-
Notifications
You must be signed in to change notification settings - Fork 12
/
aes_sample.py
267 lines (222 loc) · 12.7 KB
/
aes_sample.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
import argparse
try:
from Cryptodome.Cipher import AES
from Cryptodome.Hash import SHA256
except ModuleNotFoundError:
pass
try:
from Crypto.Cipher import AES
from Crypto.Hash import SHA256
except ModuleNotFoundError:
pass
import key_sources as key_sources
argParser = argparse.ArgumentParser()
argParser.add_argument("-k", "--keys", help="Where you want the keys to be saved")
args = argParser.parse_args()
prod_keys = "%s" % args.keys
if prod_keys == "None":
keys = "prod.keys"
else:
keys = prod_keys
def hash(i):
h = SHA256.new()
h.update(i)
return h.hexdigest()
def decrypt(input, key):
cipher = AES.new(key, AES.MODE_ECB)
output = cipher.decrypt(input)
return output
def encrypt(input, key):
cipher = AES.new(key, AES.MODE_ECB)
output = cipher.encrypt(input)
return output
def generateKek(src, masterKey, kek_seed, key_seed):
kek = []
src_kek = []
kek = decrypt(kek_seed ,masterKey)
src_kek = decrypt(src ,kek)
if key_seed is not None:
return decrypt(key_seed ,src_kek)
else:
return src_kek
HAVE_SECRET_26 = False
tsec_root_key_00 = key_sources.tsec_root_key_00
tsec_root_key_01 = key_sources.tsec_root_key_01
tsec_root_key_02 = key_sources.tsec_root_key_02
if key_sources.tsec_secret_26 != key_sources.zeroes:
if hash(key_sources.tsec_secret_26) == "cefe01c9e3eeef1a73b8c10d742ae386279b7dff30a2fbc0aabd058c1f135833":
HAVE_SECRET_26 = True
HOVI_KEK = key_sources.tsec_secret_26
Package1_Mac_Kek_Source = key_sources.HOVI_SIG_KEY_PRD
Package1_Kek_Source = key_sources.HOVI_ENC_KEY_PRD
Tsec_Root_Kek_Source = key_sources.HOVI_KEK_KEY_PRD
Tsec_Hovi_IV_key = key_sources.HOVI_ENC_KEY_IV1
tsec_root_kek_00 = encrypt(Tsec_Root_Kek_Source, HOVI_KEK)
tsec_root_kek_01 = tsec_root_kek_00
tsec_root_kek_02 = decrypt(Tsec_Root_Kek_Source, HOVI_KEK)
package1_kek_00 = encrypt(Package1_Kek_Source, HOVI_KEK)
package1_kek_01 = package1_kek_00
package1_kek_02 = decrypt(Package1_Kek_Source, HOVI_KEK)
package1_mac_kek_00 = encrypt(Package1_Mac_Kek_Source, HOVI_KEK)
package1_mac_kek_01 = package1_mac_kek_00
package1_mac_kek_02 = decrypt(Package1_Mac_Kek_Source, HOVI_KEK)
tsec_root_key_00 = encrypt(key_sources.tsec_auth_signature_00, tsec_root_kek_00)
tsec_root_key_01 = encrypt(key_sources.tsec_auth_signature_01, tsec_root_kek_01)
tsec_root_key_02 = encrypt(key_sources.tsec_auth_signature_02, tsec_root_kek_02)
package1_key_06 = encrypt(key_sources.tsec_auth_signature_00, package1_kek_00)
package1_key_07 = encrypt(key_sources.tsec_auth_signature_01, package1_kek_01)
package1_key_08 = encrypt(key_sources.tsec_auth_signature_02, package1_kek_02)
package1_mac_key_06 = encrypt(key_sources.tsec_auth_signature_00, package1_mac_kek_00)
package1_mac_key_07 = encrypt(key_sources.tsec_auth_signature_01, package1_mac_kek_01)
package1_mac_key_08 = encrypt(key_sources.tsec_auth_signature_02, package1_mac_kek_02)
with open(keys, 'w') as manual_crypto:
if HAVE_SECRET_26 == True:
manual_crypto.write(f'tsec_secret_26 = ' + f'{key_sources.tsec_secret_26.hex().upper()}\n\n')
manual_crypto.write(f'tsec_root_kek_00 = ' + f'{tsec_root_kek_00.hex().upper()}\n')
manual_crypto.write(f'tsec_root_kek_01 = ' + f'{tsec_root_kek_01.hex().upper()}\n')
manual_crypto.write(f'tsec_root_kek_02 = ' + f'{tsec_root_kek_02.hex().upper()}\n\n')
manual_crypto.write(f'package1_mac_kek_00 = ' + f'{package1_mac_kek_00.hex().upper()}\n')
manual_crypto.write(f'package1_mac_kek_01 = ' + f'{package1_mac_kek_01.hex().upper()}\n')
manual_crypto.write(f'package1_mac_kek_02 = ' + f'{package1_mac_kek_02.hex().upper()}\n\n')
manual_crypto.write(f'package1_kek_00 = ' + f'{package1_kek_00.hex().upper()}\n')
manual_crypto.write(f'package1_kek_01 = ' + f'{package1_kek_01.hex().upper()}\n')
manual_crypto.write(f'package1_kek_02 = ' + f'{package1_kek_02.hex().upper()}\n\n')
manual_crypto.write(f'tsec_auth_signature_00 = ' + f'{key_sources.tsec_auth_signature_00.hex().upper()}\n')
manual_crypto.write(f'tsec_auth_signature_01 = ' + f'{key_sources.tsec_auth_signature_01.hex().upper()}\n')
manual_crypto.write(f'tsec_auth_signature_02 = ' + f'{key_sources.tsec_auth_signature_02.hex().upper()}\n\n')
manual_crypto.write(f'tsec_root_key_00 = ' + f'{tsec_root_key_00.hex().upper()}\n')
manual_crypto.write(f'tsec_root_key_01 = ' + f'{tsec_root_key_01.hex().upper()}\n')
manual_crypto.write(f'tsec_root_key_02 = ' + f'{tsec_root_key_02.hex().upper()}\n\n')
manual_crypto.write(f'keyblob_mac_key_source = ' + f'{key_sources.keyblob_mac_key_source.hex().upper()}\n')
# Write keyblob_key_source_%%
count = -1
for i in key_sources.Keyblob_Key_Sources:
count = count + 0x1
keys = f'keyblob_key_source_{hex(count)[2:].zfill(2)} = ' + (i.hex().upper())
manual_crypto.write(f'{keys}\n')
manual_crypto.write(f'\n')
# Write master_kek_sources
count = 0x5
for i in key_sources.master_kek_sources:
count = count + 0x1
keys = f'master_kek_source_{hex(count)[2:].zfill(2)} = ' + (i.hex().upper())
manual_crypto.write(f'{keys}\n')
manual_crypto.write(f'\n')
manual_crypto.write(f'mariko_bek = ' + f'{key_sources.mariko_bek.hex().upper()}\n')
manual_crypto.write(f'mariko_kek = ' + f'{key_sources.mariko_kek.hex().upper()}\n\n')
# Write mariko_master_kek_sources
count = 0x4
for i in key_sources.mariko_master_kek_sources:
count = count + 0x1
keys = f'mariko_master_kek_source_{hex(count)[2:].zfill(2)} = ' + (i.hex().upper())
manual_crypto.write(f'{keys}\n')
manual_crypto.write(f'\n')
# generate master_kek_%% from all provided mariko_master_kek_sources
master_keks = [decrypt(i, key_sources.mariko_kek) for i in key_sources.mariko_master_kek_sources]
count = 0x4
for i in master_keks:
count = count + 0x1
keys = f'master_kek_{hex(count)[2:].zfill(2)} = ' + (i.hex().upper())
manual_crypto.write(f'{keys}\n')
manual_crypto.write(f'\n')
manual_crypto.write(f'master_key_source = ' + f'{key_sources.master_key_source.hex().upper()}\n\n')
# generate master_key_%% from all provided master_kek_%% using master_key_source
current_master_key = decrypt(key_sources.master_key_source, master_keks[-1])
current_master_key_revision = len(key_sources.Master_Key_Sources)
master_keys = []
first = True
for i in reversed(key_sources.Master_Key_Sources):
if first:
first = False
previous_key = i
next_master_key = decrypt(previous_key, current_master_key)
current_master_key_revision = current_master_key_revision -1
master_keys.append(current_master_key)
master_keys.append(next_master_key)
else:
key = previous_key
previous_key = i
next_master_key = decrypt(previous_key, next_master_key)
current_master_key_revision = current_master_key_revision -1
master_keys.append(next_master_key)
master_keys.reverse()
# Write master_key_%%
count = -0x1
for i in master_keys:
count = count + 0x1
keys = f'master_key_{hex(count)[2:].zfill(2)} = ' + (i.hex().upper())
manual_crypto.write(f'{keys}\n')
if HAVE_SECRET_26 == True:
manual_crypto.write(f'package1_key_06 = ' + f'{package1_key_06.hex().upper()}\n')
manual_crypto.write(f'package1_key_07 = ' + f'{package1_key_07.hex().upper()}\n')
manual_crypto.write(f'package1_key_08 = ' + f'{package1_key_08.hex().upper()}\n\n')
manual_crypto.write(f'package1_mac_key_06 = ' + f'{package1_mac_key_06.hex().upper()}\n')
manual_crypto.write(f'package1_mac_key_07 = ' + f'{package1_mac_key_07.hex().upper()}\n')
manual_crypto.write(f'package1_mac_key_08 = ' + f'{package1_mac_key_08.hex().upper()}\n\n')
manual_crypto.write(f'\n')
manual_crypto.write(f'package2_key_source = ' + f'{key_sources.package2_key_source.hex().upper()}\n\n')
# generate package2_key_%% from all provided master_key_%% using package2_key_source
package2_key = [decrypt(key_sources.package2_key_source, i) for i in master_keys]
count = -0x1
for i in package2_key:
count = count + 0x1
keys = f'package2_key_{hex(count)[2:].zfill(2)} = ' + (i.hex().upper())
manual_crypto.write(f'{keys}\n')
manual_crypto.write(f'\n')
manual_crypto.write(f'bis_kek_source = ' + f'{key_sources.bis_kek_source.hex().upper()}\n')
# Write bis_key_source_%%
count = -1
for i in key_sources.Bis_Key_Sources:
count = count + 0x1
keys = f'bis_key_source_{hex(count)[2:].zfill(2)} = ' + (i.hex().upper())
manual_crypto.write(f'{keys}\n')
manual_crypto.write(f'\n')
manual_crypto.write(f'per_console_key_source = ' + f'{key_sources.per_console_key_source.hex().upper()}\n')
manual_crypto.write(f'retail_specific_aes_key_source = ' + f'{key_sources.retail_specific_aes_key_source.hex().upper()}\n')
manual_crypto.write(f'aes_kek_generation_source = ' + f'{key_sources.aes_kek_generation_source.hex().upper()}\n')
manual_crypto.write(f'aes_key_generation_source = ' + f'{key_sources.aes_key_generation_source.hex().upper()}\n')
manual_crypto.write(f'titlekek_source = ' + f'{key_sources.titlekek_source.hex().upper()}\n\n')
# generate title_kek_%% from all provided master_key_%% using titlekek_source
titlekek = [decrypt(key_sources.titlekek_source, i) for i in master_keys]
count = -0x1
for i in titlekek:
count = count + 0x1
keys = f'titlekek_{hex(count)[2:].zfill(2)} = ' + (i.hex().upper())
manual_crypto.write(f'{keys}\n')
manual_crypto.write(f'\n')
manual_crypto.write(f'header_kek_source = ' + f'{key_sources.header_kek_source.hex().upper()}\n')
manual_crypto.write(f'header_key_source = ' + f'{key_sources.header_key_source.hex().upper()}\n')
manual_crypto.write(f'header_key = ' + f'{key_sources.header_key.hex().upper()}\n\n')
manual_crypto.write(f'key_area_key_system_source = ' + f'{key_sources.key_area_key_system_source.hex().upper()}\n')
manual_crypto.write(f'key_area_key_application_source = ' + f'{key_sources.key_area_key_application_source.hex().upper()}\n')
manual_crypto.write(f'key_area_key_ocean_source = ' + f'{key_sources.key_area_key_ocean_source.hex().upper()}\n\n')
manual_crypto.write(f'save_mac_kek_source = ' + f'{key_sources.save_mac_kek_source.hex().upper()}\n')
manual_crypto.write(f'save_mac_key_source_00 = ' + f'{key_sources.save_mac_key_source_00.hex().upper()}\n')
manual_crypto.write(f'save_mac_key_source_01 = ' + f'{key_sources.save_mac_key_source_01.hex().upper()}\n')
manual_crypto.write(f'save_mac_sd_card_kek_source = ' + f'{key_sources.save_mac_sd_card_kek_source.hex().upper()}\n')
manual_crypto.write(f'save_mac_sd_card_key_source = ' + f'{key_sources.save_mac_sd_card_key_source.hex().upper()}\n')
manual_crypto.write(f'sd_card_kek_source = ' + f'{key_sources.sd_card_kek_source.hex().upper()}\n\n')
manual_crypto.write(f'xci_header_key = ' + f'{key_sources.xci_header_key.hex().upper()}\n\n')
# generate key_area_key_application_%% from all provided master_key_%% using key_area_key_application_source
key_area_key_application = [generateKek(key_sources.key_area_key_application_source, i, key_sources.aes_kek_generation_source, key_sources.aes_key_generation_source) for i in master_keys]
count = -0x1
for i in key_area_key_application:
count = count +0x1
keys = f'key_area_key_application_{hex(count)[2:].zfill(2)} = ' + (i.hex().upper())
manual_crypto.write(f'{keys}\n')
manual_crypto.write(f'\n')
# generate key_area_key_ocean_%% from all provided master_key_%% using key_area_key_ocean_source
key_area_key_ocean = [generateKek(key_sources.key_area_key_ocean_source, i, key_sources.aes_kek_generation_source, key_sources.aes_key_generation_source) for i in master_keys]
count = -0x1
for i in key_area_key_ocean:
count = count +0x1
keys = f'key_area_key_ocean_{hex(count)[2:].zfill(2)} = ' + (i.hex().upper())
manual_crypto.write(f'{keys}\n')
manual_crypto.write(f'\n')
# generate key_area_key_system_%% from all provided master_key_%% using key_area_key_system_source
key_area_key_system = [generateKek(key_sources.key_area_key_system_source, i, key_sources.aes_kek_generation_source, key_sources.aes_key_generation_source) for i in master_keys]
count = -0x1
for i in key_area_key_system:
count = count +0x1
keys = f'key_area_key_system_{hex(count)[2:].zfill(2)} = ' + (i.hex().upper())
manual_crypto.write(f'{keys}\n')