Implement aes_setkey for TWL keyslots + TWL console info/crypto init

This commit is contained in:
TuxSH 2017-02-09 20:35:39 +01:00
parent 700d572732
commit 7960c87579
4 changed files with 60 additions and 12 deletions

View File

@ -85,15 +85,36 @@ __asm__\
static void aes_setkey(u8 keyslot, const void *key, u32 keyType, u32 mode)
{
if(keyslot <= 0x03) return; //Ignore TWL keys for now
u32 *key32 = (u32 *)key;
*REG_AESCNT = (*REG_AESCNT & ~(AES_CNT_INPUT_ENDIAN | AES_CNT_INPUT_ORDER)) | mode;
*REG_AESKEYCNT = (*REG_AESKEYCNT >> 6 << 6) | keyslot | AES_KEYCNT_WRITE;
REG_AESKEYFIFO[keyType] = key32[0];
REG_AESKEYFIFO[keyType] = key32[1];
REG_AESKEYFIFO[keyType] = key32[2];
REG_AESKEYFIFO[keyType] = key32[3];
if(keyslot <= 3)
{
if((mode & AES_CNT_INPUT_ORDER) == AES_INPUT_REVERSED)
{
REGs_AESTWLKEYS[keyslot][keyType][0] = key32[3];
REGs_AESTWLKEYS[keyslot][keyType][1] = key32[2];
REGs_AESTWLKEYS[keyslot][keyType][2] = key32[1];
REGs_AESTWLKEYS[keyslot][keyType][3] = key32[0];
}
else
{
REGs_AESTWLKEYS[keyslot][keyType][0] = key32[0];
REGs_AESTWLKEYS[keyslot][keyType][1] = key32[1];
REGs_AESTWLKEYS[keyslot][keyType][2] = key32[2];
REGs_AESTWLKEYS[keyslot][keyType][3] = key32[3];
}
}
else if(keyslot < 0x40)
{
*REG_AESKEYCNT = (*REG_AESKEYCNT >> 6 << 6) | keyslot | AES_KEYCNT_WRITE;
REG_AESKEYFIFO[keyType] = key32[0];
REG_AESKEYFIFO[keyType] = key32[1];
REG_AESKEYFIFO[keyType] = key32[2];
REG_AESKEYFIFO[keyType] = key32[3];
}
}
static void aes_use_keyslot(u8 keyslot)
@ -299,6 +320,25 @@ static void sha(void *res, const void *src, u32 size, u32 mode)
/*****************************************************************/
void twlConsoleInfoInit(void)
{
if(CFG_SYSPROT9 & 0x10) return; //sorry, the lennies are currently missing
u64 twlConsoleId = CFG_UNITINFO != 0 ? OTP_DEVCONSOLEID : (0x80000000ULL | (*(vu64 *)0x01FFB808 ^ 0x8C267B7B358A6AFULL));
CFG_TWLUNITINFO = CFG_UNITINFO;
OTP_TWLCONSOLEID = twlConsoleId;
*REG_AESCNT = 0;
vu32 *k3X = REGs_AESTWLKEYS[3][1], *k1X = REGs_AESTWLKEYS[1][1];
k3X[0] = (u32)twlConsoleId;
k3X[3] = (u32)(twlConsoleId >> 32);
k1X[2] = (u32)(twlConsoleId >> 32);
k1X[3] = (u32)twlConsoleId;
}
__attribute__((aligned(4))) static u8 nandCtr[AES_BLOCK_SIZE];
static u8 nandSlot;
static u32 fatStart;

View File

@ -44,6 +44,8 @@
#define REG_AESKEYXFIFO ((vu32 *)0x10009104)
#define REG_AESKEYYFIFO ((vu32 *)0x10009108)
#define REGs_AESTWLKEYS (*((vu32 (*)[4][3][4])0x10009040))
#define AES_CCM_DECRYPT_MODE (0u << 27)
#define AES_CCM_ENCRYPT_MODE (1u << 27)
#define AES_CTR_MODE (2u << 27)
@ -105,6 +107,7 @@
extern u32 emuOffset;
extern FirmwareSource firmSource;
void twlConsoleInfoInit(void);
void ctrNandInit(void);
int ctrNandRead(u32 sector, u32 sectorCount, u8 *outbuf);
int ctrNandWrite(u32 sector, u32 sectorCount, const u8 *inbuf);

View File

@ -98,6 +98,7 @@ void main(void)
//Save old options and begin saving the new boot configuration
configTemp = (configData.config & 0xFFFFFF00) | ((u32)ISA9LH << 6);
twlConsoleInfoInit();
setN3DS96Keys();
//If it's a MCU reboot, try to force boot options

View File

@ -40,10 +40,14 @@ typedef volatile u64 vu64;
#define BRAHMA_ARM11_ENTRY 0x1FFFFFF8
#define CFG_BOOTENV (*(vu32 *)0x10010000)
#define CFG_UNITINFO (*(vu8 *)0x10010010)
#define PDN_MPCORE_CFG (*(vu32 *)0x10140FFC)
#define PDN_SPI_CNT (*(vu32 *)0x101401C0)
#define CFG_SYSPROT9 (*(vu8 *)0x10000000)
#define CFG_BOOTENV (*(vu32 *)0x10010000)
#define CFG_UNITINFO (*(vu8 *)0x10010010)
#define CFG_TWLUNITINFO (*(vu8 *)0x10010014)
#define OTP_DEVCONSOLEID (*(vu64 *)0x10012000)
#define OTP_TWLCONSOLEID (*(vu64 *)0x10012100)
#define PDN_MPCORE_CFG (*(vu32 *)0x10140FFC)
#define PDN_SPI_CNT (*(vu32 *)0x101401C0)
#define ISN3DS (PDN_MPCORE_CFG == 7)
#define ISDEVUNIT (CFG_UNITINFO != 0)