Difference between revisions of "Capture services"

From Nintendo Switch Brew
Jump to navigation Jump to search
(→‎Notes: mac)
Line 129: Line 129:
  
 
Screenshots are validated as follows: The JPEG's MAC is extracted from the EXIF maker note, and stored. A timestamp string is generated by calling snprintf(&str, 20, "%04d:%02d:%02d %02d:%02d:%02d", ...); with stored timestamp values. If this doesn't match the timestamp string stored in EXIF, then an error 0xA34CE is returned. Otherwise, the entire JPEG is loaded into memory, and the stored EXIF maker note is cleared to zeroes. Then, an HMAC-SHA256 is computed over the entire JPEG using a hardcoded secret key. if (memcmp(calculated_hmac, stored_hmac, 0x10) == 0), the screenshot is valid, else 0xA3ACE is returned.
 
Screenshots are validated as follows: The JPEG's MAC is extracted from the EXIF maker note, and stored. A timestamp string is generated by calling snprintf(&str, 20, "%04d:%02d:%02d %02d:%02d:%02d", ...); with stored timestamp values. If this doesn't match the timestamp string stored in EXIF, then an error 0xA34CE is returned. Otherwise, the entire JPEG is loaded into memory, and the stored EXIF maker note is cleared to zeroes. Then, an HMAC-SHA256 is computed over the entire JPEG using a hardcoded secret key. if (memcmp(calculated_hmac, stored_hmac, 0x10) == 0), the screenshot is valid, else 0xA3ACE is returned.
 +
 +
In [[3.0.0]], MAC calculation was changed: now, instead of calculating an HMAC, a plain SHA256 hash is calculated. capsrv basically does screenshot_kek = spl::GenerateAesKek(<hardcoded screenshot_kek_source>); spl::LoadAesKey(screenshot_kek, <hardcoded screenshot_key_source>); MAC = spl::ComputeCmac(hash);
  
 
== Videos ==
 
== Videos ==
[[4.0.0]] includes video playback etc support in Album via mp4. These include a JPEG thumbnail, which is presumably used for video "validation". The EXIF from this JPEG doesn't seem to contain the same HMAC data as the original Album JPEGs. The EXIF is also now much larger: the MakerNote is 0x498-bytes, with random-looking data for all of it starting at offset +0x8.
+
[[4.0.0]] includes video playback etc support in Album via mp4. These include a JPEG thumbnail, which is presumably used for video "validation". The EXIF from this JPEG doesn't seem to contain the same HMAC data as the original Album JPEGs. The EXIF is also now much larger: the MakerNote is 0x498-bytes, with encrypted data starting at offset +0x8. This encryption uses AES-CTR with hardcoded key/ctr. MAC calculation works the same way as the [[3.0.0]]+ JPEG MAC calculation, except with a different movie_kek_source/movie_key_source.
  
 
Note: the Album process itself uses libstagefright for video playback.
 
Note: the Album process itself uses libstagefright for video playback.
  
 
[[Category:Services]]
 
[[Category:Services]]

Revision as of 21:35, 21 May 2018

caps:a

This is "nn::capsrv::sf::IAlbumAccessorService".

Cmd Name
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
301
401
501
1001
1002
8001
8002
8011
8012
8021
10011

caps:c

This is "nn::capsrv::sf::IAlbumControlService".

Cmd Name
2001
2002
2011
2012
2013
2014
2101
2102
2201
2301

caps:u

This is "nn::capsrv::sf::IAlbumApplicationService".

Cmd Name
102 GetAlbumFileListByAruid
103 DeleteAlbumFileByAruid
104 GetAlbumFileSizeByAruid
110 LoadAlbumScreenShotImageByAruid
120 LoadAlbumScreenShotThumbnailImageByAruid
60002 OpenAccessorSessionForApplication

IAlbumAccessorApplicationSession

This is "nn::capsrv::sf::IAlbumAccessorApplicationSession".

Cmd Name
2001 OpenAlbumMovieReadStream
2002 CloseAlbumMovieReadStream
2003 GetAlbumMovieReadStreamMovieDataSize
2004 ReadMovieDataFromAlbumMovieReadStream
2005 GetAlbumMovieReadStreamBrokenReason

Notes

capsrv is responsible for validating the MACs for screenshots stored on the SD card, if the setting capsrv!enable_album_screenshot_filedata_verification is non-zero.

Screenshots are validated as follows: The JPEG's MAC is extracted from the EXIF maker note, and stored. A timestamp string is generated by calling snprintf(&str, 20, "%04d:%02d:%02d %02d:%02d:%02d", ...); with stored timestamp values. If this doesn't match the timestamp string stored in EXIF, then an error 0xA34CE is returned. Otherwise, the entire JPEG is loaded into memory, and the stored EXIF maker note is cleared to zeroes. Then, an HMAC-SHA256 is computed over the entire JPEG using a hardcoded secret key. if (memcmp(calculated_hmac, stored_hmac, 0x10) == 0), the screenshot is valid, else 0xA3ACE is returned.

In 3.0.0, MAC calculation was changed: now, instead of calculating an HMAC, a plain SHA256 hash is calculated. capsrv basically does screenshot_kek = spl::GenerateAesKek(<hardcoded screenshot_kek_source>); spl::LoadAesKey(screenshot_kek, <hardcoded screenshot_key_source>); MAC = spl::ComputeCmac(hash);

Videos

4.0.0 includes video playback etc support in Album via mp4. These include a JPEG thumbnail, which is presumably used for video "validation". The EXIF from this JPEG doesn't seem to contain the same HMAC data as the original Album JPEGs. The EXIF is also now much larger: the MakerNote is 0x498-bytes, with encrypted data starting at offset +0x8. This encryption uses AES-CTR with hardcoded key/ctr. MAC calculation works the same way as the 3.0.0+ JPEG MAC calculation, except with a different movie_kek_source/movie_key_source.

Note: the Album process itself uses libstagefright for video playback.