diff --git a/patches/reboot.s b/patches/reboot.s index 2b320be..1a63ada 100644 --- a/patches/reboot.s +++ b/patches/reboot.s @@ -4,7 +4,6 @@ payload_addr equ 0x23F00000 ; Brahma payload address payload_maxsize equ 0x100000 ; Maximum size for the payload (maximum that CakeBrah supports) -sd_notmounted equ 0xC8804465 ; Error code returned when SD is not mounted .create "build/reboot.bin", 0 .arm @@ -28,6 +27,8 @@ sd_notmounted equ 0xC8804465 ; Error code returned when SD is not mounted cmp r0, r2 bne pxi_wait_recv + mov r4, #2 + open_payload: ; Open file add r0, r7, #8 @@ -38,9 +39,8 @@ sd_notmounted equ 0xC8804465 ; Error code returned when SD is not mounted blx r6 cmp r0, #0 beq read_payload - ldr r2, =sd_notmounted - cmp r0, r2 - bne panic + subs r4, r4, #1 + beq panic adr r0, fname adr r1, nand_mount mov r2, #8 diff --git a/source/crypto.c b/source/crypto.c index c437333..8f26b59 100755 --- a/source/crypto.c +++ b/source/crypto.c @@ -383,32 +383,18 @@ int ctrNandWrite(u32 sector, u32 sectorCount, const u8 *inbuf) void set6x7xKeys(void) { - if(!ISDEVUNIT) - { - const u8 __attribute__((aligned(4))) keyX0x25[AES_BLOCK_SIZE] = {0xCE, 0xE7, 0xD8, 0xAB, 0x30, 0xC0, 0x0D, 0xAE, 0x85, 0x0E, 0xF5, 0xE3, 0x82, 0xAC, 0x5A, 0xF3}; - const u8 __attribute__((aligned(4))) keyY0x2F[AES_BLOCK_SIZE] = {0xC3, 0x69, 0xBA, 0xA2, 0x1E, 0x18, 0x8A, 0x88, 0xA9, 0xAA, 0x94, 0xE5, 0x50, 0x6A, 0x9F, 0x16}; + const u8 __attribute__((aligned(4))) keyX0x25Retail[AES_BLOCK_SIZE] = {0xCE, 0xE7, 0xD8, 0xAB, 0x30, 0xC0, 0x0D, 0xAE, 0x85, 0x0E, 0xF5, 0xE3, 0x82, 0xAC, 0x5A, 0xF3}; + const u8 __attribute__((aligned(4))) keyY0x2FRetail[AES_BLOCK_SIZE] = {0xC3, 0x69, 0xBA, 0xA2, 0x1E, 0x18, 0x8A, 0x88, 0xA9, 0xAA, 0x94, 0xE5, 0x50, 0x6A, 0x9F, 0x16}; + const u8 __attribute__((aligned(4))) keyX0x25Dev[AES_BLOCK_SIZE] = {0x81, 0x90, 0x7A, 0x4B, 0x6F, 0x1B, 0x47, 0x32, 0x3A, 0x67, 0x79, 0x74, 0xCE, 0x4A, 0xD7, 0x1B}; + const u8 __attribute__((aligned(4))) keyY0x2FDev[AES_BLOCK_SIZE] = {0x73, 0x25, 0xC4, 0xEB, 0x14, 0x3A, 0x0D, 0x5F, 0x5D, 0xB6, 0xE5, 0xC5, 0x7A, 0x21, 0x95, 0xAC}; - aes_setkey(0x25, keyX0x25, AES_KEYX, AES_INPUT_BE | AES_INPUT_NORMAL); - aes_setkey(0x2F, keyY0x2F, AES_KEYY, AES_INPUT_BE | AES_INPUT_NORMAL); + aes_setkey(0x25, !ISDEVUNIT ? keyX0x25Retail : keyX0x25Dev, AES_KEYX, AES_INPUT_BE | AES_INPUT_NORMAL); + aes_setkey(0x2F, !ISDEVUNIT ? keyY0x2FRetail : keyY0x2FDev, AES_KEYY, AES_INPUT_BE | AES_INPUT_NORMAL); - /* [3dbrew] The first 0x10-bytes are checked by the v6.0/v7.0 NATIVE_FIRM keyinit function, - when non-zero it clears this block and continues to do the key generation. - Otherwise when this block was already all-zero, it immediately returns. */ - memset32((void *)0x01FFCD00, 0, 0x10); - } - else - { - const u8 __attribute__((aligned(4))) keyX0x25[AES_BLOCK_SIZE] = {0x81, 0x90, 0x7A, 0x4B, 0x6F, 0x1B, 0x47, 0x32, 0x3A, 0x67, 0x79, 0x74, 0xCE, 0x4A, 0xD7, 0x1B}; - const u8 __attribute__((aligned(4))) keyY0x2F[AES_BLOCK_SIZE] = {0x73, 0x25, 0xC4, 0xEB, 0x14, 0x3A, 0x0D, 0x5F, 0x5D, 0xB6, 0xE5, 0xC5, 0x7A, 0x21, 0x95, 0xAC}; - - aes_setkey(0x25, keyX0x25, AES_KEYX, AES_INPUT_BE | AES_INPUT_NORMAL); - aes_setkey(0x2F, keyY0x2F, AES_KEYY, AES_INPUT_BE | AES_INPUT_NORMAL); - - /* [3dbrew] The first 0x10-bytes are checked by the v6.0/v7.0 NATIVE_FIRM keyinit function, - when non-zero it clears this block and continues to do the key generation. - Otherwise when this block was already all-zero, it immediately returns. */ - memset32((void *)0x01FFCD00, 0, 0x10); - } + /* [3dbrew] The first 0x10-bytes are checked by the v6.0/v7.0 NATIVE_FIRM keyinit function, + when non-zero it clears this block and continues to do the key generation. + Otherwise when this block was already all-zero, it immediately returns. */ + memset32((void *)0x01FFCD00, 0, 0x10); } bool decryptExeFs(Cxi *cxi) @@ -488,20 +474,13 @@ void kernel9Loader(Arm9Bin *arm9Section) if(k9lVersion == 2 || (k9lVersion == 1 && needToDecrypt)) { - if(!ISDEVUNIT) - { - //Set 0x11 keyslot - const u8 __attribute__((aligned(4))) key1[AES_BLOCK_SIZE] = {0x07, 0x29, 0x44, 0x38, 0xF8, 0xC9, 0x75, 0x93, 0xAA, 0x0E, 0x4A, 0xB4, 0xAE, 0x84, 0xC1, 0xD8}; - const u8 __attribute__((aligned(4))) key2[AES_BLOCK_SIZE] = {0x42, 0x3F, 0x81, 0x7A, 0x23, 0x52, 0x58, 0x31, 0x6E, 0x75, 0x8E, 0x3A, 0x39, 0x43, 0x2E, 0xD0}; - aes_setkey(0x11, k9lVersion == 2 ? key2 : key1, AES_KEYNORMAL, AES_INPUT_BE | AES_INPUT_NORMAL); - } - else - { - //Set 0x11 keyslot - const u8 __attribute__((aligned(4))) key1[AES_BLOCK_SIZE] = {0xA2, 0xF4, 0x00, 0x3C, 0x7A, 0x95, 0x10, 0x25, 0xDF, 0x4E, 0x9E, 0x74, 0xE3, 0x0C, 0x92, 0x99}; - const u8 __attribute__((aligned(4))) key2[AES_BLOCK_SIZE] = {0xFF, 0x77, 0xA0, 0x9A, 0x99, 0x81, 0xE9, 0x48, 0xEC, 0x51, 0xC9, 0x32, 0x5D, 0x14, 0xEC, 0x25}; - aes_setkey(0x11, k9lVersion == 2 ? key2 : key1, AES_KEYNORMAL, AES_INPUT_BE | AES_INPUT_NORMAL); - } + //Set 0x11 keyslot + const u8 __attribute__((aligned(4))) key1Retail[AES_BLOCK_SIZE] = {0x07, 0x29, 0x44, 0x38, 0xF8, 0xC9, 0x75, 0x93, 0xAA, 0x0E, 0x4A, 0xB4, 0xAE, 0x84, 0xC1, 0xD8}; + const u8 __attribute__((aligned(4))) key2Retail[AES_BLOCK_SIZE] = {0x42, 0x3F, 0x81, 0x7A, 0x23, 0x52, 0x58, 0x31, 0x6E, 0x75, 0x8E, 0x3A, 0x39, 0x43, 0x2E, 0xD0}; + const u8 __attribute__((aligned(4))) key1Dev[AES_BLOCK_SIZE] = {0xA2, 0xF4, 0x00, 0x3C, 0x7A, 0x95, 0x10, 0x25, 0xDF, 0x4E, 0x9E, 0x74, 0xE3, 0x0C, 0x92, 0x99}; + const u8 __attribute__((aligned(4))) key2Dev[AES_BLOCK_SIZE] = {0xFF, 0x77, 0xA0, 0x9A, 0x99, 0x81, 0xE9, 0x48, 0xEC, 0x51, 0xC9, 0x32, 0x5D, 0x14, 0xEC, 0x25}; + + aes_setkey(0x11, !ISDEVUNIT ? (k9lVersion == 2 ? key2Retail : key1Retail) : (k9lVersion == 2 ? key2Dev : key1Dev), AES_KEYNORMAL, AES_INPUT_BE | AES_INPUT_NORMAL); } if(needToDecrypt) @@ -573,4 +552,4 @@ void backupAndRestoreShaHash(bool isRestore) } else if(!didShaHashBackup) memcpy(shaHashBackup, (void *)REG_SHA_HASH, sizeof(shaHashBackup)); } -} +} \ No newline at end of file