1
0
Fork 0
mirror of https://github.com/DarkMatterCore/nxdumptool.git synced 2024-12-23 00:52:10 +00:00

Update to v1.1.11.

This commit is contained in:
Pablo Curiel 2020-09-22 18:51:33 -04:00
parent 0259d2141e
commit 4932283d81
5 changed files with 59 additions and 40 deletions

View file

@ -33,7 +33,7 @@ include $(DEVKITPRO)/libnx/switch_rules
VERSION_MAJOR := 1
VERSION_MINOR := 1
VERSION_MICRO := 10
VERSION_MICRO := 11
APP_TITLE := nxdumptool
APP_AUTHOR := DarkMatterCore

View file

@ -71,6 +71,14 @@ Thanks to
Changelog
--------------
**v1.1.11:**
* Built using libnx `f01fb21`.
* The application will now only attempt to decrypt the eTicket device RSA keypair if the target title uses a ticket with personalized titlekey crypto, instead of always decrypting it regardless of the ticket crypto type.
* Fixed a NSP dumping issue where the decrypted titlekey wasn't being set for the current NCA if both the ticket and the decrypted titlekey were retrieved while parsing a previous NCA. Big thanks to [sadboys2001](https://github.com/sadboys2001) for reporting it.
This is only a bugfix release. I don't expect to release any new versions until the rewrite is finished - the only exception being fixing some kind of feature-breaking bug. Please understand.
**v1.1.10:**
* Built using libnx v3.1.0.

View file

@ -930,6 +930,7 @@ int retrieveNcaTikTitleKey(nca_header_t *dec_nca_header, u8 *out_tik, u8 *out_en
if (!foundRightsId || (rightsIdType != 1 && rightsIdType != 2))
{
uiDrawString(STRING_X_POS, STRING_Y_POS(breaks), FONT_COLOR_ERROR_RGB, "%s: NCA rights ID unavailable in this console!", __func__);
breaks++;
ret = -2;
return ret;
}
@ -937,50 +938,53 @@ int retrieveNcaTikTitleKey(nca_header_t *dec_nca_header, u8 *out_tik, u8 *out_en
// Load external keys
if (!loadExternalKeys()) return ret;
if (!setcal_eticket_retrieved)
if (rightsIdType == 2)
{
// Get extended eTicket RSA key from PRODINFO
memset(&eticket_data, 0, sizeof(SetCalRsa2048DeviceKey));
result = setcalInitialize();
if (R_FAILED(result))
if (!setcal_eticket_retrieved)
{
uiDrawString(STRING_X_POS, STRING_Y_POS(breaks), FONT_COLOR_ERROR_RGB, "%s: failed to initialize the set:cal service! (0x%08X)", __func__, result);
return ret;
// Get extended eTicket RSA key from PRODINFO
memset(&eticket_data, 0, sizeof(SetCalRsa2048DeviceKey));
result = setcalInitialize();
if (R_FAILED(result))
{
uiDrawString(STRING_X_POS, STRING_Y_POS(breaks), FONT_COLOR_ERROR_RGB, "%s: failed to initialize the set:cal service! (0x%08X)", __func__, result);
return ret;
}
result = setcalGetEticketDeviceKey(&eticket_data);
setcalExit();
if (R_FAILED(result))
{
uiDrawString(STRING_X_POS, STRING_Y_POS(breaks), FONT_COLOR_ERROR_RGB, "%s: setcalGetEticketDeviceKey failed! (0x%08X)", __func__, result);
return ret;
}
// Decrypt eTicket RSA key
memcpy(ctr, eticket_data.key, ETICKET_DEVKEY_RSA_CTR_SIZE);
aes128CtrContextCreate(&eticket_aes_ctx, nca_keyset.eticket_rsa_kek, ctr);
aes128CtrCrypt(&eticket_aes_ctx, eticket_data.key + ETICKET_DEVKEY_RSA_OFFSET, eticket_data.key + ETICKET_DEVKEY_RSA_OFFSET, ETICKET_DEVKEY_RSA_SIZE);
// Public exponent must use RSA-2048 SHA-1 signature method
// The value is stored use big endian byte order
if (__builtin_bswap32(*((u32*)(eticket_data.key + ETICKET_DEVKEY_RSA_OFFSET + 0x200))) != SIGTYPE_RSA2048_SHA1)
{
uiDrawString(STRING_X_POS, STRING_Y_POS(breaks), FONT_COLOR_ERROR_RGB, "%s: invalid public RSA exponent for eTicket data! Wrong keys?\nTry running Lockpick_RCM to generate the keys file from scratch.", __func__);
return ret;
}
}
result = setcalGetEticketDeviceKey(&eticket_data);
D = (eticket_data.key + ETICKET_DEVKEY_RSA_OFFSET);
N = (eticket_data.key + ETICKET_DEVKEY_RSA_OFFSET + 0x100);
E = (eticket_data.key + ETICKET_DEVKEY_RSA_OFFSET + 0x200);
setcalExit();
if (R_FAILED(result))
if (!setcal_eticket_retrieved)
{
uiDrawString(STRING_X_POS, STRING_Y_POS(breaks), FONT_COLOR_ERROR_RGB, "%s: setcalGetEticketDeviceKey failed! (0x%08X)", __func__, result);
return ret;
if (!testKeyPair(E, D, N)) return ret;
setcal_eticket_retrieved = true;
}
// Decrypt eTicket RSA key
memcpy(ctr, eticket_data.key, ETICKET_DEVKEY_RSA_CTR_SIZE);
aes128CtrContextCreate(&eticket_aes_ctx, nca_keyset.eticket_rsa_kek, ctr);
aes128CtrCrypt(&eticket_aes_ctx, eticket_data.key + ETICKET_DEVKEY_RSA_OFFSET, eticket_data.key + ETICKET_DEVKEY_RSA_OFFSET, ETICKET_DEVKEY_RSA_SIZE);
// Public exponent must use RSA-2048 SHA-1 signature method
// The value is stored use big endian byte order
if (__builtin_bswap32(*((u32*)(eticket_data.key + ETICKET_DEVKEY_RSA_OFFSET + 0x200))) != SIGTYPE_RSA2048_SHA1)
{
uiDrawString(STRING_X_POS, STRING_Y_POS(breaks), FONT_COLOR_ERROR_RGB, "%s: invalid public RSA exponent for eTicket data! Wrong keys?\nTry running Lockpick_RCM to generate the keys file from scratch.", __func__);
return ret;
}
}
D = (eticket_data.key + ETICKET_DEVKEY_RSA_OFFSET);
N = (eticket_data.key + ETICKET_DEVKEY_RSA_OFFSET + 0x100);
E = (eticket_data.key + ETICKET_DEVKEY_RSA_OFFSET + 0x200);
if (!setcal_eticket_retrieved)
{
if (!testKeyPair(E, D, N)) return ret;
setcal_eticket_retrieved = true;
}
eTicketSave = calloc(1, sizeof(FIL));
@ -1122,6 +1126,7 @@ int retrieveNcaTikTitleKey(nca_header_t *dec_nca_header, u8 *out_tik, u8 *out_en
if (!foundEticket)
{
uiDrawString(STRING_X_POS, STRING_Y_POS(breaks), FONT_COLOR_ERROR_RGB, "%s: unable to find a matching eTicket entry for NCA rights ID!", __func__);
breaks++;
ret = -2;
return ret;
}

View file

@ -837,7 +837,13 @@ bool retrieveTitleKeyFromGameCardTicket(title_rights_ctx *rights_info, u8 *decry
}
// Check if the ticket has already been retrieved from the HFS0 partition in the gamecard
if (rights_info->retrieved_tik) return true;
if (rights_info->retrieved_tik)
{
// Save the decrypted NCA key area keys
memset(decrypted_nca_keys, 0, NCA_KEY_AREA_SIZE);
memcpy(decrypted_nca_keys + (NCA_KEY_AREA_KEY_SIZE * 2), rights_info->dec_titlekey, 0x10);
return true;
}
// Load external keys
if (!loadExternalKeys()) return false;

View file

@ -908,7 +908,7 @@ static bool initServices()
initPmdmnt = true;
/* Initialize pl service */
result = plInitialize();
result = plInitialize(PlServiceType_User);
if (R_FAILED(result))
{
consoleErrorScreen("%s: failed to initialize pl service! (0x%08X)", __func__, result);