/hos/hos.c +++ b/nyx/nyx_gui/hos/hos.c @@ -2,7 +2,7 @@ * Copyright (c) 2018 naehrwert * Copyright (c) 2018 st4rk * Copyright (c) 2018 Ced2911 - * Copyright (c) 2018-2020 CTCaer + * Copyright (c) 2018-2021 CTCaer * Copyright (c) 2018 balika011 * * This program is free software; you can redistribute it and/or modify it @@ -45,7 +45,7 @@ extern hekate_config h_cfg; static u8 *bis_keys = NULL; -static const u8 keyblob_keyseeds[][0x10] = { +static const u8 keyblob_keyseeds[][SE_KEY_128_SIZE] = { { 0xDF, 0x20, 0x6F, 0x59, 0x44, 0x54, 0xEF, 0xDC, 0x70, 0x74, 0x48, 0x3B, 0x0D, 0xED, 0x9F, 0xD3 }, // 1.0.0. { 0x0C, 0x25, 0x61, 0x5D, 0x68, 0x4C, 0xEB, 0x42, 0x1C, 0x23, 0x79, 0xEA, 0x82, 0x25, 0x12, 0xAC }, // 3.0.0. { 0x33, 0x76, 0x85, 0xEE, 0x88, 0x4A, 0xAE, 0x0A, 0xC2, 0x8A, 0xFD, 0x7D, 0x63, 0xC0, 0x43, 0x3B }, // 3.0.1. @@ -54,19 +54,19 @@ static const u8 keyblob_keyseeds[][0x10] = { { 0xD8, 0xCC, 0xE1, 0x26, 0x6A, 0x35, 0x3F, 0xCC, 0x20, 0xF3, 0x2D, 0x3B, 0x51, 0x7D, 0xE9, 0xC0 } // 6.0.0. }; -static const u8 cmac_keyseed[0x10] = +static const u8 cmac_keyseed[SE_KEY_128_SIZE] = { 0x59, 0xC7, 0xFB, 0x6F, 0xBE, 0x9B, 0xBE, 0x87, 0x65, 0x6B, 0x15, 0xC0, 0x53, 0x73, 0x36, 0xA5 }; -static const u8 master_keyseed_retail[0x10] = +static const u8 master_keyseed_retail[SE_KEY_128_SIZE] = { 0xD8, 0xA2, 0x41, 0x0A, 0xC6, 0xC5, 0x90, 0x01, 0xC6, 0x1D, 0x6A, 0x26, 0x7C, 0x51, 0x3F, 0x3C }; -static const u8 master_keyseed_4xx_5xx_610[0x10] = +static const u8 master_keyseed_4xx_5xx_610[SE_KEY_128_SIZE] = { 0x2D, 0xC1, 0xF4, 0x8D, 0xF3, 0x5B, 0x69, 0x33, 0x42, 0x10, 0xAC, 0x65, 0xDA, 0x90, 0x46, 0x66 }; -static const u8 master_keyseed_620[0x10] = +static const u8 master_keyseed_620[SE_KEY_128_SIZE] = { 0x37, 0x4B, 0x77, 0x29, 0x59, 0xB4, 0x04, 0x30, 0x81, 0xF6, 0xE5, 0x8C, 0x6D, 0x36, 0x17, 0x9A }; -static const u8 master_kekseed_t210b01[][0x10] = { +static const u8 master_kekseed_t210b01[][SE_KEY_128_SIZE] = { { 0x77, 0x60, 0x5A, 0xD2, 0xEE, 0x6E, 0xF8, 0x3C, 0x3F, 0x72, 0xE2, 0x59, 0x9D, 0xAC, 0x5E, 0x56 }, // 6.0.0. { 0x1E, 0x80, 0xB8, 0x17, 0x3E, 0xC0, 0x60, 0xAA, 0x11, 0xBE, 0x1A, 0x4A, 0xA6, 0x6F, 0xE4, 0xAE }, // 6.2.0. { 0x94, 0x08, 0x67, 0xBD, 0x0A, 0x00, 0x38, 0x84, 0x11, 0xD3, 0x1A, 0xDB, 0xDD, 0x8D, 0xF1, 0x8A }, // 7.0.0. @@ -75,16 +75,16 @@ static const u8 master_kekseed_t210b01[][0x10] = { { 0x0E, 0x44, 0x0C, 0xED, 0xB4, 0x36, 0xC0, 0x3F, 0xAA, 0x1D, 0xAE, 0xBF, 0x62, 0xB1, 0x09, 0x82 }, // 9.1.0. }; -static const u8 console_keyseed[0x10] = +static const u8 console_keyseed[SE_KEY_128_SIZE] = { 0x4F, 0x02, 0x5F, 0x0E, 0xB6, 0x6D, 0x11, 0x0E, 0xDC, 0x32, 0x7D, 0x41, 0x86, 0xC2, 0xF4, 0x78 }; -static const u8 console_keyseed_4xx_5xx[0x10] = +static const u8 console_keyseed_4xx_5xx[SE_KEY_128_SIZE] = { 0x0C, 0x91, 0x09, 0xDB, 0x93, 0x93, 0x07, 0x81, 0x07, 0x3C, 0xC4, 0x16, 0x22, 0x7C, 0x6C, 0x28 }; -const u8 package2_keyseed[0x10] = +const u8 package2_keyseed[SE_KEY_128_SIZE] = { 0xFB, 0x8B, 0x6A, 0x9C, 0x79, 0x00, 0xC8, 0x49, 0xEF, 0xD2, 0x4D, 0x85, 0x4D, 0x30, 0xA0, 0xC7 }; -static const u8 mkey_vectors[KB_FIRMWARE_VERSION_MAX + 1][0x10] = { +static const u8 mkey_vectors[KB_FIRMWARE_VERSION_MAX + 1][SE_KEY_128_SIZE] = { { 0x0C, 0xF0, 0x59, 0xAC, 0x85, 0xF6, 0x26, 0x65, 0xE1, 0xE9, 0x19, 0x55, 0xE6, 0xF2, 0x67, 0x3D }, // Zeroes encrypted with mkey 00. { 0x29, 0x4C, 0x04, 0xC8, 0xEB, 0x10, 0xED, 0x9D, 0x51, 0x64, 0x97, 0xFB, 0xF3, 0x4D, 0x50, 0xDD }, // Mkey 00 encrypted with mkey 01. { 0xDE, 0xCF, 0xEB, 0xEB, 0x10, 0xAE, 0x74, 0xD8, 0xAD, 0x7C, 0xF4, 0x9E, 0x62, 0xE0, 0xE8, 0x72 }, // Mkey 01 encrypted with mkey 02. @@ -98,7 +98,7 @@ static const u8 mkey_vectors[KB_FIRMWARE_VERSION_MAX + 1][0x10] = { { 0xB8, 0x96, 0x9E, 0x4A, 0x00, 0x0D, 0xD6, 0x28, 0xB3, 0xD1, 0xDB, 0x68, 0x5F, 0xFB, 0xE1, 0x2A }, // Mkey 09 encrypted with mkey 10. }; -static const u8 new_console_keyseed[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VERSION_400 + 1][0x10] = { +static const u8 new_console_keyseed[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VERSION_400 + 1][SE_KEY_128_SIZE] = { { 0x8B, 0x4E, 0x1C, 0x22, 0x42, 0x07, 0xC8, 0x73, 0x56, 0x94, 0x08, 0x8B, 0xCC, 0x47, 0x0F, 0x5D }, // 4.x New Device Key Source. { 0x6C, 0xEF, 0xC6, 0x27, 0x8B, 0xEC, 0x8A, 0x91, 0x99, 0xAB, 0x24, 0xAC, 0x4F, 0x1C, 0x8F, 0x1C }, // 5.x New Device Key Source. { 0x70, 0x08, 0x1B, 0x97, 0x44, 0x64, 0xF8, 0x91, 0x54, 0x9D, 0xC6, 0x84, 0x8F, 0x1A, 0xB2, 0xE4 }, // 6.x New Device Key Source. @@ -109,7 +109,7 @@ static const u8 new_console_keyseed[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VERSIO { 0x14, 0xB8, 0x74, 0x12, 0xCB, 0xBD, 0x0B, 0x8F, 0x20, 0xFB, 0x30, 0xDA, 0x27, 0xE4, 0x58, 0x94 }, // 9.1.0 New Device Key Source. }; -static const u8 new_console_kekseed[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VERSION_400 + 1][0x10] = { +static const u8 new_console_kekseed[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VERSION_400 + 1][SE_KEY_128_SIZE] = { { 0x88, 0x62, 0x34, 0x6E, 0xFA, 0xF7, 0xD8, 0x3F, 0xE1, 0x30, 0x39, 0x50, 0xF0, 0xB7, 0x5D, 0x5D }, // 4.x New Device Keygen Source. { 0x06, 0x1E, 0x7B, 0xE9, 0x6D, 0x47, 0x8C, 0x77, 0xC5, 0xC8, 0xE7, 0x94, 0x9A, 0xA8, 0x5F, 0x2E }, // 5.x New Device Keygen Source. { 0x99, 0xFA, 0x98, 0xBD, 0x15, 0x1C, 0x72, 0xFD, 0x7D, 0x9A, 0xD5, 0x41, 0x00, 0xFD, 0xB2, 0xEF }, // 6.x New Device Keygen Source. @@ -120,19 +120,19 @@ static const u8 new_console_kekseed[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VERSIO { 0xCE, 0xFE, 0x41, 0x0F, 0x46, 0x9A, 0x30, 0xD6, 0xF2, 0xE9, 0x0C, 0x6B, 0xB7, 0x15, 0x91, 0x36 }, // 9.1.0 New Device Keygen Source. }; -static const u8 gen_keyseed[0x10] = +static const u8 gen_keyseed[SE_KEY_128_SIZE] = { 0x89, 0x61, 0x5E, 0xE0, 0x5C, 0x31, 0xB6, 0x80, 0x5F, 0xE5, 0x8F, 0x3D, 0xA2, 0x4F, 0x7A, 0xA8 }; -static const u8 gen_kekseed[0x10] = +static const u8 gen_kekseed[SE_KEY_128_SIZE] = { 0x4D, 0x87, 0x09, 0x86, 0xC4, 0x5D, 0x20, 0x72, 0x2F, 0xBA, 0x10, 0x53, 0xDA, 0x92, 0xE8, 0xA9 }; -static const u8 gen_keyseed_retail[0x10] = +static const u8 gen_keyseed_retail[SE_KEY_128_SIZE] = { 0xE2, 0xD6, 0xB8, 0x7A, 0x11, 0x9C, 0xB8, 0x80, 0xE8, 0x22, 0x88, 0x8A, 0x46, 0xFB, 0xA1, 0x95 }; -static const u8 bis_kekseed[0x10] = +static const u8 bis_kekseed[SE_KEY_128_SIZE] = { 0x34, 0xC1, 0xA0, 0xC4, 0x82, 0x58, 0xF8, 0xB4, 0xFA, 0x9E, 0x5E, 0x6A, 0xDA, 0xFC, 0x7E, 0x4F }; -static const u8 bis_keyseed[][0x10] = { +static const u8 bis_keyseed[][SE_KEY_128_SIZE] = { { 0xF8, 0x3F, 0x38, 0x6E, 0x2C, 0xD2, 0xCA, 0x32, 0xA8, 0x9A, 0xB9, 0xAA, 0x29, 0xBF, 0xC7, 0x48 }, // BIS 0 Crypt seed. { 0x7D, 0x92, 0xB0, 0x3A, 0xA8, 0xBF, 0xDE, 0xE1, 0xA7, 0x4C, 0x3B, 0x6E, 0x35, 0xCB, 0x71, 0x06 }, // BIS 0 Tweak seed. { 0x41, 0x00, 0x30, 0x49, 0xDD, 0xCC, 0xC0, 0x65, 0x64, 0x7A, 0x7E, 0xB4, 0x1E, 0xED, 0x9C, 0x5F }, // BIS 1 Crypt seed. @@ -229,7 +229,7 @@ void hos_eks_save(u32 kb) // Get keys. u8 *keys = (u8 *)calloc(0x1000, 1); - se_get_aes_keys(keys + 0x800, keys, 0x10); + se_get_aes_keys(keys + 0x800, keys, SE_KEY_128_SIZE); // Set magic and personalized info. h_cfg.eks->magic = HOS_EKS_MAGIC; @@ -237,18 +237,18 @@ void hos_eks_save(u32 kb) h_cfg.eks->lot0 = FUSE(FUSE_OPT_LOT_CODE_0); // Copy new keys. - memcpy(h_cfg.eks->dkg, keys + 10 * 0x10, 0x10); - memcpy(h_cfg.eks->dkk, keys + 15 * 0x10, 0x10); + memcpy(h_cfg.eks->dkg, keys + 10 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); + memcpy(h_cfg.eks->dkk, keys + 15 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); if (!h_cfg.aes_slots_new) { - memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 12 * 0x10, 0x10); - memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 13 * 0x10, 0x10); + memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 12 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); + memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 13 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); } else // New sept slots. { - memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 13 * 0x10, 0x10); - memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 12 * 0x10, 0x10); + memcpy(h_cfg.eks->keys[key_idx].mkk, keys + 13 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); + memcpy(h_cfg.eks->keys[key_idx].fdk, keys + 12 * SE_KEY_128_SIZE, SE_KEY_128_SIZE); } // Encrypt EKS blob. @@ -260,7 +260,6 @@ void hos_eks_save(u32 kb) memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t)); hos_eks_rw_try(mbr, true); - free(eks); free(keys); out: @@ -346,14 +345,14 @@ void hos_eks_bis_save() h_cfg.eks->lot0 = FUSE(FUSE_OPT_LOT_CODE_0); // Copy new keys. - memcpy(h_cfg.eks->bis_keys[0].crypt, bis_keys + (0 * 0x10), 0x10); - memcpy(h_cfg.eks->bis_keys[0].tweak, bis_keys + (1 * 0x10), 0x10); + memcpy(h_cfg.eks->bis_keys[0].crypt, bis_keys + (0 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); + memcpy(h_cfg.eks->bis_keys[0].tweak, bis_keys + (1 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); - memcpy(h_cfg.eks->bis_keys[1].crypt, bis_keys + (2 * 0x10), 0x10); - memcpy(h_cfg.eks->bis_keys[1].tweak, bis_keys + (3 * 0x10), 0x10); + memcpy(h_cfg.eks->bis_keys[1].crypt, bis_keys + (2 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); + memcpy(h_cfg.eks->bis_keys[1].tweak, bis_keys + (3 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); - memcpy(h_cfg.eks->bis_keys[2].crypt, bis_keys + (4 * 0x10), 0x10); - memcpy(h_cfg.eks->bis_keys[2].tweak, bis_keys + (5 * 0x10), 0x10); + memcpy(h_cfg.eks->bis_keys[2].crypt, bis_keys + (4 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); + memcpy(h_cfg.eks->bis_keys[2].tweak, bis_keys + (5 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); // Encrypt EKS blob. u8 *eks = calloc(512 , 1); @@ -473,13 +472,13 @@ int hos_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) if (h_cfg.eks && h_cfg.eks->enabled[key_idx] >= kb) { // Set Device keygen key to slot 10. - se_aes_key_set(10, h_cfg.eks->dkg, 0x10); + se_aes_key_set(10, h_cfg.eks->dkg, SE_KEY_128_SIZE); // Set Master key to slot 12. - se_aes_key_set(12, h_cfg.eks->keys[key_idx].mkk, 0x10); + se_aes_key_set(12, h_cfg.eks->keys[key_idx].mkk, SE_KEY_128_SIZE); // Set FW Device key key to slot 13. - se_aes_key_set(13, h_cfg.eks->keys[key_idx].fdk, 0x10); + se_aes_key_set(13, h_cfg.eks->keys[key_idx].fdk, SE_KEY_128_SIZE); // Set Device key to slot 15. - se_aes_key_set(15, h_cfg.eks->dkk, 0x10); + se_aes_key_set(15, h_cfg.eks->dkk, SE_KEY_128_SIZE); } else h_cfg.aes_slots_new = se_key_acc_ctrl_get(12) == 0x6A; @@ -490,9 +489,9 @@ int hos_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) else if (kb == KB_FIRMWARE_VERSION_620) { // Set TSEC key. - se_aes_key_set(12, tmp, 0x10); + se_aes_key_set(12, tmp, SE_KEY_128_SIZE); // Set TSEC root key. - se_aes_key_set(13, tmp + 0x10, 0x10); + se_aes_key_set(13, tmp + SE_KEY_128_SIZE, SE_KEY_128_SIZE); // Decrypt keyblob and set keyslots se_aes_crypt_block_ecb(12, 0, tmp + 0x20, keyblob_keyseeds[0]); @@ -508,7 +507,7 @@ int hos_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) else { // Set TSEC key. - se_aes_key_set(13, tmp, 0x10); + se_aes_key_set(13, tmp, SE_KEY_128_SIZE); // Derive keyblob keys from TSEC+SBK. se_aes_crypt_block_ecb(13, 0, tmp, keyblob_keyseeds[0]); @@ -530,9 +529,9 @@ int hos_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) // Decrypt keyblob and set keyslots. se_aes_crypt_ctr(13, keyblob + 0x20, 0x90, keyblob + 0x20, 0x90, keyblob + 0x10); - se_aes_key_set(11, keyblob + 0x20 + 0x80, 0x10); // Package1 key. - se_aes_key_set(12, keyblob + 0x20, 0x10); - se_aes_key_set(13, keyblob + 0x20, 0x10); + se_aes_key_set(11, keyblob + 0x20 + 0x80, SE_KEY_128_SIZE); // Package1 key. + se_aes_key_set(12, keyblob + 0x20, SE_KEY_128_SIZE); + se_aes_key_set(13, keyblob + 0x20, SE_KEY_128_SIZE); se_aes_crypt_block_ecb(12, 0, tmp, master_keyseed_retail); @@ -568,18 +567,18 @@ int hos_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) static void _hos_validate_sept_mkey(u32 kb) { - u8 tmp_mkey[0x10]; - u32 mkey_idx = sizeof(mkey_vectors) / 0x10; + u8 tmp_mkey[SE_KEY_128_SIZE]; + u32 mkey_idx = sizeof(mkey_vectors) / SE_KEY_128_SIZE; u8 mkey_slot = !h_cfg.aes_slots_new ? 12 : 13; do { mkey_idx--; - se_aes_crypt_ecb(mkey_slot, 0, tmp_mkey, 0x10, mkey_vectors[mkey_idx], 0x10); + se_aes_crypt_ecb(mkey_slot, 0, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx], SE_KEY_128_SIZE); for (u32 idx = 0; idx < mkey_idx; idx++) { se_aes_key_clear(2); - se_aes_key_set(2, tmp_mkey, 0x10); - se_aes_crypt_ecb(2, 0, tmp_mkey, 0x10, mkey_vectors[mkey_idx - 1 - idx], 0x10); + se_aes_key_set(2, tmp_mkey, SE_KEY_128_SIZE); + se_aes_crypt_ecb(2, 0, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx - 1 - idx], SE_KEY_128_SIZE); } if (!memcmp(tmp_mkey, "\x00\x00\x00\x00\x00\x00\x00\x00", 8)) @@ -597,13 +596,13 @@ static void _hos_validate_sept_mkey(u32 kb) static void _hos_bis_print_key(u32 idx, u8 *key) { gfx_printf("BIS %d Crypt: ", idx); - for (int i = 0; i < 0x10; i++) - gfx_printf("%02X", key[((idx * 2 + 0) * 0x10) + i]); + for (int i = 0; i < SE_KEY_128_SIZE; i++) + gfx_printf("%02X", key[((idx * 2 + 0) * SE_KEY_128_SIZE) + i]); gfx_puts("\n"); gfx_printf("BIS %d Tweak: ", idx); - for (int i = 0; i < 0x10; i++) - gfx_printf("%02X", key[((idx * 2 + 1) * 0x10) + i]); + for (int i = 0; i < SE_KEY_128_SIZE; i++) + gfx_printf("%02X", key[((idx * 2 + 1) * SE_KEY_128_SIZE) + i]); gfx_puts("\n"); } @@ -613,7 +612,7 @@ int hos_bis_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) u32 console_key_slot = kb >= KB_FIRMWARE_VERSION_400 ? 15 : 13; if (!bis_keys) - bis_keys = malloc(0x10 * 6); + bis_keys = malloc(SE_KEY_128_SIZE * 6); if (!h_cfg.eks || !h_cfg.eks->enabled_bis) { @@ -627,8 +626,8 @@ int hos_bis_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) if (keygen_rev) { - u8 tmp_mkey[0x10]; - u32 mkey_idx = sizeof(mkey_vectors) / 0x10; + u8 tmp_mkey[SE_KEY_128_SIZE]; + u32 mkey_idx = sizeof(mkey_vectors) / SE_KEY_128_SIZE; u8 mkey_slot = kb >= KB_FIRMWARE_VERSION_700 ? (!h_cfg.aes_slots_new ? 12 : 13) : (kb == KB_FIRMWARE_VERSION_620 ? 9 : 12); // Keygen revision uses bootloader version, which starts from 1. @@ -642,19 +641,19 @@ int hos_bis_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) do { mkey_idx--; - se_aes_crypt_ecb(mkey_slot, 0, tmp_mkey, 0x10, mkey_vectors[mkey_idx], 0x10); + se_aes_crypt_ecb(mkey_slot, 0, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx], SE_KEY_128_SIZE); for (u32 idx = 0; idx < mkey_idx; idx++) { se_aes_key_clear(2); - se_aes_key_set(2, tmp_mkey, 0x10); - se_aes_crypt_ecb(2, 0, tmp_mkey, 0x10, mkey_vectors[mkey_idx - 1 - idx], 0x10); + se_aes_key_set(2, tmp_mkey, SE_KEY_128_SIZE); + se_aes_crypt_ecb(2, 0, tmp_mkey, SE_KEY_128_SIZE, mkey_vectors[mkey_idx - 1 - idx], SE_KEY_128_SIZE); } } while (memcmp(tmp_mkey, "\x00\x00\x00\x00\x00\x00\x00\x00", 8) != 0 && (mkey_idx - 1)); // Derive new device key. se_aes_key_clear(1); se_aes_unwrap_key(1, 10, new_console_keyseed[keygen_rev]); // Uses Device key 4x. - se_aes_crypt_ecb(10, 0, tmp_mkey, 0x10, new_console_keyseed[keygen_rev], 0x10); // Uses Device key 4x. + se_aes_crypt_ecb(10, 0, tmp_mkey, SE_KEY_128_SIZE, new_console_keyseed[keygen_rev], SE_KEY_128_SIZE); // Uses Device key 4x. se_aes_unwrap_key(1, 2, new_console_kekseed[keygen_rev]); // Uses Master Key 0. se_aes_unwrap_key(1, 1, tmp_mkey); @@ -666,11 +665,11 @@ int hos_bis_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) se_aes_unwrap_key(2, console_key_slot, gen_keyseed_retail); // Clear bis keys storage. - memset(bis_keys, 0, 0x10 * 6); + memset(bis_keys, 0, SE_KEY_128_SIZE * 6); // Generate BIS 0 Keys. - se_aes_crypt_block_ecb(2, 0, bis_keys + (0 * 0x10), bis_keyseed[0]); - se_aes_crypt_block_ecb(2, 0, bis_keys + (1 * 0x10), bis_keyseed[1]); + se_aes_crypt_block_ecb(2, 0, bis_keys + (0 * SE_KEY_128_SIZE), bis_keyseed[0]); + se_aes_crypt_block_ecb(2, 0, bis_keys + (1 * SE_KEY_128_SIZE), bis_keyseed[1]); // Generate generic kek. se_aes_key_clear(2); @@ -679,26 +678,26 @@ int hos_bis_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) se_aes_unwrap_key(2, 2, gen_keyseed); // Generate BIS 1 Keys. - se_aes_crypt_block_ecb(2, 0, bis_keys + (2 * 0x10), bis_keyseed[2]); - se_aes_crypt_block_ecb(2, 0, bis_keys + (3 * 0x10), bis_keyseed[3]); + se_aes_crypt_block_ecb(2, 0, bis_keys + (2 * SE_KEY_128_SIZE), bis_keyseed[2]); + se_aes_crypt_block_ecb(2, 0, bis_keys + (3 * SE_KEY_128_SIZE), bis_keyseed[3]); // Generate BIS 2/3 Keys. - se_aes_crypt_block_ecb(2, 0, bis_keys + (4 * 0x10), bis_keyseed[4]); - se_aes_crypt_block_ecb(2, 0, bis_keys + (5 * 0x10), bis_keyseed[5]); + se_aes_crypt_block_ecb(2, 0, bis_keys + (4 * SE_KEY_128_SIZE), bis_keyseed[4]); + se_aes_crypt_block_ecb(2, 0, bis_keys + (5 * SE_KEY_128_SIZE), bis_keyseed[5]); if (!h_cfg.t210b01 && kb >= KB_FIRMWARE_VERSION_700) _hos_validate_sept_mkey(kb); } else { - memcpy(bis_keys + (0 * 0x10), h_cfg.eks->bis_keys[0].crypt, 0x10); - memcpy(bis_keys + (1 * 0x10), h_cfg.eks->bis_keys[0].tweak, 0x10); + memcpy(bis_keys + (0 * SE_KEY_128_SIZE), h_cfg.eks->bis_keys[0].crypt, SE_KEY_128_SIZE); + memcpy(bis_keys + (1 * SE_KEY_128_SIZE), h_cfg.eks->bis_keys[0].tweak, SE_KEY_128_SIZE); - memcpy(bis_keys + (2 * 0x10), h_cfg.eks->bis_keys[1].crypt, 0x10); - memcpy(bis_keys + (3 * 0x10), h_cfg.eks->bis_keys[1].tweak, 0x10); + memcpy(bis_keys + (2 * SE_KEY_128_SIZE), h_cfg.eks->bis_keys[1].crypt, SE_KEY_128_SIZE); + memcpy(bis_keys + (3 * SE_KEY_128_SIZE), h_cfg.eks->bis_keys[1].tweak, SE_KEY_128_SIZE); - memcpy(bis_keys + (4 * 0x10), h_cfg.eks->bis_keys[2].crypt, 0x10); - memcpy(bis_keys + (5 * 0x10), h_cfg.eks->bis_keys[2].tweak, 0x10); + memcpy(bis_keys + (4 * SE_KEY_128_SIZE), h_cfg.eks->bis_keys[2].crypt, SE_KEY_128_SIZE); + memcpy(bis_keys + (5 * SE_KEY_128_SIZE), h_cfg.eks->bis_keys[2].tweak, SE_KEY_128_SIZE); } _hos_bis_print_key(0, bis_keys); @@ -710,14 +709,14 @@ int hos_bis_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt) se_aes_key_clear(i); // Set BIS keys. - se_aes_key_set(0, bis_keys + (0 * 0x10), 0x10); - se_aes_key_set(1, bis_keys + (1 * 0x10), 0x10); + se_aes_key_set(0, bis_keys + (0 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); + se_aes_key_set(1, bis_keys + (1 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); - se_aes_key_set(2, bis_keys + (2 * 0x10), 0x10); - se_aes_key_set(3, bis_keys + (3 * 0x10), 0x10); + se_aes_key_set(2, bis_keys + (2 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); + se_aes_key_set(3, bis_keys + (3 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); - se_aes_key_set(4, bis_keys + (4 * 0x10), 0x10); - se_aes_key_set(5, bis_keys + (5 * 0x10), 0x10); + se_aes_key_set(4, bis_keys + (4 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); + se_aes_key_set(5, bis_keys + (5 * SE_KEY_128_SIZE), SE_KEY_128_SIZE); return 1; } @@ -742,7 +741,7 @@ void hos_bis_keys_clear() FUSE(FUSE_PRIVATE_KEY3) }; // Set SBK to slot 14. - se_aes_key_set(14, sbk, 0x10); + se_aes_key_set(14, sbk, SE_KEY_128_SIZE); // Lock SBK from being read. se_key_acc_ctrl(14, SE_KEY_TBL_DIS_KEYREAD_FLAG); diff --git a/nyx/nyx_gui/hos/pkg2.c b/nyx/nyx_gui/hos/pkg2.c index 93900fa..5df3885 100644 --- a/nyx/nyx_gui/hos/pkg2.c +++ b/nyx/nyx_gui/hos/pkg2.c @@ -24,6 +24,7 @@ #include #include #include +#include #include #include @@ -111,7 +112,7 @@ DPRINTF(" kip1 %d:%s @ %08X (%08X)\n", i, kip1->name, (u32)kip1, ki->size); return true; } -static const u8 mkey_vector_8xx[][0x10] = +static const u8 mkey_vector_8xx[][SE_KEY_128_SIZE] = { // Master key 8 encrypted with 9. (8.1.0 with 9.0.0) { 0x4D, 0xD9, 0x98, 0x42, 0x45, 0x0D, 0xB1, 0x3C, 0x52, 0x0C, 0x9A, 0x44, 0xBB, 0xAD, 0xAF, 0x80 }, @@ -122,10 +123,10 @@ static const u8 mkey_vector_8xx[][0x10] = static bool _pkg2_key_unwrap_validate(pkg2_hdr_t *tmp_test, pkg2_hdr_t *hdr, u8 src_slot, u8 *mkey, const u8 *key_seed) { // Decrypt older encrypted mkey. - se_aes_crypt_ecb(src_slot, 0, mkey, 0x10, key_seed, 0x10); + se_aes_crypt_ecb(src_slot, 0, mkey, SE_KEY_128_SIZE, key_seed, SE_KEY_128_SIZE); // Set and unwrap pkg2 key. se_aes_key_clear(9); - se_aes_key_set(9, mkey, 0x10); + se_aes_key_set(9, mkey, SE_KEY_128_SIZE); se_aes_unwrap_key(9, 9, package2_keyseed); // Decrypt header. @@ -158,9 +159,9 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb) // Decrypt older pkg2 via new mkeys. if ((kb >= KB_FIRMWARE_VERSION_810) && (kb < KB_FIRMWARE_VERSION_MAX)) { - u8 tmp_mkey[0x10]; + u8 tmp_mkey[SE_KEY_128_SIZE]; u8 decr_slot = !h_cfg.t210b01 ? (!h_cfg.aes_slots_new ? 12 : 13) : 7; // Sept mkey or T210B01 mkey. - u8 mkey_seeds_cnt = sizeof(mkey_vector_8xx) / 0x10; + u8 mkey_seeds_cnt = sizeof(mkey_vector_8xx) / SE_KEY_128_SIZE; u8 mkey_seeds_idx = mkey_seeds_cnt; // Real index + 1. u8 mkey_seeds_min_idx = mkey_seeds_cnt - (KB_FIRMWARE_VERSION_MAX - kb); @@ -180,7 +181,7 @@ pkg2_hdr_t *pkg2_decrypt(void *data, u8 kb) // Set current mkey in order to decrypt a lower mkey. mkey_seeds_idx--; se_aes_key_clear(9); - se_aes_key_set(9, tmp_mkey, 0x10); + se_aes_key_set(9, tmp_mkey, SE_KEY_128_SIZE); decr_slot = 9; // Temp key. @@ -214,7 +215,7 @@ DPRINTF("sec %d has size %08X\n", i, hdr->sec_size[i]); if (!hdr->sec_size[i]) continue; - se_aes_crypt_ctr(keyslot, pdata, hdr->sec_size[i], pdata, hdr->sec_size[i], &hdr->sec_ctr[i * 0x10]); + se_aes_crypt_ctr(keyslot, pdata, hdr->sec_size[i], pdata, hdr->sec_size[i], &hdr->sec_ctr[i * SE_AES_IV_SIZE]); //gfx_hexdump((u32)pdata, pdata, 0x100); pdata += hdr->sec_size[i];