1
0
Fork 0
mirror of https://github.com/s1204IT/Lockpick_RCM.git synced 2024-11-22 17:56:39 +00:00

Do not require MMC mount to dump keys

This commit is contained in:
shchmue 2021-08-29 09:49:36 -06:00
parent faaf2166e9
commit 705bb7c066

View file

@ -131,8 +131,8 @@ static void _derive_master_keys_from_latest_key(key_derivation_ctx_t *keys, bool
static void _derive_keyblob_keys(key_derivation_ctx_t *keys) { static void _derive_keyblob_keys(key_derivation_ctx_t *keys) {
u8 *keyblob_block = (u8 *)calloc(KB_FIRMWARE_VERSION_600 + 1, NX_EMMC_BLOCKSIZE); u8 *keyblob_block = (u8 *)calloc(KB_FIRMWARE_VERSION_600 + 1, NX_EMMC_BLOCKSIZE);
encrypted_keyblob_t *current_keyblob = (encrypted_keyblob_t *)keyblob_block;
u32 keyblob_mac[AES_128_KEY_SIZE / 4] = {0}; u32 keyblob_mac[AES_128_KEY_SIZE / 4] = {0};
bool have_keyblobs = true;
if (FUSE(FUSE_PRIVATE_KEY0) == 0xFFFFFFFF) { if (FUSE(FUSE_PRIVATE_KEY0) == 0xFFFFFFFF) {
u8 *aes_keys = (u8 *)calloc(0x1000, 1); u8 *aes_keys = (u8 *)calloc(0x1000, 1);
@ -146,10 +146,16 @@ static void _derive_keyblob_keys(key_derivation_ctx_t *keys) {
keys->sbk[3] = FUSE(FUSE_PRIVATE_KEY3); keys->sbk[3] = FUSE(FUSE_PRIVATE_KEY3);
} }
if (!emummc_storage_read(KEYBLOB_OFFSET / NX_EMMC_BLOCKSIZE, KB_FIRMWARE_VERSION_600 + 1, keyblob_block)) { if (!emmc_storage.initialized) {
have_keyblobs = false;
} else if (!emummc_storage_read(KEYBLOB_OFFSET / NX_EMMC_BLOCKSIZE, KB_FIRMWARE_VERSION_600 + 1, keyblob_block)) {
EPRINTF("Unable to read keyblobs."); EPRINTF("Unable to read keyblobs.");
have_keyblobs = false;
} else {
have_keyblobs = true;
} }
encrypted_keyblob_t *current_keyblob = (encrypted_keyblob_t *)keyblob_block;
for (u32 i = 0; i <= KB_FIRMWARE_VERSION_600; i++, current_keyblob++) { for (u32 i = 0; i <= KB_FIRMWARE_VERSION_600; i++, current_keyblob++) {
minerva_periodic_training(); minerva_periodic_training();
se_aes_crypt_block_ecb(12, DECRYPT, keys->keyblob_key[i], keyblob_key_sources[i]); // temp = unwrap(kbks, tsec) se_aes_crypt_block_ecb(12, DECRYPT, keys->keyblob_key[i], keyblob_key_sources[i]); // temp = unwrap(kbks, tsec)
@ -161,6 +167,10 @@ static void _derive_keyblob_keys(key_derivation_ctx_t *keys) {
se_aes_crypt_block_ecb(7, DECRYPT, keys->device_key_4x, device_master_key_source_kek_source); se_aes_crypt_block_ecb(7, DECRYPT, keys->device_key_4x, device_master_key_source_kek_source);
} }
if (!have_keyblobs) {
continue;
}
// verify keyblob is not corrupt // verify keyblob is not corrupt
se_aes_key_set(10, keys->keyblob_mac_key[i], sizeof(keys->keyblob_mac_key[i])); se_aes_key_set(10, keys->keyblob_mac_key[i], sizeof(keys->keyblob_mac_key[i]));
se_aes_cmac(10, keyblob_mac, sizeof(keyblob_mac), current_keyblob->iv, sizeof(current_keyblob->iv) + sizeof(keyblob_t)); se_aes_cmac(10, keyblob_mac, sizeof(keyblob_mac), current_keyblob->iv, sizeof(current_keyblob->iv) + sizeof(keyblob_t));
@ -547,7 +557,7 @@ static void _save_mariko_partial_keys(u32 start, u32 count, bool append) {
} }
u32 pos = 0; u32 pos = 0;
u32 zeros[4] = {0}; u32 zeros[AES_128_KEY_SIZE / 4] = {0};
u8 *data = malloc(4 * AES_128_KEY_SIZE); u8 *data = malloc(4 * AES_128_KEY_SIZE);
char *text_buffer = calloc(1, 0x100 * count); char *text_buffer = calloc(1, 0x100 * count);
@ -768,13 +778,13 @@ static void _derive_keys() {
if (emummc_storage_init_mmc()) { if (emummc_storage_init_mmc()) {
EPRINTF("Unable to init MMC."); EPRINTF("Unable to init MMC.");
return; } else {
}
TPRINTFARGS("%kMMC init... ", colors[(color_idx++) % 6]); TPRINTFARGS("%kMMC init... ", colors[(color_idx++) % 6]);
}
if (!emummc_storage_set_mmc_partition(EMMC_BOOT0)) { if (emmc_storage.initialized && !emummc_storage_set_mmc_partition(EMMC_BOOT0)) {
EPRINTF("Unable to set partition."); EPRINTF("Unable to set partition.");
return; emummc_storage_end();
} }
bool is_dev = fuse_read_hw_state() == FUSE_NX_HW_STATE_DEV; bool is_dev = fuse_read_hw_state() == FUSE_NX_HW_STATE_DEV;
@ -821,7 +831,9 @@ static void _derive_keys() {
titlekey_buffer_t *titlekey_buffer = (titlekey_buffer_t *)TITLEKEY_BUF_ADR; titlekey_buffer_t *titlekey_buffer = (titlekey_buffer_t *)TITLEKEY_BUF_ADR;
// Requires BIS key for SYSTEM partition // Requires BIS key for SYSTEM partition
if (_key_exists(keys->bis_key[2])) { if (!emmc_storage.initialized) {
EPRINTF("eMMC not initialized.\nSkipping SD seed and titlekeys.");
} else if (_key_exists(keys->bis_key[2])) {
_derive_emmc_keys(keys, titlekey_buffer); _derive_emmc_keys(keys, titlekey_buffer);
} else { } else {
EPRINTF("Missing needed BIS keys.\nSkipping SD seed and titlekeys."); EPRINTF("Missing needed BIS keys.\nSkipping SD seed and titlekeys.");
@ -861,7 +873,9 @@ void dump_keys() {
// Ignore whether emummc is enabled. // Ignore whether emummc is enabled.
h_cfg.emummc_force_disable = emu_cfg.sector == 0 && !emu_cfg.path; h_cfg.emummc_force_disable = emu_cfg.sector == 0 && !emu_cfg.path;
emu_cfg.enabled = !h_cfg.emummc_force_disable; emu_cfg.enabled = !h_cfg.emummc_force_disable;
emummc_storage_end(&emmc_storage); if (emmc_storage.initialized) {
emummc_storage_end();
}
gfx_printf("\n%kPress a button to return to the menu.", colors[(color_idx) % 6], colors[(color_idx + 1) % 6], colors[(color_idx + 2) % 6]); gfx_printf("\n%kPress a button to return to the menu.", colors[(color_idx) % 6], colors[(color_idx + 1) % 6], colors[(color_idx + 2) % 6]);
btn_wait(); btn_wait();
gfx_clear_grey(0x1B); gfx_clear_grey(0x1B);