Skip to content

Commit

Permalink
pk11: add support for not decrypting
Browse files Browse the repository at this point in the history
  • Loading branch information
@SciresM
SciresM committed Jun 1, 2020
1 parent ba4c4b6 commit 7dd8e8d
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 24 deletions.
49 changes: 25 additions & 24 deletions packages.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -129,52 +129,48 @@ void pk11_process(pk11_ctx_t *ctx) {
}
}

int decrypted = ctx->pk11->magic == MAGIC_PK11;
if (!ctx->is_mariko && !decrypted) {
ctx->is_decrypted = ctx->pk11->magic == MAGIC_PK11;
if (!ctx->is_mariko && !ctx->is_decrypted) {
pk11_t dec_header;
aes_ctx_t *crypt_ctx = NULL;
if (ctx->is_modern) {
for (unsigned int i = 6; i < 0x20 && !decrypted; i++) {
for (unsigned int i = 6; i < 0x20 && !ctx->is_decrypted; i++) {
ctx->key_rev = i;
crypt_ctx = new_aes_ctx(ctx->tool_ctx->settings.keyset.package1_keys[i], 0x10, AES_MODE_CBC);
aes_setiv(crypt_ctx, ctx->stage1.modern.iv, 0x10);
aes_decrypt(crypt_ctx, &dec_header, ctx->pk11, sizeof(dec_header));
if (dec_header.magic == MAGIC_PK11) {
aes_setiv(crypt_ctx, ctx->stage1.modern.iv, 0x10);
aes_decrypt(crypt_ctx, ctx->pk11, ctx->pk11, ctx->pk11_size);
decrypted = 1;
ctx->is_decrypted = 1;
}
free_aes_ctx(crypt_ctx);
crypt_ctx = NULL;
}
} else {
for (unsigned int i = 0; i < 6 && !decrypted; i++) {
for (unsigned int i = 0; i < 6 && !ctx->is_decrypted; i++) {
ctx->key_rev = i;
crypt_ctx = new_aes_ctx(ctx->tool_ctx->settings.keyset.package1_keys[i], 0x10, AES_MODE_CTR);
aes_setiv(crypt_ctx, ctx->stage1.legacy.ctr, 0x10);
aes_decrypt(crypt_ctx, &dec_header, ctx->pk11, sizeof(dec_header));
if (dec_header.magic == MAGIC_PK11) {
aes_setiv(crypt_ctx, ctx->stage1.legacy.ctr, 0x10);
aes_decrypt(crypt_ctx, ctx->pk11, ctx->pk11, ctx->pk11_size);
decrypted = 1;
ctx->is_decrypted = 1;
}
free_aes_ctx(crypt_ctx);
crypt_ctx = NULL;
}
}
}

if (!decrypted) {
fprintf(stderr, "Failed to decrypt PK11! Is correct key present?\n");
exit(EXIT_FAILURE);
}


uint64_t pk11_size = 0x20 + pk11_get_warmboot_bin_size(ctx) + pk11_get_nx_bootloader_size(ctx) + pk11_get_secmon_size(ctx);
pk11_size = align64(pk11_size, 0x10);
if (pk11_size != ctx->pk11_size) {
fprintf(stderr, "PK11 seems corrupt!\n");
exit(EXIT_FAILURE);
if (ctx->is_decrypted) {
uint64_t pk11_size = 0x20 + pk11_get_warmboot_bin_size(ctx) + pk11_get_nx_bootloader_size(ctx) + pk11_get_secmon_size(ctx);
pk11_size = align64(pk11_size, 0x10);
if (pk11_size != ctx->pk11_size) {
fprintf(stderr, "PK11 seems corrupt!\n");
exit(EXIT_FAILURE);
}
}

if (ctx->tool_ctx->action & ACTION_INFO) {
Expand All @@ -187,7 +183,7 @@ void pk11_process(pk11_ctx_t *ctx) {
}

void pk11_print(pk11_ctx_t *ctx) {
printf("PK11:\n");
printf("Package1 Metadata:\n");
{
char build_date[sizeof(ctx->metadata.build_date) + 1] = {0};
memcpy(build_date, ctx->metadata.build_date, sizeof(ctx->metadata.build_date));
Expand All @@ -197,11 +193,16 @@ void pk11_print(pk11_ctx_t *ctx) {
memdump(stdout, " Secure Monitor Hash: ", &ctx->metadata.sm_hash, sizeof(uint32_t));
memdump(stdout, " NX Bootloader Hash: ", &ctx->metadata.bl_hash, sizeof(uint32_t));
printf(" Version: %02"PRIx32"\n", ctx->metadata.version);
printf(" Key Revision: %02"PRIx32" (%s)\n", ctx->key_rev, get_key_revision_summary((uint8_t)ctx->key_rev));
printf(" PK11 Size: %08"PRIx32"\n", ctx->pk11_size);
printf(" Warmboot.bin Size: %08"PRIx32"\n", pk11_get_warmboot_bin_size(ctx));
printf(" NX_Bootloader.bin Size %08"PRIx32"\n", pk11_get_nx_bootloader_size(ctx));
printf(" Secure_Monitor.bin Size: %08"PRIx32"\n", pk11_get_secmon_size(ctx));
if (ctx->is_decrypted) {
printf("PK11:\n");
if (!ctx->is_mariko) {
printf(" Key Revision: %02"PRIx32" (%s)\n", ctx->key_rev, get_key_revision_summary((uint8_t)ctx->key_rev));
}
printf(" PK11 Size: %08"PRIx32"\n", ctx->pk11_size);
printf(" Warmboot.bin Size: %08"PRIx32"\n", pk11_get_warmboot_bin_size(ctx));
printf(" NX_Bootloader.bin Size %08"PRIx32"\n", pk11_get_nx_bootloader_size(ctx));
printf(" Secure_Monitor.bin Size: %08"PRIx32"\n", pk11_get_secmon_size(ctx));
}
printf("\n");
}

Expand All @@ -214,7 +215,7 @@ void pk11_save(pk11_ctx_t *ctx) {
if (dirpath == NULL || dirpath->valid != VALIDITY_VALID) {
dirpath = &ctx->tool_ctx->settings.pk11_dir_path;
}
if (dirpath != NULL && dirpath->valid == VALIDITY_VALID) {
if (dirpath != NULL && dirpath->valid == VALIDITY_VALID && ctx->is_decrypted) {
os_makedir(dirpath->os_path);

/* Save Decrypted.bin */
Expand Down
1 change: 1 addition & 0 deletions packages.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ typedef struct {
hactool_ctx_t *tool_ctx;
int is_modern;
int is_mariko;
int is_decrypted;
unsigned int key_rev;
pk11_mariko_oem_header_t mariko_oem_header;
pk11_metadata_t metadata;
Expand Down

0 comments on commit 7dd8e8d

Please sign in to comment.