From 0e9974e7b34c2d17ea5cb31dab2531b48b6e4391 Mon Sep 17 00:00:00 2001 From: Michael Scire Date: Mon, 6 Apr 2020 03:58:52 -0700 Subject: [PATCH] fs: add AesCtrStorage --- .../stratosphere/fs/fs_query_range.hpp | 10 +- .../include/stratosphere/fssystem.hpp | 2 + .../fssystem/fssystem_aes_ctr_storage.hpp | 50 +++++ .../fssystem/fssystem_pooled_buffer.hpp | 4 + .../fssystem_thread_priority_changer.hpp | 39 ++++ .../fssystem/fssystem_utility.hpp | 2 + .../fssystem/fssystem_aes_ctr_storage.cpp | 179 ++++++++++++++++++ .../source/fssystem/fssystem_utility.cpp | 19 ++ .../include/vapours/results/fs_results.hpp | 1 + 9 files changed, 303 insertions(+), 3 deletions(-) create mode 100644 libraries/libstratosphere/include/stratosphere/fssystem/fssystem_aes_ctr_storage.hpp create mode 100644 libraries/libstratosphere/include/stratosphere/fssystem/fssystem_thread_priority_changer.hpp create mode 100644 libraries/libstratosphere/source/fssystem/fssystem_aes_ctr_storage.cpp diff --git a/libraries/libstratosphere/include/stratosphere/fs/fs_query_range.hpp b/libraries/libstratosphere/include/stratosphere/fs/fs_query_range.hpp index 6777f03cf..5cdc45c21 100644 --- a/libraries/libstratosphere/include/stratosphere/fs/fs_query_range.hpp +++ b/libraries/libstratosphere/include/stratosphere/fs/fs_query_range.hpp @@ -20,9 +20,9 @@ namespace ams::fs { struct QueryRangeInfo { - u32 aes_ctr_key_type; - u32 speed_emulation_type; - u32 reserved[0x38 / sizeof(u32)]; + s32 aes_ctr_key_type; + s32 speed_emulation_type; + u8 reserved[0x38]; void Clear() { this->aes_ctr_key_type = 0; @@ -45,4 +45,8 @@ namespace ams::fs { Result QueryRange(QueryRangeInfo *out, FileHandle handle, s64 offset, s64 size); + enum class AesCtrKeyTypeFlag : s32 { + InternalKeyForSoftwareAes = (1 << 0), + }; + } diff --git a/libraries/libstratosphere/include/stratosphere/fssystem.hpp b/libraries/libstratosphere/include/stratosphere/fssystem.hpp index 85c03d7be..81dfda143 100644 --- a/libraries/libstratosphere/include/stratosphere/fssystem.hpp +++ b/libraries/libstratosphere/include/stratosphere/fssystem.hpp @@ -20,6 +20,8 @@ #include #include #include +#include +#include #include #include #include diff --git a/libraries/libstratosphere/include/stratosphere/fssystem/fssystem_aes_ctr_storage.hpp b/libraries/libstratosphere/include/stratosphere/fssystem/fssystem_aes_ctr_storage.hpp new file mode 100644 index 000000000..c88abe2f8 --- /dev/null +++ b/libraries/libstratosphere/include/stratosphere/fssystem/fssystem_aes_ctr_storage.hpp @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2018-2020 Atmosphère-NX + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ +#pragma once +#include +#include +#include + +namespace ams::fssystem { + + class AesCtrStorage : public ::ams::fs::IStorage, public ::ams::fs::impl::Newable { + NON_COPYABLE(AesCtrStorage); + NON_MOVEABLE(AesCtrStorage); + public: + static constexpr size_t BlockSize = crypto::Aes128CtrEncryptor::BlockSize; + static constexpr size_t KeySize = crypto::Aes128CtrEncryptor::KeySize; + static constexpr size_t IvSize = crypto::Aes128CtrEncryptor::IvSize; + private: + IStorage * const base_storage; + char key[KeySize]; + char iv[IvSize]; + public: + static void MakeIv(void *dst, size_t dst_size, u64 upper, s64 offset); + public: + AesCtrStorage(IStorage *base, const void *key, size_t key_size, const void *iv, size_t iv_size); + + virtual Result Read(s64 offset, void *buffer, size_t size) override; + virtual Result Write(s64 offset, const void *buffer, size_t size) override; + + virtual Result Flush() override; + + virtual Result SetSize(s64 size) override; + virtual Result GetSize(s64 *out) override; + + virtual Result OperateRange(void *dst, size_t dst_size, fs::OperationId op_id, s64 offset, s64 size, const void *src, size_t src_size) override; + }; + +} diff --git a/libraries/libstratosphere/include/stratosphere/fssystem/fssystem_pooled_buffer.hpp b/libraries/libstratosphere/include/stratosphere/fssystem/fssystem_pooled_buffer.hpp index 7dd9e385f..cae57cbfe 100644 --- a/libraries/libstratosphere/include/stratosphere/fssystem/fssystem_pooled_buffer.hpp +++ b/libraries/libstratosphere/include/stratosphere/fssystem/fssystem_pooled_buffer.hpp @@ -105,4 +105,8 @@ namespace ams::fssystem { void UnregisterAdditionalDeviceAddress(uintptr_t address); bool IsAdditionalDeviceAddress(const void *ptr); + inline bool IsDeviceAddress(const void *buffer) { + return IsPooledBuffer(buffer) || IsAdditionalDeviceAddress(buffer); + } + } diff --git a/libraries/libstratosphere/include/stratosphere/fssystem/fssystem_thread_priority_changer.hpp b/libraries/libstratosphere/include/stratosphere/fssystem/fssystem_thread_priority_changer.hpp new file mode 100644 index 000000000..6b63537ca --- /dev/null +++ b/libraries/libstratosphere/include/stratosphere/fssystem/fssystem_thread_priority_changer.hpp @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2018-2020 Atmosphère-NX + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ +#pragma once +#include +#include + +namespace ams::fssystem { + + class ScopedThreadPriorityChanger { + public: + enum class Mode { + Absolute, + Relative, + }; + private: + /* TODO */ + public: + ALWAYS_INLINE explicit ScopedThreadPriorityChanger(s32 priority, Mode mode) { + /* TODO */ + } + + ALWAYS_INLINE ~ScopedThreadPriorityChanger() { + /* TODO */ + } + }; +} diff --git a/libraries/libstratosphere/include/stratosphere/fssystem/fssystem_utility.hpp b/libraries/libstratosphere/include/stratosphere/fssystem/fssystem_utility.hpp index b982a0b88..fefa2df3c 100644 --- a/libraries/libstratosphere/include/stratosphere/fssystem/fssystem_utility.hpp +++ b/libraries/libstratosphere/include/stratosphere/fssystem/fssystem_utility.hpp @@ -170,4 +170,6 @@ namespace ams::fssystem { } } + void AddCounter(void *counter, size_t counter_size, u64 value); + } diff --git a/libraries/libstratosphere/source/fssystem/fssystem_aes_ctr_storage.cpp b/libraries/libstratosphere/source/fssystem/fssystem_aes_ctr_storage.cpp new file mode 100644 index 000000000..948f9b480 --- /dev/null +++ b/libraries/libstratosphere/source/fssystem/fssystem_aes_ctr_storage.cpp @@ -0,0 +1,179 @@ +/* + * Copyright (c) 2018-2020 Atmosphère-NX + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ +#include + +namespace ams::fssystem { + + void AesCtrStorage::MakeIv(void *dst, size_t dst_size, u64 upper, s64 offset) { + /* TODO: util::BytePtr? */ + AMS_ASSERT(dst != nullptr); + AMS_ASSERT(dst_size == IvSize); + AMS_ASSERT(offset >= 0); + + const uintptr_t out_addr = reinterpret_cast(dst); + + util::StoreBigEndian(reinterpret_cast(out_addr + 0), upper); + util::StoreBigEndian(reinterpret_cast(out_addr + sizeof(u64)), static_cast(offset / BlockSize)); + } + + AesCtrStorage::AesCtrStorage(IStorage *base, const void *key, size_t key_size, const void *iv, size_t iv_size) : base_storage(base) { + AMS_ASSERT(base != nullptr); + AMS_ASSERT(key != nullptr); + AMS_ASSERT(iv != nullptr); + AMS_ASSERT(key_size == KeySize); + AMS_ASSERT(iv_size == IvSize); + + std::memcpy(this->key, key, KeySize); + std::memcpy(this->iv, iv, IvSize); + } + + Result AesCtrStorage::Read(s64 offset, void *buffer, size_t size) { + /* Allow zero-size writes. */ + R_SUCCEED_IF(size == 0); + + /* Ensure buffer is valid. */ + R_UNLESS(buffer != nullptr, fs::ResultNullptrArgument()); + + /* We can only read at block aligned offsets. */ + R_UNLESS(util::IsAligned(offset, BlockSize), fs::ResultInvalidArgument()); + R_UNLESS(util::IsAligned(size, BlockSize), fs::ResultInvalidArgument()); + + /* Read the data. */ + R_TRY(this->base_storage->Read(offset, buffer, size)); + + /* Prepare to decrypt the data, with temporarily increased priority. */ + ScopedThreadPriorityChanger cp(+1, ScopedThreadPriorityChanger::Mode::Relative); + + /* Setup the counter. */ + char ctr[IvSize]; + std::memcpy(ctr, this->iv, IvSize); + AddCounter(ctr, IvSize, offset / BlockSize); + + /* Decrypt, ensure we decrypt correctly. */ + auto dec_size = crypto::DecryptAes128Ctr(buffer, size, this->key, KeySize, ctr, IvSize, buffer, size); + AMS_ABORT_UNLESS(size == dec_size); + + return ResultSuccess(); + } + + Result AesCtrStorage::Write(s64 offset, const void *buffer, size_t size) { + /* Allow zero-size writes. */ + R_SUCCEED_IF(size == 0); + + /* Ensure buffer is valid. */ + R_UNLESS(buffer != nullptr, fs::ResultNullptrArgument()); + + /* We can only write at block aligned offsets. */ + R_UNLESS(util::IsAligned(offset, BlockSize), fs::ResultInvalidArgument()); + R_UNLESS(util::IsAligned(size, BlockSize), fs::ResultInvalidArgument()); + + /* Get a pooled buffer. */ + PooledBuffer pooled_buffer; + const bool use_work_buffer = !IsDeviceAddress(buffer); + if (use_work_buffer) { + pooled_buffer.Allocate(size, BlockSize); + } + + /* Setup the counter. */ + char ctr[IvSize]; + std::memcpy(ctr, this->iv, IvSize); + AddCounter(ctr, IvSize, offset / BlockSize); + + /* Loop until all data is written. */ + size_t remaining = size; + s64 cur_offset = 0; + while (remaining > 0) { + /* Determine data we're writing and where. */ + const size_t write_size = use_work_buffer ? std::min(pooled_buffer.GetSize(), remaining) : remaining; + void *write_buf = use_work_buffer ? pooled_buffer.GetBuffer() : const_cast(buffer); + + /* Encrypt the data, with temporarily increased priority. */ + { + ScopedThreadPriorityChanger cp(+1, ScopedThreadPriorityChanger::Mode::Relative); + + auto enc_size = crypto::EncryptAes128Ctr(write_buf, write_size, this->key, KeySize, ctr, IvSize, reinterpret_cast(buffer) + cur_offset, write_size); + AMS_ABORT_UNLESS(enc_size == write_size); + } + + /* Write the encrypted data. */ + R_TRY(this->base_storage->Write(offset + cur_offset, write_buf, write_size)); + + /* Advance. */ + cur_offset += write_size; + remaining -= write_size; + if (remaining > 0) { + AddCounter(ctr, IvSize, write_size / BlockSize); + } + } + + return ResultSuccess(); + } + + Result AesCtrStorage::Flush() { + return this->base_storage->Flush(); + } + + Result AesCtrStorage::SetSize(s64 size) { + return fs::ResultUnsupportedOperationInAesCtrStorageA(); + } + + Result AesCtrStorage::GetSize(s64 *out) { + return this->base_storage->GetSize(out); + } + + Result AesCtrStorage::OperateRange(void *dst, size_t dst_size, fs::OperationId op_id, s64 offset, s64 size, const void *src, size_t src_size) { + /* Handle the zero size case. */ + if (size == 0) { + if (op_id == fs::OperationId::QueryRange) { + R_UNLESS(dst != nullptr, fs::ResultNullptrArgument()); + R_UNLESS(dst_size == sizeof(fs::QueryRangeInfo), fs::ResultInvalidSize()); + + reinterpret_cast(dst)->Clear(); + } + + return ResultSuccess(); + } + + /* Ensure alignment. */ + R_UNLESS(util::IsAligned(offset, BlockSize), fs::ResultInvalidArgument()); + R_UNLESS(util::IsAligned(size, BlockSize), fs::ResultInvalidArgument()); + + switch (op_id) { + case fs::OperationId::QueryRange: + { + R_UNLESS(dst != nullptr, fs::ResultNullptrArgument()); + R_UNLESS(dst_size == sizeof(fs::QueryRangeInfo), fs::ResultInvalidSize()); + + R_TRY(this->base_storage->OperateRange(dst, dst_size, op_id, offset, size, src, src_size)); + + fs::QueryRangeInfo info; + info.Clear(); + info.aes_ctr_key_type = static_cast(fs::AesCtrKeyTypeFlag::InternalKeyForSoftwareAes); + + reinterpret_cast(dst)->Merge(info); + } + break; + default: + { + R_TRY(this->base_storage->OperateRange(dst, dst_size, op_id, offset, size, src, src_size)); + } + break; + } + + return ResultSuccess(); + } + +} diff --git a/libraries/libstratosphere/source/fssystem/fssystem_utility.cpp b/libraries/libstratosphere/source/fssystem/fssystem_utility.cpp index 84594b646..02783fc2a 100644 --- a/libraries/libstratosphere/source/fssystem/fssystem_utility.cpp +++ b/libraries/libstratosphere/source/fssystem/fssystem_utility.cpp @@ -149,4 +149,23 @@ namespace ams::fssystem { return EnsureDirectoryRecursivelyImpl(fs, path, false); } + void AddCounter(void *_counter, size_t counter_size, u64 value) { + u8 *counter = static_cast(_counter); + u64 remaining = value; + u8 carry = 0; + + for (size_t i = 0; i < counter_size; i++) { + auto sum = counter[counter_size - 1 - i] + (remaining & 0xFF) + carry; + carry = static_cast(sum >> BITSIZEOF(u8)); + auto sum8 = static_cast(sum & 0xFF); + + counter[counter_size - 1 - i] = sum8; + + remaining >>= BITSIZEOF(u8); + if (carry == 0 && remaining == 0) { + break; + } + } + } + } diff --git a/libraries/libvapours/include/vapours/results/fs_results.hpp b/libraries/libvapours/include/vapours/results/fs_results.hpp index 89dbbdaa7..dd09ae506 100644 --- a/libraries/libvapours/include/vapours/results/fs_results.hpp +++ b/libraries/libvapours/include/vapours/results/fs_results.hpp @@ -258,6 +258,7 @@ namespace ams::fs { R_DEFINE_ERROR_RESULT(UnsupportedOperationInMemoryStorageB, 6305); R_DEFINE_ERROR_RESULT(UnsupportedOperationInFileStorageA, 6306); R_DEFINE_ERROR_RESULT(UnsupportedOperationInFileStorageB, 6307); + R_DEFINE_ERROR_RESULT(UnsupportedOperationInAesCtrStorageA, 6315); R_DEFINE_ERROR_RESULT(UnsupportedOperationInFileServiceObjectAdapterA, 6362); R_DEFINE_ERROR_RESULT(UnsupportedOperationInRomFsFileSystemA, 6364); R_DEFINE_ERROR_RESULT(UnsupportedOperationInRomFsFileSystemB, 6365);