fs: add gc validation wrappers for hac2l

libraries/libvapours/include/vapours/crypto.hpp

@@ -29,6 +29,7 @@
 #include <vapours/crypto/crypto_aes_ctr_encryptor_decryptor.hpp>
 #include <vapours/crypto/crypto_aes_xts_encryptor_decryptor.hpp>
 #include <vapours/crypto/crypto_aes_gcm_encryptor.hpp>
+#include <vapours/crypto/crypto_rsa_pkcs1_sha256_verifier.hpp>
 #include <vapours/crypto/crypto_rsa_pss_sha256_verifier.hpp>
 #include <vapours/crypto/crypto_rsa_oaep_sha256_decoder.hpp>
 #include <vapours/crypto/crypto_rsa_oaep_sha256_decryptor.hpp>

libraries/libvapours/include/vapours/crypto/crypto_rsa_pkcs1_sha256_verifier.hpp

@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) Atmosphère-NX
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#pragma once
+#include <vapours/common.hpp>
+#include <vapours/assert.hpp>
+#include <vapours/util.hpp>
+#include <vapours/crypto/crypto_rsa_calculator.hpp>
+#include <vapours/crypto/crypto_rsa_pkcs1_verifier.hpp>
+#include <vapours/crypto/crypto_sha256_generator.hpp>
+
+namespace ams::crypto {
+
+    namespace impl {
+
+        template<size_t Bits>
+        using RsaNPkcs1Sha256Verifier = ::ams::crypto::RsaPkcs1Verifier<Bits / BITSIZEOF(u8), ::ams::crypto::Sha256Generator>;
+
+    }
+
+    using Rsa2048Pkcs1Sha256Verifier = ::ams::crypto::impl::RsaNPkcs1Sha256Verifier<2048>;
+    using Rsa4096Pkcs1Sha256Verifier = ::ams::crypto::impl::RsaNPkcs1Sha256Verifier<4096>;
+
+    inline bool VerifyRsa2048Pkcs1Sha256(const void *sig, size_t sig_size, const void *mod, size_t mod_size, const void *exp, size_t exp_size, const void *msg, size_t msg_size) {
+        return Rsa2048Pkcs1Sha256Verifier::Verify(sig, sig_size, mod, mod_size, exp, exp_size, msg, msg_size);
+    }
+
+    inline bool VerifyRsa2048Pkcs1Sha256(const void *sig, size_t sig_size, const void *mod, size_t mod_size, const void *exp, size_t exp_size, const void *msg, size_t msg_size, void *work_buf, size_t work_buf_size) {
+        return Rsa2048Pkcs1Sha256Verifier::Verify(sig, sig_size, mod, mod_size, exp, exp_size, msg, msg_size, work_buf, work_buf_size);
+    }
+
+    inline bool VerifyRsa4096Pkcs1Sha256(const void *sig, size_t sig_size, const void *mod, size_t mod_size, const void *exp, size_t exp_size, const void *msg, size_t msg_size) {
+        return Rsa4096Pkcs1Sha256Verifier::Verify(sig, sig_size, mod, mod_size, exp, exp_size, msg, msg_size);
+    }
+
+    inline bool VerifyRsa4096Pkcs1Sha256(const void *sig, size_t sig_size, const void *mod, size_t mod_size, const void *exp, size_t exp_size, const void *msg, size_t msg_size, void *work_buf, size_t work_buf_size) {
+        return Rsa4096Pkcs1Sha256Verifier::Verify(sig, sig_size, mod, mod_size, exp, exp_size, msg, msg_size, work_buf, work_buf_size);
+    }
+
+}

libraries/libvapours/include/vapours/crypto/crypto_rsa_pkcs1_verifier.hpp

@@ -0,0 +1,115 @@
+/*
+ * Copyright (c) Atmosphère-NX
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#pragma once
+#include <vapours/common.hpp>
+#include <vapours/assert.hpp>
+#include <vapours/util.hpp>
+#include <vapours/crypto/crypto_rsa_calculator.hpp>
+#include <vapours/crypto/impl/crypto_rsa_pkcs1_impl.hpp>
+
+namespace ams::crypto {
+
+    template<size_t _ModulusSize, impl::HashFunction Hash>
+    class RsaPkcs1Verifier {
+        NON_COPYABLE(RsaPkcs1Verifier);
+        NON_MOVEABLE(RsaPkcs1Verifier);
+        public:
+            static constexpr size_t HashSize               = Hash::HashSize;
+            static constexpr size_t ModulusSize            = _ModulusSize;
+            static constexpr size_t SignatureSize          = ModulusSize;
+            static constexpr size_t MaximumExponentSize    = 3;
+            static constexpr size_t RequiredWorkBufferSize = RsaCalculator<ModulusSize, MaximumExponentSize>::RequiredWorkBufferSize;
+        private:
+            enum class State {
+                None,
+                Initialized,
+                Done,
+            };
+        private:
+            RsaCalculator<ModulusSize, MaximumExponentSize> m_calculator;
+            Hash m_hash;
+            State m_state;
+        public:
+            RsaPkcs1Verifier() : m_state(State::None) { /* ... */ }
+
+            bool Initialize(const void *mod, size_t mod_size, const void *exp, size_t exp_size) {
+                m_hash.Initialize();
+                if (m_calculator.Initialize(mod, mod_size, exp, exp_size)) {
+                    m_state = State::Initialized;
+                    return true;
+                } else {
+                    return false;
+                }
+            }
+
+            void Update(const void *data, size_t size) {
+                AMS_ASSERT(m_state == State::Initialized);
+                return m_hash.Update(data, size);
+            }
+
+            bool Verify(const void *signature, size_t size) {
+                AMS_ASSERT(m_state == State::Initialized);
+                AMS_ASSERT(size == SignatureSize);
+                AMS_UNUSED(size);
+                ON_SCOPE_EXIT { m_state = State::Done; };
+
+                impl::RsaPkcs1Impl<Hash> impl;
+                u8 message[SignatureSize];
+
+                return m_calculator.ExpMod(message, signature, SignatureSize) && impl.CheckPad(message, sizeof(message), std::addressof(m_hash));
+            }
+
+            bool Verify(const void *signature, size_t size, void *work_buf, size_t work_buf_size) {
+                AMS_ASSERT(m_state == State::Initialized);
+                AMS_ASSERT(size == SignatureSize);
+                AMS_UNUSED(size);
+                ON_SCOPE_EXIT { m_state = State::Done; };
+
+                impl::RsaPkcs1Impl<Hash> impl;
+                u8 message[SignatureSize];
+
+                return m_calculator.ExpMod(message, signature, SignatureSize, work_buf, work_buf_size) && impl.CheckPad(message, sizeof(message), std::addressof(m_hash));
+            }
+
+            void GetHash(void *dst, size_t dst_size) {
+                AMS_ASSERT(m_state == State::Done);
+
+                if (m_state == State::Done) {
+                    m_hash.GetHash(dst, dst_size);
+                }
+            }
+
+            static bool Verify(const void *sig, size_t sig_size, const void *mod, size_t mod_size, const void *exp, size_t exp_size, const void *msg, size_t msg_size) {
+                RsaPkcs1Verifier<ModulusSize, Hash> verifier;
+                if (!verifier.Initialize(mod, mod_size, exp, exp_size)) {
+                    return false;
+                }
+                verifier.Update(msg, msg_size);
+                return verifier.Verify(sig, sig_size);
+            }
+
+            static bool Verify(const void *sig, size_t sig_size, const void *mod, size_t mod_size, const void *exp, size_t exp_size, const void *msg, size_t msg_size, void *work_buf, size_t work_buf_size) {
+                RsaPkcs1Verifier<ModulusSize, Hash> verifier;
+                if (!verifier.Initialize(mod, mod_size, exp, exp_size)) {
+                    return false;
+                }
+                verifier.Update(msg, msg_size);
+                return verifier.Verify(sig, sig_size, work_buf, work_buf_size);
+            }
+    };
+
+}

libraries/libvapours/include/vapours/crypto/crypto_rsa_pss_verifier.hpp

@@ -59,6 +59,7 @@ namespace ams::crypto {
             }
 
             void Update(const void *data, size_t size) {
+                AMS_ASSERT(m_state == State::Initialized);
                 return m_hash.Update(data, size);
             }
 

libraries/libvapours/include/vapours/crypto/impl/crypto_rsa_pkcs1_impl.hpp

@@ -0,0 +1,94 @@
+/*
+ * Copyright (c) Atmosphère-NX
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#pragma once
+#include <vapours/common.hpp>
+#include <vapours/assert.hpp>
+#include <vapours/util.hpp>
+#include <vapours/crypto/impl/crypto_hash_function.hpp>
+
+namespace ams::crypto::impl {
+
+    template<HashFunction Hash>
+    class RsaPkcs1Impl {
+        NON_COPYABLE(RsaPkcs1Impl);
+        NON_MOVEABLE(RsaPkcs1Impl);
+        public:
+            static constexpr size_t HashSize = Hash::HashSize;
+        public:
+            RsaPkcs1Impl() { /* ... */ }
+            ~RsaPkcs1Impl() { /* ... */ }
+
+            void BuildPad(void *out_block, size_t block_size, Hash *hash) {
+                AMS_ASSERT(block_size >= 2 + 1 + sizeof(Hash::Asn1Identifier) + HashSize);
+
+                u8 *dst = static_cast<u8 *>(out_block);
+                *(dst++) = 0x00;
+                *(dst++) = 0x01;
+
+                const size_t pad_len = block_size - (2 + 1 + sizeof(Hash::Asn1Identifier) + HashSize);
+                std::memset(dst, 0xFF, pad_len);
+                dst += pad_len;
+
+                *(dst++) = 0x00;
+
+                std::memcpy(dst, Hash::Asn1Identifier, sizeof(Hash::Asn1Identifier));
+                dst += sizeof(Hash::Asn1Identifier);
+
+                hash->GetHash(dst, HashSize);
+            }
+
+            bool CheckPad(const u8 *src, size_t block_size, Hash *hash) {
+                /* Check that block size is minimally big enough. */
+                if (block_size < 2 + 1 + sizeof(Hash::Asn1Identifier) + HashSize) {
+                    return false;
+                }
+
+                /* Check that the padding if correctly of form 0001FF..FF00 */
+                if (*(src++) != 0x00) {
+                    return false;
+                }
+                if (*(src++) != 0x01) {
+                    return false;
+                }
+
+                const size_t pad_len = block_size - (2 + 1 + sizeof(Hash::Asn1Identifier) + HashSize);
+                for (size_t i = 0; i < pad_len; ++i) {
+                    if (*(src++) != 0xFF) {
+                        return false;
+                    }
+                }
+
+                if (*(src++) != 0x00) {
+                    return false;
+                }
+
+                /* Check that the asn1 identifier matches. */
+                if (std::memcmp(src, Hash::Asn1Identifier, sizeof(Hash::Asn1Identifier)) != 0) {
+                    return false;
+                }
+
+                src += sizeof(Hash::Asn1Identifier);
+
+                /* Check the hash. */
+                u8 calc_hash[HashSize];
+                hash->GetHash(calc_hash, sizeof(calc_hash));
+
+                return std::memcmp(calc_hash, src, HashSize) == 0;
+            }
+    };
+
+}

libraries/libvapours/include/vapours/results/fs_results.hpp

@@ -48,6 +48,15 @@ namespace ams::fs {
             R_DEFINE_ERROR_RESULT(SdCardNotPresent, 2001);
 
         R_DEFINE_ERROR_RANGE(GameCardAccessFailed, 2500, 2999);
+            R_DEFINE_ERROR_RESULT(GameCardPreconditionViolation, 2503);
+
+            R_DEFINE_ERROR_RANGE(GameCardCardAccessFailure, 2530, 2559);
+                R_DEFINE_ERROR_RESULT(GameCardInvalidCardHeader,        2554);
+                R_DEFINE_ERROR_RESULT(GameCardInvalidT1CardCertificate, 2555);
+                R_DEFINE_ERROR_RESULT(GameCardInvalidCa10Certificate,   2557);
+
+            R_DEFINE_ERROR_RANGE(GameCardSplFailure, 2665, 2669);
+                R_DEFINE_ERROR_RESULT(GameCardSplDecryptAesKeyFailure, 2666);
 
         R_DEFINE_ERROR_RESULT(NotImplemented,     3001);
         R_DEFINE_ERROR_RESULT(UnsupportedVersion, 3002);