Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Load AES keys stored in boot9.bin #4335

Merged
merged 4 commits into from Oct 17, 2018

Conversation

Projects
None yet
5 participants
@B3n30
Copy link
Contributor

B3n30 commented Oct 13, 2018

This will load the AES keys that are stored in the boot9.bin. Keys stored in the aes_keys.txt will overwrite any of the keys loaded from the bootrom.

The bootrom boot9.bin can be dumped with Godmode9:

  • go to drive M: Memory Virtual
  • navigate to boot9.bin, press A
  • Select Copy to O:/gm9out
    => This will give you boot9.bin in gm9out on your SD card

The boot9.bin needs to be placed in sysdata in the user directory.

Note that there are still keys that aren't stored in the bootrom so to have complete decryption support the following keys need to be provided inside aes_keys.txt:

generator
slot0x18KeyX
slot0x1BKeyX
slot0x25KeyX
slot0x31KeyY
common0
common1 

This change is Reviewable

{'N', 0x3C, true}, {'N', 0x3D, false}, {'N', 0x3E, false}, {'N', 0x3F, false}}};

// Some of the normal keys retreived here aren't used/valid and needs to get overwritten
// by other methodes.

This comment has been minimized.

Copy link
@FearlessTobi

FearlessTobi Oct 13, 2018

Contributor

Some of the normal keys retreived here aren't used/valid and need to get overwritten
by other methods.

@B3n30 B3n30 force-pushed the B3n30:bootrom_keys branch from b89af9a to 6959036 Oct 13, 2018

file.Seek(KEY_SECTION_START, 0); // Jump to the key section

AESKey new_key;
for (auto key : keys) {

This comment has been minimized.

Copy link
@lioncash

lioncash Oct 13, 2018

Member

This should likely be const auto&

return;
}

std::size_t length = file.GetSize();

This comment has been minimized.

Copy link
@lioncash

lioncash Oct 13, 2018

Member

This can be const.

Show resolved Hide resolved src/core/hw/aes/key.cpp Outdated
@@ -70,6 +77,76 @@ AESKey HexToKey(const std::string& hex) {
return key;
}

void LoadBootromKeys() {
const std::array<KeyDesc, 80> keys = {

This comment has been minimized.

Copy link
@lioncash

lioncash Oct 13, 2018

Member

This can be constexpr

}

constexpr std::size_t KEY_SECTION_START = 55760;
file.Seek(KEY_SECTION_START, 0); // Jump to the key section

This comment has been minimized.

Copy link
@lioncash

lioncash Oct 13, 2018

Member
file.Seek(KEY_SECTION_START, SEEK_SET);

There's no guarantee that SEEK_SET is always 0 on every platform, only that it's a distinct integer value from SEEK_CUR and SEEK_END.

@B3n30 B3n30 force-pushed the B3n30:bootrom_keys branch from b9dfea5 to 77c3fec Oct 13, 2018

{'N', 0x38, false}, {'N', 0x39, true}, {'N', 0x3A, true}, {'N', 0x3B, true},
{'N', 0x3C, true}, {'N', 0x3D, false}, {'N', 0x3E, false}, {'N', 0x3F, false}}};

// Some of the normal keys retreived here aren't used/valid and need to get overwritten

This comment has been minimized.

Copy link
@Subv

Subv Oct 13, 2018

Member

Could you add a better comment please? From reading this i have no idea why the keys obtained from the bootrom wouldn't be valid.

Do we still set these invalid keys? Does that mean trying to decrypt stuff with them will silently fail instead of throwing a "Key not found" error?

struct KeyDesc {
char key_type;
std::size_t slot_id;
bool same_as_before;

This comment has been minimized.

Copy link
@Subv

Subv Oct 13, 2018

Member

What is this boolean for? please add a comment

@B3n30 B3n30 merged commit f48157c into citra-emu:master Oct 17, 2018

2 checks passed

continuous-integration/appveyor/pr AppVeyor build succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@B3n30 B3n30 deleted the B3n30:bootrom_keys branch Apr 11, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.