Implement masterkey logic, KEYSLOT defines.

exosphere/smc_user.c

@@ -2,6 +2,7 @@
 
 #include "utils.h"
 #include "cache.h"
+#include "masterkey.h"
 #include "smc_api.h"
 #include "smc_user.h"
 #include "se.h"
@@ -88,10 +89,10 @@ uint32_t user_load_aes_key(smc_args_t *args) {
     wrapped_key[1] = args->X[5];
     
     /* TODO: Unseal the kek. */
-    set_aes_keyslot(9, sealed_kek, 0x10);
+    set_aes_keyslot(KEYSLOT_SWITCH_TEMPKEY, sealed_kek, 0x10);
     
     /* Unwrap the key. */
-    decrypt_data_into_keyslot(keyslot, 9, wrapped_key, 0x10);
+    decrypt_data_into_keyslot(keyslot, KEYSLOT_SWITCH_TEMPKEY, wrapped_key, 0x10);
     return 0;
 }
 
@@ -221,7 +222,9 @@ uint32_t user_unwrap_rsa_wrapped_titlekey(smc_args_t *args) {
     void *user_modulus = (void *)args->X[2];
     unsigned int master_key_rev = (unsigned int)args->X[7];
     
-    /* TODO: Validate Master Key Revision. */
+    if (master_key_rev >= MASTERKEY_REVISION_MAX) {
+        return 2;
+    }
 
     /* Copy user data into secure memory. */
     if (upage_init(&page_ref, user_wrapped_key) == 0) {
@@ -277,7 +280,10 @@ uint32_t user_unwrap_aes_wrapped_titlekey(smc_args_t *args) {
     unsigned int master_key_rev = (unsigned int)args->X[3];
     
     
-    /* TODO: Validate Master Key Revision. */
+    if (master_key_rev >= MASTERKEY_REVISION_MAX) {
+        return 2;
+    }
+    
     tkey_set_master_key_rev(master_key_rev);
     
     
@@ -286,5 +292,4 @@ uint32_t user_unwrap_aes_wrapped_titlekey(smc_args_t *args) {
     
     args->X[1] = sealed_titlekey[0];
     args->X[2] = sealed_titlekey[1];
-
 }