JPEG署名用のAES鍵セットを行うよう変更。

makerom.TWL.launcherの更新。 git-svn-id: file:///Users/lillianskinner/Downloads/platinum/twl/TwlIPL/trunk@1489 b08762b0-b915-fc4b-9d8c-17b2551a87ff
2025-10-31 06:01:12 -04:00 · 2008-05-23 05:04:48 +00:00 · 2008-05-23 05:04:48 +00:00 · c590753fab
commit c590753fab
parent 97b4809aa4
9 changed files with 89 additions and 11 deletions
--- a/build/components/hyena.TWL/src/main.c
+++ b/build/components/hyena.TWL/src/main.c
@ -189,9 +189,13 @@ TwlSpMain(void)
        InitializeNwm(mainHeapHandle, mainHeapHandle);      // NWM <20>‰Šú‰»
 #ifndef SDK_NOCRYPTO
        AES_Init();           // AES <20>‰Šú‰»
-
+		
-		// NANDファームがHW_LAUNCHER_DELIVER_PARAM_BUFへのAES_SEEDセットを行ってくれるので、ISデバッガ接続に関係なくSDK_SEA_KEY_STOREへのコピーを行えばよい
+		{
-		MI_CpuCopyFast( (void *)HW_LAUNCHER_DELIVER_PARAM_BUF, (void *)SDK_SEA_KEY_STORE, HW_LAUNCHER_DELIVER_PARAM_BUF_SIZE );
+			// JPEGエンコード用の鍵セット
 			SYSMi_SetAESKeysForSignJPEG( (ROM_Header *)HW_TWL_ROM_HEADER_BUF, NULL, NULL );
 			// NANDファームがHW_LAUNCHER_DELIVER_PARAM_BUFへのAES_SEEDセットを行ってくれるので、ISデバッガ接続に関係なくSDK_SEA_KEY_STOREへのコピーを行えばよい
 			MI_CpuCopyFast( (void *)HW_LAUNCHER_DELIVER_PARAM_BUF, (void *)SDK_SEA_KEY_STORE, HW_LAUNCHER_DELIVER_PARAM_BUF_SIZE );
 		}
 #ifdef SDK_SEA
        SEA_Init();
--- a/build/libraries_sysmenu/boot/ARM7/src/bootAPI.c
+++ b/build/libraries_sysmenu/boot/ARM7/src/bootAPI.c
@ -159,6 +159,9 @@ BOOL BOOT_WaitStart( void )
 			int list_count = PRE_CLEAR_NUM_MAX + 1;
 			int l;
 			u32 *post_clear_list;
 			// [TODO] WRAM_0_1はちゃんと消えてる？blowfishやaes鍵を引き渡しているので心配
 			// メモリリストの設定
 			// [TODO:] ショップアプリで鍵を残す場合、NANDファーム引数の領域（WRAMにある）を消さないように注意。
 			//         WRAMリマップ後の消し漏れやバッファオーバランの懸念回避のため不要な鍵はpre clearで消す。
--- a/build/libraries_sysmenu/sysmenu/ARM7/src/setAESKey.c
+++ b/build/libraries_sysmenu/sysmenu/ARM7/src/setAESKey.c
@ -27,6 +27,8 @@
 // define data-----------------------------------------------------------------
 // extern data-----------------------------------------------------------------
 // function's prototype-------------------------------------------------------
 void SYSMi_SetAESKeysForAccessControlCore( ROM_Header *pROMH, u8 *pDst, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC );
 // global variable-------------------------------------------------------------
 // static variable-------------------------------------------------------------
 // const data------------------------------------------------------------------
@ -52,6 +54,16 @@ static const u8 dev_seedSlotC[] = {
 	0x49, 0x04, 0x6B, 0x33, 0x12, 0x02, 0xAC, 0xF3,
 };
 static const u8 dev_jpegEncodeKeyForLauncher[] = {
 	0xEF, 0x9A, 0xB3, 0x39, 0x48, 0x3C, 0x2B, 0x13,
 	0x39, 0x31, 0xA5, 0x3F, 0x86, 0x25, 0x9B, 0xB3,
 };
 static const u8 dev_jpegEncodeKeyForNormal[] = {
 	0x79, 0xAF, 0xFE, 0xA7, 0xF3, 0x6A, 0xB7, 0xBE,
 	0x83, 0xB6, 0x41, 0xFD, 0xFC, 0x42, 0xD7, 0x3B,
 };
 // ============================================================================
 //
@ -66,8 +78,8 @@ void SYSMi_SetAESKeysForAccessControl( BOOL isNtrMode, ROM_Header *pROMH )
 	// Œ®‚ÌƒZƒbƒg
 	MI_CpuClearFast( (void *)HW_LAUNCHER_DELIVER_PARAM_BUF, HW_LAUNCHER_DELIVER_PARAM_BUF_SIZE );
-	if( !isNtrMode &&
+	if( !isNtrMode ) {
-		( pROMH->s.titleID_Hi & TITLE_ID_HI_SECURE_FLAG_MASK ) ) {
+		SYSMi_SetAESKeysForSignJPEG( pROMH, &isClearSlotB, &isClearSlotC );
 		SYSMi_SetAESKeysForAccessControlCore( pROMH, (u8 *)HW_LAUNCHER_DELIVER_PARAM_BUF, &isClearSlotB, &isClearSlotC );
 	}
@ -88,9 +100,51 @@ void SYSMi_SetAESKeysForAccessControl( BOOL isNtrMode, ROM_Header *pROMH )
 	}
 }
 void SYSMi_SetAESKeysForSignJPEG( ROM_Header *pROMH, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC )
 {
 	void *pAESKey;
 	if( ( pROMH->s.titleID_Hi & TITLE_ID_HI_SECURE_FLAG_MASK ) &&
 		( 0 == STD_CompareNString( (const char *)&pROMH->s.titleID_Lo[ 1 ], "ANH", 3 ) ) ) {
 		// for Launcher
 		pAESKey = ( SCFG_GetBondingOption() == SCFG_OP_PRODUCT ) ?
 					&( OSi_GetFromFirmAddr()->rsa_pubkey[ 3 ][ 0x30 ] ) : (void *)dev_jpegEncodeKeyForLauncher;
 		if( pIsClearSlotC ) {
 			*pIsClearSlotC = FALSE;
 		}
 		// AESスロットのデフォルト値セット
 		AES_Lock();
 		AES_SetKeyC( pAESKey );
 		AES_Unlock();
 	}else {
 		// SignJPEG用AESキー
 		if ( pROMH->s.access_control.hw_aes_slot_B_SignJPEGForLauncher == TRUE) {
 			// for Launcher
 			pAESKey = ( SCFG_GetBondingOption() == SCFG_OP_PRODUCT ) ?
 						&( OSi_GetFromFirmAddr()->rsa_pubkey[ 3 ][ 0x30 ] ) : (void *)dev_jpegEncodeKeyForLauncher;
 		}else {
 			// for ノーマルアプリ
 			pAESKey = ( SCFG_GetBondingOption() == SCFG_OP_PRODUCT ) ?
 						&( OSi_GetFromFirmAddr()->rsa_pubkey[ 3 ][ 0x40 ] ) : (void *)dev_jpegEncodeKeyForNormal;
 		}
 		if( pIsClearSlotB ) {
 			*pIsClearSlotB = FALSE;
 		}
 		// AESスロットのデフォルト値セット
 		AES_Lock();
 		AES_SetKeyB( pAESKey );
 		AES_Unlock();
 	}
 }
 void SYSMi_SetAESKeysForAccessControlCore( ROM_Header *pROMH, u8 *pDst, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC )
 {
 	// セキュアアプリ以外はセットなし
 	if ( !( pROMH->s.titleID_Hi & TITLE_ID_HI_SECURE_FLAG_MASK ) ) {
 		return;
 	}
 	// commonClientKey
 	if( pROMH->s.access_control.common_client_key ) {
 		void *pCommonKey = ( SCFG_GetBondingOption() == SCFG_OP_PRODUCT ) ?
--- a/build/libraries_sysmenu/sysmenu/ARM9/src/sysmenu_lib.c
+++ b/build/libraries_sysmenu/sysmenu/ARM9/src/sysmenu_lib.c
@ -123,8 +123,8 @@ void SYSMi_SendKeysToARM7( void )
 {
    MI_SetWramBank(MI_WRAM_ARM9_ALL);
    // DS互換BlowfishテーブルをARM7へ渡す
-    MI_CpuCopyFast( &((OSFromFirm9Buf *)HW_FIRM_FROM_FIRM_BUF)->ds_blowfish, (void *)HW_WRAM_0, sizeof(BLOWFISH_CTX) );
+    MI_CpuCopyFast( &((OSFromFirm9Buf *)HW_FIRM_FROM_FIRM_BUF)->ds_blowfish, (void *)&GetDeliverBROM9KeyAddr()->ds_blowfish, sizeof(BLOWFISH_CTX) );
-    DC_FlushRange( (void *)HW_WRAM_0, sizeof(BLOWFISH_CTX) );
+    DC_FlushRange( (void *)HW_WRAM_0, sizeof(DeliverBROM9Key) );
    MI_SetWramBank(MI_WRAM_ARM7_ALL);
 }
--- a/build/libraries_sysmenu/sysmenu/common/include/internal_api.h
+++ b/build/libraries_sysmenu/sysmenu/common/include/internal_api.h
@ -72,12 +72,13 @@ void SYSMi_CheckRTC( void );
 //-------------------------------------------------------
 // AES鍵設定
 //-------------------------------------------------------
 // JPEG署名用（ランチャー、アプリブート共用）
 void SYSMi_SetAESKeysForSignJPEG( ROM_Header *pROMH, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC );
 // アプリブート用
 void SYSMi_SetAESKeysForAccessControl( BOOL isNtrMode, ROM_Header *pROMH );
 // ランチャー自身用
 void SYSMi_SetAESKeysForAccessControlCore( ROM_Header *pROMH, u8 *pDst, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC );
 #endif // SDK_ARM7
--- a/build/libraries_sysmenu/sysmenu/common/src/mountInfo.c
+++ b/build/libraries_sysmenu/sysmenu/common/src/mountInfo.c
@ -182,7 +182,9 @@ static void SYSMi_SetMountInfoCore( LauncherBootType bootType, NAMTitleId titleI
 	int i;
 	char contentpath[ FS_ENTRY_LONGNAME_MAX ];
-
+	
 	// [TODO]TMPジャンプ時のcontentパス指定がうまくいっていない。マウントしないようにしたら良い。
 	// タイトルIDからcontentのファイルパスをセット
 	STD_TSNPrintf( contentpath, FS_ENTRY_LONGNAME_MAX,
 				   "nand:/title/%08x/%08x/content", (u32)( titleID >> 32 ), titleID );
--- a/docs/鍵管理.xls
+++ b/docs/鍵管理.xls
--- a/include/sysmenu/sysmenu_lib/common/sysmenu_work.h
+++ b/include/sysmenu/sysmenu_lib/common/sysmenu_work.h
@ -23,6 +23,7 @@
 #include <sysmenu/memorymap.h>
 #include <sysmenu/reloc_info/common/reloc_info.h>
 #include <firm/gcd/blowfish.h>
 #ifdef __cplusplus
 extern "C" {
@ -183,6 +184,12 @@ typedef struct SDKBootCheckInfo{
 }SDKBootCheckInfo;
 // ARM9からARM7にWRAM経由で引き渡す鍵情報ワーク
 typedef struct DeliverBROM9Key {
 	BLOWFISH_CTX	ds_blowfish;
 }DeliverBROM9Key;
 //----------------------------------------------------------------------
 //　SYSM共有ワーク領域のアドレス獲得
 //----------------------------------------------------------------------
@ -204,6 +211,13 @@ typedef struct SDKBootCheckInfo{
 #define SYSM_GetAppRomHeader()				( (ROM_Header_Short *)SYSM_APP_ROM_HEADER_BUF )
 #define SYSM_GetCardRomHeader()				SYSM_GetAppRomHeader()
 // ARM9から引き渡す鍵情報ワークの取得
 #ifdef SDK_ARM9
 #define GetDeliverBROM9KeyAddr()			( (DeliverBROM9Key *)HW_WRAM_0 )
 #else
 #define GetDeliverBROM9KeyAddr()			( (DeliverBROM9Key *)HW_WRAM_0_LTD )
 #endif
 #ifdef __cplusplus
 }
 #endif
--- a/tools/bin/makerom.TWL.launcher.exe
+++ b/tools/bin/makerom.TWL.launcher.exe