1
0
Fork 0
mirror of https://github.com/s1204IT/Lockpick_RCM.git synced 2024-11-22 09:46:41 +00:00

Move Mariko partial key dump to main menu

This commit is contained in:
shchmue 2022-03-31 12:28:32 -06:00
parent c704d0a6e6
commit 582bc91605
5 changed files with 92 additions and 41 deletions

View file

@ -135,7 +135,7 @@ void *tui_do_menu(menu_t *menu)
gfx_con_setcol(0xFF1B1B1B, 1, 0xFFCCCCCC);
else
gfx_con_setcol(0xFFCCCCCC, 1, 0xFF1B1B1B);
if (menu->ents[cnt].type != MENT_CHGLINE && menu->ents[cnt].type != MENT_MENU)
if (menu->ents[cnt].type != MENT_CHGLINE)
{
if (cnt == idx)
gfx_printf(" %s", menu->ents[cnt].caption);

View file

@ -54,8 +54,8 @@ typedef struct _menu_t
#define MDEF_END() {MENT_END}
#define MDEF_HANDLER(caption, _handler, color) { MENT_HANDLER, caption, color, NULL, { .handler = _handler } }
#define MDEF_HANDLER_EX(caption, data, _handler, color) { MENT_HANDLER, caption, color, data, { .handler = _handler } }
#define MDEF_MENU(caption, _menu) { MENT_MENU, caption, 0, NULL, { .menu = _menu } }
#define MDEF_BACK() { MENT_BACK, "Back" }
#define MDEF_MENU(caption, _menu, color) { MENT_MENU, caption, color, NULL, { .menu = _menu } }
#define MDEF_BACK(color) { MENT_BACK, "Back", color }
#define MDEF_CAPTION(caption, color) { MENT_CAPTION, caption, color }
#define MDEF_CHGLINE() {MENT_CHGLINE}

View file

@ -583,11 +583,15 @@ static bool _derive_emmc_keys(key_derivation_ctx_t *keys, titlekey_buffer_t *tit
// The security engine supports partial key override for locked keyslots
// This allows for a manageable brute force on a PC
// Then the Mariko AES class keys, KEK, BEK, unique SBK and SSK can be recovered
static void _save_mariko_partial_keys(u32 start, u32 count, bool append) {
int save_mariko_partial_keys(u32 start, u32 count, bool append) {
if (start + count > SE_AES_KEYSLOT_COUNT) {
return;
return 1;
}
display_backlight_brightness(h_cfg.backlight, 1000);
gfx_clear_partial_grey(0x1B, 32, 1224);
gfx_con_setpos(0, 32);
u32 pos = 0;
u32 zeros[AES_128_KEY_SIZE / 4] = {0};
u8 *data = malloc(4 * AES_128_KEY_SIZE);
@ -632,11 +636,11 @@ static void _save_mariko_partial_keys(u32 start, u32 count, bool append) {
if (strlen(text_buffer) == 0) {
EPRINTFARGS("Failed to dump partial keys %d-%d.", start, start + count - 1);
return;
free(text_buffer);
return 2;
}
FIL fp;
u32 res = 0;
BYTE mode = FA_WRITE;
if (append) {
@ -645,10 +649,16 @@ static void _save_mariko_partial_keys(u32 start, u32 count, bool append) {
mode |= FA_CREATE_ALWAYS;
}
res = f_open(&fp, "sd:/switch/partialaes.keys", mode);
if (res) {
if (!sd_mount()) {
EPRINTF("Unable to mount SD.");
free(text_buffer);
return 3;
}
if (f_open(&fp, "sd:/switch/partialaes.keys", mode)) {
EPRINTF("Unable to write partial keys to SD.");
return;
free(text_buffer);
return 3;
}
f_write(&fp, text_buffer, strlen(text_buffer), NULL);
@ -657,6 +667,8 @@ static void _save_mariko_partial_keys(u32 start, u32 count, bool append) {
gfx_printf("%kWrote partials to sd:/switch/partialaes.keys\n", colors[(color_idx++) % 6]);
free(text_buffer);
return 0;
}
static void _save_keys_to_sd(key_derivation_ctx_t *keys, titlekey_buffer_t *titlekey_buffer, bool is_dev) {
@ -756,10 +768,6 @@ static void _save_keys_to_sd(key_derivation_ctx_t *keys, titlekey_buffer_t *titl
} else
EPRINTF("Unable to save keys to SD.");
if (h_cfg.t210b01) {
_save_mariko_partial_keys(12, 4, true);
}
if (_titlekey_count == 0 || !titlekey_buffer) {
free(text_buffer);
return;
@ -801,12 +809,6 @@ static void _derive_keys() {
minerva_periodic_training();
if (h_cfg.t210b01) {
_save_mariko_partial_keys(0, 12, false);
}
minerva_periodic_training();
if (!_check_keyslot_access()) {
EPRINTF("Unable to set crypto keyslots!\nTry launching payload differently\n or flash Spacecraft-NX if using a modchip.");
return;

View file

@ -141,5 +141,6 @@ typedef struct {
#define SAVE_KEY_FAMILY_VAR(name, varname, start) _save_key_family(#name, varname, start, ARRAY_SIZE(varname), sizeof(*(varname)), text_buffer)
void dump_keys();
int save_mariko_partial_keys(u32 start, u32 count, bool append);
#endif

View file

@ -304,26 +304,80 @@ void dump_emunand()
dump_keys();
}
void dump_mariko_partial_keys();
ment_t ment_partials[] = {
MDEF_BACK(colors[0]),
MDEF_CHGLINE(),
MDEF_CAPTION("This dumps the results of writing zeros", colors[1]),
MDEF_CAPTION("over consecutive 32-bit portions of each", colors[1]),
MDEF_CAPTION("keyslot, the results of which can then", colors[1]),
MDEF_CAPTION("be bruteforced quickly on a computer", colors[1]),
MDEF_CAPTION("to recover keys from unreadable keyslots.", colors[1]),
MDEF_CHGLINE(),
MDEF_CAPTION("This includes the Mariko KEK and BEK", colors[2]),
MDEF_CAPTION("as well as the unique SBK.", colors[2]),
MDEF_CHGLINE(),
MDEF_CAPTION("These are not useful for most users", colors[3]),
MDEF_CAPTION("but are included for archival purposes.", colors[3]),
MDEF_CHGLINE(),
MDEF_CAPTION("Warning: this wipes keyslots!", colors[4]),
MDEF_CAPTION("The console must be completely restarted!", colors[4]),
MDEF_CAPTION("Modchip must run again to fix the keys!", colors[4]),
MDEF_CAPTION("---------------", colors[5]),
MDEF_HANDLER("Dump Mariko Partials", dump_mariko_partial_keys, colors[0]),
MDEF_END()
};
menu_t menu_partials = { ment_partials, NULL, 0, 0 };
power_state_t STATE_POWER_OFF = POWER_OFF_RESET;
power_state_t STATE_REBOOT_FULL = POWER_OFF_REBOOT;
power_state_t STATE_REBOOT_RCM = REBOOT_RCM;
power_state_t STATE_REBOOT_BYPASS_FUSES = REBOOT_BYPASS_FUSES;
ment_t ment_top[] = {
MDEF_HANDLER("Dump from SysNAND", dump_sysnand, COLOR_RED),
MDEF_HANDLER("Dump from EmuNAND", dump_emunand, COLOR_ORANGE),
MDEF_CAPTION("---------------", COLOR_YELLOW),
MDEF_HANDLER("Payloads...", launch_tools, COLOR_GREEN),
MDEF_HANDLER("Reboot to hekate", launch_hekate, COLOR_BLUE),
MDEF_CAPTION("---------------", COLOR_VIOLET),
MDEF_HANDLER_EX("Reboot (OFW)", &STATE_REBOOT_BYPASS_FUSES, power_set_state_ex, COLOR_RED),
MDEF_HANDLER_EX("Reboot (RCM)", &STATE_REBOOT_RCM, power_set_state_ex, COLOR_ORANGE),
MDEF_HANDLER_EX("Power off", &STATE_POWER_OFF, power_set_state_ex, COLOR_YELLOW),
MDEF_HANDLER("Dump from SysNAND", dump_sysnand, colors[0]),
MDEF_HANDLER("Dump from EmuNAND", dump_emunand, colors[1]),
MDEF_CAPTION("---------------", colors[2]),
MDEF_MENU("Dump Mariko Partials (requires reboot)", &menu_partials, colors[3]),
MDEF_CAPTION("---------------", colors[4]),
MDEF_HANDLER("Payloads...", launch_tools, colors[5]),
MDEF_HANDLER("Reboot to hekate", launch_hekate, colors[0]),
MDEF_CAPTION("---------------", colors[1]),
MDEF_HANDLER_EX("Reboot (OFW)", &STATE_REBOOT_BYPASS_FUSES, power_set_state_ex, colors[2]),
MDEF_HANDLER_EX("Reboot (RCM)", &STATE_REBOOT_RCM, power_set_state_ex, colors[3]),
MDEF_HANDLER_EX("Power off", &STATE_POWER_OFF, power_set_state_ex, colors[4]),
MDEF_END()
};
menu_t menu_top = { ment_top, NULL, 0, 0 };
void grey_out_menu_item(ment_t *menu)
{
menu->type = MENT_CAPTION;
menu->color = 0xFF555555;
menu->handler = NULL;
}
void dump_mariko_partial_keys()
{
if (h_cfg.t210b01) {
int res = save_mariko_partial_keys(0, 16, false);
if (res == 0 || res == 3)
{
// Grey out dumping menu items as the keyslots have been invalidated.
grey_out_menu_item(&ment_top[0]);
grey_out_menu_item(&ment_top[1]);
grey_out_menu_item(&ment_top[3]);
grey_out_menu_item(&ment_partials[18]);
}
gfx_printf("\n%kPress a button to return to the menu.", COLOR_ORANGE);
btn_wait();
}
}
extern void pivot_stack(u32 stack_top);
void ipl_main()
@ -373,30 +427,24 @@ void ipl_main()
// Grey out emummc option if not present.
if (h_cfg.emummc_force_disable)
{
ment_top[1].type = MENT_CAPTION;
ment_top[1].color = 0xFF555555;
ment_top[1].handler = NULL;
grey_out_menu_item(&ment_top[1]);
}
// Grey out reboot to RCM option if on Mariko or patched console.
if (h_cfg.t210b01 || h_cfg.rcm_patched)
{
ment_top[7].type = MENT_CAPTION;
ment_top[7].color = 0xFF555555;
ment_top[7].handler = NULL;
grey_out_menu_item(&ment_top[9]);
}
if (h_cfg.rcm_patched)
{
ment_top[7].data = &STATE_REBOOT_FULL;
// Grey out Mariko partial dump option on Erista.
if (!h_cfg.t210b01) {
grey_out_menu_item(&ment_top[3]);
}
// Grey out reboot to hekate option if no update.bin found.
if (f_stat("bootloader/update.bin", NULL))
{
ment_top[4].type = MENT_CAPTION;
ment_top[4].color = 0xFF555555;
ment_top[4].handler = NULL;
grey_out_menu_item(&ment_top[6]);
}
minerva_change_freq(FREQ_800);