added functions for modifying permissions of a wad. applied titleid setting for tickets.

2024-09-29 17:48:44 +02:00 · 2010-12-23 07:32:10 +00:00 · 2010-12-23 07:32:10 +00:00 · 0f506a205d
commit 0f506a205d
parent 374699c434
4 changed files with 334 additions and 209 deletions
--- a/WiiQt/tiktmd.cpp
+++ b/WiiQt/tiktmd.cpp
@ -52,6 +52,34 @@ bool Tmd::SetIOS( quint64 ios )
    return true;
 }

+bool Tmd::SetAhb( bool remove )
+{
+    if( !p_tmd )
+	return false;
+
+	quint32 access = qFromBigEndian( p_tmd->access_rights );
+	if( remove )
+		access |=  1;
+	else
+		access &= 0xfffffffe;
+	p_tmd->access_rights = qToBigEndian( access );
+    return true;
+}
+
+bool Tmd::SetDiskAccess( bool allow )
+{
+    if( !p_tmd )
+	return false;
+
+	quint32 access = qFromBigEndian( p_tmd->access_rights );
+	if( allow )
+		access |=  2;
+	else
+		access &= 0xfffffffd;
+	p_tmd->access_rights = qToBigEndian( access );
+    return true;
+}
+
 quint16 Tmd::Gid()
 {
    if( !p_tmd )
@ -122,7 +150,7 @@ bool Tmd::SetSize( quint16 cid, quint32 size )
    if( !p_tmd || cid >= qFromBigEndian( p_tmd->num_contents ) )
 	return false;

-    p_tmd->contents[ cid ].size = qFromBigEndian( size );
+    p_tmd->contents[ cid ].size = qFromBigEndian( (quint64)size );
    return true;
 }

@ -249,11 +277,23 @@ bool Ticket::SetTid( quint64 tid )
 {
    if( !p_tik )
 	return false;
-    //hexdump( data, payLoadOffset, data.size() - payLoadOffset );

-    quint64 t = qFromBigEndian( tid );
-    p_tik->titleid = t;
-    //hexdump( data, payLoadOffset, data.size() - payLoadOffset );
+	p_tik->titleid = qFromBigEndian( tid );
+
+	//create new title key
+	quint8 iv[ 16 ];
+	quint8 keyin[ 16 ];
+	quint8 commonkey[ 16 ] = COMMON_KEY;
+
+	memcpy( &keyin, (quint8 *)decKey.data(), 16 );
+	memset( &p_tik->cipher_title_key, 0, 16 );
+	memset( &iv, 0, 16 );
+	memcpy( &iv, &p_tik->titleid, sizeof(quint64) );
+
+	aes_set_key( (quint8 *)&commonkey );
+	aes_encrypt( (quint8 *)&iv, (quint8 *)&keyin,
+			(quint8 *)&p_tik->cipher_title_key, 16 );
+
    return true;
 }

--- a/WiiQt/tiktmd.h
+++ b/WiiQt/tiktmd.h
@ -207,6 +207,8 @@ public:
    bool SetSize( quint16 i, quint32 size );
    bool SetHash( quint16 i, const QByteArray hash );
    bool SetIOS( quint64 ios );
+	bool SetAhb( bool remove = true );
+	bool SetDiskAccess( bool allow = true );

    bool FakeSign();

--- a/WiiQt/wad.cpp
+++ b/WiiQt/wad.cpp
@ -107,11 +107,13 @@ Wad::Wad( const QByteArray stuff )
 	{

 		quint32 s = RU( 0x40, t.Size( i ) );
-	//qDebug() << "content" << i << "is at" << hex << pos << "with size" << s;
+		qDebug() << "content" << i << "is at" << hex << pos
+			<< "with size" << s;
 		QByteArray encData = stuff.mid( pos, s );
 		pos += s;

-	//doing this here in case there is some other object that is using the AES that would change the key on us
+		//doing this here in case there is some other object that
+		//is using the AES that would change the key on us
 		AesSetKey( ticket.DecryptedKey() );

 		QByteArray decData = AesDecrypt( i, encData );
@ -281,7 +283,8 @@ const QByteArray Wad::Data( quint32 magicWord, const QByteArray footer )
 		quint32 s = RU( 0x40, partsEnc.at( i ).size() );
 		if( RU( 0x40, t.Size( i ) ) != s )
 		{
-	    Err( QString( "Size of content %1 is bad ( %2, %3, %4 )" ).arg( i )
+			Err( QString( "Size of content %1 is bad ( %2, %3, %4 )" )
+					.arg( i )
 					.arg( t.Size( i ), 0, 16 )
 					.arg( RU( 0x40, t.Size( i ) ), 0, 16 )
 					.arg( s, 0, 16 ) );
@ -572,6 +575,66 @@ bool Wad::SetTid( quint64 tid )
 	return true;
 }

+bool Wad::SetIOS( quint32 ios )
+{
+	if( !tmdData.size() || !tikData.size() )
+	{
+		Err( "Mising parts of the wad" );
+		return false;
+	}
+	Tmd t( tmdData );
+
+	t.SetIOS( ios );
+
+	if( !t.FakeSign() )
+	{
+		Err( "Error signing TMD" );
+		return false;
+	}
+	tmdData = t.Data();
+	return true;
+}
+
+bool Wad::SetAhb( bool remove )
+{
+	if( !tmdData.size() || !tikData.size() )
+	{
+		Err( "Mising parts of the wad" );
+		return false;
+	}
+	Tmd t( tmdData );
+
+	t.SetAhb( remove );
+
+	if( !t.FakeSign() )
+	{
+		Err( "Error signing TMD" );
+		return false;
+	}
+	tmdData = t.Data();
+	return true;
+}
+
+bool Wad::SetDiskAccess( bool allow )
+{
+	if( !tmdData.size() || !tikData.size() )
+	{
+		Err( "Mising parts of the wad" );
+		return false;
+	}
+	Tmd t( tmdData );
+
+	t.SetDiskAccess( allow );
+
+	if( !t.FakeSign() )
+	{
+		Err( "Error signing TMD" );
+		return false;
+	}
+	tmdData = t.Data();
+	return true;
+}
+
 bool Wad::ReplaceContent( quint16 idx, const QByteArray ba )
 {
 	if( idx >= partsEnc.size() || !tmdData.size() || !tikData.size() )
@ -583,8 +646,18 @@ bool Wad::ReplaceContent( quint16 idx, const QByteArray ba )
 	quint32 size = ba.size();

 	Tmd t( tmdData );
-    t.SetHash( idx, hash );
-    t.SetSize( idx, size );
+	if( !t.SetHash( idx, hash ) )
+	{
+		Err( "Error setting content hash" );
+		return false;
+	}else{
+		qDebug() << "Hash :" << hash.toHex();
+	}
+	if( !t.SetSize( idx, size ) )
+	{
+		Err( "Error setting content size" );
+		return false;
+	}
 	if( !t.FakeSign() )
 	{
 		Err( "Error signing the tmd" );
@ -601,3 +674,4 @@ bool Wad::ReplaceContent( quint16 idx, const QByteArray ba )

 	return true;
 }
+
--- a/WiiQt/wad.h
+++ b/WiiQt/wad.h
@ -25,6 +25,15 @@ public:
    //set the tid in the ticket&tmd and fakesign the wad
    bool SetTid( quint64 tid );

+    //set the ios in the ticket&tmd and fakesign the wad
+    bool SetIOS( quint32 ios );
+
+	//set the tmd to allow AHBPROT removal
+	bool SetAhb( bool remove = true );
+
+	//set the tmd to allow direct disc access
+	bool SetDiskAccess( bool allow = true );
+
    //replace a content of this wad, update the size & hash in the tmd and sign it
    //ba should be decrypted
    bool ReplaceContent( quint16 idx, const QByteArray ba );