tsec

1. static pkg1_id_t _pkg1_ids[] = {
2.     { "20161121183008", 0, 0x1900, 0x3FE0, { 2, 1, 0 }, 0x4002B020, 0x8000D000, true,  NULL, NULL },     //1.0.0 (Patched relocator)
3.     { "20170210155124", 0, 0x1900, 0x3FE0, { 0, 1, 2 }, 0x4002D000, 0x8000D000, true,  NULL, NULL },     //2.0.0 - 2.3.0
4.     { "20170519101410", 1, 0x1A00, 0x3FE0, { 0, 1, 2 }, 0x4002D000, 0x8000D000, true,  NULL, NULL },     //3.0.0
5.     { "20170710161758", 2, 0x1A00, 0x3FE0, { 0, 1, 2 }, 0x4002D000, 0x8000D000, true,  NULL, NULL },     //3.0.1 - 3.0.2
6.     { "20170921172629", 3, 0x1800, 0x3FE0, { 1, 2, 0 }, 0x4002B000, 0x4003B000, false, NULL, NULL },     //4.0.0 - 4.1.0
7.     { "20180220163747", 4, 0x1900, 0x3FE0, { 1, 2, 0 }, 0x4002B000, 0x4003B000, false, NULL, NULL },     //5.0.0 - 5.1.0
8.     { "20180802162753", 5, 0x1900, 0x3FE0, { 1, 2, 0 }, 0x4002B000, 0x4003D800, false, NULL, NULL },     //6.0.0 - 6.1.0
9.     { "20181107105733", 6, 0x0E00, 0x6FE0, { 1, 2, 0 }, 0x4002B000, 0x4003D800, false, NULL, NULL }, //6.2.0
10.     { NULL } //End.
11. };
12.  
13.     extern void *fileBuf;
14.     gfx_puts(&gfx_con, "Get TSEC...");
15.  
16.     u32 start_time = get_tmr_ms(), end_time;
17.     _key_count = 0;
18.     u32 retries = 0;
19.     u32 key_ver_max = 1;
20.  
21.     tsec_ctxt_t tsec_ctxt;
22.  
23.     // Read package1.
24.     u8 *pkg1 = (u8 *)malloc(0x40000);
25.    
26.     fileBuf = sd_file_read(firmpath);
27.     memcpy(pkg1, fileBuf, filesize);
28.     free(fileBuf);
29.     fileBuf = NULL;
30.     gfx_puts(&gfx_con, "got pkg1\n");
31.  
32.     const pkg1_id_t *pkg1_id = &_pkg1_ids[0]; // rob double check this
33.     /*const pkg1_id_t *pkg1_id = pkg1_identify(pkg1);
34.     if (!pkg1_id) {
35.         EPRINTFARGS("Unknown package1 version for reading\nTSEC firmware (= '%s').",
36.             (char *)pkg1 + 0x10);
37.         goto out_wait;
38.     }*/
39.  
40.     u8 tsec_keys[0x10 * 3];
41.     int res = 0;
42.  
43.     tsec_ctxt.size = 0xF00;
44.     tsec_ctxt.fw = (u8 *)pkg1 + pkg1_id->tsec_off;
45.     tsec_ctxt.pkg1 = pkg1;
46.     tsec_ctxt.pkg11_off = pkg1_id->pkg11_off;
47.     tsec_ctxt.secmon_base = pkg1_id->secmon_base;
48.  
49.     if (pkg1_id->kb >= KB_FIRMWARE_VERSION_620) {
50.         tsec_ctxt.size = 0x2900;
51.         u8 *tsec_paged = (u8 *)page_alloc(3);
52.         memcpy(tsec_paged, (void *)tsec_ctxt.fw, tsec_ctxt.size);
53.         tsec_ctxt.fw = tsec_paged;
54.  
55.         key_ver_max = 1;
56.     }
57.  
58.     for (u32 i = 1; i <= key_ver_max; i++) {
59.         tsec_ctxt.key_ver = i;
60.  
61.         while (tsec_query(tsec_keys + ((i - 1) * 0x10), pkg1_id->kb, &tsec_ctxt) < 0) {
62.             if (pkg1_id->kb <= KB_FIRMWARE_VERSION_600)
63.                 memset(tsec_keys + ((i - 1) * 0x10), 0x00, 0x10);
64.             else
65.                 memset(tsec_keys, 0x00, 0x30);
66.  
67.             retries++;
68.  
69.             if (retries > 3) {
70.                 res = -1;
71.                 break;
72.             }
73.         }
74.     }
75.     free(pkg1);
76.  
77.     if (res < 0) {
78.         EPRINTF("ERROR dumping TSEC. Try again.\n");
79.         goto out_wait;
80.     }