Fix tickets using the vWii common key (#9)

* had to download libogc's aes driver, hoping this works
This commit is contained in:
thepikachugamer 2024-03-01 07:18:50 -05:00 committed by GitHub
parent abd5f48be9
commit cb2351b877
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 249 additions and 35 deletions

125
source/aes.c Normal file
View File

@ -0,0 +1,125 @@
/*-------------------------------------------------------------
aes.c -- AES Engine
Copyright (C) 2022
GaryOderNichts
Joris 'DacoTaco' Vermeylen info@dacotaco.com
This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any
damages arising from the use of this software.
Permission is granted to anyone to use this software for any
purpose, including commercial applications, and to alter it and
redistribute it freely, subject to the following restrictions:
1. The origin of this software must not be misrepresented; you
must not claim that you wrote the original software. If you use
this software in a product, an acknowledgment in the product
documentation would be appreciated but is not required.
2. Altered source versions must be plainly marked as such, and
must not be misrepresented as being the original software.
3. This notice may not be removed or altered from any source
distribution.
-------------------------------------------------------------*/
#if defined(HW_RVL)
#include <string.h>
#include <gctypes.h>
#include <gcutil.h>
#include <ogc/ipc.h>
#include "aes.h"
#define AES_HEAPSIZE 0x200
#define AES_IOCTLV_ENCRYPT 2
#define AES_IOCTLV_DECRYPT 3
static s32 __aes_fd = -1;
static s32 __aes_hid = -1;
static s32 AES_ExecuteCommand(s32 command, const void* key, u32 key_size, void* iv, u32 iv_size, const void* in_data, void* out_data, u32 data_size)
{
if ((((u32)in_data | (u32)out_data) & 0xF) != 0)
return -4;
if (key_size != 16 || iv_size != 16 || (data_size & 15) != 0)
return -4;
ioctlv* params = (ioctlv*)iosAlloc(__aes_hid, sizeof(ioctlv) * 4);
if (!params)
return -1;
s32 ret = -1;
for (u32 i = 0; i < data_size; i += AES_BLOCK_SIZE) {
u32 size = i+AES_BLOCK_SIZE >= data_size
? data_size - i
: AES_BLOCK_SIZE;
params[0].data = (void*)((u32)in_data + i);
params[0].len = size;
params[1].data = (void*) key;
params[1].len = key_size;
params[2].data = (void*)((u32)out_data + i);
params[2].len = size;
params[3].data = iv;
params[3].len = iv_size;
ret = IOS_Ioctlv(__aes_fd, command, 2, 2, params);
if (ret < 0)
break;
}
iosFree(__aes_hid, params);
return ret;
}
s32 AES_Init(void)
{
if (__aes_fd >= 0)
return -1;
__aes_fd = IOS_Open("/dev/aes", 0);
if (__aes_fd < 0)
return __aes_fd;
//only create heap if it wasn't created yet.
//its never disposed, so only create once.
if(__aes_hid < 0)
__aes_hid = iosCreateHeap(AES_HEAPSIZE);
if (__aes_hid < 0) {
AES_Close();
return __aes_hid;
}
return 0;
}
s32 AES_Close(void)
{
if (__aes_fd < 0)
return -1;
IOS_Close(__aes_fd);
__aes_fd = -1;
return 0;
}
s32 AES_Encrypt(const void* key, u32 key_size, void* iv, u32 iv_size, const void* in_data, void* out_data, u32 data_size)
{
return AES_ExecuteCommand(AES_IOCTLV_ENCRYPT, key, key_size, iv, iv_size, in_data, out_data, data_size);
}
s32 AES_Decrypt(const void* key, u32 key_size, void* iv, u32 iv_size, const void* in_data, void* out_data, u32 data_size)
{
return AES_ExecuteCommand(AES_IOCTLV_DECRYPT, key, key_size, iv, iv_size, in_data, out_data, data_size);
}
#endif

53
source/aes.h Normal file
View File

@ -0,0 +1,53 @@
/*-------------------------------------------------------------
aes.h -- AES Engine
Copyright (C) 2022
GaryOderNichts
Joris 'DacoTaco' Vermeylen info@dacotaco.com
This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any
damages arising from the use of this software.
Permission is granted to anyone to use this software for any
purpose, including commercial applications, and to alter it and
redistribute it freely, subject to the following restrictions:
1. The origin of this software must not be misrepresented; you
must not claim that you wrote the original software. If you use
this software in a product, an acknowledgment in the product
documentation would be appreciated but is not required.
2. Altered source versions must be plainly marked as such, and
must not be misrepresented as being the original software.
3. This notice may not be removed or altered from any source
distribution.
-------------------------------------------------------------*/
#ifndef __AES_H___
#define __AES_H___
#if defined(HW_RVL)
#include <gctypes.h>
#include <gcutil.h>
#define AES_BLOCK_SIZE 0x10000
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
s32 AES_Init(void);
s32 AES_Close(void);
s32 AES_Decrypt(const void* key, u32 key_size, void* iv, u32 iv_size, const void* in_data, void* out_data, u32 data_size);
s32 AES_Encrypt(const void* key, u32 key_size, void* iv, u32 iv_size, const void* in_data, void* out_data, u32 data_size);
#ifdef __cplusplus
}
#endif /* __cplusplus */
#endif
#endif

View File

@ -2,11 +2,13 @@
#include <string.h>
#include <ogcsys.h>
#include <ogc/pad.h>
#include <ogc/es.h>
#include <unistd.h>
#include "sys.h"
#include "title.h"
#include "utils.h"
#include "aes.h"
#include "video.h"
#include "wad.h"
#include "wpad.h"
@ -286,7 +288,7 @@ static u32 GetSysMenuBootContent(void)
return 0;
}
ret = ES_GetStoredTMD(0x100000002LL, (u8*)s_tmd, size);
ret = ES_GetStoredTMD(0x100000002LL, s_tmd, size);
if (ret < 0)
{
printf("Error! ES_GetStoredTMD failed (ret=%i)\n", ret);
@ -550,17 +552,51 @@ out:
return ret;
}
void __Wad_FixTicket(signed_blob *p_tik)
{
u8 *data = (u8 *)p_tik;
u8 *ckey = data + 0x1F1;
static const aeskey
WiiCommonKey = { 0xeb, 0xe4, 0x2a, 0x22, 0x5e, 0x85, 0x93, 0xe4, 0x48, 0xd9, 0xc5, 0x45, 0x73, 0x81, 0xaa, 0xf7 },
vWiiCommonKey = { 0x30, 0xbf, 0xc7, 0x6e, 0x7c, 0x19, 0xaf, 0xbb, 0x23, 0x16, 0x33, 0x30, 0xce, 0xd7, 0xc2, 0x8d };
void __Wad_FixTicket(signed_blob *s_tik)
{
tik* p_tik = SIGNATURE_PAYLOAD(s_tik);
u8 *ckey = ((u8*)s_tik) + 0x1F1;
/*
* Alright. I'd hate to pull this off on signed tickets using the vWii common key.
* But this already does it, just without re-crypting the title key. So let's do it.
*/
bool fixKey = *ckey == 2;
if (*ckey > 1) {
/* Set common key */
*ckey = 0;
/* Fix tickets using vWii Common Key */
if (fixKey)
{
__attribute__((aligned(0x10)))
static unsigned char keybuf[0x10], iv[0x10];
u8* titlekey = p_tik->cipher_title_key;
u64* titleid = &p_tik->titleid;
memcpy(keybuf, titlekey, sizeof(keybuf));
memcpy(iv, titleid, sizeof(u64));
memset(iv + 8, 0, sizeof(iv) - 8);
AES_Init();
AES_Decrypt(vWiiCommonKey, 0x10, iv, 0x10, keybuf, keybuf, sizeof(keybuf));
memcpy(iv, titleid, sizeof(u64));
memset(iv + 8, 0, sizeof(iv) - 8);
AES_Encrypt(WiiCommonKey, 0x10, iv, 0x10, keybuf, keybuf, sizeof(keybuf));
memcpy(titlekey, keybuf, sizeof(keybuf));
AES_Close();
}
/* Fakesign ticket */
Title_FakesignTik(p_tik);
Title_FakesignTik(s_tik);
}
}