From 50370a8d251ffda4536ca0502ca4a6d55ce897fc Mon Sep 17 00:00:00 2001
From: "(no author)" <(no author)@ff987cc8-cf2f-4642-8568-d52cce064691>
Date: Tue, 22 Dec 2009 09:54:27 +0000
Subject: [PATCH] =?UTF-8?q?openssl=E9=96=8B=E7=99=BA=E6=99=82=E3=81=AB?=
 =?UTF-8?q?=E3=80=81=E3=83=80=E3=83=9F=E3=83=BCNintendoCTR2=E7=BD=B2?=
 =?UTF-8?q?=E5=90=8D=E9=8D=B5=EF=BC=88ECC233)=E3=82=92=E3=83=AA=E3=83=B3?=
 =?UTF-8?q?=E3=82=AF=E3=81=99=E3=82=8B=E3=82=88=E3=81=86=E5=A4=89=E6=9B=B4?=
 =?UTF-8?q?=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@35 ff987cc8-cf2f-4642-8568-d52cce064691
---
 Makefile                                  |  31 ++++++---
 cr_deviceCert.c                           |  79 +++++++++++++++-------
 dummyKey/dev/NintendoCTR2_priv_dummy.der  | Bin 0 -> 111 bytes
 dummyKey/dev/NintendoCTR2_pub_dummy.der   | Bin 0 -> 84 bytes
 dummyKey/prod/NintendoCTR2_priv_dummy.der | Bin 0 -> 111 bytes
 dummyKey/prod/NintendoCTR2_pub_dummy.der  | Bin 0 -> 84 bytes
 6 files changed, 79 insertions(+), 31 deletions(-)
 create mode 100644 dummyKey/dev/NintendoCTR2_priv_dummy.der
 create mode 100644 dummyKey/dev/NintendoCTR2_pub_dummy.der
 create mode 100644 dummyKey/prod/NintendoCTR2_priv_dummy.der
 create mode 100644 dummyKey/prod/NintendoCTR2_pub_dummy.der

diff --git a/Makefile b/Makefile
index 97df75e..b0e123e 100644
--- a/Makefile
+++ b/Makefile
@@ -80,7 +80,10 @@ TARGET	    = gen_id
 KEYS_C  = cr_eFuse_privKey_prod.c cr_eFuse_pubKey_prod.c \
           cr_eFuse_privKey_dev.c  cr_eFuse_pubKey_dev.c  \
           cr_eFuse_aesKey_prod.c  cr_eFuse_iv_prod.c     \
-          cr_eFuse_aesKey_dev.c  cr_eFuse_iv_dev.c
+          cr_eFuse_aesKey_dev.c   cr_eFuse_iv_dev.c      \
+          cr_NintendoCTR2_priv_dummy_prod.c cr_NintendoCTR2_pub_dummy_prod.c \
+          cr_NintendoCTR2_priv_dummy_dev.c  cr_NintendoCTR2_pub_dummy_dev.c
+
 SRCS	= main.c cr_generate_id.c cr_hsm_util.c cr_keyPair.c \
           cr_deviceCert.c cr_enc_id.c cr_alloc.c cr_hsm_code.c
 
@@ -146,25 +149,37 @@ cr_eFuse_privKey_prod.c : $(PROD_DER_KEY_DIR)/eFuse_privKey.der
 cr_eFuse_pubKey_prod.c : $(PROD_DER_KEY_DIR)/eFuse_pubKey.der
 	perl tools/bin2c.plx $< prod
 
-cr_eFuse_privKey_dev.c : $(DEV_DER_KEY_DIR)/eFuse_privKey.der
-	perl tools/bin2c.plx $< dev
-
-cr_eFuse_pubKey_dev.c : $(DEV_DER_KEY_DIR)/eFuse_pubKey.der
-	perl tools/bin2c.plx $< dev
-
-
 cr_eFuse_aesKey_prod.c : $(PROD_DER_KEY_DIR)/eFuse_aesKey.bin
 	perl tools/bin2c.plx $< prod
 
 cr_eFuse_iv_prod.c : $(PROD_DER_KEY_DIR)/eFuse_iv.bin
 	perl tools/bin2c.plx $< prod
 
+cr_NintendoCTR2_priv_dummy_prod.c : $(PROD_DER_KEY_DIR)/NintendoCTR2_priv_dummy.der
+	perl tools/bin2c.plx $< prod
+
+cr_NintendoCTR2_pub_dummy_prod.c : $(PROD_DER_KEY_DIR)/NintendoCTR2_pub_dummy.der
+	perl tools/bin2c.plx $< prod
+
+
+cr_eFuse_privKey_dev.c : $(DEV_DER_KEY_DIR)/eFuse_privKey.der
+	perl tools/bin2c.plx $< dev
+
+cr_eFuse_pubKey_dev.c : $(DEV_DER_KEY_DIR)/eFuse_pubKey.der
+	perl tools/bin2c.plx $< dev
+
 cr_eFuse_aesKey_dev.c : $(DEV_DER_KEY_DIR)/eFuse_aesKey.bin
 	perl tools/bin2c.plx $< dev
 
 cr_eFuse_iv_dev.c : $(DEV_DER_KEY_DIR)/eFuse_iv.bin
 	perl tools/bin2c.plx $< dev
 
+cr_NintendoCTR2_priv_dummy_dev.c : $(DEV_DER_KEY_DIR)/NintendoCTR2_priv_dummy.der
+	perl tools/bin2c.plx $< dev
+
+cr_NintendoCTR2_pub_dummy_dev.c : $(DEV_DER_KEY_DIR)/NintendoCTR2_pub_dummy.der
+	perl tools/bin2c.plx $< dev
+
 
 .PHONY: clean clobber
 clean:
diff --git a/cr_deviceCert.c b/cr_deviceCert.c
index d7d920d..24c703e 100644
--- a/cr_deviceCert.c
+++ b/cr_deviceCert.c
@@ -119,15 +119,16 @@
 
 #ifdef USE_HSM
 #include "cr_hsm_code.h"
-#endif // USE_HSM
-
+#else
 // openssl
 #include <openssl/err.h>
-#include <openssl/bn.h>
 #include <openssl/sha.h>
 #include <openssl/ec.h>
-#include <openssl/rsa.h>
-#include <openssl/aes.h>
+#include "cr_NintendoCTR2_priv_dummy_dev.c"
+#include "cr_NintendoCTR2_pub_dummy_dev.c"
+#include "cr_NintendoCTR2_priv_dummy_prod.c"
+#include "cr_NintendoCTR2_pub_dummy_prod.c"
+#endif // USE_HSM
 
 #include <openssl/ecdsa.h>	// これにより下はいらない
 //#include "ec_lcl.h"	// ec_key_st構造体の参照に必要
@@ -186,7 +187,8 @@ static int TestECDSA2( EC_KEY *eckey, int ec_curve_name, u8 ec_pub_key_neg, u8 e
 	test_ret = ECDSA_sign(0, ecdsa_test_buf, CR_ECDSA_BUF_SIZE, ecdsasig, 
 			&ecdsasiglen, eckey);
 	if (test_ret == 0) {
-		return CR_GENID_ERROR_ECDSA_SIGN;
+		ret_code = CR_GENID_ERROR_ECDSA_SIGN;
+		goto end;
 	}
 	
 	// 署名検証
@@ -236,16 +238,42 @@ end:
 // create CTR Device cert
 int GenerateCTRDeviceCert( EC_KEY *eckey, u32 deviceId, u8 bondingOption )
 {
-	int result = 0;
+	int ret_code = 0;
 	char str[80];
 	CTR_Device_Cert cert;
-
+	EC_KEY *NintendoCTR2 = NULL;
+	
 	if ( sizeof( CTR_Device_Cert ) > 384 )
 	{
+		printf( "err.\n" );
 		//ret_code = CR_GENID_ERROR_CERT_BUF_SIZE;	// ATODE
-		return 255;
+		ret_code = 255;
+		goto end;
 	}
+	
+	// DERフォーマットのECC鍵を読み込み
+	{
+		// bondingOptionによって、鍵を差し替え
+		const unsigned char *der_priv = bondingOption ? cr_NintendoCTR2_priv_dummy_dev : cr_NintendoCTR2_priv_dummy_prod;
+		const unsigned char *der_pub  = bondingOption ? cr_NintendoCTR2_pub_dummy_dev  : cr_NintendoCTR2_pub_dummy_prod;
+		int priv_len = der_priv[ 8 ] | der_priv[ 9 ] << 8;	// KEY長を取り出し
+//		int pub_len  = der_pub [ 8 ] | der_pub [ 9 ] << 8;  // 同上
+		der_priv += 0x10; // ヘッダ部分を除外してKEY実体を指定
+		der_pub  += 0x10; // 同上
 
+		// ECCは、秘密鍵のみで公開鍵成分もセットされるようなので、公開鍵は読み込まない。
+		NintendoCTR2 = d2i_ECPrivateKey( NULL, &der_priv, priv_len );
+		if( NintendoCTR2 == NULL ) {
+//			ret_code = CR_GENID_ERROR_ECC_READ_PRIVATE_KEY; // TODO:
+			ret_code = 255;
+			goto end;
+		}
+#if 0
+		DEBUG_PRINT_ARRAY( "EC priv:",  (const char *)NintendoCTR2->priv_key->d, NintendoCTR2->priv_key->dmax * 4);
+		DEBUG_PRINT_ARRAY( "EC pub.X:", (const char *)NintendoCTR2->pub_key->X.d, NintendoCTR2->pub_key->X.dmax * 4 );
+		DEBUG_PRINT_ARRAY( "EC pub.Y:", (const char *)NintendoCTR2->pub_key->Y.d, NintendoCTR2->pub_key->Y.dmax * 4 );
+#endif
+	}
 	// sigType
 	cert.sigType[0] = 0x00;
 	cert.sigType[1] = 0x01;
@@ -267,11 +295,11 @@ int GenerateCTRDeviceCert( EC_KEY *eckey, u32 deviceId, u8 bondingOption )
 	
 	// expiryDate
 #ifdef USE_HSM
-	result = hsm_get_rtc( &(cert.expiryDate) );
-	if ( result != 0 )
+	ret_code = hsm_get_rtc( &(cert.expiryDate) );
+	if ( ret_code != 0 )
 	{
-		printf( "error(%d) : hsm_get_rtc\n", result );
-		return result;
+		printf( "error(%d) : hsm_get_rtc\n", ret_code );
+		goto end;
 	}
 #else  // !USE_HSM
 	{
@@ -293,14 +321,15 @@ int GenerateCTRDeviceCert( EC_KEY *eckey, u32 deviceId, u8 bondingOption )
 
 	bn_pubkey = BN_new();
 	if( bn_pubkey == NULL ) {
-		return CR_GENID_ERROR_BN_NEW_1;
+		ret_code = CR_GENID_ERROR_BN_NEW_1;
+		goto end;
 	}
 	
-	result = EC_POINT_point2bn( eckey->group, eckey->pub_key, eckey->conv_form , bn_pubkey, NULL);
-	if ( result == 0 )
+	ret_code = EC_POINT_point2bn( eckey->group, eckey->pub_key, eckey->conv_form , bn_pubkey, NULL);
+	if ( ret_code == 0 )
 	{
-		printf( "error(%d) : EC_POINT_point2bn\n", result );
-		return result;
+		printf( "error(%d) : EC_POINT_point2bn\n", ret_code );
+		goto end;
 	}
 	
 	ec_pub_key_neg = (unsigned char)( (bn_pubkey->neg == 0) ? 0 : 1 );
@@ -310,12 +339,12 @@ int GenerateCTRDeviceCert( EC_KEY *eckey, u32 deviceId, u8 bondingOption )
 	
 	BN_free( bn_pubkey );
 	
-	result = TestECDSA2( eckey, NID_sect233r1, ec_pub_key_neg,
+	ret_code = TestECDSA2( eckey, NID_sect233r1, ec_pub_key_neg,
 							ec_pub_key_num_bytes, ec_pub_key );
-	if ( result != 0 )
+	if ( ret_code != 0 )
 	{
-		printf( "error(%d) : TestECDSA2\n", result );
-		return result;
+		printf( "error(%d) : TestECDSA2\n", ret_code );
+		goto end;
 	}
     
 #endif	// USE_HSM
@@ -349,6 +378,10 @@ int GenerateCTRDeviceCert( EC_KEY *eckey, u32 deviceId, u8 bondingOption )
 	}
 #endif
 
-	return result;
+end:
+	// TODO: NintendoCTR2のリソース解放がこれだけでOKか要確認。
+	if( NintendoCTR2 ) EC_KEY_free( NintendoCTR2 );
+	
+	return ret_code;
 }	// generate_CTRCustom_cert
 
diff --git a/dummyKey/dev/NintendoCTR2_priv_dummy.der b/dummyKey/dev/NintendoCTR2_priv_dummy.der
new file mode 100644
index 0000000000000000000000000000000000000000..15926f8977860bfd830583ae4e0459c913533c1e
GIT binary patch
literal 111
zcmV-#0FeJMZ2|!S1RW#k7ZRJZCc&RLVsOSlT9oW|P<6ZTn(X;kpVXP42L=Tzfdl{>
zp+EyZ00aQp0sZAwVA(P=C6iMMx?`ghP?jxBa`Kwyp!;jT0lwD5jARj_Y}2f&F`D&f
Rq=jeJlV=2r@SvV8B{lU3F&qE@

literal 0
HcmV?d00001

diff --git a/dummyKey/dev/NintendoCTR2_pub_dummy.der b/dummyKey/dev/NintendoCTR2_pub_dummy.der
new file mode 100644
index 0000000000000000000000000000000000000000..33399db87ad5747665e0009d049978a5710e7a6e
GIT binary patch
literal 84
zcmV-a0IUBnQZNt(2P%e0&OHJF1_djD1OOWYJ^%y&*#Z6KRbbgNGbNK#3c6#X6i}8e
qOmgy?=Aip)zX871!;EARqHNQwsxg}NXQYK^){|!hi}0YHEhROjULouN

literal 0
HcmV?d00001

diff --git a/dummyKey/prod/NintendoCTR2_priv_dummy.der b/dummyKey/prod/NintendoCTR2_priv_dummy.der
new file mode 100644
index 0000000000000000000000000000000000000000..8c5ff2ee08479beb62fc838ca65a89b1255a4f4b
GIT binary patch
literal 111
zcmV-#0FeJMZ2|!S1RWk7qyqjAPC<`R1m)7|9du<XZo%pKBQ-fuLK7pP2L=Tzfdl{=
zp+EyZ00aTA?56Z`e({k$XckTAIR#%jb89)3)CZ5elb$uM03$c8*eJ4lUsj-PGMq##
RF`JS(<-_SgAKyH;mHTgtD`o%y

literal 0
HcmV?d00001

diff --git a/dummyKey/prod/NintendoCTR2_pub_dummy.der b/dummyKey/prod/NintendoCTR2_pub_dummy.der
new file mode 100644
index 0000000000000000000000000000000000000000..1da366cd3b5183d3efbb231f45073a250e20244a
GIT binary patch
literal 84
zcmV-a0IUBnQZNt(2P%e0&OHJF1_djD1OOTXJ^%y(uk5Dua(?lVK4=zA=s5*nI&*6|
qmDC51ypx_at^gx9t=K5CdtX+dZ8DrhEHRssIpxFYK_A~dx0U;P;~-=J

literal 0
HcmV?d00001