Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add encrypted CIA support #4181

Merged
merged 3 commits into from Oct 1, 2018

Conversation

Projects
None yet
3 participants
@wwylele
Copy link
Member

wwylele commented Sep 4, 2018

To use this, you need to provide all related keys and put them in sysdata/aes_keys.txt. The minimum key requirement are generator, slot0x3DKeyX, and common0 and/or common1 (depending on different CIAs). Without sufficient keys, CIA installation would prompt the encrypted ROM error as before.

The AES key engine is modified to support additional key set common0...common5, which are 6 alternative common keys for slot0x3DKeyY. CIA specifies which one to use in its ticket.

TMDSignatureType and GetSignatureSize are moved to cia_common.h as they are shared by TMD and ticket.

The function signature of CIAFile::WriteTitleMetadata is changed to eliminate unused variables.

The decryption process assumes that all content data is streamed into the buffer without random access, which is also a requirement of CBC mode decryption.


This change is Reviewable

@@ -88,6 +88,9 @@ class CIAFile final : public FileSys::FileBackend {
std::vector<u8> data;
std::vector<u64> content_written;
Service::FS::MediaType media_type;

class DecryptionState;
std::unique_ptr<DecryptionState> decryption_state;

This comment has been minimized.

Copy link
@wwylele

wwylele Sep 4, 2018

Author Member

pImpl is specifically used for decryption state because it includes CryptoPP states. Including it in the header would require core to expose cryptopp in public because citra-qt includes this header. To avoid massive diff I didn't move all members into pImpl, but if that is preferred I can change it.

@wwylele wwylele force-pushed the wwylele:cia-crypto branch from 6382999 to 2a68dd3 Sep 7, 2018

@wwylele

This comment has been minimized.

Copy link
Member Author

wwylele commented Sep 21, 2018

... any review?

return 0x3C;
}

return 0;

This comment has been minimized.

Copy link
@B3n30

B3n30 Sep 22, 2018

Contributor

Is this UNREACHABLE?

This comment has been minimized.

Copy link
@wwylele

wwylele Sep 22, 2018

Author Member

This function was moved without touching. Will fix


Loader::ResultStatus Ticket::Load(const std::vector<u8> file_data, std::size_t offset) {
std::size_t total_size = static_cast<size_t>(file_data.size() - offset);
if (total_size < sizeof(u32_be))

This comment has been minimized.

Copy link
@B3n30

B3n30 Sep 22, 2018

Contributor

Isn‘t sizeof(u32) sufficient here. Especially since you later use it anyway?

This comment has been minimized.

Copy link
@wwylele

wwylele Sep 22, 2018

Author Member

The code style was copied from TitleMetadata::Load.

@@ -25,26 +25,26 @@ struct KeySlot {
boost::optional<AESKey> y;
boost::optional<AESKey> normal;

void SetKeyX(const AESKey& key) {
void SetKeyX(boost::optional<AESKey> key) {

This comment has been minimized.

Copy link
@B3n30

B3n30 Sep 22, 2018

Contributor

why optional in setters? This should always contain a value when called

This comment has been minimized.

Copy link
@wwylele

wwylele Sep 22, 2018

Author Member

SetKeyX/Y(boost::none) would reset to the key slot to the invalid state. This is important for the CIA key slot because its key Y is selected from an additional key set, which can be incomplete depending on how user supply it. If an invalid key is selected from that key set, then this key slot need to be reset to invalid too.

A good API style might say I should have separate SetKey and ResetKey method. But this function is only for internal use, and having separate interface would introduce unnecessary if-else boilerplate.

@wwylele wwylele force-pushed the wwylele:cia-crypto branch from 2a68dd3 to 9668852 Sep 23, 2018

@Subv

Subv approved these changes Oct 1, 2018

@wwylele wwylele merged commit 5fb3137 into citra-emu:master Oct 1, 2018

2 checks passed

continuous-integration/appveyor/pr AppVeyor build succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@wwylele wwylele deleted the wwylele:cia-crypto branch Oct 15, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.