Validate mariko keyslot contents; dump class keys

2024-11-08 11:31:43 +00:00 · 2021-08-21 16:02:19 -06:00 · 2021-08-21 16:02:19 -06:00 · d84ab5796a
commit d84ab5796a
parent fe17b12ea7
3 changed files with 104 additions and 10 deletions
--- a/README.md
+++ b/README.md
@ -11,6 +11,29 @@ Usage
 * Upon completion, keys will be saved to `/switch/prod.keys` and titlekeys to `/switch/title.keys` on SD
 * If the console has Firmware 7.x or higher, the `/sept/` folder from [Atmosphère](https://github.com/Atmosphere-NX/Atmosphere/releases) or [Kosmos](https://github.com/AtlasNX/Kosmos/releases) release zip must be present on SD or else only keyblob master key derivation is possible (ie. up to `master_key_05` only)

+Mariko-Specific Keys
+=
+Mariko consoles have several unique keys and protected keyslots. To get your SBK or the Mariko specific keys, you will need to use the `/switch/partialaes.keys` file along with a brute forcing tool such as <https://files.sshnuke.net/PartialAesKeyCrack.zip>. The contents of this file are the keyslot number followed by the result of that keyslot encrypting 16 null bytes. With the tool linked above, enter them in sequence for a given keyslot you want the contents of, for example: `PartialAesKeyCrack.exe <num1> <num2> <num3> <num4>` with the `--numthreads=N` where N is the number of threads you can dedicate to the brute force.
+
+The keyslots are as follows, with names recognized by `hactool`:
+* 0-11 - `mariko_aes_class_key_xx` (this is not used by the Switch but is set by the bootrom; hactoolnet recognizes it but it serves no purpose)
+* 12 - `mariko_kek` (not unique - this is used for master key derivation)
+* 13 - `mariko_bek` (not unique - this is used for BCT and package1 decryption)
+* 14 - `secure_boot_key` (console unique - this isn't needed for further key derivation than what Lockpick_RCM does but might be nice to have for your records)
+* 15 - Secure storage key (console unique - this is not used on retail or dev consoles and not recognized by any tools)
+
+So if you want to brute force the `mariko_kek`, open your `partialaes.keys` and observe the numbers beneath keyslot 12. Here's an example with fake numbers:
+```
+12
+11111111111111111111111111111111 22222222222222222222222222222222 33333333333333333333333333333333 44444444444444444444444444444444
+```
+Then take those numbers and open a command prompt window at the location of the exe linked above and type:
+`PartialAesKeyCrack.exe 11111111111111111111111111111111 22222222222222222222222222222222 33333333333333333333333333333333 44444444444444444444444444444444` and if you're on a powerful enough multicore system, add ` --numthreads=[whatever number of threads]`, ideally not your system's maximum if it's, for example, an older laptop with a low-end dual core CPU. On a Ryzen 3900x with 24 threads this generates a lot of heat but finishes in about 45 seconds.
+
+These keys never change so a brute force need only be conducted once.
+
+This works due to the security engine immediately flushing writes to keyslots which can be written one 32-bit chunk at a time. See: <https://switchbrew.org/wiki/Switch_System_Flaws#Hardware>
+
 Building
 =
 Install [devkitARM](https://devkitpro.org/) and run `make`.
--- a/source/keys/key_sources.inl
+++ b/source/keys/key_sources.inl
@ -52,6 +52,23 @@ static const u8 master_key_vectors[KB_FIRMWARE_VERSION_MAX + 1][0x10] __attribut
    {0xC1, 0x8D, 0x16, 0xBB, 0x2A, 0xE4, 0x1D, 0xD4, 0xC2, 0xC1, 0xB6, 0x40, 0x94, 0x35, 0x63, 0x98}, /* Master key 0A encrypted with Master key 0B. */
 };

+static const u8 mariko_key_vectors[][0x10] __attribute__((aligned(4))) = {
+    {0x20, 0x9E, 0x97, 0xAE, 0xAF, 0x7E, 0x6A, 0xF6, 0x9E, 0xF5, 0xA7, 0x17, 0x2F, 0xF4, 0x49, 0xA6}, /* Zeroes encrypted with AES Class Key 00. */
+    {0x83, 0x1C, 0xC7, 0x7F, 0xB8, 0xB2, 0x66, 0x16, 0xFC, 0x6B, 0x81, 0xBB, 0xF6, 0x05, 0x07, 0x49}, /* Zeroes encrypted with AES Class Key 01. */
+    {0x61, 0x19, 0xBA, 0x39, 0x6D, 0xFA, 0xF4, 0x63, 0x27, 0x8E, 0x9E, 0xB1, 0xEA, 0xD4, 0x65, 0xCC}, /* Zeroes encrypted with AES Class Key 02. */
+    {0x6C, 0xDB, 0x10, 0xD4, 0x14, 0x3A, 0xBD, 0x22, 0xC9, 0xCC, 0xEF, 0xE4, 0xA0, 0x94, 0x85, 0x87}, /* Zeroes encrypted with AES Class Key 03. */
+    {0xD3, 0x40, 0xC7, 0x86, 0xDC, 0x77, 0x50, 0x7C, 0x01, 0x56, 0x11, 0xDE, 0x18, 0xDF, 0x30, 0xCA}, /* Zeroes encrypted with AES Class Key 04. */
+    {0xC4, 0x8B, 0xD7, 0x5A, 0x22, 0x6C, 0xF7, 0x85, 0xE4, 0xC0, 0x68, 0xFC, 0xB4, 0xD8, 0x76, 0x6C}, /* Zeroes encrypted with AES Class Key 05. */
+    {0x83, 0x86, 0xEF, 0xE6, 0x6B, 0x38, 0x24, 0xD3, 0xC9, 0xB0, 0xE7, 0x03, 0x59, 0xC8, 0x54, 0xB9}, /* Zeroes encrypted with AES Class Key 06. */
+    {0xDA, 0xC0, 0xD3, 0x27, 0x1D, 0x35, 0xAB, 0x4B, 0x01, 0x63, 0x90, 0xED, 0x1B, 0x5D, 0xA7, 0x6C}, /* Zeroes encrypted with AES Class Key 07. */
+    {0x96, 0x75, 0x0E, 0x4F, 0xF5, 0x1A, 0xAF, 0xD4, 0x30, 0x73, 0x8C, 0x61, 0x03, 0xE5, 0xF7, 0x80}, /* Zeroes encrypted with AES Class Key 08. */
+    {0x74, 0xF2, 0x1D, 0xA1, 0x4C, 0x48, 0x91, 0xE6, 0xE0, 0xD5, 0x19, 0x42, 0x2A, 0x2B, 0x5D, 0xF8}, /* Zeroes encrypted with AES Class Key 09. */
+    {0x7D, 0xA6, 0xFE, 0xDA, 0xF9, 0xEF, 0x83, 0xD8, 0x29, 0x40, 0x24, 0x6D, 0x70, 0x8D, 0x99, 0x93}, /* Zeroes encrypted with AES Class Key 0A. */
+    {0xF6, 0x71, 0xAD, 0xC3, 0xCD, 0xD4, 0x2F, 0x37, 0xAB, 0x50, 0x1C, 0x9B, 0xAF, 0x3B, 0xE6, 0xC3}, /* Zeroes encrypted with AES Class Key 0B. */
+    {0x01, 0x96, 0x59, 0x07, 0x62, 0xF4, 0xF4, 0x2D, 0x13, 0x60, 0xD8, 0x03, 0xFB, 0xF0, 0xAE, 0xC8}, /* Zeroes encrypted with Mariko KEK. */
+    {0x95, 0x48, 0xC1, 0x59, 0x0F, 0x84, 0x19, 0xC4, 0xAB, 0x69, 0x05, 0x88, 0x01, 0x31, 0x52, 0x59}, /* Zeroes encrypted with Mariko BEK. */
+};
+
 //======================================Keys======================================//
 // from Package1 -> Secure_Monitor
 static const u8 aes_kek_generation_source[0x10] __attribute__((aligned(4))) = {
--- a/source/keys/keys.c
+++ b/source/keys/keys.c
@ -682,15 +682,28 @@ static bool _derive_emmc_keys(key_derivation_ctx_t *keys, titlekey_buffer_t *tit

 // The security engine supports partial key override for locked keyslots
 // This allows for a manageable brute force on a PC
-// Then we can recover the Mariko KEK, BEK, unique SBK and SSK
-static void _save_mariko_partial_keys(char *text_buffer) {
+// Then the Mariko AES class keys, KEK, BEK, unique SBK and SSK can be recovered
+static void _save_mariko_partial_keys(u32 start, u32 count, bool append) {
+    if (start + count > SE_AES_KEYSLOT_COUNT) {
+        return;
+    }
+
    u32 pos = 0;
    u32 zeros[4] = {0};
    u8 *data = malloc(4 * AES_128_KEY_SIZE);
-    for (u32 ks = 12; ks < 16; ks++) {
-        // First, encrypt zeros with complete key
+    char *text_buffer = calloc(1, 0x100 * count);
+
+    for (u32 ks = start; ks < start + count; ks++) {
+        // Check if key is as expected
+        if (ks < ARRAY_SIZE(mariko_key_vectors)) {
+            se_aes_crypt_block_ecb(ks, 0, &data[0], mariko_key_vectors[ks]);
+            if (_key_exists(data)) {
+                continue;
+            }
+        }
+
+        // Encrypt zeros with complete key
        se_aes_crypt_block_ecb(ks, 1, &data[3 * AES_128_KEY_SIZE], zeros);
-        pos += s_printf(&text_buffer[pos], "%d\n", ks);

        // We only need to overwrite 3 of the dwords of the key
        for (u32 i = 0; i < 3; i++) {
@ -699,15 +712,49 @@ static void _save_mariko_partial_keys(char *text_buffer) {
            // Encrypt zeros with more of the key zeroed out
            se_aes_crypt_block_ecb(ks, 1, &data[(2 - i) * AES_128_KEY_SIZE], zeros);
        }
+
+        // Skip saving key if two results are the same indicating unsuccessful overwrite or empty slot
+        if (memcmp(&data[0], &data[SE_KEY_128_SIZE], AES_128_KEY_SIZE) == 0) {
+            continue;
+        }
+
+        pos += s_printf(&text_buffer[pos], "%d\n", ks);
        for (u32 i = 0; i < 4; i++) {
            for (u32 j = 0; j < AES_128_KEY_SIZE; j++)
                pos += s_printf(&text_buffer[pos], "%02x", data[i * AES_128_KEY_SIZE + j]);
-            pos += s_printf(&text_buffer[pos], "\n");
+            pos += s_printf(&text_buffer[pos], " ");
        }
+        pos += s_printf(&text_buffer[pos], "\n");
    }
    free(data);
-    sd_save_to_file(text_buffer, strlen(text_buffer), "sd:/switch/partialaes.keys");
+
+    if (strlen(text_buffer) == 0) {
+        EPRINTF("Failed to dump partial keys.");
+        return;
+    }
+
+    FIL fp;
+    u32 res = 0;
+    BYTE mode = FA_WRITE;
+
+    if (append) {
+        mode |= FA_OPEN_APPEND;
+    } else {
+        mode |= FA_CREATE_ALWAYS;
+    }
+
+    res = f_open(&fp, "sd:/switch/partialaes.keys", mode);
+    if (res) {
+        EPRINTF("Unable to write partial keys to SD.");
+        return;
+    }
+
+    f_write(&fp, text_buffer, strlen(text_buffer), NULL);
+    f_close(&fp);
+
    gfx_printf("%kWrote partials to sd:/switch/partialaes.keys\n", colors[(color_idx++) % 6]);
+
+    free(text_buffer);
 }

 static void _save_keys_to_sd(key_derivation_ctx_t *keys, titlekey_buffer_t *titlekey_buffer, const pkg1_id_t *pkg1_id, u32 start_whole_operation_time, u32 derivable_key_count) {
@ -797,8 +844,7 @@ static void _save_keys_to_sd(key_derivation_ctx_t *keys, titlekey_buffer_t *titl
        EPRINTF("Unable to save keys to SD.");

    if (h_cfg.t210b01) {
-        memset(text_buffer, 0, text_buffer_size);
-        _save_mariko_partial_keys(text_buffer);
+        _save_mariko_partial_keys(12, 4, true);
    }

    if (_titlekey_count == 0) {
@ -836,8 +882,16 @@ static bool _check_keyslot_access() {
 }

 static void _derive_keys() {
+    if (!f_stat("sd:/switch/partialaes.keys", NULL)) {
+        f_unlink("sd:/switch/partialaes.keys");
+    }
+
+    if (h_cfg.t210b01) {
+        _save_mariko_partial_keys(0, 12, false);
+    }
+
    if (!_check_keyslot_access()) {
-        EPRINTF("Unable to set crypto keyslots!\nTry launching payload differently\n or flash Spacecraft-NX if using a modchip!");
+        EPRINTF("Unable to set crypto keyslots!\nTry launching payload differently\n or flash Spacecraft-NX if using a modchip.");
        return;
    }