summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/core/hle/service/nfp/amiibo_crypto.cpp10
-rw-r--r--src/core/hle/service/nfp/nfp_device.cpp99
-rw-r--r--src/core/hle/service/nfp/nfp_device.h8
-rw-r--r--src/core/hle/service/nfp/nfp_types.h24
-rw-r--r--src/core/hle/service/nfp/nfp_user.cpp2
5 files changed, 124 insertions, 19 deletions
diff --git a/src/core/hle/service/nfp/amiibo_crypto.cpp b/src/core/hle/service/nfp/amiibo_crypto.cpp
index 9e06970a4..ce0bc3f75 100644
--- a/src/core/hle/service/nfp/amiibo_crypto.cpp
+++ b/src/core/hle/service/nfp/amiibo_crypto.cpp
@@ -58,8 +58,9 @@ bool IsAmiiboValid(const EncryptedNTAG215File& ntag_file) {
if (amiibo_data.model_info.constant_value != 0x02) {
return false;
}
- // dynamic_lock value apparently is not constant
- // ntag_file.dynamic_lock == 0x0F0001
+ if ((ntag_file.dynamic_lock & 0xFFFFFF) != 0x0F0001U) {
+ return false;
+ }
if (ntag_file.CFG0 != 0x04000000U) {
return false;
}
@@ -85,7 +86,7 @@ NTAG215File NfcDataToEncodedData(const EncryptedNTAG215File& nfc_data) {
encoded_data.applicaton_write_counter = nfc_data.user_memory.applicaton_write_counter;
encoded_data.application_area_id = nfc_data.user_memory.application_area_id;
encoded_data.unknown = nfc_data.user_memory.unknown;
- encoded_data.hash = nfc_data.user_memory.hash;
+ encoded_data.unknown2 = nfc_data.user_memory.unknown2;
encoded_data.application_area = nfc_data.user_memory.application_area;
encoded_data.hmac_tag = nfc_data.user_memory.hmac_tag;
encoded_data.lock_bytes = nfc_data.uuid.lock_bytes;
@@ -116,7 +117,7 @@ EncryptedNTAG215File EncodedDataToNfcData(const NTAG215File& encoded_data) {
nfc_data.user_memory.applicaton_write_counter = encoded_data.applicaton_write_counter;
nfc_data.user_memory.application_area_id = encoded_data.application_area_id;
nfc_data.user_memory.unknown = encoded_data.unknown;
- nfc_data.user_memory.hash = encoded_data.hash;
+ nfc_data.user_memory.unknown2 = encoded_data.unknown2;
nfc_data.user_memory.application_area = encoded_data.application_area;
nfc_data.user_memory.hmac_tag = encoded_data.hmac_tag;
nfc_data.user_memory.model_info = encoded_data.model_info;
@@ -181,7 +182,6 @@ std::vector<u8> GenerateInternalKey(const InternalKey& key, const HashSeed& seed
void CryptoInit(CryptoCtx& ctx, mbedtls_md_context_t& hmac_ctx, const HmacKey& hmac_key,
const std::vector<u8>& seed) {
-
// Initialize context
ctx.used = false;
ctx.counter = 0;
diff --git a/src/core/hle/service/nfp/nfp_device.cpp b/src/core/hle/service/nfp/nfp_device.cpp
index f0eaa7df2..0d4ffd3a5 100644
--- a/src/core/hle/service/nfp/nfp_device.cpp
+++ b/src/core/hle/service/nfp/nfp_device.cpp
@@ -85,7 +85,7 @@ void NfpDevice::NpadUpdate(Core::HID::ControllerTriggerType type) {
}
}
-bool NfpDevice::LoadAmiibo(const std::vector<u8>& data) {
+bool NfpDevice::LoadAmiibo(std::span<const u8> data) {
if (device_state != DeviceState::SearchingForTag) {
LOG_ERROR(Service_NFP, "Game is not looking for amiibos, current state {}", device_state);
return false;
@@ -176,6 +176,19 @@ Result NfpDevice::StopDetection() {
}
Result NfpDevice::Flush() {
+ if (device_state != DeviceState::TagMounted) {
+ LOG_ERROR(Service_NFP, "Wrong device state {}", device_state);
+ if (device_state == DeviceState::TagRemoved) {
+ return TagRemoved;
+ }
+ return WrongDeviceState;
+ }
+
+ if (mount_target == MountTarget::None || mount_target == MountTarget::Rom) {
+ LOG_ERROR(Service_NFP, "Amiibo is read only", device_state);
+ return WrongDeviceState;
+ }
+
auto& settings = tag_data.settings;
const auto& current_date = GetAmiiboDate(current_posix_time);
@@ -206,7 +219,7 @@ Result NfpDevice::Flush() {
return ResultSuccess;
}
-Result NfpDevice::Mount() {
+Result NfpDevice::Mount(MountTarget mount_target_) {
if (device_state != DeviceState::TagFound) {
LOG_ERROR(Service_NFP, "Wrong device state {}", device_state);
return WrongDeviceState;
@@ -218,6 +231,7 @@ Result NfpDevice::Mount() {
}
device_state = DeviceState::TagMounted;
+ mount_target = mount_target_;
return ResultSuccess;
}
@@ -233,6 +247,9 @@ Result NfpDevice::Unmount() {
}
device_state = DeviceState::TagFound;
+ mount_target = MountTarget::None;
+ is_app_area_open = false;
+
return ResultSuccess;
}
@@ -245,8 +262,8 @@ Result NfpDevice::GetTagInfo(TagInfo& tag_info) const {
tag_info = {
.uuid = encrypted_tag_data.uuid.uid,
.uuid_length = static_cast<u8>(encrypted_tag_data.uuid.uid.size()),
- .protocol = 1,
- .tag_type = 2,
+ .protocol = TagProtocol::TypeA,
+ .tag_type = TagType::Type2,
};
return ResultSuccess;
@@ -255,6 +272,14 @@ Result NfpDevice::GetTagInfo(TagInfo& tag_info) const {
Result NfpDevice::GetCommonInfo(CommonInfo& common_info) const {
if (device_state != DeviceState::TagMounted) {
LOG_ERROR(Service_NFP, "Wrong device state {}", device_state);
+ if (device_state == DeviceState::TagRemoved) {
+ return TagRemoved;
+ }
+ return WrongDeviceState;
+ }
+
+ if (mount_target == MountTarget::None || mount_target == MountTarget::Rom) {
+ LOG_ERROR(Service_NFP, "Amiibo is read only", device_state);
return WrongDeviceState;
}
@@ -301,6 +326,11 @@ Result NfpDevice::GetRegisterInfo(RegisterInfo& register_info) const {
return WrongDeviceState;
}
+ if (mount_target == MountTarget::None || mount_target == MountTarget::Rom) {
+ LOG_ERROR(Service_NFP, "Amiibo is read only", device_state);
+ return WrongDeviceState;
+ }
+
if (tag_data.settings.settings.amiibo_initialized == 0) {
return RegistrationIsNotInitialized;
}
@@ -333,6 +363,11 @@ Result NfpDevice::SetNicknameAndOwner(const AmiiboName& amiibo_name) {
return WrongDeviceState;
}
+ if (mount_target == MountTarget::None || mount_target == MountTarget::Rom) {
+ LOG_ERROR(Service_NFP, "Amiibo is read only", device_state);
+ return WrongDeviceState;
+ }
+
Service::Mii::MiiManager manager;
auto& settings = tag_data.settings;
@@ -350,6 +385,19 @@ Result NfpDevice::SetNicknameAndOwner(const AmiiboName& amiibo_name) {
}
Result NfpDevice::RestoreAmiibo() {
+ if (device_state != DeviceState::TagMounted) {
+ LOG_ERROR(Service_NFP, "Wrong device state {}", device_state);
+ if (device_state == DeviceState::TagRemoved) {
+ return TagRemoved;
+ }
+ return WrongDeviceState;
+ }
+
+ if (mount_target == MountTarget::None || mount_target == MountTarget::Rom) {
+ LOG_ERROR(Service_NFP, "Amiibo is read only", device_state);
+ return WrongDeviceState;
+ }
+
// TODO: Load amiibo from backup on system
LOG_ERROR(Service_NFP, "Not Implemented");
return ResultSuccess;
@@ -385,6 +433,11 @@ Result NfpDevice::OpenApplicationArea(u32 access_id) {
return WrongDeviceState;
}
+ if (mount_target == MountTarget::None || mount_target == MountTarget::Rom) {
+ LOG_ERROR(Service_NFP, "Amiibo is read only", device_state);
+ return WrongDeviceState;
+ }
+
if (tag_data.settings.settings.appdata_initialized.Value() == 0) {
LOG_WARNING(Service_NFP, "Application area is not initialized");
return ApplicationAreaIsNotInitialized;
@@ -395,6 +448,8 @@ Result NfpDevice::OpenApplicationArea(u32 access_id) {
return WrongApplicationAreaId;
}
+ is_app_area_open = true;
+
return ResultSuccess;
}
@@ -407,6 +462,16 @@ Result NfpDevice::GetApplicationArea(std::vector<u8>& data) const {
return WrongDeviceState;
}
+ if (mount_target == MountTarget::None || mount_target == MountTarget::Rom) {
+ LOG_ERROR(Service_NFP, "Amiibo is read only", device_state);
+ return WrongDeviceState;
+ }
+
+ if (!is_app_area_open) {
+ LOG_ERROR(Service_NFP, "Application area is not open");
+ return WrongDeviceState;
+ }
+
if (tag_data.settings.settings.appdata_initialized.Value() == 0) {
LOG_ERROR(Service_NFP, "Application area is not initialized");
return ApplicationAreaIsNotInitialized;
@@ -422,7 +487,7 @@ Result NfpDevice::GetApplicationArea(std::vector<u8>& data) const {
return ResultSuccess;
}
-Result NfpDevice::SetApplicationArea(const std::vector<u8>& data) {
+Result NfpDevice::SetApplicationArea(std::span<const u8> data) {
if (device_state != DeviceState::TagMounted) {
LOG_ERROR(Service_NFP, "Wrong device state {}", device_state);
if (device_state == DeviceState::TagRemoved) {
@@ -431,6 +496,16 @@ Result NfpDevice::SetApplicationArea(const std::vector<u8>& data) {
return WrongDeviceState;
}
+ if (mount_target == MountTarget::None || mount_target == MountTarget::Rom) {
+ LOG_ERROR(Service_NFP, "Amiibo is read only", device_state);
+ return WrongDeviceState;
+ }
+
+ if (!is_app_area_open) {
+ LOG_ERROR(Service_NFP, "Application area is not open");
+ return WrongDeviceState;
+ }
+
if (tag_data.settings.settings.appdata_initialized.Value() == 0) {
LOG_ERROR(Service_NFP, "Application area is not initialized");
return ApplicationAreaIsNotInitialized;
@@ -442,8 +517,10 @@ Result NfpDevice::SetApplicationArea(const std::vector<u8>& data) {
}
Common::TinyMT rng{};
- rng.GenerateRandomBytes(tag_data.application_area.data(), sizeof(ApplicationArea));
std::memcpy(tag_data.application_area.data(), data.data(), data.size());
+ // HW seems to fill excess data with garbage
+ rng.GenerateRandomBytes(tag_data.application_area.data() + data.size(),
+ sizeof(ApplicationArea) - data.size());
tag_data.applicaton_write_counter++;
is_data_moddified = true;
@@ -477,6 +554,11 @@ Result NfpDevice::RecreateApplicationArea(u32 access_id, std::span<const u8> dat
return WrongDeviceState;
}
+ if (mount_target == MountTarget::None || mount_target == MountTarget::Rom) {
+ LOG_ERROR(Service_NFP, "Amiibo is read only", device_state);
+ return WrongDeviceState;
+ }
+
if (data.size() > sizeof(ApplicationArea)) {
LOG_ERROR(Service_NFP, "Wrong data size {}", data.size());
return ResultUnknown;
@@ -508,6 +590,11 @@ Result NfpDevice::DeleteApplicationArea() {
return WrongDeviceState;
}
+ if (mount_target == MountTarget::None || mount_target == MountTarget::Rom) {
+ LOG_ERROR(Service_NFP, "Amiibo is read only", device_state);
+ return WrongDeviceState;
+ }
+
Common::TinyMT rng{};
rng.GenerateRandomBytes(tag_data.application_area.data(), sizeof(ApplicationArea));
rng.GenerateRandomBytes(&tag_data.title_id, sizeof(u64));
diff --git a/src/core/hle/service/nfp/nfp_device.h b/src/core/hle/service/nfp/nfp_device.h
index c020506a6..a5b72cf19 100644
--- a/src/core/hle/service/nfp/nfp_device.h
+++ b/src/core/hle/service/nfp/nfp_device.h
@@ -40,7 +40,7 @@ public:
Result StartDetection(s32 protocol_);
Result StopDetection();
- Result Mount();
+ Result Mount(MountTarget mount_target);
Result Unmount();
Result Flush();
@@ -55,7 +55,7 @@ public:
Result OpenApplicationArea(u32 access_id);
Result GetApplicationArea(std::vector<u8>& data) const;
- Result SetApplicationArea(const std::vector<u8>& data);
+ Result SetApplicationArea(std::span<const u8> data);
Result CreateApplicationArea(u32 access_id, std::span<const u8> data);
Result RecreateApplicationArea(u32 access_id, std::span<const u8> data);
Result DeleteApplicationArea();
@@ -70,7 +70,7 @@ public:
private:
void NpadUpdate(Core::HID::ControllerTriggerType type);
- bool LoadAmiibo(const std::vector<u8>& data);
+ bool LoadAmiibo(std::span<const u8> data);
void CloseAmiibo();
AmiiboName GetAmiiboName(const AmiiboSettings& settings) const;
@@ -88,8 +88,10 @@ private:
Kernel::KEvent* availability_change_event = nullptr;
bool is_data_moddified{};
+ bool is_app_area_open{};
s32 protocol{};
s64 current_posix_time{};
+ MountTarget mount_target{MountTarget::None};
DeviceState device_state{DeviceState::Unavailable};
NTAG215File tag_data{};
diff --git a/src/core/hle/service/nfp/nfp_types.h b/src/core/hle/service/nfp/nfp_types.h
index 448791846..dd4525b61 100644
--- a/src/core/hle/service/nfp/nfp_types.h
+++ b/src/core/hle/service/nfp/nfp_types.h
@@ -75,6 +75,22 @@ enum class AmiiboSeries : u8 {
Diablo,
};
+enum class TagType : u32 {
+ None,
+ Type1, // ISO14443A RW 96-2k bytes 106kbit/s
+ Type2, // ISO14443A RW/RO 540 bytes 106kbit/s
+ Type3, // Sony Felica RW/RO 2k bytes 212kbit/s
+ Type4, // ISO14443A RW/RO 4k-32k bytes 424kbit/s
+ Type5, // ISO15693 RW/RO 540 bytes 106kbit/s
+};
+
+enum class TagProtocol : u32 {
+ None,
+ TypeA, // ISO14443A
+ TypeB, // ISO14443B
+ TypeF, // Sony Felica
+};
+
using UniqueSerialNumber = std::array<u8, 7>;
using LockBytes = std::array<u8, 2>;
using HashData = std::array<u8, 0x20>;
@@ -174,7 +190,7 @@ struct EncryptedAmiiboFile {
u16_be applicaton_write_counter; // Encrypted Counter
u32_be application_area_id; // Encrypted Game id
std::array<u8, 0x2> unknown;
- HashData hash; // Probably a SHA256-HMAC hash?
+ std::array<u32, 0x8> unknown2;
ApplicationArea application_area; // Encrypted Game data
};
static_assert(sizeof(EncryptedAmiiboFile) == 0x1F8, "AmiiboFile is an invalid size");
@@ -193,7 +209,7 @@ struct NTAG215File {
u16_be applicaton_write_counter; // Encrypted Counter
u32_be application_area_id;
std::array<u8, 0x2> unknown;
- HashData hash; // Probably a SHA256-HMAC hash?
+ std::array<u32, 0x8> unknown2;
ApplicationArea application_area; // Encrypted Game data
HashData hmac_tag; // Hash
UniqueSerialNumber uid; // Unique serial number
@@ -228,8 +244,8 @@ struct TagInfo {
INSERT_PADDING_BYTES(0x3);
u8 uuid_length;
INSERT_PADDING_BYTES(0x15);
- s32 protocol;
- u32 tag_type;
+ TagProtocol protocol;
+ TagType tag_type;
INSERT_PADDING_BYTES(0x30);
};
static_assert(sizeof(TagInfo) == 0x58, "TagInfo is an invalid size");
diff --git a/src/core/hle/service/nfp/nfp_user.cpp b/src/core/hle/service/nfp/nfp_user.cpp
index f8f1975db..c61df9401 100644
--- a/src/core/hle/service/nfp/nfp_user.cpp
+++ b/src/core/hle/service/nfp/nfp_user.cpp
@@ -189,7 +189,7 @@ void IUser::Mount(Kernel::HLERequestContext& ctx) {
return;
}
- const auto result = device.value()->Mount();
+ const auto result = device.value()->Mount(mount_target);
IPC::ResponseBuilder rb{ctx, 2};
rb.Push(result);
}