Browse Source
Merge pull request #8827 from german77/amiibo_release
Merge pull request #8827 from german77/amiibo_release
core: nfp: Implement amiibo encryptionpull/15/merge
bunnei
3 years ago
committed by
GitHub
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 1370 additions and 302 deletions
-
3src/core/CMakeLists.txt
-
2src/core/hle/service/am/applets/applet_mii_edit_types.h
-
32src/core/hle/service/mii/mii.cpp
-
87src/core/hle/service/mii/mii_manager.cpp
-
9src/core/hle/service/mii/mii_manager.h
-
138src/core/hle/service/mii/types.h
-
383src/core/hle/service/nfp/amiibo_crypto.cpp
-
98src/core/hle/service/nfp/amiibo_crypto.h
-
197src/core/hle/service/nfp/amiibo_types.h
-
543src/core/hle/service/nfp/nfp.cpp
-
145src/core/hle/service/nfp/nfp.h
-
21src/yuzu/main.cpp
@ -0,0 +1,383 @@ |
|||
// SPDX-FileCopyrightText: Copyright 2022 yuzu Emulator Project
|
|||
// SPDX-License-Identifier: GPL-3.0-or-later
|
|||
|
|||
// SPDX-FileCopyrightText: Copyright 2017 socram8888/amiitool
|
|||
// SPDX-License-Identifier: MIT
|
|||
|
|||
#include <array>
|
|||
#include <mbedtls/aes.h>
|
|||
#include <mbedtls/hmac_drbg.h>
|
|||
|
|||
#include "common/fs/file.h"
|
|||
#include "common/fs/path_util.h"
|
|||
#include "common/logging/log.h"
|
|||
#include "core/hle/service/mii/mii_manager.h"
|
|||
#include "core/hle/service/nfp/amiibo_crypto.h"
|
|||
|
|||
namespace Service::NFP::AmiiboCrypto { |
|||
|
|||
bool IsAmiiboValid(const EncryptedNTAG215File& ntag_file) { |
|||
const auto& amiibo_data = ntag_file.user_memory; |
|||
LOG_DEBUG(Service_NFP, "uuid_lock=0x{0:x}", ntag_file.static_lock); |
|||
LOG_DEBUG(Service_NFP, "compability_container=0x{0:x}", ntag_file.compability_container); |
|||
LOG_INFO(Service_NFP, "write_count={}", amiibo_data.write_counter); |
|||
|
|||
LOG_INFO(Service_NFP, "character_id=0x{0:x}", amiibo_data.model_info.character_id); |
|||
LOG_INFO(Service_NFP, "character_variant={}", amiibo_data.model_info.character_variant); |
|||
LOG_INFO(Service_NFP, "amiibo_type={}", amiibo_data.model_info.amiibo_type); |
|||
LOG_INFO(Service_NFP, "model_number=0x{0:x}", amiibo_data.model_info.model_number); |
|||
LOG_INFO(Service_NFP, "series={}", amiibo_data.model_info.series); |
|||
LOG_DEBUG(Service_NFP, "fixed_value=0x{0:x}", amiibo_data.model_info.constant_value); |
|||
|
|||
LOG_DEBUG(Service_NFP, "tag_dynamic_lock=0x{0:x}", ntag_file.dynamic_lock); |
|||
LOG_DEBUG(Service_NFP, "tag_CFG0=0x{0:x}", ntag_file.CFG0); |
|||
LOG_DEBUG(Service_NFP, "tag_CFG1=0x{0:x}", ntag_file.CFG1); |
|||
|
|||
// Validate UUID
|
|||
constexpr u8 CT = 0x88; // As defined in `ISO / IEC 14443 - 3`
|
|||
if ((CT ^ ntag_file.uuid[0] ^ ntag_file.uuid[1] ^ ntag_file.uuid[2]) != ntag_file.uuid[3]) { |
|||
return false; |
|||
} |
|||
if ((ntag_file.uuid[4] ^ ntag_file.uuid[5] ^ ntag_file.uuid[6] ^ ntag_file.uuid[7]) != |
|||
ntag_file.uuid[8]) { |
|||
return false; |
|||
} |
|||
|
|||
// Check against all know constants on an amiibo binary
|
|||
if (ntag_file.static_lock != 0xE00F) { |
|||
return false; |
|||
} |
|||
if (ntag_file.compability_container != 0xEEFF10F1U) { |
|||
return false; |
|||
} |
|||
if (amiibo_data.constant_value != 0xA5) { |
|||
return false; |
|||
} |
|||
if (amiibo_data.model_info.constant_value != 0x02) { |
|||
return false; |
|||
} |
|||
// dynamic_lock value apparently is not constant
|
|||
// ntag_file.dynamic_lock == 0x0F0001
|
|||
if (ntag_file.CFG0 != 0x04000000U) { |
|||
return false; |
|||
} |
|||
if (ntag_file.CFG1 != 0x5F) { |
|||
return false; |
|||
} |
|||
return true; |
|||
} |
|||
|
|||
NTAG215File NfcDataToEncodedData(const EncryptedNTAG215File& nfc_data) { |
|||
NTAG215File encoded_data{}; |
|||
|
|||
memcpy(encoded_data.uuid2.data(), nfc_data.uuid.data() + 0x8, sizeof(encoded_data.uuid2)); |
|||
encoded_data.static_lock = nfc_data.static_lock; |
|||
encoded_data.compability_container = nfc_data.compability_container; |
|||
encoded_data.hmac_data = nfc_data.user_memory.hmac_data; |
|||
encoded_data.constant_value = nfc_data.user_memory.constant_value; |
|||
encoded_data.write_counter = nfc_data.user_memory.write_counter; |
|||
encoded_data.settings = nfc_data.user_memory.settings; |
|||
encoded_data.owner_mii = nfc_data.user_memory.owner_mii; |
|||
encoded_data.title_id = nfc_data.user_memory.title_id; |
|||
encoded_data.applicaton_write_counter = nfc_data.user_memory.applicaton_write_counter; |
|||
encoded_data.application_area_id = nfc_data.user_memory.application_area_id; |
|||
encoded_data.unknown = nfc_data.user_memory.unknown; |
|||
encoded_data.hash = nfc_data.user_memory.hash; |
|||
encoded_data.application_area = nfc_data.user_memory.application_area; |
|||
encoded_data.hmac_tag = nfc_data.user_memory.hmac_tag; |
|||
memcpy(encoded_data.uuid.data(), nfc_data.uuid.data(), sizeof(encoded_data.uuid)); |
|||
encoded_data.model_info = nfc_data.user_memory.model_info; |
|||
encoded_data.keygen_salt = nfc_data.user_memory.keygen_salt; |
|||
encoded_data.dynamic_lock = nfc_data.dynamic_lock; |
|||
encoded_data.CFG0 = nfc_data.CFG0; |
|||
encoded_data.CFG1 = nfc_data.CFG1; |
|||
encoded_data.password = nfc_data.password; |
|||
|
|||
return encoded_data; |
|||
} |
|||
|
|||
EncryptedNTAG215File EncodedDataToNfcData(const NTAG215File& encoded_data) { |
|||
EncryptedNTAG215File nfc_data{}; |
|||
|
|||
memcpy(nfc_data.uuid.data() + 0x8, encoded_data.uuid2.data(), sizeof(encoded_data.uuid2)); |
|||
memcpy(nfc_data.uuid.data(), encoded_data.uuid.data(), sizeof(encoded_data.uuid)); |
|||
nfc_data.static_lock = encoded_data.static_lock; |
|||
nfc_data.compability_container = encoded_data.compability_container; |
|||
nfc_data.user_memory.hmac_data = encoded_data.hmac_data; |
|||
nfc_data.user_memory.constant_value = encoded_data.constant_value; |
|||
nfc_data.user_memory.write_counter = encoded_data.write_counter; |
|||
nfc_data.user_memory.settings = encoded_data.settings; |
|||
nfc_data.user_memory.owner_mii = encoded_data.owner_mii; |
|||
nfc_data.user_memory.title_id = encoded_data.title_id; |
|||
nfc_data.user_memory.applicaton_write_counter = encoded_data.applicaton_write_counter; |
|||
nfc_data.user_memory.application_area_id = encoded_data.application_area_id; |
|||
nfc_data.user_memory.unknown = encoded_data.unknown; |
|||
nfc_data.user_memory.hash = encoded_data.hash; |
|||
nfc_data.user_memory.application_area = encoded_data.application_area; |
|||
nfc_data.user_memory.hmac_tag = encoded_data.hmac_tag; |
|||
nfc_data.user_memory.model_info = encoded_data.model_info; |
|||
nfc_data.user_memory.keygen_salt = encoded_data.keygen_salt; |
|||
nfc_data.dynamic_lock = encoded_data.dynamic_lock; |
|||
nfc_data.CFG0 = encoded_data.CFG0; |
|||
nfc_data.CFG1 = encoded_data.CFG1; |
|||
nfc_data.password = encoded_data.password; |
|||
|
|||
return nfc_data; |
|||
} |
|||
|
|||
u32 GetTagPassword(const TagUuid& uuid) { |
|||
// Verifiy that the generated password is correct
|
|||
u32 password = 0xAA ^ (uuid[1] ^ uuid[3]); |
|||
password &= (0x55 ^ (uuid[2] ^ uuid[4])) << 8; |
|||
password &= (0xAA ^ (uuid[3] ^ uuid[5])) << 16; |
|||
password &= (0x55 ^ (uuid[4] ^ uuid[6])) << 24; |
|||
return password; |
|||
} |
|||
|
|||
HashSeed GetSeed(const NTAG215File& data) { |
|||
HashSeed seed{ |
|||
.magic = data.write_counter, |
|||
.padding = {}, |
|||
.uuid1 = {}, |
|||
.uuid2 = {}, |
|||
.keygen_salt = data.keygen_salt, |
|||
}; |
|||
|
|||
// Copy the first 8 bytes of uuid
|
|||
memcpy(seed.uuid1.data(), data.uuid.data(), sizeof(seed.uuid1)); |
|||
memcpy(seed.uuid2.data(), data.uuid.data(), sizeof(seed.uuid2)); |
|||
|
|||
return seed; |
|||
} |
|||
|
|||
std::vector<u8> GenerateInternalKey(const InternalKey& key, const HashSeed& seed) { |
|||
const std::size_t seedPart1Len = sizeof(key.magic_bytes) - key.magic_length; |
|||
const std::size_t string_size = key.type_string.size(); |
|||
std::vector<u8> output(string_size + seedPart1Len); |
|||
|
|||
// Copy whole type string
|
|||
memccpy(output.data(), key.type_string.data(), '\0', string_size); |
|||
|
|||
// Append (16 - magic_length) from the input seed
|
|||
memcpy(output.data() + string_size, &seed, seedPart1Len); |
|||
|
|||
// Append all bytes from magicBytes
|
|||
output.insert(output.end(), key.magic_bytes.begin(), |
|||
key.magic_bytes.begin() + key.magic_length); |
|||
|
|||
output.insert(output.end(), seed.uuid1.begin(), seed.uuid1.end()); |
|||
output.insert(output.end(), seed.uuid2.begin(), seed.uuid2.end()); |
|||
|
|||
for (std::size_t i = 0; i < sizeof(seed.keygen_salt); i++) { |
|||
output.emplace_back(static_cast<u8>(seed.keygen_salt[i] ^ key.xor_pad[i])); |
|||
} |
|||
|
|||
return output; |
|||
} |
|||
|
|||
void CryptoInit(CryptoCtx& ctx, mbedtls_md_context_t& hmac_ctx, const HmacKey& hmac_key, |
|||
const std::vector<u8>& seed) { |
|||
|
|||
// Initialize context
|
|||
ctx.used = false; |
|||
ctx.counter = 0; |
|||
ctx.buffer_size = sizeof(ctx.counter) + seed.size(); |
|||
memcpy(ctx.buffer.data() + sizeof(u16), seed.data(), seed.size()); |
|||
|
|||
// Initialize HMAC context
|
|||
mbedtls_md_init(&hmac_ctx); |
|||
mbedtls_md_setup(&hmac_ctx, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1); |
|||
mbedtls_md_hmac_starts(&hmac_ctx, hmac_key.data(), hmac_key.size()); |
|||
} |
|||
|
|||
void CryptoStep(CryptoCtx& ctx, mbedtls_md_context_t& hmac_ctx, DrgbOutput& output) { |
|||
// If used at least once, reinitialize the HMAC
|
|||
if (ctx.used) { |
|||
mbedtls_md_hmac_reset(&hmac_ctx); |
|||
} |
|||
|
|||
ctx.used = true; |
|||
|
|||
// Store counter in big endian, and increment it
|
|||
ctx.buffer[0] = static_cast<u8>(ctx.counter >> 8); |
|||
ctx.buffer[1] = static_cast<u8>(ctx.counter >> 0); |
|||
ctx.counter++; |
|||
|
|||
// Do HMAC magic
|
|||
mbedtls_md_hmac_update(&hmac_ctx, reinterpret_cast<const unsigned char*>(ctx.buffer.data()), |
|||
ctx.buffer_size); |
|||
mbedtls_md_hmac_finish(&hmac_ctx, output.data()); |
|||
} |
|||
|
|||
DerivedKeys GenerateKey(const InternalKey& key, const NTAG215File& data) { |
|||
const auto seed = GetSeed(data); |
|||
|
|||
// Generate internal seed
|
|||
const std::vector<u8> internal_key = GenerateInternalKey(key, seed); |
|||
|
|||
// Initialize context
|
|||
CryptoCtx ctx{}; |
|||
mbedtls_md_context_t hmac_ctx; |
|||
CryptoInit(ctx, hmac_ctx, key.hmac_key, internal_key); |
|||
|
|||
// Generate derived keys
|
|||
DerivedKeys derived_keys{}; |
|||
std::array<DrgbOutput, 2> temp{}; |
|||
CryptoStep(ctx, hmac_ctx, temp[0]); |
|||
CryptoStep(ctx, hmac_ctx, temp[1]); |
|||
memcpy(&derived_keys, temp.data(), sizeof(DerivedKeys)); |
|||
|
|||
// Cleanup context
|
|||
mbedtls_md_free(&hmac_ctx); |
|||
|
|||
return derived_keys; |
|||
} |
|||
|
|||
void Cipher(const DerivedKeys& keys, const NTAG215File& in_data, NTAG215File& out_data) { |
|||
mbedtls_aes_context aes; |
|||
std::size_t nc_off = 0; |
|||
std::array<u8, sizeof(keys.aes_iv)> nonce_counter{}; |
|||
std::array<u8, sizeof(keys.aes_iv)> stream_block{}; |
|||
|
|||
const auto aes_key_size = static_cast<u32>(keys.aes_key.size() * 8); |
|||
mbedtls_aes_setkey_enc(&aes, keys.aes_key.data(), aes_key_size); |
|||
memcpy(nonce_counter.data(), keys.aes_iv.data(), sizeof(keys.aes_iv)); |
|||
|
|||
constexpr std::size_t encrypted_data_size = HMAC_TAG_START - SETTINGS_START; |
|||
mbedtls_aes_crypt_ctr(&aes, encrypted_data_size, &nc_off, nonce_counter.data(), |
|||
stream_block.data(), |
|||
reinterpret_cast<const unsigned char*>(&in_data.settings), |
|||
reinterpret_cast<unsigned char*>(&out_data.settings)); |
|||
|
|||
// Copy the rest of the data directly
|
|||
out_data.uuid2 = in_data.uuid2; |
|||
out_data.static_lock = in_data.static_lock; |
|||
out_data.compability_container = in_data.compability_container; |
|||
|
|||
out_data.constant_value = in_data.constant_value; |
|||
out_data.write_counter = in_data.write_counter; |
|||
|
|||
out_data.uuid = in_data.uuid; |
|||
out_data.model_info = in_data.model_info; |
|||
out_data.keygen_salt = in_data.keygen_salt; |
|||
out_data.dynamic_lock = in_data.dynamic_lock; |
|||
out_data.CFG0 = in_data.CFG0; |
|||
out_data.CFG1 = in_data.CFG1; |
|||
out_data.password = in_data.password; |
|||
} |
|||
|
|||
bool LoadKeys(InternalKey& locked_secret, InternalKey& unfixed_info) { |
|||
const auto yuzu_keys_dir = Common::FS::GetYuzuPath(Common::FS::YuzuPath::KeysDir); |
|||
|
|||
const Common::FS::IOFile keys_file{yuzu_keys_dir / "key_retail.bin", |
|||
Common::FS::FileAccessMode::Read, |
|||
Common::FS::FileType::BinaryFile}; |
|||
|
|||
if (!keys_file.IsOpen()) { |
|||
LOG_ERROR(Service_NFP, "No keys detected"); |
|||
return false; |
|||
} |
|||
|
|||
if (keys_file.Read(unfixed_info) != 1) { |
|||
LOG_ERROR(Service_NFP, "Failed to read unfixed_info"); |
|||
return false; |
|||
} |
|||
if (keys_file.Read(locked_secret) != 1) { |
|||
LOG_ERROR(Service_NFP, "Failed to read locked-secret"); |
|||
return false; |
|||
} |
|||
|
|||
return true; |
|||
} |
|||
|
|||
bool DecodeAmiibo(const EncryptedNTAG215File& encrypted_tag_data, NTAG215File& tag_data) { |
|||
InternalKey locked_secret{}; |
|||
InternalKey unfixed_info{}; |
|||
|
|||
if (!LoadKeys(locked_secret, unfixed_info)) { |
|||
return false; |
|||
} |
|||
|
|||
// Generate keys
|
|||
NTAG215File encoded_data = NfcDataToEncodedData(encrypted_tag_data); |
|||
const auto data_keys = GenerateKey(unfixed_info, encoded_data); |
|||
const auto tag_keys = GenerateKey(locked_secret, encoded_data); |
|||
|
|||
// Decrypt
|
|||
Cipher(data_keys, encoded_data, tag_data); |
|||
|
|||
// Regenerate tag HMAC. Note: order matters, data HMAC depends on tag HMAC!
|
|||
constexpr std::size_t input_length = DYNAMIC_LOCK_START - UUID_START; |
|||
mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), tag_keys.hmac_key.data(), |
|||
sizeof(HmacKey), reinterpret_cast<const unsigned char*>(&tag_data.uuid), |
|||
input_length, reinterpret_cast<unsigned char*>(&tag_data.hmac_tag)); |
|||
|
|||
// Regenerate data HMAC
|
|||
constexpr std::size_t input_length2 = DYNAMIC_LOCK_START - WRITE_COUNTER_START; |
|||
mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), data_keys.hmac_key.data(), |
|||
sizeof(HmacKey), |
|||
reinterpret_cast<const unsigned char*>(&tag_data.write_counter), input_length2, |
|||
reinterpret_cast<unsigned char*>(&tag_data.hmac_data)); |
|||
|
|||
if (tag_data.hmac_data != encrypted_tag_data.user_memory.hmac_data) { |
|||
LOG_ERROR(Service_NFP, "hmac_data doesn't match"); |
|||
return false; |
|||
} |
|||
|
|||
if (tag_data.hmac_tag != encrypted_tag_data.user_memory.hmac_tag) { |
|||
LOG_ERROR(Service_NFP, "hmac_tag doesn't match"); |
|||
return false; |
|||
} |
|||
|
|||
return true; |
|||
} |
|||
|
|||
bool EncodeAmiibo(const NTAG215File& tag_data, EncryptedNTAG215File& encrypted_tag_data) { |
|||
InternalKey locked_secret{}; |
|||
InternalKey unfixed_info{}; |
|||
|
|||
if (!LoadKeys(locked_secret, unfixed_info)) { |
|||
return false; |
|||
} |
|||
|
|||
// Generate keys
|
|||
const auto data_keys = GenerateKey(unfixed_info, tag_data); |
|||
const auto tag_keys = GenerateKey(locked_secret, tag_data); |
|||
|
|||
NTAG215File encoded_tag_data{}; |
|||
|
|||
// Generate tag HMAC
|
|||
constexpr std::size_t input_length = DYNAMIC_LOCK_START - UUID_START; |
|||
constexpr std::size_t input_length2 = HMAC_TAG_START - WRITE_COUNTER_START; |
|||
mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), tag_keys.hmac_key.data(), |
|||
sizeof(HmacKey), reinterpret_cast<const unsigned char*>(&tag_data.uuid), |
|||
input_length, reinterpret_cast<unsigned char*>(&encoded_tag_data.hmac_tag)); |
|||
|
|||
// Init mbedtls HMAC context
|
|||
mbedtls_md_context_t ctx; |
|||
mbedtls_md_init(&ctx); |
|||
mbedtls_md_setup(&ctx, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1); |
|||
|
|||
// Generate data HMAC
|
|||
mbedtls_md_hmac_starts(&ctx, data_keys.hmac_key.data(), sizeof(HmacKey)); |
|||
mbedtls_md_hmac_update(&ctx, reinterpret_cast<const unsigned char*>(&tag_data.write_counter), |
|||
input_length2); // Data
|
|||
mbedtls_md_hmac_update(&ctx, reinterpret_cast<unsigned char*>(&encoded_tag_data.hmac_tag), |
|||
sizeof(HashData)); // Tag HMAC
|
|||
mbedtls_md_hmac_update(&ctx, reinterpret_cast<const unsigned char*>(&tag_data.uuid), |
|||
input_length); |
|||
mbedtls_md_hmac_finish(&ctx, reinterpret_cast<unsigned char*>(&encoded_tag_data.hmac_data)); |
|||
|
|||
// HMAC cleanup
|
|||
mbedtls_md_free(&ctx); |
|||
|
|||
// Encrypt
|
|||
Cipher(data_keys, tag_data, encoded_tag_data); |
|||
|
|||
// Convert back to hardware
|
|||
encrypted_tag_data = EncodedDataToNfcData(encoded_tag_data); |
|||
|
|||
return true; |
|||
} |
|||
|
|||
} // namespace Service::NFP::AmiiboCrypto
|
|||
@ -0,0 +1,98 @@ |
|||
// SPDX-FileCopyrightText: Copyright 2022 yuzu Emulator Project |
|||
// SPDX-License-Identifier: GPL-3.0-or-later |
|||
|
|||
#pragma once |
|||
|
|||
#include <array> |
|||
|
|||
#include "core/hle/service/nfp/amiibo_types.h" |
|||
|
|||
struct mbedtls_md_context_t; |
|||
|
|||
namespace Service::NFP::AmiiboCrypto { |
|||
// Byte locations in Service::NFP::NTAG215File |
|||
constexpr std::size_t HMAC_DATA_START = 0x8; |
|||
constexpr std::size_t SETTINGS_START = 0x2c; |
|||
constexpr std::size_t WRITE_COUNTER_START = 0x29; |
|||
constexpr std::size_t HMAC_TAG_START = 0x1B4; |
|||
constexpr std::size_t UUID_START = 0x1D4; |
|||
constexpr std::size_t DYNAMIC_LOCK_START = 0x208; |
|||
|
|||
using HmacKey = std::array<u8, 0x10>; |
|||
using DrgbOutput = std::array<u8, 0x20>; |
|||
|
|||
struct HashSeed { |
|||
u16 magic; |
|||
std::array<u8, 0xE> padding; |
|||
std::array<u8, 0x8> uuid1; |
|||
std::array<u8, 0x8> uuid2; |
|||
std::array<u8, 0x20> keygen_salt; |
|||
}; |
|||
static_assert(sizeof(HashSeed) == 0x40, "HashSeed is an invalid size"); |
|||
|
|||
struct InternalKey { |
|||
HmacKey hmac_key; |
|||
std::array<char, 0xE> type_string; |
|||
u8 reserved; |
|||
u8 magic_length; |
|||
std::array<u8, 0x10> magic_bytes; |
|||
std::array<u8, 0x20> xor_pad; |
|||
}; |
|||
static_assert(sizeof(InternalKey) == 0x50, "InternalKey is an invalid size"); |
|||
static_assert(std::is_trivially_copyable_v<InternalKey>, "InternalKey must be trivially copyable."); |
|||
|
|||
struct CryptoCtx { |
|||
std::array<char, 480> buffer; |
|||
bool used; |
|||
std::size_t buffer_size; |
|||
s16 counter; |
|||
}; |
|||
|
|||
struct DerivedKeys { |
|||
std::array<u8, 0x10> aes_key; |
|||
std::array<u8, 0x10> aes_iv; |
|||
std::array<u8, 0x10> hmac_key; |
|||
}; |
|||
static_assert(sizeof(DerivedKeys) == 0x30, "DerivedKeys is an invalid size"); |
|||
|
|||
/// Validates that the amiibo file is not corrupted |
|||
bool IsAmiiboValid(const EncryptedNTAG215File& ntag_file); |
|||
|
|||
/// Converts from encrypted file format to encoded file format |
|||
NTAG215File NfcDataToEncodedData(const EncryptedNTAG215File& nfc_data); |
|||
|
|||
/// Converts from encoded file format to encrypted file format |
|||
EncryptedNTAG215File EncodedDataToNfcData(const NTAG215File& encoded_data); |
|||
|
|||
/// Returns password needed to allow write access to protected memory |
|||
u32 GetTagPassword(const TagUuid& uuid); |
|||
|
|||
// Generates Seed needed for key derivation |
|||
HashSeed GetSeed(const NTAG215File& data); |
|||
|
|||
// Middle step on the generation of derived keys |
|||
std::vector<u8> GenerateInternalKey(const InternalKey& key, const HashSeed& seed); |
|||
|
|||
// Initializes mbedtls context |
|||
void CryptoInit(CryptoCtx& ctx, mbedtls_md_context_t& hmac_ctx, const HmacKey& hmac_key, |
|||
const std::vector<u8>& seed); |
|||
|
|||
// Feeds data to mbedtls context to generate the derived key |
|||
void CryptoStep(CryptoCtx& ctx, mbedtls_md_context_t& hmac_ctx, DrgbOutput& output); |
|||
|
|||
// Generates the derived key from amiibo data |
|||
DerivedKeys GenerateKey(const InternalKey& key, const NTAG215File& data); |
|||
|
|||
// Encodes or decodes amiibo data |
|||
void Cipher(const DerivedKeys& keys, const NTAG215File& in_data, NTAG215File& out_data); |
|||
|
|||
/// Loads both amiibo keys from key_retail.bin |
|||
bool LoadKeys(InternalKey& locked_secret, InternalKey& unfixed_info); |
|||
|
|||
/// Decodes encripted amiibo data returns true if output is valid |
|||
bool DecodeAmiibo(const EncryptedNTAG215File& encrypted_tag_data, NTAG215File& tag_data); |
|||
|
|||
/// Encodes plain amiibo data returns true if output is valid |
|||
bool EncodeAmiibo(const NTAG215File& tag_data, EncryptedNTAG215File& encrypted_tag_data); |
|||
|
|||
} // namespace Service::NFP::AmiiboCrypto |
|||
@ -0,0 +1,197 @@ |
|||
// SPDX-FileCopyrightText: Copyright 2022 yuzu Emulator Project |
|||
// SPDX-License-Identifier: GPL-3.0-or-later |
|||
|
|||
#pragma once |
|||
|
|||
#include <array> |
|||
|
|||
#include "core/hle/service/mii/types.h" |
|||
|
|||
namespace Service::NFP { |
|||
static constexpr std::size_t amiibo_name_length = 0xA; |
|||
|
|||
enum class ServiceType : u32 { |
|||
User, |
|||
Debug, |
|||
System, |
|||
}; |
|||
|
|||
enum class State : u32 { |
|||
NonInitialized, |
|||
Initialized, |
|||
}; |
|||
|
|||
enum class DeviceState : u32 { |
|||
Initialized, |
|||
SearchingForTag, |
|||
TagFound, |
|||
TagRemoved, |
|||
TagMounted, |
|||
Unaviable, |
|||
Finalized, |
|||
}; |
|||
|
|||
enum class ModelType : u32 { |
|||
Amiibo, |
|||
}; |
|||
|
|||
enum class MountTarget : u32 { |
|||
Rom, |
|||
Ram, |
|||
All, |
|||
}; |
|||
|
|||
enum class AmiiboType : u8 { |
|||
Figure, |
|||
Card, |
|||
Yarn, |
|||
}; |
|||
|
|||
enum class AmiiboSeries : u8 { |
|||
SuperSmashBros, |
|||
SuperMario, |
|||
ChibiRobo, |
|||
YoshiWoollyWorld, |
|||
Splatoon, |
|||
AnimalCrossing, |
|||
EightBitMario, |
|||
Skylanders, |
|||
Unknown8, |
|||
TheLegendOfZelda, |
|||
ShovelKnight, |
|||
Unknown11, |
|||
Kiby, |
|||
Pokemon, |
|||
MarioSportsSuperstars, |
|||
MonsterHunter, |
|||
BoxBoy, |
|||
Pikmin, |
|||
FireEmblem, |
|||
Metroid, |
|||
Others, |
|||
MegaMan, |
|||
Diablo, |
|||
}; |
|||
|
|||
using TagUuid = std::array<u8, 10>; |
|||
using HashData = std::array<u8, 0x20>; |
|||
using ApplicationArea = std::array<u8, 0xD8>; |
|||
|
|||
struct AmiiboDate { |
|||
u16 raw_date{}; |
|||
|
|||
u16 GetYear() const { |
|||
return static_cast<u16>(((raw_date & 0xFE00) >> 9) + 2000); |
|||
} |
|||
u8 GetMonth() const { |
|||
return static_cast<u8>(((raw_date & 0x01E0) >> 5) - 1); |
|||
} |
|||
u8 GetDay() const { |
|||
return static_cast<u8>(raw_date & 0x001F); |
|||
} |
|||
}; |
|||
static_assert(sizeof(AmiiboDate) == 2, "AmiiboDate is an invalid size"); |
|||
|
|||
struct Settings { |
|||
union { |
|||
u8 raw{}; |
|||
|
|||
BitField<4, 1, u8> amiibo_initialized; |
|||
BitField<5, 1, u8> appdata_initialized; |
|||
}; |
|||
}; |
|||
static_assert(sizeof(Settings) == 1, "AmiiboDate is an invalid size"); |
|||
|
|||
struct AmiiboSettings { |
|||
Settings settings; |
|||
u8 country_code_id; |
|||
u16_be crc_counter; // Incremented each time crc is changed |
|||
AmiiboDate init_date; |
|||
AmiiboDate write_date; |
|||
u32_be crc; |
|||
std::array<u16_be, amiibo_name_length> amiibo_name; // UTF-16 text |
|||
}; |
|||
static_assert(sizeof(AmiiboSettings) == 0x20, "AmiiboSettings is an invalid size"); |
|||
|
|||
struct AmiiboModelInfo { |
|||
u16 character_id; |
|||
u8 character_variant; |
|||
AmiiboType amiibo_type; |
|||
u16 model_number; |
|||
AmiiboSeries series; |
|||
u8 constant_value; // Must be 02 |
|||
INSERT_PADDING_BYTES(0x4); // Unknown |
|||
}; |
|||
static_assert(sizeof(AmiiboModelInfo) == 0xC, "AmiiboModelInfo is an invalid size"); |
|||
|
|||
struct NTAG215Password { |
|||
u32 PWD; // Password to allow write access |
|||
u16 PACK; // Password acknowledge reply |
|||
u16 RFUI; // Reserved for future use |
|||
}; |
|||
static_assert(sizeof(NTAG215Password) == 0x8, "NTAG215Password is an invalid size"); |
|||
|
|||
#pragma pack(1) |
|||
struct EncryptedAmiiboFile { |
|||
u8 constant_value; // Must be A5 |
|||
u16 write_counter; // Number of times the amiibo has been written? |
|||
INSERT_PADDING_BYTES(0x1); // Unknown 1 |
|||
AmiiboSettings settings; // Encrypted amiibo settings |
|||
HashData hmac_tag; // Hash |
|||
AmiiboModelInfo model_info; // Encrypted amiibo model info |
|||
HashData keygen_salt; // Salt |
|||
HashData hmac_data; // Hash |
|||
Service::Mii::Ver3StoreData owner_mii; // Encrypted Mii data |
|||
u64_be title_id; // Encrypted Game id |
|||
u16_be applicaton_write_counter; // Encrypted Counter |
|||
u32_be application_area_id; // Encrypted Game id |
|||
std::array<u8, 0x2> unknown; |
|||
HashData hash; // Probably a SHA256-HMAC hash? |
|||
ApplicationArea application_area; // Encrypted Game data |
|||
}; |
|||
static_assert(sizeof(EncryptedAmiiboFile) == 0x1F8, "AmiiboFile is an invalid size"); |
|||
|
|||
struct NTAG215File { |
|||
std::array<u8, 0x2> uuid2; |
|||
u16 static_lock; // Set defined pages as read only |
|||
u32 compability_container; // Defines available memory |
|||
HashData hmac_data; // Hash |
|||
u8 constant_value; // Must be A5 |
|||
u16 write_counter; // Number of times the amiibo has been written? |
|||
INSERT_PADDING_BYTES(0x1); // Unknown 1 |
|||
AmiiboSettings settings; |
|||
Service::Mii::Ver3StoreData owner_mii; // Encrypted Mii data |
|||
u64_be title_id; |
|||
u16_be applicaton_write_counter; // Encrypted Counter |
|||
u32_be application_area_id; |
|||
std::array<u8, 0x2> unknown; |
|||
HashData hash; // Probably a SHA256-HMAC hash? |
|||
ApplicationArea application_area; // Encrypted Game data |
|||
HashData hmac_tag; // Hash |
|||
std::array<u8, 0x8> uuid; |
|||
AmiiboModelInfo model_info; |
|||
HashData keygen_salt; // Salt |
|||
u32 dynamic_lock; // Dynamic lock |
|||
u32 CFG0; // Defines memory protected by password |
|||
u32 CFG1; // Defines number of verification attempts |
|||
NTAG215Password password; // Password data |
|||
}; |
|||
static_assert(sizeof(NTAG215File) == 0x21C, "NTAG215File is an invalid size"); |
|||
static_assert(std::is_trivially_copyable_v<NTAG215File>, "NTAG215File must be trivially copyable."); |
|||
#pragma pack() |
|||
|
|||
struct EncryptedNTAG215File { |
|||
TagUuid uuid; // Unique serial number |
|||
u16 static_lock; // Set defined pages as read only |
|||
u32 compability_container; // Defines available memory |
|||
EncryptedAmiiboFile user_memory; // Writable data |
|||
u32 dynamic_lock; // Dynamic lock |
|||
u32 CFG0; // Defines memory protected by password |
|||
u32 CFG1; // Defines number of verification attempts |
|||
NTAG215Password password; // Password data |
|||
}; |
|||
static_assert(sizeof(EncryptedNTAG215File) == 0x21C, "EncryptedNTAG215File is an invalid size"); |
|||
static_assert(std::is_trivially_copyable_v<EncryptedNTAG215File>, |
|||
"EncryptedNTAG215File must be trivially copyable."); |
|||
|
|||
} // namespace Service::NFP |
|||
Write
Preview
Loading…
Cancel
Save
Reference in new issue