mirror of
https://github.com/s1204IT/Lockpick_RCM.git
synced 2024-11-22 17:56:39 +00:00
Do not require MMC mount to dump keys
This commit is contained in:
parent
faaf2166e9
commit
705bb7c066
1 changed files with 23 additions and 9 deletions
|
@ -131,8 +131,8 @@ static void _derive_master_keys_from_latest_key(key_derivation_ctx_t *keys, bool
|
||||||
|
|
||||||
static void _derive_keyblob_keys(key_derivation_ctx_t *keys) {
|
static void _derive_keyblob_keys(key_derivation_ctx_t *keys) {
|
||||||
u8 *keyblob_block = (u8 *)calloc(KB_FIRMWARE_VERSION_600 + 1, NX_EMMC_BLOCKSIZE);
|
u8 *keyblob_block = (u8 *)calloc(KB_FIRMWARE_VERSION_600 + 1, NX_EMMC_BLOCKSIZE);
|
||||||
encrypted_keyblob_t *current_keyblob = (encrypted_keyblob_t *)keyblob_block;
|
|
||||||
u32 keyblob_mac[AES_128_KEY_SIZE / 4] = {0};
|
u32 keyblob_mac[AES_128_KEY_SIZE / 4] = {0};
|
||||||
|
bool have_keyblobs = true;
|
||||||
|
|
||||||
if (FUSE(FUSE_PRIVATE_KEY0) == 0xFFFFFFFF) {
|
if (FUSE(FUSE_PRIVATE_KEY0) == 0xFFFFFFFF) {
|
||||||
u8 *aes_keys = (u8 *)calloc(0x1000, 1);
|
u8 *aes_keys = (u8 *)calloc(0x1000, 1);
|
||||||
|
@ -146,10 +146,16 @@ static void _derive_keyblob_keys(key_derivation_ctx_t *keys) {
|
||||||
keys->sbk[3] = FUSE(FUSE_PRIVATE_KEY3);
|
keys->sbk[3] = FUSE(FUSE_PRIVATE_KEY3);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!emummc_storage_read(KEYBLOB_OFFSET / NX_EMMC_BLOCKSIZE, KB_FIRMWARE_VERSION_600 + 1, keyblob_block)) {
|
if (!emmc_storage.initialized) {
|
||||||
|
have_keyblobs = false;
|
||||||
|
} else if (!emummc_storage_read(KEYBLOB_OFFSET / NX_EMMC_BLOCKSIZE, KB_FIRMWARE_VERSION_600 + 1, keyblob_block)) {
|
||||||
EPRINTF("Unable to read keyblobs.");
|
EPRINTF("Unable to read keyblobs.");
|
||||||
|
have_keyblobs = false;
|
||||||
|
} else {
|
||||||
|
have_keyblobs = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
encrypted_keyblob_t *current_keyblob = (encrypted_keyblob_t *)keyblob_block;
|
||||||
for (u32 i = 0; i <= KB_FIRMWARE_VERSION_600; i++, current_keyblob++) {
|
for (u32 i = 0; i <= KB_FIRMWARE_VERSION_600; i++, current_keyblob++) {
|
||||||
minerva_periodic_training();
|
minerva_periodic_training();
|
||||||
se_aes_crypt_block_ecb(12, DECRYPT, keys->keyblob_key[i], keyblob_key_sources[i]); // temp = unwrap(kbks, tsec)
|
se_aes_crypt_block_ecb(12, DECRYPT, keys->keyblob_key[i], keyblob_key_sources[i]); // temp = unwrap(kbks, tsec)
|
||||||
|
@ -161,6 +167,10 @@ static void _derive_keyblob_keys(key_derivation_ctx_t *keys) {
|
||||||
se_aes_crypt_block_ecb(7, DECRYPT, keys->device_key_4x, device_master_key_source_kek_source);
|
se_aes_crypt_block_ecb(7, DECRYPT, keys->device_key_4x, device_master_key_source_kek_source);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!have_keyblobs) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
// verify keyblob is not corrupt
|
// verify keyblob is not corrupt
|
||||||
se_aes_key_set(10, keys->keyblob_mac_key[i], sizeof(keys->keyblob_mac_key[i]));
|
se_aes_key_set(10, keys->keyblob_mac_key[i], sizeof(keys->keyblob_mac_key[i]));
|
||||||
se_aes_cmac(10, keyblob_mac, sizeof(keyblob_mac), current_keyblob->iv, sizeof(current_keyblob->iv) + sizeof(keyblob_t));
|
se_aes_cmac(10, keyblob_mac, sizeof(keyblob_mac), current_keyblob->iv, sizeof(current_keyblob->iv) + sizeof(keyblob_t));
|
||||||
|
@ -547,7 +557,7 @@ static void _save_mariko_partial_keys(u32 start, u32 count, bool append) {
|
||||||
}
|
}
|
||||||
|
|
||||||
u32 pos = 0;
|
u32 pos = 0;
|
||||||
u32 zeros[4] = {0};
|
u32 zeros[AES_128_KEY_SIZE / 4] = {0};
|
||||||
u8 *data = malloc(4 * AES_128_KEY_SIZE);
|
u8 *data = malloc(4 * AES_128_KEY_SIZE);
|
||||||
char *text_buffer = calloc(1, 0x100 * count);
|
char *text_buffer = calloc(1, 0x100 * count);
|
||||||
|
|
||||||
|
@ -768,13 +778,13 @@ static void _derive_keys() {
|
||||||
|
|
||||||
if (emummc_storage_init_mmc()) {
|
if (emummc_storage_init_mmc()) {
|
||||||
EPRINTF("Unable to init MMC.");
|
EPRINTF("Unable to init MMC.");
|
||||||
return;
|
} else {
|
||||||
|
TPRINTFARGS("%kMMC init... ", colors[(color_idx++) % 6]);
|
||||||
}
|
}
|
||||||
TPRINTFARGS("%kMMC init... ", colors[(color_idx++) % 6]);
|
|
||||||
|
|
||||||
if (!emummc_storage_set_mmc_partition(EMMC_BOOT0)) {
|
if (emmc_storage.initialized && !emummc_storage_set_mmc_partition(EMMC_BOOT0)) {
|
||||||
EPRINTF("Unable to set partition.");
|
EPRINTF("Unable to set partition.");
|
||||||
return;
|
emummc_storage_end();
|
||||||
}
|
}
|
||||||
|
|
||||||
bool is_dev = fuse_read_hw_state() == FUSE_NX_HW_STATE_DEV;
|
bool is_dev = fuse_read_hw_state() == FUSE_NX_HW_STATE_DEV;
|
||||||
|
@ -821,7 +831,9 @@ static void _derive_keys() {
|
||||||
titlekey_buffer_t *titlekey_buffer = (titlekey_buffer_t *)TITLEKEY_BUF_ADR;
|
titlekey_buffer_t *titlekey_buffer = (titlekey_buffer_t *)TITLEKEY_BUF_ADR;
|
||||||
|
|
||||||
// Requires BIS key for SYSTEM partition
|
// Requires BIS key for SYSTEM partition
|
||||||
if (_key_exists(keys->bis_key[2])) {
|
if (!emmc_storage.initialized) {
|
||||||
|
EPRINTF("eMMC not initialized.\nSkipping SD seed and titlekeys.");
|
||||||
|
} else if (_key_exists(keys->bis_key[2])) {
|
||||||
_derive_emmc_keys(keys, titlekey_buffer);
|
_derive_emmc_keys(keys, titlekey_buffer);
|
||||||
} else {
|
} else {
|
||||||
EPRINTF("Missing needed BIS keys.\nSkipping SD seed and titlekeys.");
|
EPRINTF("Missing needed BIS keys.\nSkipping SD seed and titlekeys.");
|
||||||
|
@ -861,7 +873,9 @@ void dump_keys() {
|
||||||
// Ignore whether emummc is enabled.
|
// Ignore whether emummc is enabled.
|
||||||
h_cfg.emummc_force_disable = emu_cfg.sector == 0 && !emu_cfg.path;
|
h_cfg.emummc_force_disable = emu_cfg.sector == 0 && !emu_cfg.path;
|
||||||
emu_cfg.enabled = !h_cfg.emummc_force_disable;
|
emu_cfg.enabled = !h_cfg.emummc_force_disable;
|
||||||
emummc_storage_end(&emmc_storage);
|
if (emmc_storage.initialized) {
|
||||||
|
emummc_storage_end();
|
||||||
|
}
|
||||||
gfx_printf("\n%kPress a button to return to the menu.", colors[(color_idx) % 6], colors[(color_idx + 1) % 6], colors[(color_idx + 2) % 6]);
|
gfx_printf("\n%kPress a button to return to the menu.", colors[(color_idx) % 6], colors[(color_idx + 1) % 6], colors[(color_idx + 2) % 6]);
|
||||||
btn_wait();
|
btn_wait();
|
||||||
gfx_clear_grey(0x1B);
|
gfx_clear_grey(0x1B);
|
||||||
|
|
Loading…
Reference in a new issue