mirror of
https://github.com/jakcron/nstool
synced 2024-11-22 21:49:30 +00:00
Add stubbed support for ACID signing key generations.
This commit is contained in:
parent
5119ec6d56
commit
74de59f6dd
4 changed files with 37 additions and 29 deletions
|
@ -230,9 +230,21 @@ bool KeyConfiguration::getContentArchiveHeader0SignKey(fnd::rsa::sRsa2048Key& ke
|
||||||
return copyOutKeyResourceIfExists(mContentArchiveHeader0SignKey, key, kNullRsa2048Key);
|
return copyOutKeyResourceIfExists(mContentArchiveHeader0SignKey, key, kNullRsa2048Key);
|
||||||
}
|
}
|
||||||
|
|
||||||
bool KeyConfiguration::getAcidSignKey(fnd::rsa::sRsa2048Key& key) const
|
bool KeyConfiguration::getAcidSignKey(fnd::rsa::sRsa2048Key& key, byte_t key_generation) const
|
||||||
{
|
{
|
||||||
return copyOutKeyResourceIfExists(mAcidSignKey, key, kNullRsa2048Key);
|
// TODO: This needs to be changed to support multiple keys
|
||||||
|
|
||||||
|
bool keyIsFound = false;
|
||||||
|
switch (key_generation)
|
||||||
|
{
|
||||||
|
case (0x00):
|
||||||
|
keyIsFound = copyOutKeyResourceIfExists(mAcidSignKey, key, kNullRsa2048Key);
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
keyIsFound = false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return keyIsFound;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool KeyConfiguration::getNcaKeyAreaEncryptionKey(byte_t masterkey_index, byte_t keak_type, fnd::aes::sAes128Key& key) const
|
bool KeyConfiguration::getNcaKeyAreaEncryptionKey(byte_t masterkey_index, byte_t keak_type, fnd::aes::sAes128Key& key) const
|
||||||
|
|
|
@ -26,7 +26,7 @@ public:
|
||||||
// nca keys
|
// nca keys
|
||||||
bool getContentArchiveHeaderKey(fnd::aes::sAesXts128Key& key) const;
|
bool getContentArchiveHeaderKey(fnd::aes::sAesXts128Key& key) const;
|
||||||
bool getContentArchiveHeader0SignKey(fnd::rsa::sRsa2048Key& key) const;
|
bool getContentArchiveHeader0SignKey(fnd::rsa::sRsa2048Key& key) const;
|
||||||
bool getAcidSignKey(fnd::rsa::sRsa2048Key& key) const;
|
bool getAcidSignKey(fnd::rsa::sRsa2048Key& key, byte_t key_generation) const;
|
||||||
bool getNcaKeyAreaEncryptionKey(byte_t masterkey_index, byte_t keak_type, fnd::aes::sAes128Key& key) const;
|
bool getNcaKeyAreaEncryptionKey(byte_t masterkey_index, byte_t keak_type, fnd::aes::sAes128Key& key) const;
|
||||||
bool getNcaKeyAreaEncryptionKeyHw(byte_t masterkey_index, byte_t keak_type, fnd::aes::sAes128Key& key) const;
|
bool getNcaKeyAreaEncryptionKeyHw(byte_t masterkey_index, byte_t keak_type, fnd::aes::sAes128Key& key) const;
|
||||||
|
|
||||||
|
|
|
@ -21,8 +21,8 @@ void MetaProcess::process()
|
||||||
|
|
||||||
if (mVerify)
|
if (mVerify)
|
||||||
{
|
{
|
||||||
validateAcidSignature(mMeta.getAcid());
|
validateAcidSignature(mMeta.getAccessControlInfoDesc(), mMeta.getAccessControlInfoDescKeyGeneration());
|
||||||
validateAciFromAcid(mMeta.getAci(), mMeta.getAcid());
|
validateAciFromAcid(mMeta.getAccessControlInfo(), mMeta.getAccessControlInfoDesc());
|
||||||
}
|
}
|
||||||
|
|
||||||
if (_HAS_BIT(mCliOutputMode, OUTPUT_BASIC))
|
if (_HAS_BIT(mCliOutputMode, OUTPUT_BASIC))
|
||||||
|
@ -31,18 +31,18 @@ void MetaProcess::process()
|
||||||
displayMetaHeader(mMeta);
|
displayMetaHeader(mMeta);
|
||||||
|
|
||||||
// aci binary
|
// aci binary
|
||||||
displayAciHdr(mMeta.getAci());
|
displayAciHdr(mMeta.getAccessControlInfo());
|
||||||
displayFac(mMeta.getAci().getFileSystemAccessControl());
|
displayFac(mMeta.getAccessControlInfo().getFileSystemAccessControl());
|
||||||
displaySac(mMeta.getAci().getServiceAccessControl());
|
displaySac(mMeta.getAccessControlInfo().getServiceAccessControl());
|
||||||
displayKernelCap(mMeta.getAci().getKernelCapabilities());
|
displayKernelCap(mMeta.getAccessControlInfo().getKernelCapabilities());
|
||||||
|
|
||||||
// acid binary
|
// acid binary
|
||||||
if (_HAS_BIT(mCliOutputMode, OUTPUT_EXTENDED))
|
if (_HAS_BIT(mCliOutputMode, OUTPUT_EXTENDED))
|
||||||
{
|
{
|
||||||
displayAciDescHdr(mMeta.getAcid());
|
displayAciDescHdr(mMeta.getAccessControlInfoDesc());
|
||||||
displayFac(mMeta.getAcid().getFileSystemAccessControl());
|
displayFac(mMeta.getAccessControlInfoDesc().getFileSystemAccessControl());
|
||||||
displaySac(mMeta.getAcid().getServiceAccessControl());
|
displaySac(mMeta.getAccessControlInfoDesc().getServiceAccessControl());
|
||||||
displayKernelCap(mMeta.getAcid().getKernelCapabilities());
|
displayKernelCap(mMeta.getAccessControlInfoDesc().getKernelCapabilities());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -87,11 +87,11 @@ void MetaProcess::importMeta()
|
||||||
mMeta.fromBytes(scratch.data(), scratch.size());
|
mMeta.fromBytes(scratch.data(), scratch.size());
|
||||||
}
|
}
|
||||||
|
|
||||||
void MetaProcess::validateAcidSignature(const nn::hac::AccessControlInfoDesc& acid)
|
void MetaProcess::validateAcidSignature(const nn::hac::AccessControlInfoDesc& acid, byte_t key_generation)
|
||||||
{
|
{
|
||||||
try {
|
try {
|
||||||
fnd::rsa::sRsa2048Key acid_sign_key;
|
fnd::rsa::sRsa2048Key acid_sign_key;
|
||||||
if (mKeyCfg.getAcidSignKey(acid_sign_key) != true)
|
if (mKeyCfg.getAcidSignKey(acid_sign_key, key_generation) != true)
|
||||||
throw fnd::Exception();
|
throw fnd::Exception();
|
||||||
|
|
||||||
acid.validateSignature(acid_sign_key);
|
acid.validateSignature(acid_sign_key);
|
||||||
|
@ -296,10 +296,11 @@ void MetaProcess::validateAciFromAcid(const nn::hac::AccessControlInfo& aci, con
|
||||||
void MetaProcess::displayMetaHeader(const nn::hac::Meta& hdr)
|
void MetaProcess::displayMetaHeader(const nn::hac::Meta& hdr)
|
||||||
{
|
{
|
||||||
std::cout << "[Meta Header]" << std::endl;
|
std::cout << "[Meta Header]" << std::endl;
|
||||||
std::cout << " ACID KeyGeneration: " << std::dec << hdr.getAcidKeyGeneration() << std::endl;
|
std::cout << " ACID KeyGeneration: " << std::dec << (uint32_t)hdr.getAccessControlInfoDescKeyGeneration() << std::endl;
|
||||||
std::cout << " Process Architecture Params:" << std::endl;
|
std::cout << " Flags:" << std::endl;
|
||||||
std::cout << " Ins. Type: " << nn::hac::MetaUtil::getInstructionTypeAsString(hdr.getInstructionType()) << std::endl;
|
std::cout << " Is64BitInstruction: " << std::boolalpha << hdr.getIs64BitInstructionFlag() << std::endl;
|
||||||
std::cout << " Addr Space: " << nn::hac::MetaUtil::getProcAddressSpaceTypeAsString(hdr.getProcAddressSpaceType()) << std::endl;
|
std::cout << " ProcessAddressSpace: " << nn::hac::MetaUtil::getProcessAddressSpaceAsString(hdr.getProcessAddressSpace()) << std::endl;
|
||||||
|
std::cout << " OptimizeMemoryAllocation: " << std::boolalpha << hdr.getOptimizeMemoryAllocationFlag() << std::endl;
|
||||||
std::cout << " Main Thread Params:" << std::endl;
|
std::cout << " Main Thread Params:" << std::endl;
|
||||||
std::cout << " Priority: " << std::dec << (uint32_t)hdr.getMainThreadPriority() << std::endl;
|
std::cout << " Priority: " << std::dec << (uint32_t)hdr.getMainThreadPriority() << std::endl;
|
||||||
std::cout << " CpuId: " << std::dec << (uint32_t)hdr.getMainThreadCpuId() << std::endl;
|
std::cout << " CpuId: " << std::dec << (uint32_t)hdr.getMainThreadCpuId() << std::endl;
|
||||||
|
@ -322,14 +323,9 @@ void MetaProcess::displayAciHdr(const nn::hac::AccessControlInfo& aci)
|
||||||
void MetaProcess::displayAciDescHdr(const nn::hac::AccessControlInfoDesc& acid)
|
void MetaProcess::displayAciDescHdr(const nn::hac::AccessControlInfoDesc& acid)
|
||||||
{
|
{
|
||||||
std::cout << "[Access Control Info Desc]" << std::endl;
|
std::cout << "[Access Control Info Desc]" << std::endl;
|
||||||
if (acid.getFlagList().size() > 0 || _HAS_BIT(mCliOutputMode, OUTPUT_EXTENDED))
|
|
||||||
{
|
|
||||||
std::cout << " Flags: " << std::endl;
|
std::cout << " Flags: " << std::endl;
|
||||||
for (size_t i = 0; i < acid.getFlagList().size(); i++)
|
std::cout << " Production: " << std::boolalpha << acid.getProductionFlag() << std::endl;
|
||||||
{
|
std::cout << " Unqualified Approval: " << std::boolalpha << acid.getUnqualifiedApprovalFlag() << std::endl;
|
||||||
std::cout << " " << nn::hac::AccessControlInfoUtil::getAcidFlagAsString(acid.getFlagList()[i]) << " (" << std::dec << (uint32_t)acid.getFlagList()[i] << ")" << std::endl;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
std::cout << " Memory Region: " << nn::hac::AccessControlInfoUtil::getMemoryRegionAsString(acid.getMemoryRegion()) << " (" << std::dec << (uint32_t)acid.getMemoryRegion() << ")" << std::endl;
|
std::cout << " Memory Region: " << nn::hac::AccessControlInfoUtil::getMemoryRegionAsString(acid.getMemoryRegion()) << " (" << std::dec << (uint32_t)acid.getMemoryRegion() << ")" << std::endl;
|
||||||
std::cout << " ProgramID Restriction" << std::endl;
|
std::cout << " ProgramID Restriction" << std::endl;
|
||||||
std::cout << " Min: 0x" << std::hex << std::setw(16) << std::setfill('0') << acid.getProgramIdRestrict().min << std::endl;
|
std::cout << " Min: 0x" << std::hex << std::setw(16) << std::setfill('0') << acid.getProgramIdRestrict().min << std::endl;
|
||||||
|
|
|
@ -34,7 +34,7 @@ private:
|
||||||
|
|
||||||
void importMeta();
|
void importMeta();
|
||||||
|
|
||||||
void validateAcidSignature(const nn::hac::AccessControlInfoDesc& acid);
|
void validateAcidSignature(const nn::hac::AccessControlInfoDesc& acid, byte_t key_generation);
|
||||||
void validateAciFromAcid(const nn::hac::AccessControlInfo& aci, const nn::hac::AccessControlInfoDesc& acid);
|
void validateAciFromAcid(const nn::hac::AccessControlInfo& aci, const nn::hac::AccessControlInfoDesc& acid);
|
||||||
|
|
||||||
void displayMetaHeader(const nn::hac::Meta& hdr);
|
void displayMetaHeader(const nn::hac::Meta& hdr);
|
||||||
|
|
Loading…
Reference in a new issue