Updated the crypto engine:

- Updated AES and SHA-1 source code; - Fixed a few code warnings; - Implemented EDAT/SDAT decryption. Started SPURS implementation: - Added an internal SPURSManager class draft; - Added several drafts for cellSpurs functions. Implemented key.edat decryption in sceNpDrmIsAvailable: - NOTE: Currently, the decrypted key.edat is stored under dev_hdd1/titleID and the user must replace this file in dev_hdd0. This behavior will change in the future as it's currently intended for controlled testing only.
RPCS3 · Mar 30, 2014 · 196c2ff · 196c2ff
1 parent e6aa1a9
commit 196c2ff
Show file tree

Hide file tree

Showing 20 changed files with 2,891 additions and 821 deletions.
diff --git a/rpcs3/Crypto/aes.cpp b/rpcs3/Crypto/aes.cpp
diff --git a/rpcs3/Crypto/aes.h b/rpcs3/Crypto/aes.h
@@ -3,7 +3,7 @@
  *
  * \brief AES block cipher
  *
- *  Copyright (C) 2006-2010, Brainspark B.V.
+ *  Copyright (C) 2006-2013, Brainspark B.V.
  *
  *  This file is part of PolarSSL (http://www.polarssl.org)
  *  Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@@ -24,25 +24,32 @@
  *  with this program; if not, write to the Free Software Foundation, Inc.,
  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  */
-#ifndef POLARSSL_AES_H
-#define POLARSSL_AES_H
-
 #include <string.h>
 
+#ifdef _MSC_VER
+#include <basetsd.h>
+typedef UINT32 uint32_t;
+#else
+#include <inttypes.h>
+#endif
+
 #define AES_ENCRYPT     1
 #define AES_DECRYPT     0
 
 #define POLARSSL_ERR_AES_INVALID_KEY_LENGTH                -0x0020  /**< Invalid key length. */
 #define POLARSSL_ERR_AES_INVALID_INPUT_LENGTH              -0x0022  /**< Invalid data input length. */
 
+// Regular implementation
+//
+
 /**
  * \brief          AES context structure
  */
 typedef struct
 {
     int nr;                     /*!<  number of rounds  */
-    unsigned long *rk;          /*!<  AES round keys    */
-    unsigned long buf[68];      /*!<  unaligned data    */
+    uint32_t *rk;               /*!<  AES round keys    */
+    uint32_t buf[68];           /*!<  unaligned data    */
 }
 aes_context;
 
@@ -108,7 +115,33 @@ int aes_crypt_cbc( aes_context *ctx,
                     const unsigned char *input,
                     unsigned char *output );
 
-/*
+/**
+ * \brief          AES-CFB128 buffer encryption/decryption.
+ *
+ * Note: Due to the nature of CFB you should use the same key schedule for
+ * both encryption and decryption. So a context initialized with
+ * aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT.
+ *
+ * both 
+ * \param ctx      AES context
+ * \param mode     AES_ENCRYPT or AES_DECRYPT
+ * \param length   length of the input data
+ * \param iv_off   offset in IV (updated after use)
+ * \param iv       initialization vector (updated after use)
+ * \param input    buffer holding the input data
+ * \param output   buffer holding the output data
+ *
+ * \return         0 if successful
+ */
+int aes_crypt_cfb128( aes_context *ctx,
+                       int mode,
+                       size_t length,
+                       size_t *iv_off,
+                       unsigned char iv[16],
+                       const unsigned char *input,
+                       unsigned char *output );
+
+/**
  * \brief               AES-CTR buffer encryption/decryption
  *
  * Warning: You have to keep the maximum use of your counter in mind!
@@ -137,8 +170,8 @@ int aes_crypt_ctr( aes_context *ctx,
                        const unsigned char *input,
                        unsigned char *output );
 
+void aes_cmac(aes_context *ctx, int length, unsigned char *input, unsigned char *output);
+
 #ifdef __cplusplus
 }
-#endif
-
-#endif /* aes.h */
+#endif
diff --git a/rpcs3/Crypto/key_vault.cpp b/rpcs3/Crypto/key_vault.cpp
@@ -682,7 +682,7 @@ SELF_KEY KeyVault::GetSelfLV1Key(u64 version)
 {
 	SELF_KEY key(0, 0, 0, "", "", "", "", 0);
 
-	for(int i = 0; i < sk_LV1_arr.GetCount(); i++)
+	for(unsigned int i = 0; i < sk_LV1_arr.GetCount(); i++)
 	{
 		if (sk_LV1_arr[i].version == version)
 		{
@@ -698,7 +698,7 @@ SELF_KEY KeyVault::GetSelfLV2Key(u64 version)
 {
 	SELF_KEY key(0, 0, 0, "", "", "", "", 0);
 
-	for(int i = 0; i < sk_LV2_arr.GetCount(); i++)
+	for(unsigned int i = 0; i < sk_LV2_arr.GetCount(); i++)
 	{
 		if (sk_LV2_arr[i].version == version)
 		{
@@ -714,7 +714,7 @@ SELF_KEY KeyVault::GetSelfISOKey(u16 revision, u64 version)
 {
 	SELF_KEY key(0, 0, 0, "", "", "", "", 0);
 
-	for(int i = 0; i < sk_ISO_arr.GetCount(); i++)
+	for(unsigned int i = 0; i < sk_ISO_arr.GetCount(); i++)
 	{
 		if ((sk_ISO_arr[i].version == version) &&
 			(sk_ISO_arr[i].revision == revision))
@@ -731,7 +731,7 @@ SELF_KEY KeyVault::GetSelfAPPKey(u16 revision)
 {
 	SELF_KEY key(0, 0, 0, "", "", "", "", 0);
 
-	for(int i = 0; i < sk_APP_arr.GetCount(); i++)
+	for(unsigned int i = 0; i < sk_APP_arr.GetCount(); i++)
 	{
 		if (sk_APP_arr[i].revision == revision)
 		{
@@ -747,7 +747,7 @@ SELF_KEY KeyVault::GetSelfUNK7Key(u64 version)
 {
 	SELF_KEY key(0, 0, 0, "", "", "", "", 0);
 
-	for(int i = 0; i < sk_UNK7_arr.GetCount(); i++)
+	for(unsigned int i = 0; i < sk_UNK7_arr.GetCount(); i++)
 	{
 		if (sk_UNK7_arr[i].version == version)
 		{
@@ -763,7 +763,7 @@ SELF_KEY KeyVault::GetSelfNPDRMKey(u16 revision)
 {
 	SELF_KEY key(0, 0, 0, "", "", "", "", 0);
 
-	for(int i = 0; i < sk_NPDRM_arr.GetCount(); i++)
+	for(unsigned int i = 0; i < sk_NPDRM_arr.GetCount(); i++)
 	{
 		if (sk_NPDRM_arr[i].revision == revision)
 		{
@@ -831,8 +831,8 @@ u8 *KeyVault::GetKlicenseeKey()
 {
 	return klicensee_key;
 }
-
-void KeyVault::RapToRif(unsigned char* rap, unsigned char* rif)
+
+void rap_to_rif(unsigned char* rap, unsigned char* rif)
 {
 	int i;
 	int round;

diff --git a/rpcs3/Crypto/key_vault.h b/rpcs3/Crypto/key_vault.h
@@ -1,5 +1,4 @@
 #pragma once
-#include "aes.h"
 #include "utils.h"
 
 enum SELF_KEY_TYPE {
@@ -36,41 +35,85 @@ struct SELF_KEY {
 	}
 };
 
-static const u8 PKG_AES_KEY[0x10] = {
+static u8 PKG_AES_KEY[0x10] = {
 	0x2e, 0x7b, 0x71, 0xd7, 0xc9, 0xc9, 0xa1, 0x4e, 0xa3, 0x22, 0x1f, 0x18, 0x88, 0x28, 0xb8, 0xf8
 };
 
-static const u8 NP_IDPS[0x10] = {
+static u8 NP_IDPS[0x10] = {
 	0x5E, 0x06, 0xE0, 0x4F, 0xD9, 0x4A, 0x71, 0xBF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
 };
 
-static const u8 NP_KLIC_FREE[0x10] = {
+static u8 NP_KLIC_FREE[0x10] = {
 	0x72, 0xF9, 0x90, 0x78, 0x8F, 0x9C, 0xFF, 0x74, 0x57, 0x25, 0xF0, 0x8E, 0x4C, 0x12, 0x83, 0x87
 };
 
-static const u8 NP_KLIC_KEY[0x10] = {
+static u8 NP_OMAC_KEY_2[0x10] = {
+	0x6B, 0xA5, 0x29, 0x76, 0xEF, 0xDA, 0x16, 0xEF, 0x3C, 0x33, 0x9F, 0xB2, 0x97, 0x1E, 0x25, 0x6B
+};
+
+static u8 NP_OMAC_KEY_3[0x10] = {
+	0x9B, 0x51, 0x5F, 0xEA, 0xCF, 0x75, 0x06, 0x49, 0x81, 0xAA, 0x60, 0x4D, 0x91, 0xA5, 0x4E, 0x97
+};
+
+static u8 NP_KLIC_KEY[0x10] = {
 	0xF2, 0xFB, 0xCA, 0x7A, 0x75, 0xB0, 0x4E, 0xDC, 0x13, 0x90, 0x63, 0x8C, 0xCD, 0xFD, 0xD1, 0xEE
 };
 
-static const u8 NP_RIF_KEY[0x10] = {
+static u8 NP_RIF_KEY[0x10] = {
 	0xDA, 0x7D, 0x4B, 0x5E, 0x49, 0x9A, 0x4F, 0x53, 0xB1, 0xC1, 0xA1, 0x4A, 0x74, 0x84, 0x44, 0x3B
 };
 
-static const u8 RAP_KEY[0x10] = {
+static u8 NP_PSP_KEY_1[0x10] = {
+	0x2A, 0x6A, 0xFB, 0xCF, 0x43, 0xD1, 0x57, 0x9F, 0x7D, 0x73, 0x87, 0x41, 0xA1, 0x3B, 0xD4, 0x2E
+};
+
+static u8 NP_PSP_KEY_2[0x10] = {
+	0x0D, 0xB8, 0x57, 0x32, 0x36, 0x6C, 0xD7, 0x34, 0xFC, 0x87, 0x9E, 0x74, 0x33, 0x43, 0xBB, 0x4F
+};
+
+static u8 NP_PSX_KEY[0x10] = {
+	0x52, 0xC0, 0xB5, 0xCA, 0x76, 0xD6, 0x13, 0x4B, 0xB4, 0x5F, 0xC6, 0x6C, 0xA6, 0x37, 0xF2, 0xC1
+};
+
+static u8 RAP_KEY[0x10] = {
 	0x86, 0x9F, 0x77, 0x45, 0xC1, 0x3F, 0xD8, 0x90, 0xCC, 0xF2, 0x91, 0x88, 0xE3, 0xCC, 0x3E, 0xDF
 };
 
-static const u8 RAP_PBOX[0x10] = {
+static u8 RAP_PBOX[0x10] = {
 	0x0C, 0x03, 0x06, 0x04, 0x01, 0x0B, 0x0F, 0x08, 0x02, 0x07, 0x00, 0x05, 0x0A, 0x0E, 0x0D, 0x09
 };
 
-static const u8 RAP_E1[0x10] = {
+static u8 RAP_E1[0x10] = {
 	0xA9, 0x3E, 0x1F, 0xD6, 0x7C, 0x55, 0xA3, 0x29, 0xB7, 0x5F, 0xDD, 0xA6, 0x2A, 0x95, 0xC7, 0xA5
 };
 
-static const u8 RAP_E2[0x10] = {
+static u8 RAP_E2[0x10] = {
 	0x67, 0xD4, 0x5D, 0xA3, 0x29, 0x6D, 0x00, 0x6A, 0x4E, 0x7C, 0x53, 0x7B, 0xF5, 0x53, 0x8C, 0x74
 };
+
+static u8 SDAT_KEY[0x10] = {
+	0x0D, 0x65, 0x5E, 0xF8, 0xE6, 0x74, 0xA9, 0x8A, 0xB8, 0x50, 0x5C, 0xFA, 0x7D, 0x01, 0x29, 0x33
+};
+
+static u8 EDAT_KEY_0[0x10] = {
+	0xBE, 0x95, 0x9C, 0xA8, 0x30, 0x8D, 0xEF, 0xA2, 0xE5, 0xE1, 0x80, 0xC6, 0x37, 0x12, 0xA9, 0xAE
+};
+
+static u8 EDAT_HASH_0[0x10] = {
+	0xEF, 0xFE, 0x5B, 0xD1, 0x65, 0x2E, 0xEB, 0xC1, 0x19, 0x18, 0xCF, 0x7C, 0x04, 0xD4, 0xF0, 0x11
+};
+
+static u8 EDAT_KEY_1[0x10] = {
+	0x4C, 0xA9, 0xC1, 0x4B, 0x01, 0xC9, 0x53, 0x09, 0x96, 0x9B, 0xEC, 0x68, 0xAA, 0x0B, 0xC0, 0x81
+};
+
+static u8 EDAT_HASH_1[0x10] = {
+	0x3D, 0x92, 0x69, 0x9B, 0x70, 0x5B, 0x07, 0x38, 0x54, 0xD8, 0xFC, 0xC6, 0xC7, 0x67, 0x27, 0x47
+};
+
+static u8 EDAT_IV[0x10] = {
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+};
 
 class KeyVault
 {
@@ -89,7 +132,6 @@ class KeyVault
 	SELF_KEY FindSelfKey(u32 type, u16 revision, u64 version);
 	void SetKlicenseeKey(u8 *key);
 	u8 *GetKlicenseeKey();
-	void RapToRif(unsigned char* rap, unsigned char* rif);
 
 private:	
 	void LoadSelfLV0Keys();
@@ -108,4 +150,7 @@ class KeyVault
 	SELF_KEY GetSelfAPPKey(u16 revision);
 	SELF_KEY GetSelfUNK7Key(u64 version);
 	SELF_KEY GetSelfNPDRMKey(u16 revision);
-};
+};
+
+// RAP to RIF function.
+void rap_to_rif(unsigned char* rap, unsigned char* rif);