public static RSAParameters DecryptRsaKey(byte[] encryptedKey, byte[] kek) { var counter = new byte[0x10]; Array.Copy(encryptedKey, counter, 0x10); var body = new byte[0x230]; Array.Copy(encryptedKey, 0x10, body, 0, 0x230); var dec = new byte[0x230]; using (var storageDec = new Aes128CtrStorage(new MemoryStorage(body), kek, counter, false)) { storageDec.Read(dec, 0); } var d = new byte[0x100]; var n = new byte[0x100]; var e = new byte[4]; Array.Copy(dec, 0, d, 0, 0x100); Array.Copy(dec, 0x100, n, 0, 0x100); Array.Copy(dec, 0x200, e, 0, 4); BigInteger dInt = GetBigInteger(d); BigInteger nInt = GetBigInteger(n); BigInteger eInt = GetBigInteger(e); RSAParameters rsaParams = RecoverRsaParameters(nInt, eInt, dInt); TestRsaKey(rsaParams); return(rsaParams); }
private void DecryptKeyblobs(IProgressReport logger = null) { var cmac = new byte[0x10]; var expectedCmac = new byte[0x10]; var counter = new byte[0x10]; for (int i = 0; i < UsedKeyblobCount; i++) { if (KeyblobKeys[i].IsEmpty() || KeyblobMacKeys[i].IsEmpty() || EncryptedKeyblobs[i].IsEmpty()) { continue; } Array.Copy(EncryptedKeyblobs[i], expectedCmac, 0x10); Crypto.CalculateAesCmac(KeyblobMacKeys[i], EncryptedKeyblobs[i], 0x10, cmac, 0, 0xa0); if (!Util.ArraysEqual(cmac, expectedCmac)) { logger?.LogMessage($"Warning: Keyblob MAC {i:x2} is invalid. Are SBK/TSEC key correct?"); } Array.Copy(EncryptedKeyblobs[i], 0x10, counter, 0, 0x10); using (var keyblobDec = new Aes128CtrStorage( new MemoryStorage(EncryptedKeyblobs[i], 0x20, Keyblobs[i].Length), KeyblobKeys[i], counter, false)) { keyblobDec.Read(Keyblobs[i], 0); } } }
private int FindKeyGeneration(Keyset keyset, IStorage storage) { var counter = new byte[0x10]; var decBuffer = new byte[0x10]; storage.Read(0x100, counter).ThrowIfFailure(); for (int i = 0; i < 0x20; i++) { var dec = new Aes128CtrStorage(storage.Slice(0x100), keyset.Package2Keys[i], counter, false); dec.Read(0x50, decBuffer).ThrowIfFailure(); if (BitConverter.ToUInt32(decBuffer, 0) == Pk21Magic) { return(i); } } throw new InvalidDataException("Failed to decrypt package2! Is the correct key present?"); }
public Package1(KeySet keySet, IStorage storage) { Storage = storage; var reader = new BinaryReader(storage.AsStream()); BuildHash = reader.ReadBytes(0x10); BuildDate = reader.ReadAscii(0xE); Field1E = reader.ReadUInt16(); reader.BaseStream.Position = 0x3FE0; Pk11Size = reader.ReadInt32(); reader.BaseStream.Position += 0xC; Counter = reader.ReadBytes(0x10); // Try decrypting the PK11 blob with all known package1 keys IStorage encStorage = Storage.Slice(0x4000, Pk11Size); byte[] decBuffer = new byte[0x10]; for (int i = 0; i < 0x20; i++) { var dec = new Aes128CtrStorage(encStorage, keySet.Package1Keys[i].DataRo.ToArray(), Counter, true); dec.Read(0, decBuffer).ThrowIfFailure(); if (BitConverter.ToUInt32(decBuffer, 0) == Pk11Magic) { KeyRevision = i; Pk11 = new Pk11(new CachedStorage(dec, 4, true)); return; } } throw new InvalidDataException("Failed to decrypt PK11! Is the correct key present?"); }