public byte[] GetDecryptedTitleKey()
{
int keyRevision = Util.GetMasterKeyRevision(Header.KeyGeneration);
byte[] titleKek = Keyset.TitleKeks[keyRevision];
var rightsId = new RightsId(Header.RightsId);
if (Keyset.ExternalKeySet.Get(rightsId, out AccessKey accessKey).IsFailure())
{
throw new MissingKeyException("Missing NCA title key.", rightsId.ToString(), KeyType.Title);
}
if (titleKek.IsEmpty())
{
string keyName = $"titlekek_{keyRevision:x2}";
throw new MissingKeyException("Unable to decrypt title key.", keyName, KeyType.Common);
}
byte[] encryptedKey = accessKey.Value.ToArray();
var decryptedKey = new byte[CryptoOld.Aes128Size];
CryptoOld.DecryptEcb(titleKek, encryptedKey, decryptedKey, CryptoOld.Aes128Size);
return(decryptedKey);
}
public byte[] GetDecryptedKey(int index)
{
if (index < 0 || index > 3)
{
throw new ArgumentOutOfRangeException(nameof(index));
}
// Handle old NCA0s that use different key area encryption
if (Header.FormatVersion == NcaVersion.Nca0FixedKey || Header.FormatVersion == NcaVersion.Nca0RsaOaep)
{
return(GetDecryptedKeyAreaNca0().AsSpan(0x10 * index, 0x10).ToArray());
}
int keyRevision = Utilities.GetMasterKeyRevision(Header.KeyGeneration);
byte[] keyAreaKey = Keyset.KeyAreaKeys[keyRevision][Header.KeyAreaKeyIndex];
if (keyAreaKey.IsEmpty())
{
string keyName = $"key_area_key_{Keyset.KakNames[Header.KeyAreaKeyIndex]}_{keyRevision:x2}";
throw new MissingKeyException("Unable to decrypt NCA section.", keyName, KeyType.Common);
}
byte[] encryptedKey = Header.GetEncryptedKey(index).ToArray();
var decryptedKey = new byte[CryptoOld.Aes128Size];
CryptoOld.DecryptEcb(keyAreaKey, encryptedKey, decryptedKey, CryptoOld.Aes128Size);
return(decryptedKey);
}
public byte[] GetDecryptedKey(int index)
{
if (index < 0 || index > 3)
{
throw new ArgumentOutOfRangeException(nameof(index));
}
int keyRevision = Util.GetMasterKeyRevision(Header.KeyGeneration);
byte[] keyAreaKey = Keyset.KeyAreaKeys[keyRevision][Header.KeyAreaKeyIndex];
if (keyAreaKey.IsEmpty())
{
string keyName = $"key_area_key_{Keyset.KakNames[Header.KeyAreaKeyIndex]}_{keyRevision:x2}";
throw new MissingKeyException("Unable to decrypt NCA section.", keyName, KeyType.Common);
}
byte[] encryptedKey = Header.GetEncryptedKey(index).ToArray();
var decryptedKey = new byte[CryptoOld.Aes128Size];
CryptoOld.DecryptEcb(keyAreaKey, encryptedKey, decryptedKey, CryptoOld.Aes128Size);
return(decryptedKey);
}
private void DecryptKeys()
{
CryptoOld.DecryptEcb(Kek1, EncryptedKey1, DecryptedKey1, 0x10);
CryptoOld.DecryptEcb(Kek2, EncryptedKey2, DecryptedKey2, 0x10);
}