From 4dcf413dbc28c8fa4ce248ae99ac206799e20a0a Mon Sep 17 00:00:00 2001 From: jakcron Date: Fri, 24 Aug 2018 16:09:27 +0800 Subject: [PATCH] [nstool] Added keycfg state dumping. (--showkeys) --- programs/nstool/source/UserSettings.cpp | 164 ++++++++++++++++++++++++ programs/nstool/source/UserSettings.h | 8 +- 2 files changed, 170 insertions(+), 2 deletions(-) diff --git a/programs/nstool/source/UserSettings.cpp b/programs/nstool/source/UserSettings.cpp index ce1e929..7ea6125 100644 --- a/programs/nstool/source/UserSettings.cpp +++ b/programs/nstool/source/UserSettings.cpp @@ -6,6 +6,7 @@ #include #include #include +#include #include #include #include @@ -38,6 +39,8 @@ void UserSettings::parseCmdArgs(const std::vector& arg_list) populateCmdArgs(arg_list, args); populateKeyset(args); populateUserSettings(args); + if (_HAS_BIT(mOutputMode, OUTPUT_KEY_DATA)) + dumpKeyConfig(); } void UserSettings::showHelp() @@ -861,4 +864,165 @@ void UserSettings::getSwitchPath(std::string& path) const path.clear(); fnd::io::appendToPath(path, home); fnd::io::appendToPath(path, kHomeSwitchDirStr); +} + +void UserSettings::dumpKeyConfig() const +{ + fnd::aes::sAes128Key aes_key; + fnd::aes::sAesXts128Key aesxts_key; + fnd::rsa::sRsa2048Key rsa2048_key; + fnd::rsa::sRsa4096Key rsa4096_key; + + const std::string kKeyIndex[kMasterKeyNum] = {"00","01","02","03","04","05","06","07","08","09","0a","0b","0c","0d","0e","0f","10","11","12","13","14","15","16","17","18","19","1a","1b","1c","1d","1e","1f"}; + + + std::cout << "[KeyConfiguration]" << std::endl; + std::cout << " NCA Keys:" << std::endl; + if (mKeyCfg.getNcaHeader0SignKey(rsa2048_key) == true) + dumpRsa2048Key(rsa2048_key, "Header Signature[0] Key", 2); + if (mKeyCfg.getNcaHeaderKey(aesxts_key) == true) + dumpAesXtsKey(aesxts_key, "Header Encryption Key", 2); + + for (size_t i = 0; i < kMasterKeyNum; i++) + { + if (mKeyCfg.getNcaKeyAreaEncryptionKey(i,0, aes_key) == true) + dumpAesKey(aes_key, "KeyAreaEncryptionKey-Application-" + kKeyIndex[i], 2); + if (mKeyCfg.getNcaKeyAreaEncryptionKey(i,1, aes_key) == true) + dumpAesKey(aes_key, "KeyAreaEncryptionKey-Ocean-" + kKeyIndex[i], 2); + if (mKeyCfg.getNcaKeyAreaEncryptionKey(i,2, aes_key) == true) + dumpAesKey(aes_key, "KeyAreaEncryptionKey-System-" + kKeyIndex[i], 2); + } + + for (size_t i = 0; i < kMasterKeyNum; i++) + { + if (mKeyCfg.getNcaKeyAreaEncryptionKeyHw(i,0, aes_key) == true) + dumpAesKey(aes_key, "KeyAreaEncryptionKeyHw-Application-" + kKeyIndex[i], 2); + if (mKeyCfg.getNcaKeyAreaEncryptionKeyHw(i,1, aes_key) == true) + dumpAesKey(aes_key, "KeyAreaEncryptionKeyHw-Ocean-" + kKeyIndex[i], 2); + if (mKeyCfg.getNcaKeyAreaEncryptionKeyHw(i,2, aes_key) == true) + dumpAesKey(aes_key, "KeyAreaEncryptionKeyHw-System-" + kKeyIndex[i], 2); + } + + std::cout << " XCI Keys:" << std::endl; + if (mKeyCfg.getXciHeaderSignKey(rsa2048_key) == true) + dumpRsa2048Key(rsa2048_key, "Header Signature Key", 2); + if (mKeyCfg.getXciHeaderKey(aes_key) == true) + dumpAesKey(aes_key, "Extended Header Encryption Key", 2); + + + if (mKeyCfg.getAcidSignKey(rsa2048_key) == true) + dumpRsa2048Key(rsa2048_key, "ACID Signer Key", 1); + + + std::cout << " Package1 Keys:" << std::endl; + for (size_t i = 0; i < kMasterKeyNum; i++) + { + if (mKeyCfg.getPkg1Key(i, aes_key) == true) + dumpAesKey(aes_key, "EncryptionKey-" + kKeyIndex[i], 2); + } + + std::cout << " Package2 Keys:" << std::endl; + if (mKeyCfg.getPkg2SignKey(rsa2048_key) == true) + dumpRsa2048Key(rsa2048_key, "Signature Key", 2); + for (size_t i = 0; i < kMasterKeyNum; i++) + { + if (mKeyCfg.getPkg2Key(i, aes_key) == true) + dumpAesKey(aes_key, "EncryptionKey-" + kKeyIndex[i], 2); + } + + std::cout << " ETicket Keys:" << std::endl; + for (size_t i = 0; i < kMasterKeyNum; i++) + { + if (mKeyCfg.getETicketCommonKey(i, aes_key) == true) + dumpAesKey(aes_key, "CommonKey-" + kKeyIndex[i], 2); + } + + if (mKeyCfg.getPkiRootSignKey("Root", rsa4096_key) == true) + dumpRsa4096Key(rsa4096_key, "NNPKI Root Key", 1); +} + +void UserSettings::dumpRsa2048Key(const fnd::rsa::sRsa2048Key& key, const std::string& name, size_t indent) const +{ + std::string indent_str; + + indent_str.clear(); + for (size_t i = 0; i < indent; i++) + { + indent_str += " "; + } + + std::cout << indent_str << name << ":" << std::endl; + if (key.modulus[0] != 0x00 && key.modulus[1] != 0x00) + { + std::cout << indent_str << " Modulus:" << std::endl; + for (size_t i = 0; i < 0x10; i++) + { + std::cout << indent_str << " " << fnd::SimpleTextOutput::arrayToString(key.modulus + i * 0x10, 0x10, true, ":") << std::endl; + } + } + if (key.priv_exponent[0] != 0x00 && key.priv_exponent[1] != 0x00) + { + std::cout << indent_str << " Private Exponent:" << std::endl; + for (size_t i = 0; i < 0x10; i++) + { + std::cout << indent_str << " " << fnd::SimpleTextOutput::arrayToString(key.priv_exponent + i * 0x10, 0x10, true, ":") << std::endl; + } + } +} + +void UserSettings::dumpRsa4096Key(const fnd::rsa::sRsa4096Key& key, const std::string& name, size_t indent) const +{ + std::string indent_str; + + indent_str.clear(); + for (size_t i = 0; i < indent; i++) + { + indent_str += " "; + } + + std::cout << indent_str << name << ":" << std::endl; + if (key.modulus[0] != 0x00 && key.modulus[1] != 0x00) + { + std::cout << indent_str << " Modulus:" << std::endl; + for (size_t i = 0; i < 0x20; i++) + { + std::cout << indent_str << " " << fnd::SimpleTextOutput::arrayToString(key.modulus + i * 0x10, 0x10, true, ":") << std::endl; + } + } + if (key.priv_exponent[0] != 0x00 && key.priv_exponent[1] != 0x00) + { + std::cout << indent_str << " Private Exponent:" << std::endl; + for (size_t i = 0; i < 0x20; i++) + { + std::cout << indent_str << " " << fnd::SimpleTextOutput::arrayToString(key.priv_exponent + i * 0x10, 0x10, true, ":") << std::endl; + } + } +} + +void UserSettings::dumpAesKey(const fnd::aes::sAes128Key& key, const std::string& name, size_t indent) const +{ + std::string indent_str; + + indent_str.clear(); + for (size_t i = 0; i < indent; i++) + { + indent_str += " "; + } + + std::cout << indent_str << name << ":" << std::endl; + std::cout << indent_str << " " << fnd::SimpleTextOutput::arrayToString(key.key, 0x10, true, ":") << std::endl; +} + +void UserSettings::dumpAesXtsKey(const fnd::aes::sAesXts128Key& key, const std::string& name, size_t indent) const +{ + std::string indent_str; + + indent_str.clear(); + for (size_t i = 0; i < indent; i++) + { + indent_str += " "; + } + + std::cout << indent_str << name << ":" << std::endl; + std::cout << indent_str << " " << fnd::SimpleTextOutput::arrayToString(key.key[0], 0x20, true, ":") << std::endl; } \ No newline at end of file diff --git a/programs/nstool/source/UserSettings.h b/programs/nstool/source/UserSettings.h index 84450ba..a3c61db 100644 --- a/programs/nstool/source/UserSettings.h +++ b/programs/nstool/source/UserSettings.h @@ -45,8 +45,6 @@ public: const sOptional& getAssetNacpPath() const; const fnd::List>& getCertificateChain() const; - void dumpKeys() const; - private: const std::string kModuleName = "UserSettings"; @@ -127,4 +125,10 @@ private: nn::hac::npdm::InstructionType getInstructionTypeFromString(const std::string& type_str); void getHomePath(std::string& path) const; void getSwitchPath(std::string& path) const; + + void dumpKeyConfig() const; + void dumpRsa2048Key(const fnd::rsa::sRsa2048Key& key, const std::string& name, size_t indent) const; + void dumpRsa4096Key(const fnd::rsa::sRsa4096Key& key, const std::string& name, size_t indent) const; + void dumpAesKey(const fnd::aes::sAes128Key& key, const std::string& name, size_t indent) const; + void dumpAesXtsKey(const fnd::aes::sAesXts128Key& key, const std::string& name, size_t indent) const; }; \ No newline at end of file