N-archive/mikage-dev
1
0
Fork 0
mirror of https://github.com/mikage-emu/mikage-dev.git synced 2025-01-09 06:50:59 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mikage-dev/source/ui/installer.cpp
Tony Wasserka c7a6ea0846 Hello Mikage
2024-03-08 10:54:13 +01:00

393 lines
18 KiB
C++
Raw Blame History

#include <processes/pxi_fs.hpp>
#include <platform/file_formats/cia.hpp>
#include <platform/crypto.hpp>
#include <framework/exceptions.hpp>
#include <framework/formats.hpp>
#include <framework/ranges.hpp>
#include <cryptopp/aes.h>
#include <cryptopp/modes.h>
#include <cryptopp/osrng.h>
#include <cryptopp/rsa.h>
#include <range/v3/algorithm/equal.hpp>
#include <range/v3/view/zip.hpp>
#include <filesystem>
namespace HLE::PXI {
std::array<uint8_t, 16> GenerateAESKey(const std::array<uint8_t, 16>& key_x, const std::array<uint8_t, 16>& key_y);
}
template<typename T, typename SubType, typename Stream>
T ParseSignedData(Stream& reader) {
auto sig = FileFormat::Signature { FileFormat::LoadValue<uint32_t, boost::endian::order::big>(reader), {} };
sig.data.resize(FileFormat::GetSignatureSize(sig.type));
reader(reinterpret_cast<char*>(sig.data.data()), sig.data.size() * sizeof(sig.data[0]));
size_t pad_size;
switch (sig.type) {
case 0x10000:
case 0x10001:
case 0x10003:
case 0x10004:
pad_size = 0x3c;
break;
case 0x10002:
case 0x10005:
pad_size = 0x40;
break;
default:
throw Mikage::Exceptions::Invalid("Unknown signature type {:#x}", sig.type);
}
std::vector<char> zeroes(pad_size, 0);
reader(zeroes.data(), zeroes.size());
return T { sig, FileFormat::SerializationInterface<SubType>::Load(reader) };
}
struct CIA {
FileFormat::CIAHeader header;
std::array<FileFormat::Certificate, 3> certificates;
FileFormat::Ticket ticket;
FileFormat::TMD tmd;
std::vector<std::vector<uint8_t>> contents;
FileFormat::CIAMeta meta;
};
void InstallCIA(std::filesystem::path content_dir, spdlog::logger& logger, const KeyDatabase& keydb, HLE::PXI::FS::FileContext& file_context, HLE::PXI::FS::File& file) {
auto cia_offset = uint64_t{0};
auto read_file = [&](char* dest, size_t size) {
file.Read(file_context, cia_offset, static_cast<uint32_t>(size), HLE::PXI::FS::FileBufferInHostMemory { dest, static_cast<uint32_t>(size) });
cia_offset += size;
};
auto header = FileFormat::SerializationInterface<FileFormat::CIAHeader>::Load(read_file);
logger.info("CIA header size: {:#x}", header.header_size);
logger.info(" Type: {:#x}", header.type);
logger.info(" Version: {:#x}", header.version);
logger.info(" Certificate chain size: {:#x}", header.certificate_chain_size);
logger.info(" Ticket size: {:#x}", header.ticket_size);
logger.info(" TMD size: {:#x}", header.tmd_size);
logger.info(" Meta size: {:#x}", header.meta_size);
logger.info(" Content size: {:#x}", header.content_size);
if (header.header_size != FileFormat::CIAHeader::Tags::expected_serialized_size + 0x2000 /* content mask size */) {
throw Mikage::Exceptions::NotImplemented("Unexpected CIA header size {:#x}", header.header_size);
}
if (header.version != 0) {
throw Mikage::Exceptions::NotImplemented("Unexpected CIA version {:#x}", header.version);
}
std::vector<uint8_t> content_mask(0x2000);
read_file(reinterpret_cast<char*>(content_mask.data()), content_mask.size());
logger.info(" Content indexes:");
for (auto byte_index : ranges::views::indexes(content_mask)) {
for (int bit_index = 0; bit_index < 8; ++bit_index) {
if (content_mask[byte_index] & (0x80 >> bit_index)) {
logger.info(" {}", byte_index * 8 + bit_index);
}
}
}
// Data sections are aligned to 64 bytes
const auto cert_begin = (header.header_size + 63) & ~uint64_t { 63 };
const auto ticket_begin = cert_begin + ((header.certificate_chain_size + 63) & ~uint64_t { 63 });
const auto tmd_begin = ticket_begin + ((header.ticket_size + 63) & ~uint64_t { 63 });
const auto content_begin = tmd_begin + ((header.tmd_size + 63) & ~uint64_t { 63 });
const auto meta_begin = content_begin + ((header.content_size + 63) & ~uint64_t { 63 });
static_assert(sizeof(meta_begin) == 8);
CIA ret;
// Certificates
cia_offset = cert_begin;
auto& certificates = ret.certificates;
for (auto cert_index : { 0, 1, 2}) {
auto& certificate = certificates[cert_index];
certificate = ParseSignedData<FileFormat::Certificate, FileFormat::Certificate::Data>(read_file);
logger.info("Certificate {}:", cert_index);
logger.info(" Type: {:#x}", certificate.sig.type);
logger.info(" Public key type: {:#x}", certificate.cert.key_type);
logger.info(" Issuer: {:c}", fmt::join(certificate.cert.issuer, ""));
logger.info(" Name: {:c}", fmt::join(certificate.cert.name, ""));
if (certificate.cert.key_type == 0) {
certificate.pubkey.rsa4096 = FileFormat::SerializationInterface<FileFormat::CertificatePublicKey::RSAKey<4096/8>>::Load(read_file);
} else if (certificate.cert.key_type == 1) {
certificate.pubkey.rsa2048 = FileFormat::SerializationInterface<FileFormat::CertificatePublicKey::RSAKey<2048/8>>::Load(read_file);
} else if (certificate.cert.key_type == 1) {
certificate.pubkey.ecc = FileFormat::SerializationInterface<FileFormat::CertificatePublicKey::ECCKey>::Load(read_file);
} else {
throw std::runtime_error("Unknown certificate public key type");
}
}
// Ticket
logger.info("Ticket:");
cia_offset = ticket_begin;
ret.ticket = ParseSignedData<FileFormat::Ticket, FileFormat::Ticket::Data>(read_file);
auto& ticket = ret.ticket;
logger.info(" Signature type: {:#x}", ticket.sig.type);
logger.info(" Issuer: {:c}", fmt::join(ticket.data.issuer, ""));
logger.info(" Format version: {:#x}", ticket.data.version);
logger.info(" Ticket ID: {:#x}", ticket.data.ticket_id);
logger.info(" Console ID: {:#x}", ticket.data.console_id);
logger.info(" Title ID: {:#x}", ticket.data.title_id);
logger.info(" Sys Access: {:#x}", ticket.data.sys_access);
logger.info(" Title version: {:#x}", ticket.data.title_version);
logger.info(" Permit mask: {:#x}", ticket.data.permit_mask);
logger.info(" Title export: {:#x}", ticket.data.title_export);
logger.info(" KeyY index: {:#x}", ticket.data.key_y_index);
for (uint32_t i = 0; i < ticket.data.time_limit.size(); ++i) {
if (ticket.data.time_limit[i].enable) {
logger.info(" Time limit {}: {} seconds", i, ticket.data.time_limit[i].limit_in_seconds);
}
}
logger.info(" Unknown @ 0: {:#x}", ticket.data.unknown[0]);
logger.info(" Unknown @ 1: {:#x}", ticket.data.unknown[1]);
logger.info(" Unknown: {:#x}", ticket.data.unknown2);
for (size_t i = 0; i < ticket.data.unknown3.size(); ++i) {
if (ticket.data.unknown3[i]) {
logger.info(" Unknown3 @ {}: {:#x}", i, ticket.data.unknown3[i]);
}
}
for (size_t i = 0; i < ticket.data.unknown4.size(); ++i) {
if (ticket.data.unknown4[i]) {
logger.info(" Unknown4 @ {}: {:#x}", i, ticket.data.unknown4[i]);
}
}
// TMD
logger.info("TMD: ");
cia_offset = tmd_begin;
ret.tmd = ParseSignedData<FileFormat::TMD, FileFormat::TMD::Data>(read_file);
auto& tmd = ret.tmd;
logger.info(" Signature type: {:#x}", tmd.sig.type);
logger.info(" Issuer: {:c}", fmt::join(tmd.data.issuer, ""));
logger.info(" Version: {:#x}", tmd.data.version);
logger.info(" CA revocation list version: {:#x}", tmd.data.ca_crl_version);
logger.info(" Signer CLR version: {:#x}", tmd.data.ca_crl_version);
logger.info(" System version: {:#x}", tmd.data.system_version);
logger.info(" Title id: {:#x}", tmd.data.title_id);
logger.info(" Title type: {:#x}", tmd.data.title_type);
logger.info(" Group id: {:#x}", tmd.data.group_id);
logger.info(" Save data size: {:#x}", tmd.data.save_data_size);
logger.info(" Private save data size for SRL: {:#x}", tmd.data.srl_private_data_size);
logger.info(" SRL flag: {:#x}", tmd.data.srl_flag);
logger.info(" Access rights: {:#x}", tmd.data.access_rights);
logger.info(" Title version: {:#x}", tmd.data.title_version);
logger.info(" Content count: {:#x}", tmd.data.content_count);
logger.info(" Main content: {:#x}", tmd.data.main_content);
logger.info(" Unknown: {:#x}", tmd.data.unknown);
logger.info(" Unknown2: {:#x}", tmd.data.unknown2);
for (size_t i = 0; i < tmd.data.unknown3.size(); ++i) {
if (tmd.data.unknown3[i]) {
logger.info(" Unknown3 @ {}: {:#x}", i, tmd.data.unknown3[i]);
}
}
logger.info(" Unknown4: {:#x}", tmd.data.unknown4);
// TMD content info
{
// Read raw content infos into memory for hashing first
std::vector<char> content_info_hash_data(FileFormat::TMD::ContentInfoHash::Tags::expected_serialized_size * tmd.content_info_hashes.size());
read_file(content_info_hash_data.data(), content_info_hash_data.size());
// Get content info hash ... hash
CryptoPP::byte contentinfohash_hash[CryptoPP::SHA256::DIGESTSIZE];
CryptoPP::SHA256().CalculateDigest(contentinfohash_hash,
reinterpret_cast<const CryptoPP::byte*>(content_info_hash_data.data()), content_info_hash_data.size());
logger.info(" Reference hash: {:02x}", fmt::join(ret.tmd.data.content_info_records_sha256, ""));
logger.info(" Computed hash: {:02x}", fmt::join(contentinfohash_hash, ""));
if (!ranges::equal(ret.tmd.data.content_info_records_sha256, contentinfohash_hash)) {
throw std::runtime_error("Hash over TMD content info hashes doesn't match reference");
}
auto stream = FileFormat::MakeStreamInFromContainer(content_info_hash_data);
for (auto& content_info_hash : tmd.content_info_hashes) {
content_info_hash = FileFormat::SerializationInterface<FileFormat::TMD::ContentInfoHash>::Load(stream);
}
}
{
std::vector<char> content_info_data(FileFormat::TMD::ContentInfo::Tags::expected_serialized_size * tmd.data.content_count);
read_file(content_info_data.data(), content_info_data.size());
{
std::size_t content_info_index = 0;
for (auto& content_info_hash : tmd.content_info_hashes) {
if (content_info_hash.chunk_count == 0) {
continue;
}
// TODO: Should the given index_offset be used instead of content_info_index?
if (content_info_hash.index_offset != content_info_index) {
throw Mikage::Exceptions::Invalid("Unknown behavior for TMD content info offset");
}
// Hash "chunk_count" content infos
CryptoPP::byte contentinfo_hash[CryptoPP::SHA256::DIGESTSIZE];
auto data_ptr_for_hash = &content_info_data[content_info_index];
uint64_t bytes_to_hash = content_info_hash.chunk_count * FileFormat::TMD::ContentInfo::Tags::expected_serialized_size;
CryptoPP::SHA256().CalculateDigest(contentinfo_hash,
reinterpret_cast<const CryptoPP::byte*>(data_ptr_for_hash), bytes_to_hash);
logger.info(" Hashes covering content info {}-{}:", content_info_hash.index_offset, content_info_hash.index_offset + content_info_hash.chunk_count - 1);
logger.info(" Reference: {:02x}", fmt::join(content_info_hash.sha256, ""));
logger.info(" Computed: {:02x}", fmt::join(contentinfo_hash, ""));
if (!ranges::equal(content_info_hash.sha256, contentinfo_hash)) {
throw std::runtime_error("Hash over TMD content info doesn't match reference");
}
content_info_index += content_info_hash.chunk_count;
}
}
tmd.content_infos.resize(tmd.data.content_count);
auto stream = FileFormat::MakeStreamInFromContainer(content_info_data);
uint64_t total_content_size = 0;
for (const auto& content_info_index : ranges::views::indexes(tmd.content_infos)) {
logger.info(" Content info {}", content_info_index);
auto& content_info = tmd.content_infos[content_info_index];
content_info = FileFormat::SerializationInterface<FileFormat::TMD::ContentInfo>::Load(stream);
logger.info(" Index: {}", content_info.index);
logger.info(" Id: {}", content_info.id);
logger.info(" Size: {:#x}", content_info.size);
logger.info(" Flags:{}", content_info.type == 0 ? " (none)" : "");
if (content_info.type & 1) {
logger.info(" encrypted");
}
if (content_info.type > 1) {
logger.info(" unknown ({:#x})", content_info.type);
}
if ((content_info.index / 8 > content_mask.size()) ||
(content_mask[content_info.index / 8] & (~content_info.index % 8)) == 0) {
throw Mikage::Exceptions::Invalid("TMD content index not present in CIA content mask");
}
total_content_size += content_info.size;
}
if (total_content_size != header.content_size) {
throw Mikage::Exceptions::Invalid("Sum of TMD content sizes doesn't match CIA content size");
}
}
if (cia_offset != tmd_begin + header.tmd_size) {
throw Mikage::Exceptions::Invalid("TMD ended at unexpected offset");
}
// Content
logger.info("Content:");
cia_offset = content_begin;
for (const auto& content_info : ret.tmd.content_infos) {
std::vector<uint8_t> ncch(content_info.size);
read_file(reinterpret_cast<char*>(ncch.data()), ncch.size());
if (content_info.type & 1) {
CryptoPP::CBC_Mode<CryptoPP::AES>::Decryption dec;
// Decrypt title key using common key
auto title_key = ret.ticket.data.title_key_encrypted;
{
const auto& common_key_x = keydb.aes_slots[0x3d].x.value();
const auto& common_key_y = keydb.common_y.at(ret.ticket.data.key_y_index).value();
auto common_key = HLE::PXI::GenerateAESKey(common_key_x, common_key_y);
// IV is the title ID encoded as big-endian
std::array<uint8_t, 0x10> iv {};
memcpy(iv.data(), &ret.ticket.data.title_id, sizeof(ret.ticket.data.title_id));
std::reverse(iv.begin(), iv.begin() + sizeof(ret.ticket.data.title_id));
dec.SetKeyWithIV(common_key.data(), sizeof(common_key), iv.data());
dec.ProcessData(reinterpret_cast<CryptoPP::byte*>(title_key.data()), reinterpret_cast<const CryptoPP::byte*>(title_key.data()), title_key.size());
}
// Decrypt content using decrypted title key
{
// IV is the content ID encoded as big-endian
std::array<uint8_t, 0x10> iv {};
memcpy(iv.data(), &content_info.index, sizeof(content_info.index));
std::reverse(iv.begin(), iv.begin() + sizeof(content_info.index));
dec.SetKeyWithIV(title_key.data(), sizeof(title_key), iv.data());
dec.ProcessData(reinterpret_cast<CryptoPP::byte*>(ncch.data()), reinterpret_cast<const CryptoPP::byte*>(ncch.data()), ncch.size());
}
}
CryptoPP::byte content_hash[CryptoPP::SHA256::DIGESTSIZE];
CryptoPP::SHA256().CalculateDigest(content_hash,
reinterpret_cast<const CryptoPP::byte*>(ncch.data()), ncch.size());
logger.info(" Reference content hash: {:02x}", fmt::join(content_info.sha256, ""));
logger.info(" Computed content hash: {:02x}", fmt::join(content_hash, ""));
if (!ranges::equal(content_info.sha256, content_hash)) {
throw std::runtime_error("Content hash doesn't match TMD");
}
ret.contents.push_back(std::move(ncch));
}
logger.info("Beginning install...\n");
uint32_t title_id_high = ret.ticket.data.title_id >> 32;
uint32_t title_id_low = ret.ticket.data.title_id & 0xffffffff;
content_dir /= fmt::format("{:08x}/{:08x}/content", title_id_high, title_id_low);
std::filesystem::create_directories(content_dir);
// // TODO: Implement TMD writing
// {
// // TODO: If a TMD already exists, remove it and use its incremented number here
// std::ofstream file(content_dir / fmt::format("{:x}.tmd", 0));
// }
for (auto content_index = 0; content_index < ret.contents.size(); ++content_index) {
const auto& ncch = ret.contents[content_index];
const auto& content_info = ret.tmd.content_infos.at(content_index);
std::ofstream out_file(content_dir / fmt::format("{:08x}.cxi", content_info.id));
out_file.write(reinterpret_cast<const char*>(ncch.data()), ncch.size());
// To simplify title launching, we always boot from 00000000.cxi currently.
// Copy the main title to that location hence
// TODO: Read TMD when launching titles instead
if (content_index == ret.tmd.data.main_content) {
if (content_info.id != 0) {
std::filesystem::copy(content_dir / fmt::format("{:08x}.cxi", content_info.id), content_dir / fmt::format("00000000.cxi"), std::filesystem::copy_options::overwrite_existing);
}
} else if (content_info.id == 0) {
throw Mikage::Exceptions::NotImplemented("Content id 0 expected to be the main content");
}
}
// TODO: If title id is native firm, extract its files...
// // Meta
// file.seekg(meta_begin);
// strbuf_it = std::istreambuf_iterator<char>(file.rdbuf());
// stream = FileFormat::MakeStreamInFromContainer(strbuf_it, decltype(strbuf_it){});
// ret.meta = FileFormat::Load<FileFormat::CIAMeta>(stream);
// for (auto& title_id : ret.meta.dependencies) {
// if (!title_id)
// continue;
// std::cout << "Dependency: " << std::hex << std::setw(16) << std::setfill('0') << title_id << std::endl;
// }
logger.info("");
}
Reference in a new issue View git blame Copy permalink