exo2: implement through package2 decryption

2025-06-05 09:13:43 -04:00 · 2020-05-12 11:40:29 -07:00 · 2020-05-12 11:40:29 -07:00 · f391354415
commit f391354415
parent 9ddcbe9dc3
11 changed files with 316 additions and 12 deletions
--- a/libraries/libexosphere/include/exosphere.hpp
+++ b/libraries/libexosphere/include/exosphere.hpp
@ -25,6 +25,7 @@
 #include <exosphere/gic.hpp>
 #include <exosphere/wdt.hpp>
 #include <exosphere/pkg1.hpp>
+#include <exosphere/pkg2.hpp>
 #include <exosphere/tsec.hpp>
 #include <exosphere/se.hpp>
 #include <exosphere/flow.hpp>
--- a/libraries/libexosphere/include/exosphere/pkg1/pkg1_boot_config.hpp
+++ b/libraries/libexosphere/include/exosphere/pkg1/pkg1_boot_config.hpp
@ -122,6 +122,10 @@ namespace ams::pkg1 {
        constexpr bool IsProgramVerificationDisabled() const {
            return (this->flags1[0] & (1 << 0)) != 0;
        }
+
+        constexpr void SetPackage2Decrypted(bool decrypted) {
+            this->flags |= decrypted ? 0x3 : 0x0;
+        }
    };
    static_assert(util::is_pod<BootConfigSignedData>::value);
    static_assert(sizeof(BootConfigSignedData) == 0x100);
--- a/libraries/libexosphere/include/exosphere/pkg2.hpp
+++ b/libraries/libexosphere/include/exosphere/pkg2.hpp
@ -0,0 +1,81 @@
+/*
+ * Copyright (c) 2018-2020 Atmosphère-NX
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+#pragma once
+#include <vapours.hpp>
+
+namespace ams::pkg2 {
+
+    constexpr inline size_t Package2SizeMax  = 8_MB - 16_KB;
+    constexpr inline size_t SegmentAlignment = 4;
+
+    constexpr inline int SegmentCount = 3;
+
+    constexpr inline int MinimumValidDataVersion  = 0;   /* We allow older package2 to load; this value is currently 0x10 in Nintendo's code. */
+    constexpr inline int CurrentBootloaderVersion = 0xD;
+
+    struct Package2Meta {
+        using Magic = util::FourCC<'P','K','2','1'>;
+
+        u32 package2_size;
+        u8  key_generation;
+        u8  header_iv_remainder[11];
+        u8  segment_iv[SegmentCount][0x10];
+        u8  padding_40[0x10];
+        u8  magic[4];
+        u32 entrypoint;
+        u8  padding_58[4];
+        u8  package2_version;
+        u8  bootloader_version;
+        u8  padding_5E[2];
+        u32 segment_sizes[SegmentCount];
+        u8  padding_6C[4];
+        u32 segment_offsets[SegmentCount];
+        u8  padding_7C[4];
+        u8  segment_hashes[SegmentCount][crypto::Sha256Generator::HashSize];
+        u8  padding_E0[0x20];
+
+        private:
+            static ALWAYS_INLINE u32 ReadWord(const void *ptr, int offset) {
+                return util::LoadLittleEndian(reinterpret_cast<const u32 *>(reinterpret_cast<uintptr_t>(ptr) + offset));
+            }
+        public:
+            ALWAYS_INLINE u8 GetKeyGeneration() const {
+                return std::min<u8>(0, (this->key_generation ^ this->header_iv_remainder[1] ^ this->header_iv_remainder[2]) - 1);
+            }
+
+            ALWAYS_INLINE u32 GetSize() const {
+                return this->package2_size ^ ReadWord(this->header_iv_remainder, 3) ^ ReadWord(this->header_iv_remainder, 7);
+            }
+    };
+    static_assert(util::is_pod<Package2Meta>::value);
+    static_assert(sizeof(Package2Meta) == 0x100);
+
+    struct Package2Header {
+        u8 signature[0x100];
+        Package2Meta meta;
+    };
+    static_assert(util::is_pod<Package2Header>::value);
+    static_assert(sizeof(Package2Header) == 0x200);
+
+    struct StorageLayout {
+        u8 boot_config[16_KB];
+        Package2Header package2_header;
+        u8 data[Package2SizeMax - sizeof(Package2Header)];
+    };
+    static_assert(util::is_pod<StorageLayout>::value);
+    static_assert(sizeof(StorageLayout) == 8_MB);
+
+}
--- a/libraries/libexosphere/include/exosphere/se/se_aes.hpp
+++ b/libraries/libexosphere/include/exosphere/se/se_aes.hpp
@ -33,4 +33,6 @@ namespace ams::se {
    void EncryptAes128(void *dst, size_t dst_size, int slot, const void *src, size_t src_size);
    void DecryptAes128(void *dst, size_t dst_size, int slot, const void *src, size_t src_size);

-}
+    void ComputeAes128Ctr(void *dst, size_t dst_size, int slot, const void *src, size_t src_size, const void *iv, size_t iv_size);
+
+}
--- a/libraries/libexosphere/include/exosphere/secmon/secmon_memory_layout.hpp
+++ b/libraries/libexosphere/include/exosphere/secmon/secmon_memory_layout.hpp
@ -80,6 +80,9 @@ namespace ams::secmon {
    constexpr inline const MemoryRegion MemoryRegionDramDefaultKernelCarveout = MemoryRegion(UINT64_C(0x80060000), UINT64_C(0x1FFE0000));
    static_assert(MemoryRegionDram.Contains(MemoryRegionDramDefaultKernelCarveout));

+    constexpr inline const MemoryRegion MemoryRegionDramPackage2 = MemoryRegion(UINT64_C(0xA9800000), UINT64_C(0x07FC0000));
+    static_assert(MemoryRegionDram.Contains(MemoryRegionDramPackage2));
+
    constexpr inline const MemoryRegion MemoryRegionPhysicalIram  = MemoryRegion(UINT64_C(0x40000000), 0x40000);
    constexpr inline const MemoryRegion MemoryRegionPhysicalTzram = MemoryRegion(UINT64_C(0x7C010000), 0x10000);
    static_assert(MemoryRegionPhysical.Contains(MemoryRegionPhysicalIram));