From 1575020c3a84f8d59ddb9591e858829958a8af43 Mon Sep 17 00:00:00 2001 From: JosJuice Date: Sat, 20 May 2017 19:41:54 +0200 Subject: [PATCH] VolumeWiiCrypted: Get title keys from TicketReader --- Source/Core/Core/IOS/ES/Formats.cpp | 13 +++++- Source/Core/Core/IOS/ES/Formats.h | 1 + Source/Core/Core/IOS/IOSC.cpp | 31 ++++++++++---- Source/Core/Core/IOS/IOSC.h | 15 +++++-- Source/Core/DiscIO/VolumeWiiCrypted.cpp | 55 ++++--------------------- 5 files changed, 55 insertions(+), 60 deletions(-) diff --git a/Source/Core/Core/IOS/ES/Formats.cpp b/Source/Core/Core/IOS/ES/Formats.cpp index dce527519f..9749f939d6 100644 --- a/Source/Core/Core/IOS/ES/Formats.cpp +++ b/Source/Core/Core/IOS/ES/Formats.cpp @@ -279,6 +279,13 @@ std::vector TicketReader::GetRawTicketView(u32 ticket_num) const return view; } +std::string TicketReader::GetIssuer() const +{ + const char* bytes = + reinterpret_cast(m_bytes.data() + offsetof(Ticket, signature_issuer)); + return std::string(bytes, strnlen(bytes, sizeof(Ticket::signature_issuer))); +} + u32 TicketReader::GetDeviceId() const { return Common::swap32(m_bytes.data() + offsetof(Ticket, device_id)); @@ -303,8 +310,12 @@ std::vector TicketReader::GetTitleKey() const GetTitleId(), index); } + const bool is_rvt = (GetIssuer() == "Root-CA00000002-XS00000006"); + const HLE::IOSC::ConsoleType console_type = + is_rvt ? HLE::IOSC::ConsoleType::RVT : HLE::IOSC::ConsoleType::Retail; + std::vector key(16); - HLE::IOSC iosc; + HLE::IOSC iosc(console_type); iosc.Decrypt(common_key_handle, iv, &m_bytes[offsetof(Ticket, title_key)], 16, key.data(), HLE::PID_ES); return key; diff --git a/Source/Core/Core/IOS/ES/Formats.h b/Source/Core/Core/IOS/ES/Formats.h index 6337aeaf32..ab1e006b3f 100644 --- a/Source/Core/Core/IOS/ES/Formats.h +++ b/Source/Core/Core/IOS/ES/Formats.h @@ -189,6 +189,7 @@ public: // more than just one ticket and generate ticket views for them, so we implement it too. std::vector GetRawTicketView(u32 ticket_num) const; + std::string GetIssuer() const; u32 GetDeviceId() const; u64 GetTitleId() const; std::vector GetTitleKey() const; diff --git a/Source/Core/Core/IOS/IOSC.cpp b/Source/Core/Core/IOS/IOSC.cpp index 6157a7b6a9..ce47785ba9 100644 --- a/Source/Core/Core/IOS/IOSC.cpp +++ b/Source/Core/Core/IOS/IOSC.cpp @@ -19,9 +19,9 @@ namespace IOS { namespace HLE { -IOSC::IOSC() +IOSC::IOSC(ConsoleType console_type) { - LoadDefaultEntries(); + LoadDefaultEntries(console_type); } IOSC::~IOSC() = default; @@ -167,7 +167,7 @@ ReturnCode IOSC::SetOwnership(Handle handle, u32 new_owner, u32 pid) return IPC_SUCCESS; } -void IOSC::LoadDefaultEntries() +void IOSC::LoadDefaultEntries(ConsoleType console_type) { // TODO: add support for loading and writing to a BootMii / SEEPROM and OTP dump. @@ -181,11 +181,26 @@ void IOSC::LoadDefaultEntries() m_key_entries[HANDLE_FS_KEY] = {TYPE_SECRET_KEY, SUBTYPE_AES128, std::vector(16), 5}; m_key_entries[HANDLE_FS_MAC] = {TYPE_SECRET_KEY, SUBTYPE_MAC, std::vector(20), 5}; - m_key_entries[HANDLE_COMMON_KEY] = {TYPE_SECRET_KEY, - SUBTYPE_AES128, - {{0xeb, 0xe4, 0x2a, 0x22, 0x5e, 0x85, 0x93, 0xe4, 0x48, 0xd9, - 0xc5, 0x45, 0x73, 0x81, 0xaa, 0xf7}}, - 3}; + switch (console_type) + { + case ConsoleType::Retail: + m_key_entries[HANDLE_COMMON_KEY] = {TYPE_SECRET_KEY, + SUBTYPE_AES128, + {{0xeb, 0xe4, 0x2a, 0x22, 0x5e, 0x85, 0x93, 0xe4, 0x48, + 0xd9, 0xc5, 0x45, 0x73, 0x81, 0xaa, 0xf7}}, + 3}; + break; + case ConsoleType::RVT: + m_key_entries[HANDLE_COMMON_KEY] = {TYPE_SECRET_KEY, + SUBTYPE_AES128, + {{0xa1, 0x60, 0x4a, 0x6a, 0x71, 0x23, 0xb5, 0x29, 0xae, + 0x8b, 0xec, 0x32, 0xc8, 0x16, 0xfc, 0xaa}}, + 3}; + break; + default: + _assert_msg_(IOS, false, "Unknown console type"); + break; + } // Unimplemented. m_key_entries[HANDLE_PRNG_KEY] = {TYPE_SECRET_KEY, SUBTYPE_AES128, std::vector(16), 3}; diff --git a/Source/Core/Core/IOS/IOSC.h b/Source/Core/Core/IOS/IOSC.h index 5433251ba7..7b3bc2d86f 100644 --- a/Source/Core/Core/IOS/IOSC.h +++ b/Source/Core/Core/IOS/IOSC.h @@ -24,10 +24,14 @@ enum ReturnCode : s32; class IOSC final { public: - IOSC(); - ~IOSC(); - using Handle = u32; + + enum class ConsoleType + { + Retail, + RVT, + }; + // We use the same default key handle IDs as the actual IOSC because there are ioctlvs // that accept arbitrary key handles from the PPC, so the IDs must match. // More information on default handles: https://wiibrew.org/wiki/IOS/Syscalls @@ -75,6 +79,9 @@ public: SUBTYPE_VERSION = 6 }; + IOSC(ConsoleType console_type = ConsoleType::Retail); + ~IOSC(); + // Create an object for use with the other functions that operate on objects. ReturnCode CreateObject(Handle* handle, ObjectType type, ObjectSubType subtype, u32 pid); // Delete an object. Built-in objects cannot be deleted. @@ -116,7 +123,7 @@ private: // The Wii's IOSC is limited to 32 entries, including 12 built-in entries. using KeyEntries = std::array; - void LoadDefaultEntries(); + void LoadDefaultEntries(ConsoleType console_type); KeyEntries::iterator FindFreeEntry(); Handle GetHandleFromIterator(KeyEntries::iterator iterator) const; bool HasOwnership(Handle handle, u32 pid) const; diff --git a/Source/Core/DiscIO/VolumeWiiCrypted.cpp b/Source/Core/DiscIO/VolumeWiiCrypted.cpp index a9345b4b94..c2826c6515 100644 --- a/Source/Core/DiscIO/VolumeWiiCrypted.cpp +++ b/Source/Core/DiscIO/VolumeWiiCrypted.cpp @@ -70,6 +70,8 @@ CVolumeWiiCrypted::CVolumeWiiCrypted(std::unique_ptr reader) if (!m_pReader->Read(partition_offset, ticket_buffer.size(), ticket_buffer.data())) continue; IOS::ES::TicketReader ticket{std::move(ticket_buffer)}; + if (!ticket.IsValid()) + continue; // Read TMD u32 tmd_size = 0; @@ -93,58 +95,17 @@ CVolumeWiiCrypted::CVolumeWiiCrypted(std::unique_ptr reader) continue; IOS::ES::TMDReader tmd{std::move(tmd_buffer)}; - // All of the code below is for getting the decryption key - - u8 sub_key[16]; - if (!m_pReader->Read(partition_offset + 0x1bf, 16, sub_key)) + // Get the decryption key + const std::vector key = ticket.GetTitleKey(); + if (key.size() != 16) continue; - - u8 iv[16]; - memset(iv, 0, 16); - if (!m_pReader->Read(partition_offset + 0x44c, 8, iv)) - continue; - - static const u8 common_key_standard[16] = {0xeb, 0xe4, 0x2a, 0x22, 0x5e, 0x85, 0x93, 0xe4, - 0x48, 0xd9, 0xc5, 0x45, 0x73, 0x81, 0xaa, 0xf7}; - static const u8 common_key_korean[16] = {0x63, 0xb8, 0x2b, 0xb4, 0xf4, 0x61, 0x4e, 0x2e, - 0x13, 0xf2, 0xfe, 0xfb, 0xba, 0x4c, 0x9b, 0x7e}; - static const u8 common_key_rvt[16] = {0xa1, 0x60, 0x4a, 0x6a, 0x71, 0x23, 0xb5, 0x29, - 0xae, 0x8b, 0xec, 0x32, 0xc8, 0x16, 0xfc, 0xaa}; - static const char issuer_rvt[] = "Root-CA00000002-XS00000006"; - - const u8* common_key; - - u8 issuer[sizeof(issuer_rvt)]; - if (!m_pReader->Read(partition_offset + 0x140, sizeof(issuer), issuer)) - continue; - - if (!memcmp(issuer, issuer_rvt, sizeof(issuer_rvt))) - { - // RVT issuer. Use the RVT (debug) master key. - common_key = common_key_rvt; - } - else - { - u8 key_number = 0; - if (!m_pReader->ReadSwapped(partition_offset + 0x1f1, &key_number)) - continue; - common_key = (key_number == 1) ? common_key_korean : common_key_standard; - } - - mbedtls_aes_context aes_context; - mbedtls_aes_setkey_dec(&aes_context, common_key, 128); - - u8 volume_key[16]; - mbedtls_aes_crypt_cbc(&aes_context, MBEDTLS_AES_DECRYPT, 16, iv, sub_key, volume_key); - - std::unique_ptr partition_AES_context = - std::make_unique(); - mbedtls_aes_setkey_dec(partition_AES_context.get(), volume_key, 128); + std::unique_ptr aes_context = std::make_unique(); + mbedtls_aes_setkey_dec(aes_context.get(), key.data(), 128); // We've read everything. Time to store it! (The reason we don't store anything // earlier is because we want to be able to skip adding the partition if an error occurs.) const Partition partition(partition_offset); - m_partition_keys[partition] = std::move(partition_AES_context); + m_partition_keys[partition] = std::move(aes_context); m_partition_tickets[partition] = std::move(ticket); m_partition_tmds[partition] = std::move(tmd); }