From 9b9aec06a80c78b7e38644e00fe197da1cdaf33f Mon Sep 17 00:00:00 2001 From: yoshida_teruhisa Date: Wed, 13 Feb 2008 01:04:59 +0000 Subject: [PATCH] =?UTF-8?q?Launcher=E3=81=A7=E3=81=AETWL=E3=82=A2=E3=83=97?= =?UTF-8?q?=E3=83=AA=E3=81=AE=E8=B5=B7=E5=8B=95=E6=99=82=E3=81=AB=E3=83=98?= =?UTF-8?q?=E3=83=83=E3=83=80=E3=81=AE=E6=A4=9C=E8=A8=BC=E5=87=A6=E7=90=86?= =?UTF-8?q?=E3=82=92=E8=BF=BD=E5=8A=A0=20systemMenu=5FRED=E4=BB=A5?= =?UTF-8?q?=E4=B8=8B=E3=81=AE=E3=82=A2=E3=83=97=E3=83=AA=E3=82=92=E3=83=93?= =?UTF-8?q?=E3=83=AB=E3=83=89=E3=81=99=E3=82=8B=E5=A0=B4=E5=90=88=E3=80=81?= =?UTF-8?q?system=E3=82=A2=E3=83=97=E3=83=AA=E7=94=A8=E3=81=AEmakerom?= =?UTF-8?q?=E3=82=92=E5=88=A9=E7=94=A8=E3=81=99=E3=82=8B=E3=82=88=E3=81=86?= =?UTF-8?q?Makefile=E3=82=92=E4=BF=AE=E6=AD=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: file:///Users/lillianskinner/Downloads/platinum/twl/TwlIPL/trunk@639 b08762b0-b915-fc4b-9d8c-17b2551a87ff --- build/libraries_sysmenu/sysmenu/ARM9/Makefile | 1 + .../sysmenu/ARM9/src/title.c | 157 +++++++++++++++++- .../DS_DownloadPlay/ARM9/Makefile | 2 + .../systemMenu_RED/HWInfoWriter/ARM9/Makefile | 1 + build/systemMenu_RED/Launcher/ARM9/Makefile | 2 + .../MachineSettings/ARM9/Makefile | 1 + .../NandInitializer/ARM9.TWL/Makefile | 2 + build/systemMenu_RED/PictoChat/ARM9/Makefile | 1 + 8 files changed, 162 insertions(+), 5 deletions(-) diff --git a/build/libraries_sysmenu/sysmenu/ARM9/Makefile b/build/libraries_sysmenu/sysmenu/ARM9/Makefile index 6e6fe427..8d85caf2 100644 --- a/build/libraries_sysmenu/sysmenu/ARM9/Makefile +++ b/build/libraries_sysmenu/sysmenu/ARM9/Makefile @@ -31,6 +31,7 @@ SRCS = sysmenu_lib.c \ ninLogoFunc.c \ mountInfo.c \ device.c \ + keys.c \ title.c \ banner.c \ ../common/src/status.c \ diff --git a/build/libraries_sysmenu/sysmenu/ARM9/src/title.c b/build/libraries_sysmenu/sysmenu/ARM9/src/title.c index 7d725c1c..f0401542 100644 --- a/build/libraries_sysmenu/sysmenu/ARM9/src/title.c +++ b/build/libraries_sysmenu/sysmenu/ARM9/src/title.c @@ -18,12 +18,25 @@ #include #include #include +#include +#include #include "internal_api.h" // define data----------------------------------------------------------------- #define CARD_BANNER_INDEX ( LAUNCHER_TITLE_LIST_NUM - 1 ) +#define SYSTEM_APP_KEY_OFFSET 1 // ファームから送られてくるキーのためのオフセット +#define ROM_HEADER_HASH_OFFSET (0x10) // 署名からROMヘッダハッシュを取り出すためのオフセット + +#define SIGN_HEAP_ADDR 0x023c0000 // 署名計算のためのヒープ領域開始アドレス +#define SIGN_HEAP_SIZE 0x1000 // 署名計算のためのヒープサイズ + +#define DIGEST_HASH_BLOCK_SIZE_SHA1 (512/8) +#define ROM_HEADER_HASH_CALC_DATA_LEN 0xe00 // ROMヘッダのハッシュ計算する部分の長さ + // extern data----------------------------------------------------------------- +extern const u8 g_devPubKey[ 3 ][ 0x80 ]; + // function's prototype------------------------------------------------------- static BOOL SYSMi_ReadBanner_NAND( NAMTitleId titleID, u8 *pDst ); static s32 ReadFile( FSFile* pf, void* buffer, s32 size ); @@ -46,6 +59,47 @@ static const OSBootType s_launcherToOSBootType[ LAUNCHER_BOOTTYPE_MAX ] = { OS_BOOTTYPE_MEMORY, // MEMORY }; +static const u8 s_digestDefaultKey[ DIGEST_HASH_BLOCK_SIZE_SHA1 ] = +{ + 0x21, 0x06, 0xc0, 0xde, + 0xba, 0x98, 0xce, 0x3f, + 0xa6, 0x92, 0xe3, 0x9d, + 0x46, 0xf2, 0xed, 0x01, + + 0x76, 0xe3, 0xcc, 0x08, + 0x56, 0x23, 0x63, 0xfa, + 0xca, 0xd4, 0xec, 0xdf, + 0x9a, 0x62, 0x78, 0x34, + + 0x8f, 0x6d, 0x63, 0x3c, + 0xfe, 0x22, 0xca, 0x92, + 0x20, 0x88, 0x97, 0x23, + 0xd2, 0xcf, 0xae, 0xc2, + + 0x32, 0x67, 0x8d, 0xfe, + 0xca, 0x83, 0x64, 0x98, + 0xac, 0xfd, 0x3e, 0x37, + 0x87, 0x46, 0x58, 0x24, +}; + +//================================================================================ +// for register SCFG_OP +//================================================================================ +/*---------------------------------------------------------------------------* + Name: SCFG_GetBondingOption + + Description: Get bonding option data + + Arguments: None + + Returns: option data + *---------------------------------------------------------------------------*/ +// SharedArea Access ver. +static inline u16 SCFG_GetBondingOption(void) +{ + return (u16)(*(u8*)(HW_SYS_CONF_BUF+HWi_WSYS08_OFFSET) & HWi_WSYS08_OP_OPT_MASK); +} + // ============================================================================ // // 情報取得 @@ -556,10 +610,103 @@ BOOL SYSM_IsLoadTitleFinished( TitleProperty *pBootTitle ) return OS_IsThreadTerminated( &s_thread ); } +static AuthResult SYSMi_AuthenticateTWLHeader( TitleProperty *pBootTitle ) +{ + // [TODO:] NANDアプリの場合、NAM_CheckTitleLaunchRights()を呼んでチェック + // [TODO:] TWLアプリの場合、pBootTitle->titleIDとROMヘッダのtitleIDの一致確認を必ずする。 + + // TWLアプリの場合、署名チェック、鍵の場合わけと署名の解読、ハッシュ値をヘッダに格納されているものと比較 + // titleIDからアプリ種別を読み取る + if( ( (( ROM_Header_Short *)HW_TWL_ROM_HEADER_BUF)->platform_code ) != 0 ) + { + const u8 *key; + u16 prop; + u8 keynum; + u8 buf[0x80]; + u8 calculated_hash[SVC_SHA1_DIGEST_SIZE]; + SVCSignHeapContext con; + int l; + u32 *module_addr[RELOCATE_INFO_NUM]; + u32 module_size[RELOCATE_INFO_NUM]; + u8 *hash_addr[RELOCATE_INFO_NUM]; + + prop = ((u16 *)&(pBootTitle->titleID))[2]; + prop = (u16)(prop & 0x1); // prop = 0:UserApp 1:SystemApp 2:ShopApp? + keynum = (u8)( prop == 0 ? 2 : (prop == 1 ? 0 : 1) );// keynum = 0:SystemApp 1:ShopApp 2:UserApp + // アプリ種別とボンディングオプションによって使う鍵を分ける + if( SCFG_GetBondingOption() == 0 ) { + // 製品版鍵取得 + key = ((OSFromFirm9Buf *)HW_FIRM_FROM_FIRM_BUF)->rsa_pubkey[SYSTEM_APP_KEY_OFFSET + keynum]; + }else { + // 開発版 + key = g_devPubKey[keynum]; + } + // 署名を鍵で復号 + MI_CpuClear8( buf, 0x80 ); + SVC_InitSignHeap( &con, (void *)SIGN_HEAP_ADDR, SIGN_HEAP_SIZE );// ヒープの初期化 + if( !SVC_DecryptSign( &con, buf, (( ROM_Header *)HW_TWL_ROM_HEADER_BUF)->signature, key )) + { + OS_TPrintf("Authenticate failed: Sign decryption failed.\n"); + return AUTH_RESULT_AUTHENTICATE_FAILED; + } + // ヘッダのハッシュ(SHA1)計算 + SVC_CalcSHA1( &calculated_hash, (const void*)HW_TWL_ROM_HEADER_BUF, ROM_HEADER_HASH_CALC_DATA_LEN ); + // 署名のハッシュ値とヘッダのハッシュ値を比較 + if(!SVC_CompareSHA1((const void *)(&buf[ROM_HEADER_HASH_OFFSET]), (const void *)&calculated_hash)) + { + OS_TPrintf("Authenticate failed: Sign check failed.\n"); + return AUTH_RESULT_AUTHENTICATE_FAILED; + }else + { + OS_TPrintf("Authenticate : Sign check succeed.\n"); + } + + // それぞれARM9,7のFLXおよびLTDについてハッシュを計算してヘッダに格納されているハッシュと比較 + module_addr[ARM9_STATIC] = (( ROM_Header_Short *)HW_TWL_ROM_HEADER_BUF)->main_ram_address; + module_addr[ARM7_STATIC] = (( ROM_Header_Short *)HW_TWL_ROM_HEADER_BUF)->sub_ram_address; + module_addr[ARM9_LTD_STATIC] = (( ROM_Header_Short *)HW_TWL_ROM_HEADER_BUF)->main_ltd_ram_address; + module_addr[ARM7_LTD_STATIC] = (( ROM_Header_Short *)HW_TWL_ROM_HEADER_BUF)->sub_ltd_ram_address; + + module_size[ARM9_STATIC] = (( ROM_Header_Short *)HW_TWL_ROM_HEADER_BUF)->main_size; + module_size[ARM7_STATIC] = (( ROM_Header_Short *)HW_TWL_ROM_HEADER_BUF)->sub_size; + module_size[ARM9_LTD_STATIC] = (( ROM_Header_Short *)HW_TWL_ROM_HEADER_BUF)->main_ltd_size; + module_size[ARM7_LTD_STATIC] = (( ROM_Header_Short *)HW_TWL_ROM_HEADER_BUF)->sub_ltd_size; + + hash_addr[ARM9_STATIC] = &((( ROM_Header_Short *)HW_TWL_ROM_HEADER_BUF)->main_static_digest[0]); + hash_addr[ARM7_STATIC] = &((( ROM_Header_Short *)HW_TWL_ROM_HEADER_BUF)->sub_static_digest[0]); + hash_addr[ARM9_LTD_STATIC] = &((( ROM_Header_Short *)HW_TWL_ROM_HEADER_BUF)->main_ltd_static_digest[0]); + hash_addr[ARM7_LTD_STATIC] = &((( ROM_Header_Short *)HW_TWL_ROM_HEADER_BUF)->sub_ltd_static_digest[0]); + + for( l=0; lromRelocateInfo[l].src != NULL ) + { + module_addr[l] = (u32 *)SYSMi_GetWork()->romRelocateInfo[l].src; + } + // ハッシュ計算 + SVC_CalcHMACSHA1( &calculated_hash, (const void*)module_addr[l], module_size[l], + (void *)s_digestDefaultKey, DIGEST_HASH_BLOCK_SIZE_SHA1 ); + // 比較 + if(!SVC_CompareSHA1((const void *)hash_addr[l], (const void *)&calculated_hash)) + { + OS_TPrintf("Authenticate failed: rom header hash check failed.\n"); + return AUTH_RESULT_AUTHENTICATE_FAILED; + }else + { + OS_TPrintf("Authenticate : %s module hash check succeed.\n", str[l]); + } + } + } + return AUTH_RESULT_SUCCEEDED; +} // ロード済みの指定タイトルの認証とブートを行う AuthResult SYSM_AuthenticateTitle( TitleProperty *pBootTitle ) { + AuthResult res; + // ロード中 if( !SYSM_IsLoadTitleFinished( pBootTitle ) ) { return AUTH_RESULT_PROCESSING; @@ -590,11 +737,11 @@ AuthResult SYSM_AuthenticateTitle( TitleProperty *pBootTitle ) } // ※ROMヘッダ認証 - // [TODO:] NANDアプリの場合、NAM_CheckLaunchRights()を呼んで - // [TODO:] NANDアプリの場合、pBootTitle->titleIDとROMヘッダのtitleIDの一致確認を必ずする。 - - // [TODO:] 署名チェック - // [TODO:] ハッシュチェック + res = SYSMi_AuthenticateTWLHeader( pBootTitle ); + if( res != AUTH_RESULT_SUCCEEDED ) + { + return res; + } // マウント情報の登録 SYSMi_SetBootAppMountInfo( pBootTitle ); diff --git a/build/systemMenu_RED/DS_DownloadPlay/ARM9/Makefile b/build/systemMenu_RED/DS_DownloadPlay/ARM9/Makefile index 2960cc0c..7624d6f4 100644 --- a/build/systemMenu_RED/DS_DownloadPlay/ARM9/Makefile +++ b/build/systemMenu_RED/DS_DownloadPlay/ARM9/Makefile @@ -40,6 +40,8 @@ LDEPENDS_NEF = include $(TWL_IPL_RED_ROOT)/build/buildtools/commondefs +MAKEROM = $(TWL_IPL_RED_ROOT)/tools/bin/makerom.TWL.sys.exe + #---------------------------------------------------------------------------- do-build : $(TARGETS) diff --git a/build/systemMenu_RED/HWInfoWriter/ARM9/Makefile b/build/systemMenu_RED/HWInfoWriter/ARM9/Makefile index 594da005..8315ad50 100644 --- a/build/systemMenu_RED/HWInfoWriter/ARM9/Makefile +++ b/build/systemMenu_RED/HWInfoWriter/ARM9/Makefile @@ -56,6 +56,7 @@ endif include $(TWL_IPL_RED_ROOT)/build/buildtools/commondefs +MAKEROM = $(TWL_IPL_RED_ROOT)/tools/bin/makerom.TWL.sys.exe LDIRT_CLEAN = $(TARGET_TAD) INSTALL_TARGETS = $(TARGET_TAD) diff --git a/build/systemMenu_RED/Launcher/ARM9/Makefile b/build/systemMenu_RED/Launcher/ARM9/Makefile index c22ab19f..6fd1a1ac 100644 --- a/build/systemMenu_RED/Launcher/ARM9/Makefile +++ b/build/systemMenu_RED/Launcher/ARM9/Makefile @@ -77,6 +77,8 @@ include $(TWLSDK_ROOT)/add-ins/es/commondefs.es include $(TWL_IPL_RED_ROOT)/build/buildtools/commondefs include $(TWLSDK_ROOT)/build/libraries/reboot/commondefs.reboot +MAKEROM = $(TWL_IPL_RED_ROOT)/tools/bin/makerom.TWL.sys.exe + LDIRT_CLEAN = $(TARGET_TAD) INSTALL_TARGETS = $(TARGET_TAD) INSTALL_DIR = $(SDK_NMENU_DATADIR) diff --git a/build/systemMenu_RED/MachineSettings/ARM9/Makefile b/build/systemMenu_RED/MachineSettings/ARM9/Makefile index 3cd77b71..cecef509 100644 --- a/build/systemMenu_RED/MachineSettings/ARM9/Makefile +++ b/build/systemMenu_RED/MachineSettings/ARM9/Makefile @@ -52,6 +52,7 @@ MAKETAD_FLAGS += -s include $(TWL_IPL_RED_ROOT)/build/buildtools/commondefs +MAKEROM = $(TWL_IPL_RED_ROOT)/tools/bin/makerom.TWL.sys.exe LDIRT_CLEAN = $(TARGET_TAD) INSTALL_TARGETS = $(TARGET_TAD) diff --git a/build/systemMenu_RED/NandInitializer/ARM9.TWL/Makefile b/build/systemMenu_RED/NandInitializer/ARM9.TWL/Makefile index 874c05de..4c79d76e 100644 --- a/build/systemMenu_RED/NandInitializer/ARM9.TWL/Makefile +++ b/build/systemMenu_RED/NandInitializer/ARM9.TWL/Makefile @@ -96,6 +96,8 @@ LLIBRARIES += libes$(TWL_LIBSUFFIX).a \ include $(TWL_IPL_RED_ROOT)/build/buildtools/commondefs include $(TWLSDK_ROOT)/build/buildtools/commondefs.gx.demolib +MAKEROM = $(TWL_IPL_RED_ROOT)/tools/bin/makerom.TWL.sys.exe + LDIRT_CLEAN = $(TARGET_TAD) INSTALL_TARGETS = $(TARGET_TAD) INSTALL_DIR = $(SDK_NMENU_DATADIR) diff --git a/build/systemMenu_RED/PictoChat/ARM9/Makefile b/build/systemMenu_RED/PictoChat/ARM9/Makefile index 0cb7d12e..0006aa66 100644 --- a/build/systemMenu_RED/PictoChat/ARM9/Makefile +++ b/build/systemMenu_RED/PictoChat/ARM9/Makefile @@ -43,6 +43,7 @@ MAKETAD_FLAGS += -s include $(TWL_IPL_RED_ROOT)/build/buildtools/commondefs +MAKEROM = $(TWL_IPL_RED_ROOT)/tools/bin/makerom.TWL.sys.exe LDIRT_CLEAN = $(TARGET_TAD) INSTALL_TARGETS = $(TARGET_TAD)