checking AES_Decrypt

source/wad.c

@@ -554,10 +554,10 @@ out:
 
 static const aeskey WiiCommonKey = { 0xeb, 0xe4, 0x2a, 0x22, 0x5e, 0x85, 0x93, 0xe4, 0x48, 0xd9, 0xc5, 0x45, 0x73, 0x81, 0xaa, 0xf7 };
 
-void __Wad_FixTicket(signed_blob *p_tik)
+void __Wad_FixTicket(signed_blob *s_tik)
 {
-	u8 *data = (u8 *)p_tik;
-	u8 *ckey = data + 0x1F1;
+	tik* p_tik = SIGNATURE_PAYLOAD(s_tik);
+	u8 *ckey = ((u8*)s_tik) + 0x1F1;
 
 	/*
 	 * Alright. I'd hate to pull this off on signed tickets using the vWii common key.
@@ -574,15 +574,15 @@ void __Wad_FixTicket(signed_blob *p_tik)
 			__attribute__((aligned(0x10)))
 			static unsigned char keybuf[0x10], iv[0x10];
 
-			u8* titlekey = data + sizeof(sig_rsa2048) + offsetof(tik, cipher_title_key);
-			u64* titleid = data + sizeof(sig_rsa2048) + offsetof(tik, titleid);
+			u8* titlekey = &p_tik->cipher_title_key;
+			u64* titleid = &p_tik->titleid;
 
 			memcpy(keybuf, titlekey, sizeof(keybuf));
-			// Static so it's already zero-initialized. Ideally the bottom 8 bytes don't get touched somehow.
-			//
-			memcpy(iv, titleid, sizeof(*titleid));
+			memcpy(iv, titleid, sizeof(u64));
+			memset(iv + 8, 0, sizeof(iv) - sizeof(u64));
 			AES_Init();
-			AES_Decrypt(WiiCommonKey, 0x10, iv, 0x10, keybuf, keybuf, 0x10);
+			int ret = AES_Decrypt(WiiCommonKey, 0x10, iv, 0x10, keybuf, keybuf, 0x10);
+			printf("decrypt:%i\n", ret);
 			memcpy(titlekey, keybuf, sizeof(keybuf));
 		}