added functions for modifying permissions of a wad. applied titleid setting for tickets.

WiiQt/tiktmd.cpp

@@ -52,6 +52,34 @@ bool Tmd::SetIOS( quint64 ios )
     return true;
 }
 
+bool Tmd::SetAhb( bool remove )
+{
+    if( !p_tmd )
+	return false;
+
+	quint32 access = qFromBigEndian( p_tmd->access_rights );
+	if( remove )
+		access |=  1;
+	else
+		access &= 0xfffffffe;
+	p_tmd->access_rights = qToBigEndian( access );
+    return true;
+}
+
+bool Tmd::SetDiskAccess( bool allow )
+{
+    if( !p_tmd )
+	return false;
+
+	quint32 access = qFromBigEndian( p_tmd->access_rights );
+	if( allow )
+		access |=  2;
+	else
+		access &= 0xfffffffd;
+	p_tmd->access_rights = qToBigEndian( access );
+    return true;
+}
+
 quint16 Tmd::Gid()
 {
     if( !p_tmd )
@@ -122,7 +150,7 @@ bool Tmd::SetSize( quint16 cid, quint32 size )
     if( !p_tmd || cid >= qFromBigEndian( p_tmd->num_contents ) )
 	return false;
 
-    p_tmd->contents[ cid ].size = qFromBigEndian( size );
+    p_tmd->contents[ cid ].size = qFromBigEndian( (quint64)size );
     return true;
 }
 
@@ -249,11 +277,23 @@ bool Ticket::SetTid( quint64 tid )
 {
     if( !p_tik )
 	return false;
-    //hexdump( data, payLoadOffset, data.size() - payLoadOffset );
 
-    quint64 t = qFromBigEndian( tid );
+	p_tik->titleid = qFromBigEndian( tid );
-    p_tik->titleid = t;
+
-    //hexdump( data, payLoadOffset, data.size() - payLoadOffset );
+	//create new title key
+	quint8 iv[ 16 ];
+	quint8 keyin[ 16 ];
+	quint8 commonkey[ 16 ] = COMMON_KEY;
+
+	memcpy( &keyin, (quint8 *)decKey.data(), 16 );
+	memset( &p_tik->cipher_title_key, 0, 16 );
+	memset( &iv, 0, 16 );
+	memcpy( &iv, &p_tik->titleid, sizeof(quint64) );
+
+	aes_set_key( (quint8 *)&commonkey );
+	aes_encrypt( (quint8 *)&iv, (quint8 *)&keyin,
+			(quint8 *)&p_tik->cipher_title_key, 16 );
+
     return true;
 }
 

WiiQt/tiktmd.h

@@ -207,6 +207,8 @@ public:
     bool SetSize( quint16 i, quint32 size );
     bool SetHash( quint16 i, const QByteArray hash );
     bool SetIOS( quint64 ios );
+	bool SetAhb( bool remove = true );
+	bool SetDiskAccess( bool allow = true );
 
     bool FakeSign();
 

WiiQt/wad.cpp

@@ -107,11 +107,13 @@ Wad::Wad( const QByteArray stuff )
 	{
 
 		quint32 s = RU( 0x40, t.Size( i ) );
-	//qDebug() << "content" << i << "is at" << hex << pos << "with size" << s;
+		qDebug() << "content" << i << "is at" << hex << pos
+			<< "with size" << s;
 		QByteArray encData = stuff.mid( pos, s );
 		pos += s;
 
-	//doing this here in case there is some other object that is using the AES that would change the key on us
+		//doing this here in case there is some other object that
+		//is using the AES that would change the key on us
 		AesSetKey( ticket.DecryptedKey() );
 
 		QByteArray decData = AesDecrypt( i, encData );
@@ -281,7 +283,8 @@ const QByteArray Wad::Data( quint32 magicWord, const QByteArray footer )
 		quint32 s = RU( 0x40, partsEnc.at( i ).size() );
 		if( RU( 0x40, t.Size( i ) ) != s )
 		{
-	    Err( QString( "Size of content %1 is bad ( %2, %3, %4 )" ).arg( i )
+			Err( QString( "Size of content %1 is bad ( %2, %3, %4 )" )
+					.arg( i )
 					.arg( t.Size( i ), 0, 16 )
 					.arg( RU( 0x40, t.Size( i ) ), 0, 16 )
 					.arg( s, 0, 16 ) );
@@ -572,6 +575,66 @@ bool Wad::SetTid( quint64 tid )
 	return true;
 }
 
+bool Wad::SetIOS( quint32 ios )
+{
+	if( !tmdData.size() || !tikData.size() )
+	{
+		Err( "Mising parts of the wad" );
+		return false;
+	}
+	Tmd t( tmdData );
+
+	t.SetIOS( ios );
+
+	if( !t.FakeSign() )
+	{
+		Err( "Error signing TMD" );
+		return false;
+	}
+	tmdData = t.Data();
+	return true;
+}
+
+bool Wad::SetAhb( bool remove )
+{
+	if( !tmdData.size() || !tikData.size() )
+	{
+		Err( "Mising parts of the wad" );
+		return false;
+	}
+	Tmd t( tmdData );
+
+	t.SetAhb( remove );
+
+	if( !t.FakeSign() )
+	{
+		Err( "Error signing TMD" );
+		return false;
+	}
+	tmdData = t.Data();
+	return true;
+}
+
+bool Wad::SetDiskAccess( bool allow )
+{
+	if( !tmdData.size() || !tikData.size() )
+	{
+		Err( "Mising parts of the wad" );
+		return false;
+	}
+	Tmd t( tmdData );
+
+	t.SetDiskAccess( allow );
+
+	if( !t.FakeSign() )
+	{
+		Err( "Error signing TMD" );
+		return false;
+	}
+	tmdData = t.Data();
+	return true;
+}
+
 bool Wad::ReplaceContent( quint16 idx, const QByteArray ba )
 {
 	if( idx >= partsEnc.size() || !tmdData.size() || !tikData.size() )
@@ -583,8 +646,18 @@ bool Wad::ReplaceContent( quint16 idx, const QByteArray ba )
 	quint32 size = ba.size();
 
 	Tmd t( tmdData );
-    t.SetHash( idx, hash );
+	if( !t.SetHash( idx, hash ) )
-    t.SetSize( idx, size );
+	{
+		Err( "Error setting content hash" );
+		return false;
+	}else{
+		qDebug() << "Hash :" << hash.toHex();
+	}
+	if( !t.SetSize( idx, size ) )
+	{
+		Err( "Error setting content size" );
+		return false;
+	}
 	if( !t.FakeSign() )
 	{
 		Err( "Error signing the tmd" );
@@ -601,3 +674,4 @@ bool Wad::ReplaceContent( quint16 idx, const QByteArray ba )
 
 	return true;
 }
+

WiiQt/wad.h

@@ -25,6 +25,15 @@ public:
     //set the tid in the ticket&tmd and fakesign the wad
     bool SetTid( quint64 tid );
 
+    //set the ios in the ticket&tmd and fakesign the wad
+    bool SetIOS( quint32 ios );
+
+	//set the tmd to allow AHBPROT removal
+	bool SetAhb( bool remove = true );
+
+	//set the tmd to allow direct disc access
+	bool SetDiskAccess( bool allow = true );
+
     //replace a content of this wad, update the size & hash in the tmd and sign it
     //ba should be decrypted
     bool ReplaceContent( quint16 idx, const QByteArray ba );