Fix the f_mkdir fix

Fix bad f_mkdir check skipping file save
Bump version to v1.6.2
2019-10-15 11:14:14 -06:00 · 2019-10-15 11:11:47 -06:00 · 2019-10-15 10:26:42 -06:00 · 2019-10-15 10:25:20 -06:00 · 2019-10-07 13:18:14 -06:00 · 2019-10-06 18:41:20 -06:00
5 changed files with 66 additions and 29 deletions
--- a/2
+++ b/2
@ -11,7 +11,7 @@ include $(DEVKITARM)/base_rules
 IPL_LOAD_ADDR := 0x40003000
 LPVERSION_MAJOR := 1
 LPVERSION_MINOR := 6
-LPVERSION_BUGFX := 1
+LPVERSION_BUGFX := 3

 ################################################################################

--- a/source/hos/pkg1.c
+++ b/source/hos/pkg1.c
@ -33,9 +33,9 @@ static const pkg1_id_t _pkg1_ids[] = {
 	{ "20181107105733", 6 }, //6.2.0
 	{ "20181218175730", 7 }, //7.0.0
 	{ "20190208150037", 7 }, //7.0.1
-	{ "20190314172056", 7 }, //8.0.0
+	{ "20190314172056", 7 }, //8.0.0 - 8.0.1
 	{ "20190531152432", 8 }, //8.1.0
-	{ "20190809135709", 9 }, //9.0.0
+	{ "20190809135709", 9 }, //9.0.0 - 9.0.1
 	{ NULL } //End.
 };

--- a/source/keys/key_sources.inl
+++ b/source/keys/key_sources.inl
@ -110,7 +110,7 @@ static const u8 bis_key_source[3][0x20] = {
        0x4D, 0x12, 0xE1, 0x4B, 0x2A, 0x47, 0x4C, 0x1C, 0x09, 0xCB, 0x03, 0x59, 0xF0, 0x15, 0xF4, 0xE4}
 };

-static const u8 fs_hashes_sha256[10][0x20] = {
+static const u8 fs_hashes_sha256[13][0x20] = {
    { // header_kek_source
        0x18, 0x88, 0xca, 0xed, 0x55, 0x51, 0xb3, 0xed, 0xe0, 0x14, 0x99, 0xe8, 0x7c, 0xe0, 0xd8, 0x68,
        0x27, 0xf8, 0x08, 0x20, 0xef, 0xb2, 0x75, 0x92, 0x10, 0x55, 0xaa, 0x4e, 0x2a, 0xbd, 0xff, 0xc2},
@ -132,6 +132,15 @@ static const u8 fs_hashes_sha256[10][0x20] = {
    { // save_mac_key_source
        0xB4, 0x7B, 0x60, 0x0B, 0x1A, 0xD3, 0x14, 0xF9, 0x41, 0x14, 0x7D, 0x8B, 0x39, 0x1D, 0x4B, 0x19,
        0x87, 0xCC, 0x8C, 0x88, 0x4A, 0xC8, 0x9F, 0xFC, 0x91, 0xCA, 0xE2, 0x21, 0xC5, 0x24, 0x51, 0xF7},
+    { // save_mac_sd_card_kek_source
+        0x60, 0x1a, 0x60, 0xbe, 0x13, 0xf6, 0x3e, 0xda, 0xec, 0xcc, 0x96, 0x7f, 0x27, 0xa3, 0xa3, 0x64,
+        0x65, 0xcb, 0xe8, 0xf0, 0x29, 0xf0, 0xc4, 0x14, 0xb2, 0x36, 0x6a, 0x8b, 0x8a, 0x0f, 0x13, 0x00},
+    { // save_mac_sd_card_key_source        
+        0xc2, 0x22, 0x0a, 0x38, 0xb6, 0x87, 0x2b, 0x63, 0xee, 0x77, 0xac, 0x8c, 0x28, 0x24, 0x7a, 0x44,
+        0x02, 0xe6, 0xdd, 0x85, 0x24, 0x8b, 0x41, 0x9a, 0x6f, 0x9b, 0x17, 0x93, 0xc0, 0x50, 0x3f, 0x21},
+    { // sd_card_custom_storage_key_source
+        0x6b, 0x8f, 0xd2, 0x6c, 0x76, 0x5b, 0x7c, 0x67, 0x70, 0x0c, 0x68, 0x54, 0x90, 0x8e, 0xbe, 0x88,
+        0x45, 0xb0, 0x55, 0xa6, 0xbb, 0xbb, 0xea, 0x0c, 0x06, 0x3a, 0x85, 0x04, 0x12, 0xd4, 0xca, 0x53},
    { // sd_card_kek_source
        0x6B, 0x2E, 0xD8, 0x77, 0xC2, 0xC5, 0x23, 0x34, 0xAC, 0x51, 0xE5, 0x9A, 0xBF, 0xA7, 0xEC, 0x45,
        0x7F, 0x4A, 0x7D, 0x01, 0xE4, 0x62, 0x91, 0xE9, 0xF2, 0xEA, 0xA4, 0x5F, 0x01, 0x1D, 0x24, 0xB7},
--- a/source/keys/keys.c
+++ b/source/keys/keys.c
@ -95,7 +95,7 @@ void dump_keys() {
        new_device_key[0x10] = {0},
        sd_seed[0x10] = {0},
        // FS-related keys
-        fs_keys[10][0x20] = {0},
+        fs_keys[13][0x20] = {0},
        header_key[0x20] = {0},
        save_mac_key[0x10] = {0},
        // other sysmodule sources
@ -175,7 +175,8 @@ void dump_keys() {
    if (pkg1_id->kb >= KB_FIRMWARE_VERSION_700) {
        sd_mount();
        if (!f_stat("sd:/sept/payload.bak", NULL)) {
-            f_unlink("sd:/sept/payload.bin");
+            if (f_unlink("sd:/sept/payload.bin"))
+                gfx_printf("%kNote: no payload.bin already in /sept\n", colors[(color_idx++) % 6]);
            f_rename("sd:/sept/payload.bak", "sd:/sept/payload.bin");
        }

@ -188,16 +189,27 @@ void dump_keys() {
                goto get_tsec;
            }
            // backup post-reboot payload
-            if (!f_stat("sd:/sept/payload.bin", NULL))
-                f_rename("sd:/sept/payload.bin", "sd:/sept/payload.bak");
+            if (!f_stat("sd:/sept/payload.bin", NULL)) {
+                if (f_rename("sd:/sept/payload.bin", "sd:/sept/payload.bak")) {
+                    EPRINTF("Unable to backup payload.bin.");
+                    goto out_wait;
+                }
+            }
            // write self to payload.bin to run again when sept finishes
-            f_open(&fp, "sd:/sept/payload.bin", FA_CREATE_NEW | FA_WRITE);
            u32 payload_size = *(u32 *)(IPL_LOAD_ADDR + 0x84) - IPL_LOAD_ADDR;
-            f_write(&fp, (u8 *)IPL_LOAD_ADDR, payload_size, NULL);
+            if (f_open(&fp, "sd:/sept/payload.bin", FA_CREATE_NEW | FA_WRITE)) {
+                EPRINTF("Unable to open /sept/payload.bin to write.");
+                goto out_wait;
+            }
+            if (f_write(&fp, (u8 *)IPL_LOAD_ADDR, payload_size, NULL)) {
+                EPRINTF("Unable to write self to /sept/payload.bin.");
+                f_close(&fp);
+                goto out_wait;
+            }
            f_close(&fp);
            gfx_printf("%k\nFirmware 7.x or higher detected.\n\n", colors[(color_idx++) % 6]);
            gfx_printf("%kRenamed /sept/payload.bin", colors[(color_idx++) % 6]);
-            gfx_printf("\n     to /sept/payload.bak\n\n", colors[(color_idx++) % 6]);
+            gfx_printf("\n     to /sept/payload.bak\n\n");
            gfx_printf("%kCopied self to /sept/payload.bin\n", colors[(color_idx++) % 6]);
            sdmmc_storage_end(&storage);
            if (!reboot_to_sept((u8 *)tsec_ctxt.fw, tsec_ctxt.size, pkg1_id->kb))
@ -435,9 +447,9 @@ get_tsec: ;
    pkg2_decompress_kip(ki, 2 | 4); // we only need .rodata and .data
    TPRINTFARGS("%kDecompress FS...", colors[(color_idx++) % 6]);

-    u8  hash_index = 0, hash_max = 9, hash_order[10],
-        key_lengths[10] = {0x10, 0x20, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x20, 0x20};
-    u32 start_offset = 0, hks_offset_from_end = ki->kip1->sections[2].size_decomp, alignment = 1;
+    u8  hash_index = 0, hash_max = 11, hash_order[13],
+        key_lengths[13] = {0x10, 0x20, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x20, 0x10, 0x20, 0x20};
+    u32 start_offset = 0, hks_offset_from_end = ki->kip1->sections[2].size_decomp, alignment = 0x10;

    // the FS keys appear in different orders
    if (!memcmp(pkg1_id->id, "2016", 4)) {
@ -448,16 +460,13 @@ get_tsec: ;
        hash_index = 1;
        start_offset = 0x1b517;
        hks_offset_from_end = 0x125bc2;
-        alignment = 0x10;
        u8 temp[7] = {2, 3, 4, 0, 5, 6, 1};
        memcpy(hash_order, temp, 7);
    } else {
        // 2.0.0 - 8.0.0
-        alignment = 0x40;
        switch (pkg1_id->kb) {
        case KB_FIRMWARE_VERSION_100_200:
            start_offset = 0x1d226;
-            alignment = 0x10;
            hks_offset_from_end -= 0x26fe;
            break;
        case KB_FIRMWARE_VERSION_300:
@ -475,7 +484,6 @@ get_tsec: ;
        case KB_FIRMWARE_VERSION_500:
            start_offset = 0x1f3b4;
            hks_offset_from_end -= 0x465b;
-            alignment = 0x20;
            break;
        case KB_FIRMWARE_VERSION_600:
        case KB_FIRMWARE_VERSION_620:
@ -497,11 +505,15 @@ get_tsec: ;
        }

        if (pkg1_id->kb <= KB_FIRMWARE_VERSION_500) {
-            u8 temp[10] = {2, 3, 4, 0, 5, 7, 9, 8, 6, 1};
-            memcpy(hash_order, temp, 10);
+            u8 temp[12] = {2, 3, 4, 0, 5, 7, 10, 12, 11, 6, 8, 1};
+            memcpy(hash_order, temp, 12);
+        } else if (pkg1_id->kb <= KB_FIRMWARE_VERSION_620) {
+            u8 temp[12] = {6, 5, 10, 7, 8, 2, 3, 4, 0, 12, 11, 1};
+            memcpy(hash_order, temp, 12);
        } else {
-            u8 temp[10] = {6, 5, 7, 2, 3, 4, 0, 9, 8, 1};
-            memcpy(hash_order, temp, 10);
+            u8 temp[13] = {6, 5, 10, 7, 8, 2, 3, 4, 0, 12, 11, 9, 1};
+            memcpy(hash_order, temp, 13);
+            hash_max = 12;
        }
    }

@ -959,7 +971,8 @@ dismount:
    nx_emmc_gpt_free(&gpt);

 key_output: ;
-    char *text_buffer = (char *)calloc(1, _titlekey_count * 68 < 0x3000 ? 0x3000 : _titlekey_count * 68 + 1);
+    u32 text_buffer_size = _titlekey_count * 68 < 0x3000 ? 0x3000 : _titlekey_count * 68 + 1;
+    char *text_buffer = (char *)calloc(1, text_buffer_size);

    SAVE_KEY("aes_kek_generation_source", aes_kek_generation_source, 0x10);
    SAVE_KEY("aes_key_generation_source", aes_key_generation_source, 0x10);
@ -1002,9 +1015,12 @@ key_output: ;
    SAVE_KEY("save_mac_kek_source", fs_keys[5], 0x10);
    SAVE_KEY("save_mac_key", save_mac_key, 0x10);
    SAVE_KEY("save_mac_key_source", fs_keys[6], 0x10);
-    SAVE_KEY("sd_card_kek_source", fs_keys[7], 0x10);
-    SAVE_KEY("sd_card_nca_key_source", fs_keys[8], 0x20);
-    SAVE_KEY("sd_card_save_key_source", fs_keys[9], 0x20);
+    SAVE_KEY("save_mac_sd_card_kek_source", fs_keys[7], 0x10);
+    SAVE_KEY("save_mac_sd_card_key_source", fs_keys[8], 0x10);
+    SAVE_KEY("sd_card_custom_storage_key_source", fs_keys[9], 0x20);
+    SAVE_KEY("sd_card_kek_source", fs_keys[10], 0x10);
+    SAVE_KEY("sd_card_nca_key_source", fs_keys[11], 0x20);
+    SAVE_KEY("sd_card_save_key_source", fs_keys[12], 0x20);
    SAVE_KEY("sd_seed", sd_seed, 0x10);
    SAVE_KEY("secure_boot_key", sbk, 0x10);
    SAVE_KEY("ssl_rsa_kek", ssl_rsa_kek, 0x10);
@ -1023,7 +1039,12 @@ key_output: ;
    gfx_printf("%kLockpick totally done in %d us\n\n", colors[(color_idx++) % 6], end_time - begin_time);
    gfx_printf("%kFound through master_key_%02x.\n\n", colors[(color_idx++) % 6], MAX_KEY - 1);

-    f_mkdir("sd:/switch");
+    FRESULT dir_rc = FR_OK;
+    dir_rc = f_mkdir("sd:/switch");
+    if (dir_rc != FR_EXIST && dir_rc != FR_OK) {
+        EPRINTF("Unable to create /switch folder on SD.\nNo keyfiles written.");
+        goto free_buffers;
+    }
    char keyfile_path[30] = "sd:/switch/";
    if (!(fuse_read_odm(4) & 3))
        sprintf(&keyfile_path[11], "prod.keys");
@ -1035,8 +1056,8 @@ key_output: ;
        EPRINTF("Unable to save keys to SD.");

    if (_titlekey_count == 0)
-        goto out_wait;
-    memset(text_buffer, 0, _titlekey_count * 68 + 1);
+        goto free_buffers;
+    memset(text_buffer, 0, text_buffer_size);
    for (u32 i = 0; i < _titlekey_count; i++) {
        for (u32 j = 0; j < 0x10; j++)
            sprintf(&text_buffer[i * 68 + j * 2], "%02x", rights_ids[i * 0x10 + j]);
@ -1050,6 +1071,8 @@ key_output: ;
        gfx_printf("%kWrote %d bytes to %s\n", colors[(color_idx++) % 6], (u32)fno.fsize, keyfile_path);
    } else
        EPRINTF("Unable to save titlekeys to SD.");
+
+free_buffers:
    free(rights_ids);
    free(titlekeys);
    free(text_buffer);
--- a/source/libs/fatfs/ff.c
+++ b/source/libs/fatfs/ff.c
@ -40,6 +40,9 @@
 #include "diskio.h"		/* Declarations of device I/O functions */
 #include "../../gfx/gfx.h"

+#pragma GCC push_options
+#pragma GCC target ("thumb")
+
 #define EFSPRINTF(text, ...) print_error(); gfx_printf("%k"text"%k\n", 0xFFFFFF00, 0xFFFFFFFF);
 //#define EFSPRINTF(...)

@ -6647,3 +6650,5 @@ FRESULT f_setcp (
 	return FR_OK;
 }
 #endif	/* FF_CODE_PAGE == 0 */
+
+#pragma GCC pop_options
Author	SHA1	Message	Date
shchmue	340a256518	Fix the f_mkdir fix	2019-10-15 11:14:14 -06:00
shchmue	ee1a3e08ae	Fix bad f_mkdir check skipping file save	2019-10-15 11:11:47 -06:00
shchmue	d4fa066854	Bump version to v1.6.2	2019-10-15 10:26:42 -06:00
shchmue	d890616c33	Fix function name typo	2019-10-15 10:25:20 -06:00
shchmue	5d1386cc10	Validate more file I/O calls	2019-10-07 13:18:14 -06:00
shchmue	0024f049b6	Add new FS keys for LibHac, ff.c -> thumb	2019-10-06 18:41:20 -06:00