mirror of
https://github.com/DarkStore-3DS/Project_CTR.git
synced 2026-07-03 00:39:14 +00:00
Merge pull request #49 from SciresM/master
ctrtool: Add support for inline decryption
This commit is contained in:
@@ -0,0 +1,127 @@
|
||||
#include "aes_keygen.h"
|
||||
|
||||
// 128bit wrap-around math
|
||||
int32_t wrap_index(int32_t i)
|
||||
{
|
||||
return i < 0 ? ((i % 16) + 16) % 16 : (i > 15 ? i % 16 : i);
|
||||
}
|
||||
|
||||
void n128_rrot(const uint8_t *in, uint32_t rot, uint8_t *out)
|
||||
{
|
||||
uint32_t bit_shift, byte_shift;
|
||||
|
||||
rot = rot % 128;
|
||||
byte_shift = rot / 8;
|
||||
bit_shift = rot % 8;
|
||||
|
||||
for (int32_t i = 0; i < 16; i++) {
|
||||
out[i] = (in[wrap_index(i - byte_shift)] >> bit_shift) | (in[wrap_index(i - byte_shift - 1)] << (8 - bit_shift));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
void n128_lrot(const uint8_t *in, uint32_t rot, uint8_t *out)
|
||||
{
|
||||
uint32_t bit_shift, byte_shift;
|
||||
|
||||
rot = rot % 128;
|
||||
byte_shift = rot / 8;
|
||||
bit_shift = rot % 8;
|
||||
|
||||
for (int32_t i = 0; i < 16; i++) {
|
||||
out[i] = (in[wrap_index(i + byte_shift)] << bit_shift) | (in[wrap_index(i + byte_shift + 1)] >> (8 - bit_shift));
|
||||
}
|
||||
}
|
||||
|
||||
/* out = a + b
|
||||
*/
|
||||
void n128_add(const uint8_t *a, const uint8_t *b, uint8_t *out)
|
||||
{
|
||||
uint8_t carry = 0;
|
||||
uint32_t sum = 0;
|
||||
|
||||
for (int i = 15; i >= 0; i--) {
|
||||
sum = a[i] + b[i] + carry;
|
||||
carry = sum >> 8;
|
||||
out[i] = sum & 0xff;
|
||||
}
|
||||
|
||||
while (carry != 0) {
|
||||
for (int i = 15; i >= 0; i--) {
|
||||
sum = out[i] + carry;
|
||||
carry = sum >> 8;
|
||||
out[i] = sum & 0xff;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* out = a - b
|
||||
*/
|
||||
void n128_sub(const uint8_t *a, const uint8_t *b, uint8_t *out)
|
||||
{
|
||||
uint8_t carry = 0;
|
||||
uint32_t sum = 0;
|
||||
|
||||
for (int i = 15; i >= 0; i--) {
|
||||
sum = a[i] - (b[i] + carry);
|
||||
|
||||
// check to see if anything was borrowed from next byte
|
||||
if (a[i] < (b[i] + carry)) {
|
||||
sum += 0x100;
|
||||
carry = 1;
|
||||
}
|
||||
else {
|
||||
carry = 0;
|
||||
}
|
||||
|
||||
// set value
|
||||
out[i] = sum & 0xff;
|
||||
}
|
||||
|
||||
|
||||
while (carry != 0) {
|
||||
for (int i = 15; i >= 0; i--) {
|
||||
sum = out[i] - carry;
|
||||
|
||||
// check to see if anything was borrowed from next byte
|
||||
if (out[i] < carry) {
|
||||
sum += 0x100;
|
||||
carry = 1;
|
||||
}
|
||||
else {
|
||||
carry = 0;
|
||||
}
|
||||
|
||||
out[i] = sum & 0xff;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
void n128_xor(const uint8_t *a, const uint8_t *b, uint8_t *out)
|
||||
{
|
||||
for (int i = 0; i < 16; i++) {
|
||||
out[i] = a[i] ^ b[i];
|
||||
}
|
||||
}
|
||||
|
||||
// keygen algorithm
|
||||
void ctr_aes_keygen(const uint8_t *x, const uint8_t *y, uint8_t *key)
|
||||
{
|
||||
static const uint8_t KEYGEN_CONST[16] = { 0x1F, 0xF9, 0xE9, 0xAA, 0xC5, 0xFE, 0x04, 0x08, 0x02, 0x45, 0x91, 0xDC, 0x5D, 0x52, 0x76, 0x8A };
|
||||
|
||||
// overall algo:
|
||||
// key = (((x <<< 2) ^ y) + KEYGEN_CONST) >>> 41
|
||||
uint8_t x_rot[16], key_xy[16], key_xyc[16];
|
||||
|
||||
// x_rot = x <<< 2
|
||||
n128_lrot(x, 2, x_rot);
|
||||
|
||||
// key_xy = x_rot ^ y
|
||||
n128_xor(x_rot, y, key_xy);
|
||||
|
||||
// key_xyc = key_xy + KEYGEN_CONST
|
||||
n128_add(key_xy, KEYGEN_CONST, key_xyc);
|
||||
|
||||
n128_rrot(key_xyc, 41, key);
|
||||
}
|
||||
@@ -0,0 +1,8 @@
|
||||
#pragma once
|
||||
#include <stdint.h>
|
||||
|
||||
/*
|
||||
AES Key generator for the Nintendo 3DS (CTR) Consoles
|
||||
*/
|
||||
|
||||
void ctr_aes_keygen(const uint8_t *x, const uint8_t *y, uint8_t *key);
|
||||
+2
-2
@@ -214,8 +214,8 @@ void cia_process(cia_context* ctx, u32 actions)
|
||||
|
||||
|
||||
|
||||
if (settings_get_common_key(ctx->usersettings))
|
||||
tik_get_decrypted_titlekey(&ctx->tik, ctx->titlekey);
|
||||
if (settings_get_common_keyX(ctx->usersettings))
|
||||
tik_get_titlekey(&ctx->tik, ctx->titlekey);
|
||||
else if(settings_get_title_key(ctx->usersettings))
|
||||
memcpy(ctx->titlekey, settings_get_title_key(ctx->usersettings), 16);
|
||||
|
||||
|
||||
@@ -91,6 +91,7 @@
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="aes_keygen.c" />
|
||||
<ClCompile Include="cia.c" />
|
||||
<ClCompile Include="ctr.c" />
|
||||
<ClCompile Include="cwav.c" />
|
||||
@@ -124,6 +125,7 @@
|
||||
<ClCompile Include="tinyxml\tinyxmlparser.cpp" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="aes_keygen.h" />
|
||||
<ClInclude Include="cia.h" />
|
||||
<ClInclude Include="ctr.h" />
|
||||
<ClInclude Include="cwav.h" />
|
||||
|
||||
@@ -120,6 +120,9 @@
|
||||
<ClCompile Include="syscalls.c">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="aes_keygen.c">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="cia.h">
|
||||
@@ -215,5 +218,8 @@
|
||||
<ClInclude Include="syscalls.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="aes_keygen.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
</ItemGroup>
|
||||
</Project>
|
||||
+13
-21
@@ -48,9 +48,10 @@ void exefs_set_encrypted(exefs_context* ctx, u32 encrypted)
|
||||
ctx->encrypted = encrypted;
|
||||
}
|
||||
|
||||
void exefs_set_key(exefs_context* ctx, u8 key[16])
|
||||
void exefs_set_keys(exefs_context* ctx, u8 key[16], u8 special_key[16])
|
||||
{
|
||||
memcpy(ctx->key, key, 16);
|
||||
memcpy(ctx->special_key, special_key, 16);
|
||||
}
|
||||
|
||||
void exefs_set_counter(exefs_context* ctx, u8 counter[16])
|
||||
@@ -58,22 +59,6 @@ void exefs_set_counter(exefs_context* ctx, u8 counter[16])
|
||||
memcpy(ctx->counter, counter, 16);
|
||||
}
|
||||
|
||||
void exefs_determine_key(exefs_context* ctx, u32 actions)
|
||||
{
|
||||
u8* key = settings_get_ncch_key(ctx->usersettings);
|
||||
|
||||
if (actions & PlainFlag)
|
||||
ctx->encrypted = 0;
|
||||
else
|
||||
{
|
||||
if (key)
|
||||
{
|
||||
ctx->encrypted = 1;
|
||||
memcpy(ctx->key, key, 0x10);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void exefs_save(exefs_context* ctx, u32 index, u32 flags)
|
||||
{
|
||||
exefs_sectionheader* section = (exefs_sectionheader*)(ctx->header.section + index);
|
||||
@@ -146,8 +131,14 @@ void exefs_save(exefs_context* ctx, u32 index, u32 flags)
|
||||
goto clean;
|
||||
}
|
||||
|
||||
if (ctx->encrypted)
|
||||
if (ctx->encrypted) {
|
||||
// .code and .firm use a special key on 7.0+
|
||||
if (ctx->encrypted & NCCHCRYPTO_SPECIAL_FSES)
|
||||
ctr_init_key(&ctx->aes, ctx->special_key);
|
||||
ctr_crypt_counter(&ctx->aes, compressedbuffer, compressedbuffer, compressedsize);
|
||||
if (ctx->encrypted & NCCHCRYPTO_SPECIAL_FSES)
|
||||
ctr_init_key(&ctx->aes, ctx->key);
|
||||
}
|
||||
|
||||
|
||||
decompressedsize = lzss_get_decompressed_size(compressedbuffer, compressedsize);
|
||||
@@ -228,8 +219,6 @@ void exefs_process(exefs_context* ctx, u32 actions)
|
||||
{
|
||||
u32 i;
|
||||
|
||||
exefs_determine_key(ctx, actions);
|
||||
|
||||
exefs_read_header(ctx, actions);
|
||||
|
||||
if (actions & VerifyFlag)
|
||||
@@ -272,7 +261,10 @@ int exefs_verify(exefs_context* ctx, u32 index, u32 flags)
|
||||
return 0;
|
||||
|
||||
fseeko64(ctx->file, ctx->offset + offset, SEEK_SET);
|
||||
ctr_init_key(&ctx->aes, ctx->key);
|
||||
if (index == 0 && (ctx->encrypted & NCCHCRYPTO_SPECIAL_FSES))
|
||||
ctr_init_key(&ctx->aes, ctx->special_key);
|
||||
else
|
||||
ctr_init_key(&ctx->aes, ctx->key);
|
||||
ctr_init_counter(&ctx->aes, ctx->counter);
|
||||
ctr_add_counter(&ctx->aes, offset / 0x10);
|
||||
|
||||
|
||||
+2
-1
@@ -30,6 +30,7 @@ typedef struct
|
||||
u8 partitionid[8];
|
||||
u8 counter[16];
|
||||
u8 key[16];
|
||||
u8 special_key[16];
|
||||
u64 offset;
|
||||
u64 size;
|
||||
exefs_header header;
|
||||
@@ -48,7 +49,7 @@ void exefs_set_usersettings(exefs_context* ctx, settings* usersettings);
|
||||
void exefs_set_partitionid(exefs_context* ctx, u8 partitionid[8]);
|
||||
void exefs_set_counter(exefs_context* ctx, u8 counter[16]);
|
||||
void exefs_set_compressedflag(exefs_context* ctx, int compressedflag);
|
||||
void exefs_set_key(exefs_context* ctx, u8 key[16]);
|
||||
void exefs_set_keys(exefs_context* ctx, u8 key[16], u8 special_key[16]);
|
||||
void exefs_set_encrypted(exefs_context* ctx, u32 encrypted);
|
||||
void exefs_read_header(exefs_context* ctx, u32 flags);
|
||||
void exefs_calculate_hash(exefs_context* ctx, u8 hash[32]);
|
||||
|
||||
@@ -70,22 +70,6 @@ void exheader_set_key(exheader_context* ctx, u8 key[16])
|
||||
}
|
||||
|
||||
|
||||
void exheader_determine_key(exheader_context* ctx, u32 actions)
|
||||
{
|
||||
u8* key = settings_get_ncch_key(ctx->usersettings);
|
||||
|
||||
if (actions & PlainFlag)
|
||||
ctx->encrypted = 0;
|
||||
else
|
||||
{
|
||||
if (key)
|
||||
{
|
||||
ctx->encrypted = 1;
|
||||
memcpy(ctx->key, key, 0x10);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void exheader_read(exheader_context* ctx, u32 actions)
|
||||
{
|
||||
if (ctx->haveread == 0)
|
||||
@@ -183,8 +167,6 @@ void exheader_deserialise_arm11localcaps_permissions(exheader_arm11systemlocalca
|
||||
|
||||
int exheader_process(exheader_context* ctx, u32 actions)
|
||||
{
|
||||
exheader_determine_key(ctx, actions);
|
||||
|
||||
exheader_read(ctx, actions);
|
||||
|
||||
if (ctx->header.codesetinfo.flags.flag & 1)
|
||||
|
||||
@@ -198,6 +198,5 @@ void exheader_print(exheader_context* ctx, u32 actions);
|
||||
void exheader_verify(exheader_context* ctx);
|
||||
int exheader_hash_valid(exheader_context* ctx);
|
||||
int exheader_programid_valid(exheader_context* ctx);
|
||||
void exheader_determine_key(exheader_context* ctx, u32 actions);
|
||||
|
||||
#endif // _EXHEADER_H_
|
||||
|
||||
+103
-38
@@ -33,9 +33,57 @@ static unsigned char hextobin(char c)
|
||||
return 0;
|
||||
}
|
||||
|
||||
void keyset_init(keyset* keys)
|
||||
void keyset_init(keyset* keys, u32 actions)
|
||||
{
|
||||
const key128 defaultkeys_retail[] = {
|
||||
// common keyX
|
||||
{{0x61, 0x70, 0x85, 0x71, 0x9b, 0x7c, 0xfb, 0x31, 0x6d, 0xf4, 0xdf, 0x2e, 0x83, 0x62, 0xc6, 0xe2}, 1},
|
||||
// fixed system key - unknown if used/correct?
|
||||
{{0x52, 0x7c, 0xe6, 0x30, 0xa9, 0xca, 0x30, 0x5f, 0x36, 0x96, 0xf3, 0xcd, 0xe9, 0x54, 0x19, 0x4b}, 1},
|
||||
// NCCH 0x2c keyX
|
||||
{{0xb9, 0x8e, 0x95, 0xce, 0xca, 0x3e, 0x4d, 0x17, 0x1f, 0x76, 0xa9, 0x4d, 0xe9, 0x34, 0xc0, 0x53}, 1},
|
||||
// NCCH 0x25 keyX 7.x
|
||||
{{0xce, 0xe7, 0xd8, 0xab, 0x30, 0xc0, 0x0d, 0xae, 0x85, 0x0e, 0xf5, 0xe3, 0x82, 0xac, 0x5a, 0xf3}, 1},
|
||||
// NCCH 0x18 keyX N9.3
|
||||
{{0x82, 0xe9, 0xc9, 0xbe, 0xbf, 0xb8, 0xbd, 0xb8, 0x75, 0xec, 0xc0, 0xa0, 0x7d, 0x47, 0x43, 0x74}, 1},
|
||||
// NCCH 0x1B keyX N9.6
|
||||
{{0x45, 0xad, 0x04, 0x95, 0x39, 0x92, 0xc7, 0xc8, 0x93, 0x72, 0x4a, 0x9a, 0x7b, 0xce, 0x61, 0x82}, 1}
|
||||
};
|
||||
const key128 defaultkeys_dev[] = {
|
||||
// common keyX
|
||||
{{0xbd, 0x4f, 0xe7, 0xe7, 0x33, 0xc7, 0x55, 0xfc, 0xe7, 0x54, 0x0e, 0xab, 0xbd, 0x8a, 0xc3, 0x0d}, 1},
|
||||
// fixed system key
|
||||
{{0x52, 0x7c, 0xe6, 0x30, 0xa9, 0xca, 0x30, 0x5f, 0x36, 0x96, 0xf3, 0xcd, 0xe9, 0x54, 0x19, 0x4b}, 1},
|
||||
// NCCH 0x2c keyX
|
||||
{{0x51, 0x02, 0x07, 0x51, 0x55, 0x07, 0xcb, 0xb1, 0x8e, 0x24, 0x3d, 0xcb, 0x85, 0xe2, 0x3a, 0x1d}, 1},
|
||||
// NCCH 0x25 keyX 7.x
|
||||
{{0x81, 0x90, 0x7a, 0x4b, 0x6f, 0x1b, 0x47, 0x32, 0x3a, 0x67, 0x79, 0x74, 0xce, 0x4a, 0xd7, 0x1b}, 1},
|
||||
// NCCH 0x18 keyX N9.3
|
||||
{{0x30, 0x4b, 0xf1, 0x46, 0x83, 0x72, 0xee, 0x64, 0x11, 0x5e, 0xbd, 0x40, 0x93, 0xd8, 0x42, 0x76}, 1},
|
||||
// NCCH 0x1B keyX N9.6
|
||||
{{0x6c, 0x8b, 0x29, 0x44, 0xa0, 0x72, 0x60, 0x35, 0xf9, 0x41, 0xdf, 0xc0, 0x18, 0x52, 0x4f, 0xb6}, 1}
|
||||
};
|
||||
|
||||
memset(keys, 0, sizeof(keyset));
|
||||
|
||||
if (actions & PlainFlag)
|
||||
return;
|
||||
|
||||
if (!(actions & DevFlag)) {
|
||||
memcpy(&keys->commonkeyX, &defaultkeys_retail[0], sizeof(key128));
|
||||
memcpy(&keys->ncchfixedsystemkey, &defaultkeys_retail[1], sizeof(key128));
|
||||
memcpy(&keys->ncchkeyX_old, &defaultkeys_retail[2], sizeof(key128));
|
||||
memcpy(&keys->ncchkeyX_seven, &defaultkeys_retail[3], sizeof(key128));
|
||||
memcpy(&keys->ncchkeyX_ninethree, &defaultkeys_retail[4], sizeof(key128));
|
||||
memcpy(&keys->ncchkeyX_ninesix, &defaultkeys_retail[5], sizeof(key128));
|
||||
} else {
|
||||
memcpy(&keys->commonkeyX, &defaultkeys_dev[0], sizeof(key128));
|
||||
memcpy(&keys->ncchfixedsystemkey, &defaultkeys_dev[1], sizeof(key128));
|
||||
memcpy(&keys->ncchkeyX_old, &defaultkeys_dev[2], sizeof(key128));
|
||||
memcpy(&keys->ncchkeyX_seven, &defaultkeys_dev[3], sizeof(key128));
|
||||
memcpy(&keys->ncchkeyX_ninethree, &defaultkeys_dev[4], sizeof(key128));
|
||||
memcpy(&keys->ncchkeyX_ninesix, &defaultkeys_dev[5], sizeof(key128));
|
||||
}
|
||||
}
|
||||
|
||||
int keyset_load_key(TiXmlHandle node, unsigned char* key, unsigned int size, int* valid)
|
||||
@@ -158,9 +206,12 @@ int keyset_load(keyset* keys, const char* fname, int verbose)
|
||||
keyset_load_rsakey2048(root.FirstChild("ncchrsakey"), &keys->ncchrsakey);
|
||||
keyset_load_rsakey2048(root.FirstChild("ncchdescrsakey"), &keys->ncchdescrsakey);
|
||||
keyset_load_rsakey2048(root.FirstChild("firmrsakey"), &keys->firmrsakey);
|
||||
keyset_load_key128(root.FirstChild("commonkey"), &keys->commonkey);
|
||||
keyset_load_key128(root.FirstChild("ncchkey"), &keys->ncchkey);
|
||||
keyset_load_key128(root.FirstChild("commonkeyx"), &keys->commonkeyX);
|
||||
keyset_load_key128(root.FirstChild("ncchfixedsystemkey"), &keys->ncchfixedsystemkey);
|
||||
keyset_load_key128(root.FirstChild("ncchkeyxold"), &keys->ncchkeyX_old);
|
||||
keyset_load_key128(root.FirstChild("ncchkeyxseven"), &keys->ncchkeyX_seven);
|
||||
keyset_load_key128(root.FirstChild("ncchkeyxninethree"), &keys->ncchkeyX_ninethree);
|
||||
keyset_load_key128(root.FirstChild("ncchkeyxninesix"), &keys->ncchkeyX_ninesix);
|
||||
|
||||
|
||||
return 1;
|
||||
@@ -169,14 +220,21 @@ int keyset_load(keyset* keys, const char* fname, int verbose)
|
||||
|
||||
void keyset_merge(keyset* keys, keyset* src)
|
||||
{
|
||||
if (src->ncchkey.valid)
|
||||
keyset_set_key128(&keys->ncchkey, src->ncchkey.data);
|
||||
if (src->ncchfixedsystemkey.valid)
|
||||
keyset_set_key128(&keys->ncchfixedsystemkey, src->ncchfixedsystemkey.data);
|
||||
if (src->commonkey.valid)
|
||||
keyset_set_key128(&keys->commonkey, src->commonkey.data);
|
||||
if (src->titlekey.valid)
|
||||
keyset_set_key128(&keys->titlekey, src->titlekey.data);
|
||||
#define COPY_IF_VALID(v) do {\
|
||||
if (src->v.valid && !keys->v.valid)\
|
||||
keyset_set_key128(&keys->v, src->v.data);\
|
||||
} while (0)
|
||||
|
||||
COPY_IF_VALID(titlekey);
|
||||
COPY_IF_VALID(commonkeyX);
|
||||
COPY_IF_VALID(ncchfixedsystemkey);
|
||||
COPY_IF_VALID(ncchkeyX_old);
|
||||
COPY_IF_VALID(ncchkeyX_seven);
|
||||
COPY_IF_VALID(ncchkeyX_ninethree);
|
||||
COPY_IF_VALID(ncchkeyX_ninesix);
|
||||
COPY_IF_VALID(seed);
|
||||
|
||||
#undef COPY_IF_VALID
|
||||
}
|
||||
|
||||
void keyset_set_key128(key128* key, unsigned char* keydata)
|
||||
@@ -190,19 +248,9 @@ void keyset_parse_key128(key128* key, char* keytext, int keylen)
|
||||
keyset_parse_key(keytext, keylen, key->data, 16, &key->valid);
|
||||
}
|
||||
|
||||
void keyset_set_commonkey(keyset* keys, unsigned char* keydata)
|
||||
void keyset_parse_commonkeyX(keyset* keys, char* keytext, int keylen)
|
||||
{
|
||||
keyset_set_key128(&keys->commonkey, keydata);
|
||||
}
|
||||
|
||||
void keyset_parse_commonkey(keyset* keys, char* keytext, int keylen)
|
||||
{
|
||||
keyset_parse_key128(&keys->commonkey, keytext, keylen);
|
||||
}
|
||||
|
||||
void keyset_set_titlekey(keyset* keys, unsigned char* keydata)
|
||||
{
|
||||
keyset_set_key128(&keys->titlekey, keydata);
|
||||
keyset_parse_key128(&keys->commonkeyX, keytext, keylen);
|
||||
}
|
||||
|
||||
void keyset_parse_titlekey(keyset* keys, char* keytext, int keylen)
|
||||
@@ -210,19 +258,9 @@ void keyset_parse_titlekey(keyset* keys, char* keytext, int keylen)
|
||||
keyset_parse_key128(&keys->titlekey, keytext, keylen);
|
||||
}
|
||||
|
||||
void keyset_set_ncchkey(keyset* keys, unsigned char* keydata)
|
||||
void keyset_parse_ncchkeyX_old(keyset* keys, char* keytext, int keylen)
|
||||
{
|
||||
keyset_set_key128(&keys->ncchkey, keydata);
|
||||
}
|
||||
|
||||
void keyset_parse_ncchkey(keyset* keys, char* keytext, int keylen)
|
||||
{
|
||||
keyset_parse_key128(&keys->ncchkey, keytext, keylen);
|
||||
}
|
||||
|
||||
void keyset_set_ncchfixedsystemkey(keyset* keys, unsigned char* keydata)
|
||||
{
|
||||
keyset_set_key128(&keys->ncchfixedsystemkey, keydata);
|
||||
keyset_parse_key128(&keys->ncchkeyX_old, keytext, keylen);
|
||||
}
|
||||
|
||||
void keyset_parse_ncchfixedsystemkey(keyset* keys, char* keytext, int keylen)
|
||||
@@ -230,6 +268,26 @@ void keyset_parse_ncchfixedsystemkey(keyset* keys, char* keytext, int keylen)
|
||||
keyset_parse_key128(&keys->ncchfixedsystemkey, keytext, keylen);
|
||||
}
|
||||
|
||||
void keyset_parse_ncchkeyX_seven(keyset* keys, char* keytext, int keylen)
|
||||
{
|
||||
keyset_parse_key128(&keys->ncchkeyX_seven, keytext, keylen);
|
||||
}
|
||||
|
||||
void keyset_parse_ncchkeyX_ninethree(keyset* keys, char* keytext, int keylen)
|
||||
{
|
||||
keyset_parse_key128(&keys->ncchkeyX_ninethree, keytext, keylen);
|
||||
}
|
||||
|
||||
void keyset_parse_ncchkeyX_ninesix(keyset* keys, char* keytext, int keylen)
|
||||
{
|
||||
keyset_parse_key128(&keys->ncchkeyX_ninesix, keytext, keylen);
|
||||
}
|
||||
|
||||
void keyset_parse_seed(keyset* keys, char* keytext, int keylen)
|
||||
{
|
||||
keyset_parse_key128(&keys->seed, keytext, keylen);
|
||||
}
|
||||
|
||||
void keyset_dump_rsakey(rsakey2048* key, const char* keytitle)
|
||||
{
|
||||
if (key->keytype == RSAKEY_INVALID)
|
||||
@@ -261,10 +319,17 @@ void keyset_dump_key128(key128* key, const char* keytitle)
|
||||
|
||||
void keyset_dump(keyset* keys)
|
||||
{
|
||||
#define DUMP_KEY(n, s) do {\
|
||||
keyset_dump_key128(&keys->n, (s));\
|
||||
} while(0)
|
||||
fprintf(stdout, "Current keyset: \n");
|
||||
keyset_dump_key128(&keys->ncchkey, "NCCH KEY");
|
||||
keyset_dump_key128(&keys->ncchfixedsystemkey, "NCCH FIXEDSYSTEMKEY");
|
||||
keyset_dump_key128(&keys->commonkey, "COMMON KEY");
|
||||
DUMP_KEY(ncchkeyX_old, "NCCH OLD KEYX");
|
||||
DUMP_KEY(ncchkeyX_seven, "NCCH 7.0 KEYX");
|
||||
DUMP_KEY(ncchkeyX_ninethree, "NCCH N9.3 KEYX");
|
||||
DUMP_KEY(ncchkeyX_ninesix, "NCCH N9.6 KEYX");
|
||||
DUMP_KEY(ncchfixedsystemkey, "NCCH FIXEDSYSTEMKEY");
|
||||
DUMP_KEY(commonkeyX, "COMMON KEYX");
|
||||
#undef DUMP_KEY
|
||||
|
||||
keyset_dump_rsakey(&keys->ncsdrsakey, "NCSD RSA KEY");
|
||||
keyset_dump_rsakey(&keys->ncchdescrsakey, "NCCH DESC RSA KEY");
|
||||
|
||||
+13
-9
@@ -42,27 +42,31 @@ typedef struct
|
||||
|
||||
typedef struct
|
||||
{
|
||||
key128 commonkey;
|
||||
key128 titlekey;
|
||||
key128 ncchkey;
|
||||
key128 seed;
|
||||
key128 commonkeyX;
|
||||
key128 ncchfixedsystemkey;
|
||||
key128 ncchkeyX_old;
|
||||
key128 ncchkeyX_seven;
|
||||
key128 ncchkeyX_ninethree;
|
||||
key128 ncchkeyX_ninesix;
|
||||
rsakey2048 ncsdrsakey;
|
||||
rsakey2048 ncchrsakey;
|
||||
rsakey2048 ncchdescrsakey;
|
||||
rsakey2048 firmrsakey;
|
||||
} keyset;
|
||||
|
||||
void keyset_init(keyset* keys);
|
||||
void keyset_init(keyset* keys, u32 actions);
|
||||
int keyset_load(keyset* keys, const char* fname, int verbose);
|
||||
void keyset_merge(keyset* keys, keyset* src);
|
||||
void keyset_set_commonkey(keyset* keys, unsigned char* keydata);
|
||||
void keyset_parse_commonkey(keyset* keys, char* keytext, int keylen);
|
||||
void keyset_set_titlekey(keyset* keys, unsigned char* keydata);
|
||||
void keyset_parse_commonkeyX(keyset* keys, char* keytext, int keylen);
|
||||
void keyset_parse_titlekey(keyset* keys, char* keytext, int keylen);
|
||||
void keyset_set_ncchkey(keyset* keys, unsigned char* keydata);
|
||||
void keyset_parse_ncchkey(keyset* keys, char* keytext, int keylen);
|
||||
void keyset_set_ncchfixedsystemkey(keyset* keys, unsigned char* keydata);
|
||||
void keyset_parse_ncchkeyX_old(keyset* keys, char* keytext, int keylen);
|
||||
void keyset_parse_ncchfixedsystemkey(keyset* keys, char* keytext, int keylen);
|
||||
void keyset_parse_ncchkeyX_seven(keyset* keys, char* keytext, int keylen);
|
||||
void keyset_parse_ncchkeyX_ninethree(keyset* keys, char* keytext, int keylen);
|
||||
void keyset_parse_ncchkeyX_ninesix(keyset* keys, char* keytext, int keylen);
|
||||
void keyset_parse_seed(keyset* keys, char* keytext, int keylen);
|
||||
void keyset_dump(keyset* keys);
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
||||
+21
-7
@@ -52,11 +52,13 @@ static void usage(const char *argv0)
|
||||
" -k, --keyset=file Specify keyset file.\n"
|
||||
" -v, --verbose Give verbose output.\n"
|
||||
" -y, --verify Verify hashes and signatures.\n"
|
||||
" -d, --dev Decrypt with development keys instead of retail.\n"
|
||||
" --unitsize=size Set media unit size (default 0x200).\n"
|
||||
" --commonkey=key Set common key.\n"
|
||||
" --titlekey=key Set tik title key.\n"
|
||||
" --ncchkey=key Set ncch key.\n"
|
||||
" --ncchsyskey=key Set ncch fixed system key.\n"
|
||||
" --seed=key Set seed for ncch seed crypto.\n"
|
||||
" --showkeys Show the keys being used.\n"
|
||||
" --showsyscalls Show system call names instead of numbers.\n"
|
||||
" -t, --intype=type Specify input file type [ncsd, ncch, exheader, cia, tmd, lzss,\n"
|
||||
@@ -109,8 +111,7 @@ int main(int argc, char* argv[])
|
||||
ctx.filetype = FILETYPE_UNKNOWN;
|
||||
|
||||
settings_init(&ctx.usersettings);
|
||||
keyset_init(&ctx.usersettings.keys);
|
||||
keyset_init(&tmpkeys);
|
||||
keyset_init(&tmpkeys, 0);
|
||||
|
||||
|
||||
while (1)
|
||||
@@ -137,8 +138,8 @@ int main(int argc, char* argv[])
|
||||
{"raw", 0, NULL, 'r'},
|
||||
{"unitsize", 1, NULL, 9},
|
||||
{"showkeys", 0, NULL, 10},
|
||||
{"commonkey", 1, NULL, 11},
|
||||
{"ncchkey", 1, NULL, 12},
|
||||
{"commonkeyx", 1, NULL, 11},
|
||||
{"ncchkeyxold", 1, NULL, 12},
|
||||
{"intype", 1, NULL, 't'},
|
||||
{"lzssout", 1, NULL, 13},
|
||||
{"firmdir", 1, NULL, 14},
|
||||
@@ -152,10 +153,14 @@ int main(int argc, char* argv[])
|
||||
{"titlekey", 1, NULL, 22},
|
||||
{"plainrgn", 1, NULL, 23},
|
||||
{"showsyscalls", 0, NULL, 24},
|
||||
{"ncchkeyxseven", 1, NULL, 25},
|
||||
{"ncchkeyxninethree", 1, NULL, 26},
|
||||
{"ncchkeyxninesix", 1, NULL, 27},
|
||||
{"seed", 1, NULL, 28},
|
||||
{NULL},
|
||||
};
|
||||
|
||||
c = getopt_long(argc, argv, "ryxivpk:n:t:", long_options, &option_index);
|
||||
c = getopt_long(argc, argv, "dryxivpk:n:t:", long_options, &option_index);
|
||||
if (c == -1)
|
||||
break;
|
||||
|
||||
@@ -173,6 +178,10 @@ int main(int argc, char* argv[])
|
||||
ctx.actions |= VerifyFlag;
|
||||
break;
|
||||
|
||||
case 'd':
|
||||
ctx.actions |= DevFlag;
|
||||
break;
|
||||
|
||||
case 'p':
|
||||
ctx.actions |= PlainFlag;
|
||||
break;
|
||||
@@ -228,8 +237,8 @@ int main(int argc, char* argv[])
|
||||
case 8: settings_set_exefs_dir_path(&ctx.usersettings, optarg); break;
|
||||
case 9: settings_set_mediaunit_size(&ctx.usersettings, strtoul(optarg, 0, 0)); break;
|
||||
case 10: ctx.actions |= ShowKeysFlag; break;
|
||||
case 11: keyset_parse_commonkey(&tmpkeys, optarg, strlen(optarg)); break;
|
||||
case 12: keyset_parse_ncchkey(&tmpkeys, optarg, strlen(optarg)); break;
|
||||
case 11: keyset_parse_commonkeyX(&tmpkeys, optarg, strlen(optarg)); break;
|
||||
case 12: keyset_parse_ncchkeyX_old(&tmpkeys, optarg, strlen(optarg)); break;
|
||||
case 13: settings_set_lzss_path(&ctx.usersettings, optarg); break;
|
||||
case 14: settings_set_firm_dir_path(&ctx.usersettings, optarg); break;
|
||||
case 15: keyset_parse_ncchfixedsystemkey(&tmpkeys, optarg, strlen(optarg)); break;
|
||||
@@ -242,6 +251,10 @@ int main(int argc, char* argv[])
|
||||
case 22: keyset_parse_titlekey(&tmpkeys, optarg, strlen(optarg)); break;
|
||||
case 23: settings_set_plainrgn_path(&ctx.usersettings, optarg); break;
|
||||
case 24: ctx.actions |= ShowSyscallsFlag; break;
|
||||
case 25: keyset_parse_ncchkeyX_seven(&tmpkeys, optarg, strlen(optarg)); break;
|
||||
case 26: keyset_parse_ncchkeyX_ninethree(&tmpkeys, optarg, strlen(optarg)); break;
|
||||
case 27: keyset_parse_ncchkeyX_ninesix(&tmpkeys, optarg, strlen(optarg)); break;
|
||||
case 28: keyset_parse_seed(&tmpkeys, optarg, strlen(optarg)); break;
|
||||
|
||||
default:
|
||||
usage(argv[0]);
|
||||
@@ -259,6 +272,7 @@ int main(int argc, char* argv[])
|
||||
usage(argv[0]);
|
||||
}
|
||||
|
||||
keyset_init(&ctx.usersettings.keys, ctx.actions);
|
||||
keyset_load(&ctx.usersettings.keys, keysetfname, (ctx.actions & VerboseFlag) | checkkeysetfile);
|
||||
keyset_merge(&ctx.usersettings.keys, &tmpkeys);
|
||||
if (ctx.actions & ShowKeysFlag)
|
||||
|
||||
+134
-23
@@ -6,6 +6,7 @@
|
||||
#include "utils.h"
|
||||
#include "ctr.h"
|
||||
#include "settings.h"
|
||||
#include "aes_keygen.h"
|
||||
#include <inttypes.h>
|
||||
|
||||
static int programid_is_system(u8 programid[8])
|
||||
@@ -333,6 +334,14 @@ void ncch_process(ncch_context* ctx, u32 actions)
|
||||
ncch_get_counter(ctx, exefscounter, NCCHTYPE_EXEFS);
|
||||
ncch_get_counter(ctx, romfscounter, NCCHTYPE_ROMFS);
|
||||
|
||||
if (actions & ShowKeysFlag)
|
||||
{
|
||||
fprintf(stdout, "Counter(s):\n");
|
||||
memdump(stdout, " exheader: ", exheadercounter, 0x10);
|
||||
memdump(stdout, " ExeFS: ", exefscounter, 0x10);
|
||||
memdump(stdout, " RomFS: ", romfscounter, 0x10);
|
||||
}
|
||||
|
||||
|
||||
exheader_set_file(&ctx->exheader, ctx->file);
|
||||
exheader_set_offset(&ctx->exheader, ncch_get_exheader_offset(ctx) );
|
||||
@@ -351,7 +360,7 @@ void ncch_process(ncch_context* ctx, u32 actions)
|
||||
exefs_set_partitionid(&ctx->exefs, ctx->header.partitionid);
|
||||
exefs_set_usersettings(&ctx->exefs, ctx->usersettings);
|
||||
exefs_set_counter(&ctx->exefs, exefscounter);
|
||||
exefs_set_key(&ctx->exefs, ctx->key);
|
||||
exefs_set_keys(&ctx->exefs, ctx->key, ctx->special_key);
|
||||
exefs_set_encrypted(&ctx->exefs, ctx->encrypted);
|
||||
|
||||
romfs_set_file(&ctx->romfs, ctx->file);
|
||||
@@ -359,7 +368,10 @@ void ncch_process(ncch_context* ctx, u32 actions)
|
||||
romfs_set_size(&ctx->romfs, ncch_get_romfs_size(ctx));
|
||||
romfs_set_usersettings(&ctx->romfs, ctx->usersettings);
|
||||
romfs_set_counter(&ctx->romfs, romfscounter);
|
||||
romfs_set_key(&ctx->romfs, ctx->key);
|
||||
if (ctx->encrypted & NCCHCRYPTO_SPECIAL_FSES)
|
||||
romfs_set_key(&ctx->romfs, ctx->special_key);
|
||||
else
|
||||
romfs_set_key(&ctx->romfs, ctx->key);
|
||||
romfs_set_encrypted(&ctx->romfs, ctx->encrypted);
|
||||
|
||||
exheader_read(&ctx->exheader, actions);
|
||||
@@ -371,6 +383,23 @@ void ncch_process(ncch_context* ctx, u32 actions)
|
||||
if (actions & InfoFlag)
|
||||
ncch_print(ctx);
|
||||
|
||||
if (ctx->encrypted == NCCHCRYPTO_BROKEN)
|
||||
{
|
||||
fprintf(stderr, "Error, NCCH encryption broken.\n");
|
||||
return;
|
||||
}
|
||||
|
||||
if ((actions & ShowKeysFlag) && ctx->encrypted)
|
||||
{
|
||||
fprintf(stdout, "Using key(s):\n");
|
||||
memdump(stdout, " 0x2C: ", ctx->key, 0x10);
|
||||
if (ctx->encrypted & NCCHCRYPTO_SPECIAL_FSES)
|
||||
{
|
||||
fprintf(stdout, " special (%02x): ", ctx->header.flags[3]);
|
||||
memdump(stdout, "", ctx->special_key, 0x10);
|
||||
}
|
||||
}
|
||||
|
||||
if (actions & ExtractFlag)
|
||||
{
|
||||
ncch_save(ctx, NCCHTYPE_EXEFS, actions);
|
||||
@@ -482,8 +511,12 @@ u64 ncch_get_mediaunit_size(ncch_context* ctx)
|
||||
void ncch_determine_key(ncch_context* ctx, u32 actions)
|
||||
{
|
||||
exheader_header exheader;
|
||||
u8* key = settings_get_ncch_key(ctx->usersettings);
|
||||
u8* key;
|
||||
u8* seed;
|
||||
ctr_ncchheader* header = &ctx->header;
|
||||
u8 seedbuf[0x20];
|
||||
u8 seedhash[0x20];
|
||||
u8 keyX[0x10], keyY[0x10], seedKeyY[0x10];
|
||||
|
||||
ctx->encrypted = 0;
|
||||
memset(ctx->key, 0, 0x10);
|
||||
@@ -492,17 +525,58 @@ void ncch_determine_key(ncch_context* ctx, u32 actions)
|
||||
{
|
||||
ctx->encrypted = 0;
|
||||
}
|
||||
else if (key != 0)
|
||||
{
|
||||
ctx->encrypted = 1;
|
||||
memcpy(ctx->key, key, 0x10);
|
||||
}
|
||||
else
|
||||
{
|
||||
// No explicit NCCH key defined, so we try to decide
|
||||
|
||||
// In almost all of these scenarios, the normal 0x2C NCCH keyX will be the default,
|
||||
// except for the old fixedkey crypto, where we'll override it anyway, so let's just
|
||||
// set the 0x2C keyX first.
|
||||
key = settings_get_ncchkeyX_old(ctx->usersettings);
|
||||
if (key)
|
||||
memcpy(keyX, key, 0x10);
|
||||
else
|
||||
fprintf(stderr, "Warning, could not read NCCH base key. Decryption will likely fail.\n");
|
||||
|
||||
// Firstly, check if the NCCH is already decrypted, by reading the programid in the exheader
|
||||
// The keyY is normally the beginning of the NCCH header signature. In case seed crypto
|
||||
// changes that, we'll override it below.
|
||||
memcpy(keyY, header->signature, 0x10);
|
||||
memcpy(seedKeyY, keyY, 0x10);
|
||||
|
||||
// 0x2c crypto is normally used; we override it where necessary
|
||||
ctr_aes_keygen(keyX, keyY, ctx->key);
|
||||
|
||||
// Seed crypto can be used alongside any other crypto type, so we'll need to figure this out early.
|
||||
if (header->flags[7] & 0x20)
|
||||
{
|
||||
ctx->encrypted = NCCHCRYPTO_SEED;
|
||||
seed = settings_get_seed(ctx->usersettings);
|
||||
if (!seed)
|
||||
{
|
||||
fprintf(stderr, "This title uses seed crypto, but no seed is set, unable to decrypt.\n"
|
||||
"Use -p to avoid decryption or use --seed=SEEDHERE to provide the seed.\n");
|
||||
ctx->encrypted = NCCHCRYPTO_BROKEN;
|
||||
return;
|
||||
}
|
||||
|
||||
memcpy(seedbuf, seed, 0x10);
|
||||
// Assumes running on little endian
|
||||
memcpy(seedbuf + 0x10, header->programid, sizeof(header->programid));
|
||||
ctr_sha_256(seedbuf, 0x18, seedhash);
|
||||
if (memcmp(seedhash, header->seedcheck, sizeof(header->seedcheck))) {
|
||||
fprintf(stderr, "Seed check mismatch. (Got: %02x%02x%02x%02x, expected: %02x%02x%02x%02x)\n",
|
||||
seedhash[0], seedhash[1], seedhash[2], seedhash[3],
|
||||
header->seedcheck[0], header->seedcheck[1], header->seedcheck[2], header->seedcheck[3]);
|
||||
ctx->encrypted = NCCHCRYPTO_BROKEN;
|
||||
return;
|
||||
}
|
||||
|
||||
memcpy(seedbuf, header->signature, 0x10);
|
||||
memcpy(seedbuf + 0x10, seed, 0x10);
|
||||
ctr_sha_256(seedbuf, 0x20, seedhash);
|
||||
memcpy(seedKeyY, seedhash, 0x10);
|
||||
}
|
||||
|
||||
// Check if the NCCH is already decrypted, by reading the programid in the exheader
|
||||
// Otherwise, use determination rules
|
||||
fseeko64(ctx->file, ncch_get_exheader_offset(ctx), SEEK_SET);
|
||||
memset(&exheader, 0, sizeof(exheader));
|
||||
@@ -511,37 +585,74 @@ void ncch_determine_key(ncch_context* ctx, u32 actions)
|
||||
if (!memcmp(exheader.arm11systemlocalcaps.programid, ctx->header.programid, 8))
|
||||
{
|
||||
// program id's match, so it's probably not encrypted
|
||||
ctx->encrypted = 0;
|
||||
ctx->encrypted = NCCHCRYPTO_NONE;
|
||||
if (!(header->flags[7] & 4))
|
||||
fprintf(stderr, "Warning, exheader seems decrypted but the NCCH says it isn't.\n"
|
||||
"This NCCH will likely break on console.\n");
|
||||
}
|
||||
else if (header->flags[7] & 4)
|
||||
else if (header->flags[7] & 4) // no crypto
|
||||
{
|
||||
ctx->encrypted = 0; // not encrypted
|
||||
ctx->encrypted = NCCHCRYPTO_NONE;
|
||||
}
|
||||
else if (header->flags[7] & 1)
|
||||
else if (header->flags[7] & 1) // fixed key crypto
|
||||
{
|
||||
ctx->encrypted = NCCHCRYPTO_FIXED;
|
||||
if (programid_is_system(header->programid))
|
||||
{
|
||||
// fixed system key
|
||||
ctx->encrypted = 1;
|
||||
key = settings_get_ncch_fixedsystemkey(ctx->usersettings);
|
||||
if (!key)
|
||||
fprintf(stdout, "Warning, could not read system fixed key.\n");
|
||||
else
|
||||
if (!key) {
|
||||
fprintf(stderr, "Error, could not read system fixed key.\n");
|
||||
ctx->encrypted = NCCHCRYPTO_BROKEN;
|
||||
} else {
|
||||
memcpy(ctx->key, key, 0x10);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
// null key
|
||||
ctx->encrypted = 1;
|
||||
memset(ctx->key, 0, 0x10);
|
||||
}
|
||||
}
|
||||
else if (header->flags[3] == 0x01) // 7.0 crypto
|
||||
{
|
||||
ctx->encrypted = NCCHCRYPTO_SEVEN;
|
||||
key = settings_get_ncchkeyX_seven(ctx->usersettings);
|
||||
if (!key) {
|
||||
fprintf(stderr, "Error, could not read NCCH 7.0 keyX.\n");
|
||||
return;
|
||||
}
|
||||
ctr_aes_keygen(key, seedKeyY, ctx->special_key);
|
||||
}
|
||||
else if (header->flags[3] == 0x0A) // N9.3 crypto
|
||||
{
|
||||
ctx->encrypted = NCCHCRYPTO_NINETHREE;
|
||||
key = settings_get_ncchkeyX_ninethree(ctx->usersettings);
|
||||
if (!key) {
|
||||
fprintf(stderr, "Error, could not read NCCH 9.3 keyX.\n");
|
||||
return;
|
||||
}
|
||||
ctr_aes_keygen(key, seedKeyY, ctx->special_key);
|
||||
}
|
||||
else if (header->flags[3] == 0x0B) // N9.6 crypto
|
||||
{
|
||||
ctx->encrypted = NCCHCRYPTO_NINESIX;
|
||||
key = settings_get_ncchkeyX_ninesix(ctx->usersettings);
|
||||
if (!key) {
|
||||
fprintf(stderr, "Error, could not read NCCH 9.6 keyX.\n");
|
||||
return;
|
||||
}
|
||||
ctr_aes_keygen(key, seedKeyY, ctx->special_key);
|
||||
}
|
||||
else if (header->flags[3] != 0) // unknown special crypto
|
||||
{
|
||||
fprintf(stderr, "Warning, unknown NCCH crypto method.\n");
|
||||
ctx->encrypted = NCCHCRYPTO_BROKEN;
|
||||
}
|
||||
else
|
||||
{
|
||||
// secure key (cannot decrypt!)
|
||||
fprintf(stdout, "Warning, could not read secure key.\n");
|
||||
ctx->encrypted = 1;
|
||||
memset(ctx->key, 0, 0x10);
|
||||
// old/normal NCCH crypto
|
||||
ctx->encrypted = NCCHCRYPTO_OLD;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -20,6 +20,19 @@ typedef enum
|
||||
NCCHTYPE_PLAINRGN = 5,
|
||||
} ctr_ncchtypes;
|
||||
|
||||
typedef enum
|
||||
{
|
||||
NCCHCRYPTO_NONE = 0, //< already decrypted
|
||||
NCCHCRYPTO_FIXED = 1, //< fixed key crypto, used for SDK-made application titles and very very old system titles
|
||||
NCCHCRYPTO_OLD = (1<<1), //< crypto used before 7.0
|
||||
NCCHCRYPTO_SEVEN = (1<<2), //< crypto used starting with 7.0
|
||||
NCCHCRYPTO_NINETHREE = (1<<3), //< crypto used on N3DS starting with 9.3
|
||||
NCCHCRYPTO_NINESIX = (1<<4), //< crypto used on N3DS starting with 9.6
|
||||
NCCHCRYPTO_SEED = (1<<5), //< crypto used starting with 9.6 for preloading titles
|
||||
NCCHCRYPTO_SPECIAL_FSES = NCCHCRYPTO_SEVEN | NCCHCRYPTO_NINETHREE | NCCHCRYPTO_NINESIX | NCCHCRYPTO_SEED, //< ExeFS and RomFS need new keys
|
||||
NCCHCRYPTO_BROKEN = 0xFF //< Internal: seed crypto required but no seed set
|
||||
} ctr_ncchcryptotype;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
u8 signature[0x100];
|
||||
@@ -58,6 +71,8 @@ typedef struct
|
||||
{
|
||||
FILE* file;
|
||||
u8 key[16];
|
||||
u8 special_key[16]; // used with the 7.x+ crypto methods
|
||||
u8 seed[16];
|
||||
u32 encrypted;
|
||||
u64 offset;
|
||||
u64 size;
|
||||
|
||||
+37
-20
@@ -136,38 +136,55 @@ unsigned int settings_get_mediaunit_size(settings* usersettings)
|
||||
return 0;
|
||||
}
|
||||
|
||||
unsigned char* settings_get_ncch_key(settings* usersettings)
|
||||
{
|
||||
if (usersettings && usersettings->keys.ncchkey.valid)
|
||||
return usersettings->keys.ncchkey.data;
|
||||
else
|
||||
return 0;
|
||||
}
|
||||
#define GETKEY(s, k) do {\
|
||||
if ((s) && (s)->keys.k.valid)\
|
||||
return (s)->keys.k.data;\
|
||||
else\
|
||||
return NULL;\
|
||||
} while (0)
|
||||
|
||||
unsigned char* settings_get_ncch_fixedsystemkey(settings* usersettings)
|
||||
{
|
||||
if (usersettings && usersettings->keys.ncchfixedsystemkey.valid)
|
||||
return usersettings->keys.ncchfixedsystemkey.data;
|
||||
else
|
||||
return 0;
|
||||
GETKEY(usersettings, ncchfixedsystemkey);
|
||||
}
|
||||
|
||||
unsigned char* settings_get_common_key(settings* usersettings)
|
||||
unsigned char* settings_get_ncchkeyX_old(settings* usersettings)
|
||||
{
|
||||
if (usersettings && usersettings->keys.commonkey.valid)
|
||||
return usersettings->keys.commonkey.data;
|
||||
else
|
||||
return 0;
|
||||
GETKEY(usersettings, ncchkeyX_old);
|
||||
}
|
||||
|
||||
unsigned char* settings_get_ncchkeyX_seven(settings* usersettings)
|
||||
{
|
||||
GETKEY(usersettings, ncchkeyX_seven);
|
||||
}
|
||||
|
||||
unsigned char* settings_get_ncchkeyX_ninethree(settings* usersettings)
|
||||
{
|
||||
GETKEY(usersettings, ncchkeyX_ninethree);
|
||||
}
|
||||
|
||||
unsigned char* settings_get_ncchkeyX_ninesix(settings* usersettings)
|
||||
{
|
||||
GETKEY(usersettings, ncchkeyX_ninesix);
|
||||
}
|
||||
|
||||
unsigned char* settings_get_common_keyX(settings* usersettings)
|
||||
{
|
||||
GETKEY(usersettings, commonkeyX);
|
||||
}
|
||||
|
||||
unsigned char* settings_get_seed(settings* usersettings)
|
||||
{
|
||||
GETKEY(usersettings, seed);
|
||||
}
|
||||
|
||||
unsigned char* settings_get_title_key(settings* usersettings)
|
||||
{
|
||||
if (usersettings && usersettings->keys.titlekey.valid)
|
||||
return usersettings->keys.titlekey.data;
|
||||
else
|
||||
return 0;
|
||||
GETKEY(usersettings, titlekey);
|
||||
}
|
||||
|
||||
#undef GETKEY
|
||||
|
||||
int settings_get_ignore_programid(settings* usersettings)
|
||||
{
|
||||
if (usersettings)
|
||||
|
||||
+6
-2
@@ -46,9 +46,13 @@ filepath* settings_get_firm_dir_path(settings* usersettings);
|
||||
filepath* settings_get_wav_path(settings* usersettings);
|
||||
filepath* settings_get_plainrgn_path(settings* usersettings);
|
||||
unsigned int settings_get_mediaunit_size(settings* usersettings);
|
||||
unsigned char* settings_get_ncch_key(settings* usersettings);
|
||||
unsigned char* settings_get_ncch_fixedsystemkey(settings* usersettings);
|
||||
unsigned char* settings_get_common_key(settings* usersettings);
|
||||
unsigned char* settings_get_ncchkeyX_old(settings* usersettings);
|
||||
unsigned char* settings_get_ncchkeyX_seven(settings* usersettings);
|
||||
unsigned char* settings_get_ncchkeyX_ninethree(settings* usersettings);
|
||||
unsigned char* settings_get_ncchkeyX_ninesix(settings* usersettings);
|
||||
unsigned char* settings_get_common_keyX(settings* usersettings);
|
||||
unsigned char* settings_get_seed(settings* usersettings);
|
||||
unsigned char* settings_get_title_key(settings* usersettings);
|
||||
int settings_get_ignore_programid(settings* usersettings);
|
||||
int settings_get_list_romfs_files(settings* usersettings);
|
||||
|
||||
+19
-5
@@ -2,6 +2,7 @@
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#include "aes_keygen.h"
|
||||
#include "tik.h"
|
||||
#include "ctr.h"
|
||||
#include "utils.h"
|
||||
@@ -31,9 +32,9 @@ void tik_set_usersettings(tik_context* ctx, settings* usersettings)
|
||||
ctx->usersettings = usersettings;
|
||||
}
|
||||
|
||||
void tik_get_decrypted_titlekey(tik_context* ctx, u8 decryptedkey[0x10])
|
||||
void tik_get_titlekey(tik_context* ctx, u8 key[0x10])
|
||||
{
|
||||
memcpy(decryptedkey, ctx->titlekey, 16);
|
||||
memcpy(ctx->titlekey, key, 16);
|
||||
}
|
||||
|
||||
void tik_get_titleid(tik_context* ctx, u8 titleid[8])
|
||||
@@ -50,16 +51,29 @@ void tik_get_iv(tik_context* ctx, u8 iv[16])
|
||||
void tik_decrypt_titlekey(tik_context* ctx, u8 decryptedkey[0x10])
|
||||
{
|
||||
u8 iv[16];
|
||||
u8* key = settings_get_common_key(ctx->usersettings);
|
||||
u8* keyX = settings_get_common_keyX(ctx->usersettings);
|
||||
const u8 keyYs[6][16] = {
|
||||
// application titles (eShop titles)
|
||||
{0xd0, 0x7b, 0x33, 0x7f, 0x9c, 0xa4, 0x38, 0x59, 0x32, 0xa2, 0xe2, 0x57, 0x23, 0x23, 0x2e, 0xb9},
|
||||
// system titles
|
||||
{0x0c, 0x76, 0x72, 0x30, 0xf0, 0x99, 0x8f, 0x1c, 0x46, 0x82, 0x82, 0x02, 0xfa, 0xac, 0xbe, 0x4c},
|
||||
// these are unused
|
||||
{0xc4, 0x75, 0xcb, 0x3a, 0xb8, 0xc7, 0x88, 0xbb, 0x57, 0x5e, 0x12, 0xa1, 0x09, 0x07, 0xb8, 0xa4},
|
||||
{0xe4, 0x86, 0xee, 0xe3, 0xd0, 0xc0, 0x9c, 0x90, 0x2f, 0x66, 0x86, 0xd4, 0xc0, 0x6f, 0x64, 0x9f},
|
||||
{0xed, 0x31, 0xba, 0x9c, 0x04, 0xb0, 0x67, 0x50, 0x6c, 0x44, 0x97, 0xa3, 0x5b, 0x78, 0x04, 0xfc},
|
||||
{0x5e, 0x66, 0x99, 0x8a, 0xb4, 0xe8, 0x93, 0x16, 0x06, 0x85, 0x0f, 0xd7, 0xa1, 0x6d, 0xd7, 0x55},
|
||||
};
|
||||
u8 key[16];
|
||||
|
||||
memset(decryptedkey, 0, 0x10);
|
||||
|
||||
if (!key)
|
||||
if (!keyX)
|
||||
{
|
||||
fprintf(stdout, "Warning, could not read common key.\n");
|
||||
}
|
||||
else
|
||||
{
|
||||
ctr_aes_keygen(keyX, keyYs[(ctx->tik.title_id[3] & 0x10) ? 1 : 0], key);
|
||||
memset(iv, 0, 0x10);
|
||||
memcpy(iv, ctx->tik.title_id, 8);
|
||||
|
||||
@@ -108,7 +122,7 @@ void tik_print(tik_context* ctx)
|
||||
|
||||
memdump(stdout, "Encrypted Titlekey: ", tik->encrypted_title_key, 0x10);
|
||||
|
||||
if (settings_get_common_key(ctx->usersettings))
|
||||
if (settings_get_common_keyX(ctx->usersettings))
|
||||
memdump(stdout, "Decrypted Titlekey: ", ctx->titlekey, 0x10);
|
||||
|
||||
memdump(stdout, "Ticket ID: ", tik->ticket_id, 0x08);
|
||||
|
||||
+1
-1
@@ -54,7 +54,7 @@ void tik_set_file(tik_context* ctx, FILE* file);
|
||||
void tik_set_offset(tik_context* ctx, u64 offset);
|
||||
void tik_set_size(tik_context* ctx, u32 size);
|
||||
void tik_set_usersettings(tik_context* ctx, settings* usersettings);
|
||||
void tik_get_decrypted_titlekey(tik_context* ctx, u8 decryptedkey[0x10]);
|
||||
void tik_get_titlekey(tik_context* ctx, u8 key[0x10]);
|
||||
void tik_get_titleid(tik_context* ctx, u8 titleid[8]);
|
||||
void tik_get_iv(tik_context* ctx, u8 iv[0x10]);
|
||||
void tik_decrypt_titlekey(tik_context* ctx, u8 decryptedkey[0x10]);
|
||||
|
||||
@@ -25,6 +25,7 @@ enum flags
|
||||
ShowKeysFlag = (1<<6),
|
||||
DecompressCodeFlag = (1<<7),
|
||||
ShowSyscallsFlag = (1<<8),
|
||||
DevFlag = (1<<9),
|
||||
};
|
||||
|
||||
enum validstate
|
||||
|
||||
Reference in New Issue
Block a user