diff --git a/source/crypto.c b/source/crypto.c index 1d048cd..a7bce98 100755 --- a/source/crypto.c +++ b/source/crypto.c @@ -347,6 +347,16 @@ u32 ctrNandRead(u32 sector, u32 sectorCount, u8 *outbuf) return result; } +//Sets the 7.x NCCH KeyX and the 6.x gamecard save data KeyY +void setRSAMod0DerivedKeys(void) +{ + const u8 keyX0x25[0x10] = {0xCE, 0xE7, 0xD8, 0xAB, 0x30, 0xC0, 0x0D, 0xAE, 0x85, 0x0E, 0xF5, 0xE3, 0x82, 0xAC, 0x5A, 0xF3}; + const u8 keyY0x2F[0x10] = {0xC3, 0x69, 0xBA, 0xA2, 0x1E, 0x18, 0x8A, 0x88, 0xA9, 0xAA, 0x94, 0xE5, 0x50, 0x6A, 0x9F, 0x16}; + + aes_setkey(0x25, keyX0x25, AES_KEYX, AES_INPUT_BE | AES_INPUT_NORMAL); + aes_setkey(0x2F, keyY0x2F, AES_KEYY, AES_INPUT_BE | AES_INPUT_NORMAL); +} + //Decrypt a FIRM ExeFS void decryptExeFs(u8 *inbuf) { diff --git a/source/crypto.h b/source/crypto.h index 2df37d6..8866821 100755 --- a/source/crypto.h +++ b/source/crypto.h @@ -29,13 +29,13 @@ #include "types.h" /**************************AES****************************/ -#define REG_AESCNT ((vu32 *)0x10009000) +#define REG_AESCNT ((vu32 *)0x10009000) #define REG_AESBLKCNT ((vu32 *)0x10009004) #define REG_AESWRFIFO ((vu32 *)0x10009008) #define REG_AESRDFIFO ((vu32 *)0x1000900C) #define REG_AESKEYSEL ((vu8 *)0x10009010) #define REG_AESKEYCNT ((vu8 *)0x10009011) -#define REG_AESCTR ((vu32 *)0x10009020) +#define REG_AESCTR ((vu32 *)0x10009020) #define REG_AESKEYFIFO ((vu32 *)0x10009100) #define REG_AESKEYXFIFO ((vu32 *)0x10009104) @@ -43,21 +43,21 @@ #define AES_CCM_DECRYPT_MODE (0u << 27) #define AES_CCM_ENCRYPT_MODE (1u << 27) -#define AES_CTR_MODE (2u << 27) -#define AES_CTR_MODE (2u << 27) +#define AES_CTR_MODE (2u << 27) +#define AES_CTR_MODE (2u << 27) #define AES_CBC_DECRYPT_MODE (4u << 27) #define AES_CBC_ENCRYPT_MODE (5u << 27) #define AES_ECB_DECRYPT_MODE (6u << 27) #define AES_ECB_ENCRYPT_MODE (7u << 27) -#define AES_ALL_MODES (7u << 27) +#define AES_ALL_MODES (7u << 27) -#define AES_CNT_START 0x80000000 -#define AES_CNT_INPUT_ORDER 0x02000000 +#define AES_CNT_START 0x80000000 +#define AES_CNT_INPUT_ORDER 0x02000000 #define AES_CNT_OUTPUT_ORDER 0x01000000 #define AES_CNT_INPUT_ENDIAN 0x00800000 #define AES_CNT_OUTPUT_ENDIAN 0x00400000 -#define AES_CNT_FLUSH_READ 0x00000800 -#define AES_CNT_FLUSH_WRITE 0x00000400 +#define AES_CNT_FLUSH_READ 0x00000800 +#define AES_CNT_FLUSH_WRITE 0x00000400 #define AES_INPUT_BE (AES_CNT_INPUT_ENDIAN) #define AES_INPUT_LE 0 @@ -72,17 +72,17 @@ #define AES_KEYY 2 /**************************SHA****************************/ -#define REG_SHA_CNT ((vu32 *)0x1000A000) +#define REG_SHA_CNT ((vu32 *)0x1000A000) #define REG_SHA_BLKCNT ((vu32 *)0x1000A004) #define REG_SHA_HASH ((vu32 *)0x1000A040) #define REG_SHA_INFIFO ((vu32 *)0x1000A080) -#define SHA_CNT_STATE 0x00000003 -#define SHA_CNT_UNK2 0x00000004 +#define SHA_CNT_STATE 0x00000003 +#define SHA_CNT_UNK2 0x00000004 #define SHA_CNT_OUTPUT_ENDIAN 0x00000008 -#define SHA_CNT_MODE 0x00000030 -#define SHA_CNT_ENABLE 0x00010000 -#define SHA_CNT_ACTIVE 0x00020000 +#define SHA_CNT_MODE 0x00000030 +#define SHA_CNT_ENABLE 0x00010000 +#define SHA_CNT_ACTIVE 0x00020000 #define SHA_HASH_READY 0x00000000 #define SHA_NORMAL_ROUND 0x00000001 @@ -93,7 +93,7 @@ #define SHA_256_MODE 0 #define SHA_224_MODE 0x00000010 -#define SHA_1_MODE 0x00000020 +#define SHA_1_MODE 0x00000020 #define SHA_256_HASH_SIZE (256 / 8) #define SHA_224_HASH_SIZE (224 / 8) @@ -105,5 +105,6 @@ extern FirmwareSource firmSource; void ctrNandInit(void); u32 ctrNandRead(u32 sector, u32 sectorCount, u8 *outbuf); +void setRSAMod0DerivedKeys(void); void decryptExeFs(u8 *inbuf); void arm9Loader(u8 *arm9Section, u32 mode); \ No newline at end of file diff --git a/source/firm.c b/source/firm.c index a7a8700..8ebd097 100755 --- a/source/firm.c +++ b/source/firm.c @@ -313,6 +313,10 @@ static inline void patchNativeFirm(FirmwareSource nandType, u32 emuHeader, A9LHM is90Firm = memcmp(section[2].hash, firm90Hash, 0x10) == 0; } + //Sets the 7.x NCCH KeyX and the 6.x gamecard save data KeyY + if(a9lhMode == NO_A9LH) + setRSAMod0DerivedKeys(); + //Find the Process9 .code location, size and memory address u32 process9Size, process9MemAddr;