diff --git a/extkeys.c b/extkeys.c index 4f27063..5e8e30b 100644 --- a/extkeys.c +++ b/extkeys.c @@ -278,8 +278,14 @@ void extkeys_initialize_settings(hactool_settings_t *settings, FILE *f) { } else if (strcmp(key, "tsec_key") == 0) { parse_hex_key(keyset->tsec_key, value, sizeof(keyset->tsec_key)); matched_key = 1; - } else if (strcmp(key, "tsec_root_key") == 0 || strcmp(key, "tsec_root_key_00") == 0) { - parse_hex_key(keyset->tsec_root_key, value, sizeof(keyset->tsec_root_key)); + } else if (strcmp(key, "tsec_root_kek") == 0) { + parse_hex_key(keyset->tsec_root_kek, value, sizeof(keyset->tsec_root_kek)); + matched_key = 1; + } else if (strcmp(key, "package1_mac_kek") == 0) { + parse_hex_key(keyset->package1_mac_kek, value, sizeof(keyset->package1_mac_kek)); + matched_key = 1; + } else if (strcmp(key, "package1_kek") == 0) { + parse_hex_key(keyset->package1_kek, value, sizeof(keyset->package1_kek)); matched_key = 1; } else if (strcmp(key, "beta_nca0_exponent") == 0) { unsigned char exponent[0x100] = {0}; @@ -325,12 +331,33 @@ void extkeys_initialize_settings(hactool_settings_t *settings, FILE *f) { } } for (unsigned int i = 0x6; i < 0x20 && !matched_key; i++) { + snprintf(test_name, sizeof(test_name), "tsec_auth_signature_%02"PRIx32, i - 6); + if (strcmp(key, test_name) == 0) { + parse_hex_key(keyset->tsec_auth_signatures[i - 6], value, sizeof(keyset->tsec_auth_signatures[i - 6])); + matched_key = 1; + break; + } + + snprintf(test_name, sizeof(test_name), "tsec_root_key_%02"PRIx32, i - 6); + if (strcmp(key, test_name) == 0) { + parse_hex_key(keyset->tsec_root_keys[i - 6], value, sizeof(keyset->tsec_root_keys[i - 6])); + matched_key = 1; + break; + } + snprintf(test_name, sizeof(test_name), "master_kek_source_%02"PRIx32, i); if (strcmp(key, test_name) == 0) { parse_hex_key(keyset->master_kek_sources[i], value, sizeof(keyset->master_kek_sources[i])); matched_key = 1; break; } + + snprintf(test_name, sizeof(test_name), "package1_mac_key_%02"PRIx32, i); + if (strcmp(key, test_name) == 0) { + parse_hex_key(keyset->package1_mac_keys[i], value, sizeof(keyset->package1_mac_keys[i])); + matched_key = 1; + break; + } } for (unsigned int i = 0; i < 0x20 && !matched_key; i++) { snprintf(test_name, sizeof(test_name), "master_kek_%02"PRIx32, i); diff --git a/pki.c b/pki.c index dc1e5c9..ba908f9 100644 --- a/pki.c +++ b/pki.c @@ -67,441 +67,7 @@ const unsigned char *pki_get_beta_nca0_label_hash(void) { static const nca_keyset_t nca_keys_retail = { - ZEROES_KEY, /* Secure Boot Key (CONSOLE UNIQUE) */ - ZEROES_KEY, /* TSEC Key (CONSOLE UNIQUE) */ - { - ZEROES_KEY, /* Keyblob Key 00 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 01 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 02 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 03 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 04 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 05 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 06 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 07 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 08 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 09 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 10 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 11 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 12 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 13 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 14 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 15 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 16 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 17 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 18 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 19 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 20 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 21 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 22 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 23 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 24 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 25 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 26 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 27 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 28 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 29 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 30 (CONSOLE UNIQUE) */ - ZEROES_KEY /* Keyblob Key 31 (CONSOLE UNIQUE) */ - }, - { - ZEROES_KEY, /* Keyblob Mac Key 00 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 01 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 02 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 03 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 04 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 05 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 06 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 07 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 08 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 09 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 10 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 11 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 12 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 13 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 14 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 15 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 16 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 17 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 18 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 19 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 20 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 21 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 22 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 23 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 24 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 25 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 26 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 27 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 28 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 29 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 30 (CONSOLE UNIQUE) */ - ZEROES_KEY /* Keyblob Mac Key 31 (CONSOLE UNIQUE) */ - }, - { - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 00 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 01 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 02 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 03 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 04 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 05 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 06 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 07 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 08 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 09 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 10 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 11 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 12 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 13 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 14 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 15 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 16 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 17 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 18 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 19 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 20 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 21 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 22 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 23 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 24 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 25 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 26 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 27 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 28 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 29 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 30 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB /* Encrypted Keyblob 31 (CONSOLE UNIQUE) */ - }, - { - ZEROES_KEYBLOB, /* Keyblob 00 */ - ZEROES_KEYBLOB, /* Keyblob 01 */ - ZEROES_KEYBLOB, /* Keyblob 02 */ - ZEROES_KEYBLOB, /* Keyblob 03 */ - ZEROES_KEYBLOB, /* Keyblob 04 */ - ZEROES_KEYBLOB, /* Keyblob 05 */ - ZEROES_KEYBLOB, /* Keyblob 06 */ - ZEROES_KEYBLOB, /* Keyblob 07 */ - ZEROES_KEYBLOB, /* Keyblob 08 */ - ZEROES_KEYBLOB, /* Keyblob 09 */ - ZEROES_KEYBLOB, /* Keyblob 10 */ - ZEROES_KEYBLOB, /* Keyblob 11 */ - ZEROES_KEYBLOB, /* Keyblob 12 */ - ZEROES_KEYBLOB, /* Keyblob 13 */ - ZEROES_KEYBLOB, /* Keyblob 14 */ - ZEROES_KEYBLOB, /* Keyblob 15 */ - ZEROES_KEYBLOB, /* Keyblob 16 */ - ZEROES_KEYBLOB, /* Keyblob 17 */ - ZEROES_KEYBLOB, /* Keyblob 18 */ - ZEROES_KEYBLOB, /* Keyblob 19 */ - ZEROES_KEYBLOB, /* Keyblob 20 */ - ZEROES_KEYBLOB, /* Keyblob 21 */ - ZEROES_KEYBLOB, /* Keyblob 22 */ - ZEROES_KEYBLOB, /* Keyblob 23 */ - ZEROES_KEYBLOB, /* Keyblob 24 */ - ZEROES_KEYBLOB, /* Keyblob 25 */ - ZEROES_KEYBLOB, /* Keyblob 26 */ - ZEROES_KEYBLOB, /* Keyblob 27 */ - ZEROES_KEYBLOB, /* Keyblob 28 */ - ZEROES_KEYBLOB, /* Keyblob 29 */ - ZEROES_KEYBLOB, /* Keyblob 30 */ - ZEROES_KEYBLOB /* Keyblob 31 */ - }, - { - ZEROES_KEY, /* Keyblob Key Source 00 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 01 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 02 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 03 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 04 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 05 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 06 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 07 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 08 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 09 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 10 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 11 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 12 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 13 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 14 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 15 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 16 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 17 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 18 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 19 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 20 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 21 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 22 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 23 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 24 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 25 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 26 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 27 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 28 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 29 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 30 (CONSOLE UNIQUE) */ - ZEROES_KEY /* Keyblob Key Source 31 (CONSOLE UNIQUE) */ - }, - ZEROES_KEY, /* Keyblob Mac Key Source */ - ZEROES_KEY, /* TSEC Root Key */ - { - ZEROES_KEY, /* Master Kek Source 00 */ - ZEROES_KEY, /* Master Kek Source 01 */ - ZEROES_KEY, /* Master Kek Source 02 */ - ZEROES_KEY, /* Master Kek Source 03 */ - ZEROES_KEY, /* Master Kek Source 04 */ - ZEROES_KEY, /* Master Kek Source 05 */ - ZEROES_KEY, /* Master Kek Source 06 */ - ZEROES_KEY, /* Master Kek Source 07 */ - ZEROES_KEY, /* Master Kek Source 08 */ - ZEROES_KEY, /* Master Kek Source 09 */ - ZEROES_KEY, /* Master Kek Source 10 */ - ZEROES_KEY, /* Master Kek Source 11 */ - ZEROES_KEY, /* Master Kek Source 12 */ - ZEROES_KEY, /* Master Kek Source 13 */ - ZEROES_KEY, /* Master Kek Source 14 */ - ZEROES_KEY, /* Master Kek Source 15 */ - ZEROES_KEY, /* Master Kek Source 16 */ - ZEROES_KEY, /* Master Kek Source 17 */ - ZEROES_KEY, /* Master Kek Source 18 */ - ZEROES_KEY, /* Master Kek Source 19 */ - ZEROES_KEY, /* Master Kek Source 20 */ - ZEROES_KEY, /* Master Kek Source 21 */ - ZEROES_KEY, /* Master Kek Source 22 */ - ZEROES_KEY, /* Master Kek Source 23 */ - ZEROES_KEY, /* Master Kek Source 24 */ - ZEROES_KEY, /* Master Kek Source 25 */ - ZEROES_KEY, /* Master Kek Source 26 */ - ZEROES_KEY, /* Master Kek Source 27 */ - ZEROES_KEY, /* Master Kek Source 28 */ - ZEROES_KEY, /* Master Kek Source 29 */ - ZEROES_KEY, /* Master Kek Source 30 */ - ZEROES_KEY /* Master Kek Source 31 */ - }, - { - ZEROES_KEY, /* Master Kek 00 */ - ZEROES_KEY, /* Master Kek 01 */ - ZEROES_KEY, /* Master Kek 02 */ - ZEROES_KEY, /* Master Kek 03 */ - ZEROES_KEY, /* Master Kek 04 */ - ZEROES_KEY, /* Master Kek 05 */ - ZEROES_KEY, /* Master Kek 06 */ - ZEROES_KEY, /* Master Kek 07 */ - ZEROES_KEY, /* Master Kek 08 */ - ZEROES_KEY, /* Master Kek 09 */ - ZEROES_KEY, /* Master Kek 10 */ - ZEROES_KEY, /* Master Kek 11 */ - ZEROES_KEY, /* Master Kek 12 */ - ZEROES_KEY, /* Master Kek 13 */ - ZEROES_KEY, /* Master Kek 14 */ - ZEROES_KEY, /* Master Kek 15 */ - ZEROES_KEY, /* Master Kek 16 */ - ZEROES_KEY, /* Master Kek 17 */ - ZEROES_KEY, /* Master Kek 18 */ - ZEROES_KEY, /* Master Kek 19 */ - ZEROES_KEY, /* Master Kek 20 */ - ZEROES_KEY, /* Master Kek 21 */ - ZEROES_KEY, /* Master Kek 22 */ - ZEROES_KEY, /* Master Kek 23 */ - ZEROES_KEY, /* Master Kek 24 */ - ZEROES_KEY, /* Master Kek 25 */ - ZEROES_KEY, /* Master Kek 26 */ - ZEROES_KEY, /* Master Kek 27 */ - ZEROES_KEY, /* Master Kek 28 */ - ZEROES_KEY, /* Master Kek 29 */ - ZEROES_KEY, /* Master Kek 30 */ - ZEROES_KEY /* Master Kek 31 */ - }, - ZEROES_KEY, /* Master Key Source */ - { - ZEROES_KEY, /* Master Key 00 */ - ZEROES_KEY, /* Master Key 01 */ - ZEROES_KEY, /* Master Key 02 */ - ZEROES_KEY, /* Master Key 03 */ - ZEROES_KEY, /* Master Key 04 */ - ZEROES_KEY, /* Master Key 05 */ - ZEROES_KEY, /* Master Key 06 */ - ZEROES_KEY, /* Master Key 07 */ - ZEROES_KEY, /* Master Key 08 */ - ZEROES_KEY, /* Master Key 09 */ - ZEROES_KEY, /* Master Key 10 */ - ZEROES_KEY, /* Master Key 11 */ - ZEROES_KEY, /* Master Key 12 */ - ZEROES_KEY, /* Master Key 13 */ - ZEROES_KEY, /* Master Key 14 */ - ZEROES_KEY, /* Master Key 15 */ - ZEROES_KEY, /* Master Key 16 */ - ZEROES_KEY, /* Master Key 17 */ - ZEROES_KEY, /* Master Key 18 */ - ZEROES_KEY, /* Master Key 19 */ - ZEROES_KEY, /* Master Key 20 */ - ZEROES_KEY, /* Master Key 21 */ - ZEROES_KEY, /* Master Key 22 */ - ZEROES_KEY, /* Master Key 23 */ - ZEROES_KEY, /* Master Key 24 */ - ZEROES_KEY, /* Master Key 25 */ - ZEROES_KEY, /* Master Key 26 */ - ZEROES_KEY, /* Master Key 27 */ - ZEROES_KEY, /* Master Key 28 */ - ZEROES_KEY, /* Master Key 29 */ - ZEROES_KEY, /* Master Key 30 */ - ZEROES_KEY /* Master Key 31 */ - }, - { - ZEROES_KEY, /* Package1 Key 00 */ - ZEROES_KEY, /* Package1 Key 01 */ - ZEROES_KEY, /* Package1 Key 02 */ - ZEROES_KEY, /* Package1 Key 03 */ - ZEROES_KEY, /* Package1 Key 04 */ - ZEROES_KEY, /* Package1 Key 05 */ - ZEROES_KEY, /* Package1 Key 06 */ - ZEROES_KEY, /* Package1 Key 07 */ - ZEROES_KEY, /* Package1 Key 08 */ - ZEROES_KEY, /* Package1 Key 09 */ - ZEROES_KEY, /* Package1 Key 10 */ - ZEROES_KEY, /* Package1 Key 11 */ - ZEROES_KEY, /* Package1 Key 12 */ - ZEROES_KEY, /* Package1 Key 13 */ - ZEROES_KEY, /* Package1 Key 14 */ - ZEROES_KEY, /* Package1 Key 15 */ - ZEROES_KEY, /* Package1 Key 16 */ - ZEROES_KEY, /* Package1 Key 17 */ - ZEROES_KEY, /* Package1 Key 18 */ - ZEROES_KEY, /* Package1 Key 19 */ - ZEROES_KEY, /* Package1 Key 20 */ - ZEROES_KEY, /* Package1 Key 21 */ - ZEROES_KEY, /* Package1 Key 22 */ - ZEROES_KEY, /* Package1 Key 23 */ - ZEROES_KEY, /* Package1 Key 24 */ - ZEROES_KEY, /* Package1 Key 25 */ - ZEROES_KEY, /* Package1 Key 26 */ - ZEROES_KEY, /* Package1 Key 27 */ - ZEROES_KEY, /* Package1 Key 28 */ - ZEROES_KEY, /* Package1 Key 29 */ - ZEROES_KEY, /* Package1 Key 30 */ - ZEROES_KEY /* Package1 Key 31 */ - }, - { - ZEROES_KEY, /* Package2 Key 00 */ - ZEROES_KEY, /* Package2 Key 01 */ - ZEROES_KEY, /* Package2 Key 02 */ - ZEROES_KEY, /* Package2 Key 03 */ - ZEROES_KEY, /* Package2 Key 04 */ - ZEROES_KEY, /* Package2 Key 05 */ - ZEROES_KEY, /* Package2 Key 06 */ - ZEROES_KEY, /* Package2 Key 07 */ - ZEROES_KEY, /* Package2 Key 08 */ - ZEROES_KEY, /* Package2 Key 09 */ - ZEROES_KEY, /* Package2 Key 10 */ - ZEROES_KEY, /* Package2 Key 11 */ - ZEROES_KEY, /* Package2 Key 12 */ - ZEROES_KEY, /* Package2 Key 13 */ - ZEROES_KEY, /* Package2 Key 14 */ - ZEROES_KEY, /* Package2 Key 15 */ - ZEROES_KEY, /* Package2 Key 16 */ - ZEROES_KEY, /* Package2 Key 17 */ - ZEROES_KEY, /* Package2 Key 18 */ - ZEROES_KEY, /* Package2 Key 19 */ - ZEROES_KEY, /* Package2 Key 20 */ - ZEROES_KEY, /* Package2 Key 21 */ - ZEROES_KEY, /* Package2 Key 22 */ - ZEROES_KEY, /* Package2 Key 23 */ - ZEROES_KEY, /* Package2 Key 24 */ - ZEROES_KEY, /* Package2 Key 25 */ - ZEROES_KEY, /* Package2 Key 26 */ - ZEROES_KEY, /* Package2 Key 27 */ - ZEROES_KEY, /* Package2 Key 28 */ - ZEROES_KEY, /* Package2 Key 29 */ - ZEROES_KEY, /* Package2 Key 30 */ - ZEROES_KEY /* Package2 Key 31 */ - }, - ZEROES_KEY, /* Package2 Key Source */ - ZEROES_KEY, /* Generate Aes Kek Source */ - ZEROES_KEY, /* Generate Aes Key Source */ - ZEROES_KEY, /* Key Area Encryption Key Source Application */ - ZEROES_KEY, /* Key Area Encryption Key Source Ocean */ - ZEROES_KEY, /* Key Area Encryption Key Source System */ - ZEROES_KEY, /* Titlekek Source */ - ZEROES_KEY, /* Headerkek Source */ - ZEROES_KEY, /* SD Card kek Source. */ - { - ZEROES_XTS_KEY, /* SD Card Key Source, for NCAs. */ - ZEROES_XTS_KEY, /* SD Card Key Source, for saves. */ - }, - ZEROES_KEY, /* Save MAC kek Source. */ - ZEROES_KEY, /* Save MAC key Source. */ - ZEROES_XTS_KEY, /* Encrypted Header Key */ - ZEROES_XTS_KEY, /* Header key */ - { - ZEROES_KEY, /* Titlekek 00 */ - ZEROES_KEY, /* Titlekek 01 */ - ZEROES_KEY, /* Titlekek 02 */ - ZEROES_KEY, /* Titlekek 03 */ - ZEROES_KEY, /* Titlekek 04 */ - ZEROES_KEY, /* Titlekek 05 */ - ZEROES_KEY, /* Titlekek 06 */ - ZEROES_KEY, /* Titlekek 07 */ - ZEROES_KEY, /* Titlekek 08 */ - ZEROES_KEY, /* Titlekek 09 */ - ZEROES_KEY, /* Titlekek 10 */ - ZEROES_KEY, /* Titlekek 11 */ - ZEROES_KEY, /* Titlekek 12 */ - ZEROES_KEY, /* Titlekek 13 */ - ZEROES_KEY, /* Titlekek 14 */ - ZEROES_KEY, /* Titlekek 15 */ - ZEROES_KEY, /* Titlekek 16 */ - ZEROES_KEY, /* Titlekek 17 */ - ZEROES_KEY, /* Titlekek 18 */ - ZEROES_KEY, /* Titlekek 19 */ - ZEROES_KEY, /* Titlekek 20 */ - ZEROES_KEY, /* Titlekek 21 */ - ZEROES_KEY, /* Titlekek 22 */ - ZEROES_KEY, /* Titlekek 23 */ - ZEROES_KEY, /* Titlekek 24 */ - ZEROES_KEY, /* Titlekek 25 */ - ZEROES_KEY, /* Titlekek 26 */ - ZEROES_KEY, /* Titlekek 27 */ - ZEROES_KEY, /* Titlekek 28 */ - ZEROES_KEY, /* Titlekek 29 */ - ZEROES_KEY, /* Titlekek 30 */ - ZEROES_KEY /* Titlekek 31 */ - }, - { - ZEROES_KAEKS, /* Key Area Encryption Keyset 00 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 01 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 02 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 03 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 04 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 05 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 06 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 07 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 08 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 09 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 10 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 11 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 12 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 13 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 14 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 15 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 16 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 17 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 18 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 19 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 20 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 21 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 22 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 23 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 24 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 25 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 26 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 27 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 28 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 29 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 30 */ - ZEROES_KAEKS /* Key Area Encryption Keyset 31 */ - }, - { - ZEROES_XTS_KEY, /* SD Card Key, for NCAs. */ - ZEROES_XTS_KEY, /* SD Card Key, for saves. */ - }, - { /* Fixed RSA key used to validate NCA signature 0. */ + .nca_hdr_fixed_key_modulus = { /* Fixed RSA key used to validate NCA signature 0. */ 0xBF, 0xBE, 0x40, 0x6C, 0xF4, 0xA7, 0x80, 0xE9, 0xF0, 0x7D, 0x0C, 0x99, 0x61, 0x1D, 0x77, 0x2F, 0x96, 0xBC, 0x4B, 0x9E, 0x58, 0x38, 0x1B, 0x03, 0xAB, 0xB1, 0x75, 0x49, 0x9F, 0x2B, 0x4D, 0x58, 0x34, 0xB0, 0x05, 0xA3, 0x75, 0x22, 0xBE, 0x1A, 0x3F, 0x03, 0x73, 0xAC, 0x70, 0x68, 0xD1, 0x16, @@ -519,7 +85,7 @@ static const nca_keyset_t nca_keys_retail = { 0x7E, 0x32, 0x8C, 0x27, 0x42, 0xFE, 0x82, 0x78, 0xEC, 0x0D, 0xEB, 0xE6, 0x83, 0x4B, 0x6D, 0x81, 0x04, 0x40, 0x1A, 0x9E, 0x9A, 0x67, 0xF6, 0x72, 0x29, 0xFA, 0x04, 0xF0, 0x9D, 0xE4, 0xF4, 0x03 }, - { /* Fixed RSA key used to validate ACID signatures. */ + .acid_fixed_key_modulus = { /* Fixed RSA key used to validate ACID signatures. */ 0xDD, 0xC8, 0xDD, 0xF2, 0x4E, 0x6D, 0xF0, 0xCA, 0x9E, 0xC7, 0x5D, 0xC7, 0x7B, 0xAD, 0xFE, 0x7D, 0x23, 0x89, 0x69, 0xB6, 0xF2, 0x06, 0xA2, 0x02, 0x88, 0xE1, 0x55, 0x91, 0xAB, 0xCB, 0x4D, 0x50, 0x2E, 0xFC, 0x9D, 0x94, 0x76, 0xD6, 0x4C, 0xD8, 0xFF, 0x10, 0xFA, 0x5E, 0x93, 0x0A, 0xB4, 0x57, @@ -537,7 +103,7 @@ static const nca_keyset_t nca_keys_retail = { 0x37, 0xEA, 0xE8, 0x1E, 0x7C, 0x77, 0xB7, 0xC6, 0x1A, 0xA2, 0xF0, 0x9F, 0x10, 0x61, 0xCD, 0x7B, 0x5B, 0x32, 0x4C, 0x37, 0xEF, 0xB1, 0x71, 0x68, 0x53, 0x0A, 0xED, 0x51, 0x7D, 0x35, 0x22, 0xFD }, - { /* Fixed RSA key used to validate PK21 signatures. */ + .package2_fixed_key_modulus = { /* Fixed RSA key used to validate PK21 signatures. */ 0x8D, 0x13, 0xA7, 0x77, 0x6A, 0xE5, 0xDC, 0xC0, 0x3B, 0x25, 0xD0, 0x58, 0xE4, 0x20, 0x69, 0x59, 0x55, 0x4B, 0xAB, 0x70, 0x40, 0x08, 0x28, 0x07, 0xA8, 0xA7, 0xFD, 0x0F, 0x31, 0x2E, 0x11, 0xFE, 0x47, 0xA0, 0xF9, 0x9D, 0xDF, 0x80, 0xDB, 0x86, 0x5A, 0x27, 0x89, 0xCD, 0x97, 0x6C, 0x85, 0xC5, @@ -558,441 +124,7 @@ static const nca_keyset_t nca_keys_retail = { }; static const nca_keyset_t nca_keys_dev = { - ZEROES_KEY, /* Secure Boot Key (CONSOLE UNIQUE) */ - ZEROES_KEY, /* TSEC Key (CONSOLE UNIQUE) */ - { - ZEROES_KEY, /* Keyblob Key 00 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 01 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 02 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 03 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 04 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 05 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 06 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 07 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 08 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 09 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 10 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 11 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 12 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 13 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 14 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 15 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 16 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 17 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 18 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 19 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 20 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 21 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 22 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 23 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 24 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 25 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 26 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 27 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 28 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 29 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key 30 (CONSOLE UNIQUE) */ - ZEROES_KEY /* Keyblob Key 31 (CONSOLE UNIQUE) */ - }, - { - ZEROES_KEY, /* Keyblob Mac Key 00 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 01 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 02 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 03 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 04 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 05 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 06 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 07 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 08 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 09 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 10 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 11 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 12 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 13 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 14 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 15 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 16 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 17 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 18 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 19 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 20 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 21 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 22 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 23 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 24 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 25 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 26 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 27 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 28 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 29 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Mac Key 30 (CONSOLE UNIQUE) */ - ZEROES_KEY /* Keyblob Mac Key 31 (CONSOLE UNIQUE) */ - }, - { - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 00 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 01 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 02 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 03 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 04 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 05 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 06 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 07 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 08 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 09 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 10 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 11 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 12 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 13 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 14 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 15 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 16 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 17 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 18 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 19 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 20 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 21 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 22 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 23 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 24 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 25 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 26 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 27 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 28 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 29 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB, /* Encrypted Keyblob 30 (CONSOLE UNIQUE) */ - ZEROES_ENC_KEYBLOB /* Encrypted Keyblob 31 (CONSOLE UNIQUE) */ - }, - { - ZEROES_KEYBLOB, /* Keyblob 00 */ - ZEROES_KEYBLOB, /* Keyblob 01 */ - ZEROES_KEYBLOB, /* Keyblob 02 */ - ZEROES_KEYBLOB, /* Keyblob 03 */ - ZEROES_KEYBLOB, /* Keyblob 04 */ - ZEROES_KEYBLOB, /* Keyblob 05 */ - ZEROES_KEYBLOB, /* Keyblob 06 */ - ZEROES_KEYBLOB, /* Keyblob 07 */ - ZEROES_KEYBLOB, /* Keyblob 08 */ - ZEROES_KEYBLOB, /* Keyblob 09 */ - ZEROES_KEYBLOB, /* Keyblob 10 */ - ZEROES_KEYBLOB, /* Keyblob 11 */ - ZEROES_KEYBLOB, /* Keyblob 12 */ - ZEROES_KEYBLOB, /* Keyblob 13 */ - ZEROES_KEYBLOB, /* Keyblob 14 */ - ZEROES_KEYBLOB, /* Keyblob 15 */ - ZEROES_KEYBLOB, /* Keyblob 16 */ - ZEROES_KEYBLOB, /* Keyblob 17 */ - ZEROES_KEYBLOB, /* Keyblob 18 */ - ZEROES_KEYBLOB, /* Keyblob 19 */ - ZEROES_KEYBLOB, /* Keyblob 20 */ - ZEROES_KEYBLOB, /* Keyblob 21 */ - ZEROES_KEYBLOB, /* Keyblob 22 */ - ZEROES_KEYBLOB, /* Keyblob 23 */ - ZEROES_KEYBLOB, /* Keyblob 24 */ - ZEROES_KEYBLOB, /* Keyblob 25 */ - ZEROES_KEYBLOB, /* Keyblob 26 */ - ZEROES_KEYBLOB, /* Keyblob 27 */ - ZEROES_KEYBLOB, /* Keyblob 28 */ - ZEROES_KEYBLOB, /* Keyblob 29 */ - ZEROES_KEYBLOB, /* Keyblob 30 */ - ZEROES_KEYBLOB /* Keyblob 31 */ - }, - { - ZEROES_KEY, /* Keyblob Key Source 00 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 01 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 02 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 03 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 04 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 05 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 06 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 07 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 08 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 09 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 10 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 11 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 12 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 13 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 14 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 15 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 16 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 17 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 18 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 19 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 20 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 21 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 22 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 23 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 24 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 25 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 26 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 27 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 28 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 29 (CONSOLE UNIQUE) */ - ZEROES_KEY, /* Keyblob Key Source 30 (CONSOLE UNIQUE) */ - ZEROES_KEY /* Keyblob Key Source 31 (CONSOLE UNIQUE) */ - }, - ZEROES_KEY, /* Keyblob Mac Key Source */ - ZEROES_KEY, /* TSEC Root Key */ - { - ZEROES_KEY, /* Master Kek Source 00 */ - ZEROES_KEY, /* Master Kek Source 01 */ - ZEROES_KEY, /* Master Kek Source 02 */ - ZEROES_KEY, /* Master Kek Source 03 */ - ZEROES_KEY, /* Master Kek Source 04 */ - ZEROES_KEY, /* Master Kek Source 05 */ - ZEROES_KEY, /* Master Kek Source 06 */ - ZEROES_KEY, /* Master Kek Source 07 */ - ZEROES_KEY, /* Master Kek Source 08 */ - ZEROES_KEY, /* Master Kek Source 09 */ - ZEROES_KEY, /* Master Kek Source 10 */ - ZEROES_KEY, /* Master Kek Source 11 */ - ZEROES_KEY, /* Master Kek Source 12 */ - ZEROES_KEY, /* Master Kek Source 13 */ - ZEROES_KEY, /* Master Kek Source 14 */ - ZEROES_KEY, /* Master Kek Source 15 */ - ZEROES_KEY, /* Master Kek Source 16 */ - ZEROES_KEY, /* Master Kek Source 17 */ - ZEROES_KEY, /* Master Kek Source 18 */ - ZEROES_KEY, /* Master Kek Source 19 */ - ZEROES_KEY, /* Master Kek Source 20 */ - ZEROES_KEY, /* Master Kek Source 21 */ - ZEROES_KEY, /* Master Kek Source 22 */ - ZEROES_KEY, /* Master Kek Source 23 */ - ZEROES_KEY, /* Master Kek Source 24 */ - ZEROES_KEY, /* Master Kek Source 25 */ - ZEROES_KEY, /* Master Kek Source 26 */ - ZEROES_KEY, /* Master Kek Source 27 */ - ZEROES_KEY, /* Master Kek Source 28 */ - ZEROES_KEY, /* Master Kek Source 29 */ - ZEROES_KEY, /* Master Kek Source 30 */ - ZEROES_KEY /* Master Kek Source 31 */ - }, - { - ZEROES_KEY, /* Master Kek 00 */ - ZEROES_KEY, /* Master Kek 01 */ - ZEROES_KEY, /* Master Kek 02 */ - ZEROES_KEY, /* Master Kek 03 */ - ZEROES_KEY, /* Master Kek 04 */ - ZEROES_KEY, /* Master Kek 05 */ - ZEROES_KEY, /* Master Kek 06 */ - ZEROES_KEY, /* Master Kek 07 */ - ZEROES_KEY, /* Master Kek 08 */ - ZEROES_KEY, /* Master Kek 09 */ - ZEROES_KEY, /* Master Kek 10 */ - ZEROES_KEY, /* Master Kek 11 */ - ZEROES_KEY, /* Master Kek 12 */ - ZEROES_KEY, /* Master Kek 13 */ - ZEROES_KEY, /* Master Kek 14 */ - ZEROES_KEY, /* Master Kek 15 */ - ZEROES_KEY, /* Master Kek 16 */ - ZEROES_KEY, /* Master Kek 17 */ - ZEROES_KEY, /* Master Kek 18 */ - ZEROES_KEY, /* Master Kek 19 */ - ZEROES_KEY, /* Master Kek 20 */ - ZEROES_KEY, /* Master Kek 21 */ - ZEROES_KEY, /* Master Kek 22 */ - ZEROES_KEY, /* Master Kek 23 */ - ZEROES_KEY, /* Master Kek 24 */ - ZEROES_KEY, /* Master Kek 25 */ - ZEROES_KEY, /* Master Kek 26 */ - ZEROES_KEY, /* Master Kek 27 */ - ZEROES_KEY, /* Master Kek 28 */ - ZEROES_KEY, /* Master Kek 29 */ - ZEROES_KEY, /* Master Kek 30 */ - ZEROES_KEY /* Master Kek 31 */ - }, - ZEROES_KEY, /* Master Key Source */ - { - ZEROES_KEY, /* Master Key 00 */ - ZEROES_KEY, /* Master Key 01 */ - ZEROES_KEY, /* Master Key 02 */ - ZEROES_KEY, /* Master Key 03 */ - ZEROES_KEY, /* Master Key 04 */ - ZEROES_KEY, /* Master Key 05 */ - ZEROES_KEY, /* Master Key 06 */ - ZEROES_KEY, /* Master Key 07 */ - ZEROES_KEY, /* Master Key 08 */ - ZEROES_KEY, /* Master Key 09 */ - ZEROES_KEY, /* Master Key 10 */ - ZEROES_KEY, /* Master Key 11 */ - ZEROES_KEY, /* Master Key 12 */ - ZEROES_KEY, /* Master Key 13 */ - ZEROES_KEY, /* Master Key 14 */ - ZEROES_KEY, /* Master Key 15 */ - ZEROES_KEY, /* Master Key 16 */ - ZEROES_KEY, /* Master Key 17 */ - ZEROES_KEY, /* Master Key 18 */ - ZEROES_KEY, /* Master Key 19 */ - ZEROES_KEY, /* Master Key 20 */ - ZEROES_KEY, /* Master Key 21 */ - ZEROES_KEY, /* Master Key 22 */ - ZEROES_KEY, /* Master Key 23 */ - ZEROES_KEY, /* Master Key 24 */ - ZEROES_KEY, /* Master Key 25 */ - ZEROES_KEY, /* Master Key 26 */ - ZEROES_KEY, /* Master Key 27 */ - ZEROES_KEY, /* Master Key 28 */ - ZEROES_KEY, /* Master Key 29 */ - ZEROES_KEY, /* Master Key 30 */ - ZEROES_KEY /* Master Key 31 */ - }, - { - ZEROES_KEY, /* Package1 Key 00 */ - ZEROES_KEY, /* Package1 Key 01 */ - ZEROES_KEY, /* Package1 Key 02 */ - ZEROES_KEY, /* Package1 Key 03 */ - ZEROES_KEY, /* Package1 Key 04 */ - ZEROES_KEY, /* Package1 Key 05 */ - ZEROES_KEY, /* Package1 Key 06 */ - ZEROES_KEY, /* Package1 Key 07 */ - ZEROES_KEY, /* Package1 Key 08 */ - ZEROES_KEY, /* Package1 Key 09 */ - ZEROES_KEY, /* Package1 Key 10 */ - ZEROES_KEY, /* Package1 Key 11 */ - ZEROES_KEY, /* Package1 Key 12 */ - ZEROES_KEY, /* Package1 Key 13 */ - ZEROES_KEY, /* Package1 Key 14 */ - ZEROES_KEY, /* Package1 Key 15 */ - ZEROES_KEY, /* Package1 Key 16 */ - ZEROES_KEY, /* Package1 Key 17 */ - ZEROES_KEY, /* Package1 Key 18 */ - ZEROES_KEY, /* Package1 Key 19 */ - ZEROES_KEY, /* Package1 Key 20 */ - ZEROES_KEY, /* Package1 Key 21 */ - ZEROES_KEY, /* Package1 Key 22 */ - ZEROES_KEY, /* Package1 Key 23 */ - ZEROES_KEY, /* Package1 Key 24 */ - ZEROES_KEY, /* Package1 Key 25 */ - ZEROES_KEY, /* Package1 Key 26 */ - ZEROES_KEY, /* Package1 Key 27 */ - ZEROES_KEY, /* Package1 Key 28 */ - ZEROES_KEY, /* Package1 Key 29 */ - ZEROES_KEY, /* Package1 Key 30 */ - ZEROES_KEY /* Package1 Key 31 */ - }, - { - ZEROES_KEY, /* Package2 Key 00 */ - ZEROES_KEY, /* Package2 Key 01 */ - ZEROES_KEY, /* Package2 Key 02 */ - ZEROES_KEY, /* Package2 Key 03 */ - ZEROES_KEY, /* Package2 Key 04 */ - ZEROES_KEY, /* Package2 Key 05 */ - ZEROES_KEY, /* Package2 Key 06 */ - ZEROES_KEY, /* Package2 Key 07 */ - ZEROES_KEY, /* Package2 Key 08 */ - ZEROES_KEY, /* Package2 Key 09 */ - ZEROES_KEY, /* Package2 Key 10 */ - ZEROES_KEY, /* Package2 Key 11 */ - ZEROES_KEY, /* Package2 Key 12 */ - ZEROES_KEY, /* Package2 Key 13 */ - ZEROES_KEY, /* Package2 Key 14 */ - ZEROES_KEY, /* Package2 Key 15 */ - ZEROES_KEY, /* Package2 Key 16 */ - ZEROES_KEY, /* Package2 Key 17 */ - ZEROES_KEY, /* Package2 Key 18 */ - ZEROES_KEY, /* Package2 Key 19 */ - ZEROES_KEY, /* Package2 Key 20 */ - ZEROES_KEY, /* Package2 Key 21 */ - ZEROES_KEY, /* Package2 Key 22 */ - ZEROES_KEY, /* Package2 Key 23 */ - ZEROES_KEY, /* Package2 Key 24 */ - ZEROES_KEY, /* Package2 Key 25 */ - ZEROES_KEY, /* Package2 Key 26 */ - ZEROES_KEY, /* Package2 Key 27 */ - ZEROES_KEY, /* Package2 Key 28 */ - ZEROES_KEY, /* Package2 Key 29 */ - ZEROES_KEY, /* Package2 Key 30 */ - ZEROES_KEY /* Package2 Key 31 */ - }, - ZEROES_KEY, /* Package2 Key Source */ - ZEROES_KEY, /* Generate Aes Kek Source */ - ZEROES_KEY, /* Generate Aes Key Source */ - ZEROES_KEY, /* Key Area Encryption Key Source Application */ - ZEROES_KEY, /* Key Area Encryption Key Source Ocean */ - ZEROES_KEY, /* Key Area Encryption Key Source System */ - ZEROES_KEY, /* Titlekek Source */ - ZEROES_KEY, /* Headerkek Source */ - ZEROES_KEY, /* SD Card kek Source. */ - { - ZEROES_XTS_KEY, /* SD Card Key Source, for NCAs. */ - ZEROES_XTS_KEY, /* SD Card Key Source, for saves. */ - }, - ZEROES_KEY, /* Save MAC kek Source. */ - ZEROES_KEY, /* Save MAC key Source. */ - ZEROES_XTS_KEY, /* Encrypted Header Key */ - ZEROES_XTS_KEY, /* Header key */ - { - ZEROES_KEY, /* Titlekek 00 */ - ZEROES_KEY, /* Titlekek 01 */ - ZEROES_KEY, /* Titlekek 02 */ - ZEROES_KEY, /* Titlekek 03 */ - ZEROES_KEY, /* Titlekek 04 */ - ZEROES_KEY, /* Titlekek 05 */ - ZEROES_KEY, /* Titlekek 06 */ - ZEROES_KEY, /* Titlekek 07 */ - ZEROES_KEY, /* Titlekek 08 */ - ZEROES_KEY, /* Titlekek 09 */ - ZEROES_KEY, /* Titlekek 10 */ - ZEROES_KEY, /* Titlekek 11 */ - ZEROES_KEY, /* Titlekek 12 */ - ZEROES_KEY, /* Titlekek 13 */ - ZEROES_KEY, /* Titlekek 14 */ - ZEROES_KEY, /* Titlekek 15 */ - ZEROES_KEY, /* Titlekek 16 */ - ZEROES_KEY, /* Titlekek 17 */ - ZEROES_KEY, /* Titlekek 18 */ - ZEROES_KEY, /* Titlekek 19 */ - ZEROES_KEY, /* Titlekek 20 */ - ZEROES_KEY, /* Titlekek 21 */ - ZEROES_KEY, /* Titlekek 22 */ - ZEROES_KEY, /* Titlekek 23 */ - ZEROES_KEY, /* Titlekek 24 */ - ZEROES_KEY, /* Titlekek 25 */ - ZEROES_KEY, /* Titlekek 26 */ - ZEROES_KEY, /* Titlekek 27 */ - ZEROES_KEY, /* Titlekek 28 */ - ZEROES_KEY, /* Titlekek 29 */ - ZEROES_KEY, /* Titlekek 30 */ - ZEROES_KEY /* Titlekek 31 */ - }, - { - ZEROES_KAEKS, /* Key Area Encryption Keyset 00 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 01 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 02 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 03 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 04 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 05 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 06 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 07 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 08 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 09 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 10 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 11 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 12 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 13 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 14 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 15 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 16 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 17 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 18 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 19 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 20 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 21 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 22 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 23 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 24 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 25 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 26 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 27 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 28 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 29 */ - ZEROES_KAEKS, /* Key Area Encryption Keyset 30 */ - ZEROES_KAEKS /* Key Area Encryption Keyset 31 */ - }, - { - ZEROES_XTS_KEY, /* SD Card Key, for NCAs. */ - ZEROES_XTS_KEY, /* SD Card Key, for saves. */ - }, - { + .nca_hdr_fixed_key_modulus = { /* Fixed RSA key used to validate NCA signature 0. */ 0xD8, 0xF1, 0x18, 0xEF, 0x32, 0x72, 0x4C, 0xA7, 0x47, 0x4C, 0xB9, 0xEA, 0xB3, 0x04, 0xA8, 0xA4, 0xAC, 0x99, 0x08, 0x08, 0x04, 0xBF, 0x68, 0x57, 0xB8, 0x43, 0x94, 0x2B, 0xC7, 0xB9, 0x66, 0x49, 0x85, 0xE5, 0x8A, 0x9B, 0xC1, 0x00, 0x9A, 0x6A, 0x8D, 0xD0, 0xEF, 0xCE, 0xFF, 0x86, 0xC8, 0x5C, @@ -1010,7 +142,7 @@ static const nca_keyset_t nca_keys_dev = { 0xEA, 0x7F, 0x86, 0xF3, 0x0B, 0x7B, 0x87, 0x81, 0x98, 0x23, 0x80, 0x63, 0x4F, 0x2F, 0xB0, 0x62, 0xCC, 0x6E, 0xD2, 0x46, 0x13, 0x65, 0x2B, 0xD6, 0x44, 0x33, 0x59, 0xB5, 0x8F, 0xB9, 0x4A, 0xA9 }, - { /* Fixed RSA key used to validate ACID signatures. */ + .acid_fixed_key_modulus = { /* Fixed RSA key used to validate ACID signatures. */ 0xD6, 0x34, 0xA5, 0x78, 0x6C, 0x68, 0xCE, 0x5A, 0xC2, 0x37, 0x17, 0xF3, 0x82, 0x45, 0xC6, 0x89, 0xE1, 0x2D, 0x06, 0x67, 0xBF, 0xB4, 0x06, 0x19, 0x55, 0x6B, 0x27, 0x66, 0x0C, 0xA4, 0xB5, 0x87, 0x81, 0x25, 0xF4, 0x30, 0xBC, 0x53, 0x08, 0x68, 0xA2, 0x48, 0x49, 0x8C, 0x3F, 0x38, 0x40, 0x9C, @@ -1028,7 +160,7 @@ static const nca_keyset_t nca_keys_dev = { 0xD8, 0x6C, 0xA2, 0x69, 0x91, 0x68, 0x73, 0xB1, 0x94, 0x6F, 0xA3, 0xF3, 0xB9, 0x7D, 0xF8, 0xE0, 0x72, 0x9E, 0x93, 0x7B, 0x7A, 0xA2, 0x57, 0x60, 0xB7, 0x5B, 0xA9, 0x84, 0xAE, 0x64, 0x88, 0x69 }, - { /* Fixed RSA key used to validate PK21 signatures. */ + .package2_fixed_key_modulus = { /* Fixed RSA key used to validate PK21 signatures. */ 0xB3, 0x65, 0x54, 0xFB, 0x0A, 0xB0, 0x1E, 0x85, 0xA7, 0xF6, 0xCF, 0x91, 0x8E, 0xBA, 0x96, 0x99, 0x0D, 0x8B, 0x91, 0x69, 0x2A, 0xEE, 0x01, 0x20, 0x4F, 0x34, 0x5C, 0x2C, 0x4F, 0x4E, 0x37, 0xC7, 0xF1, 0x0B, 0xD4, 0xCD, 0xA1, 0x7F, 0x93, 0xF1, 0x33, 0x59, 0xCE, 0xB1, 0xE9, 0xDD, 0x26, 0xE6, @@ -1130,16 +262,43 @@ void pki_derive_keys(nca_keyset_t *keyset) { memcpy(&keyset->master_keks[i], &keyset->keyblobs[i][0x00], 0x10); } } + for (unsigned int i = 0x6; i < 0x20; i++) { + /* Derive new 6.2.0+ keks. */ + if (memcmp(keyset->tsec_auth_signatures[i-6], zeroes, 0x10) == 0) { + continue; + } + + /* Derive TSEC root key. */ + if (memcmp(keyset->tsec_root_kek, zeroes, 0x10) != 0) { + aes_ctx_t *tsec_root_ctx = new_aes_ctx(keyset->tsec_root_kek, 0x10, AES_MODE_ECB); + aes_encrypt(tsec_root_ctx, keyset->tsec_root_keys[i-6], keyset->tsec_auth_signatures[i-6], 0x10); + free_aes_ctx(tsec_root_ctx); + } + + /* Derive package1 MAC key */ + if (memcmp(keyset->package1_mac_kek, zeroes, 0x10) != 0) { + aes_ctx_t *pk11_mac_ctx = new_aes_ctx(keyset->package1_mac_kek, 0x10, AES_MODE_ECB); + aes_encrypt(pk11_mac_ctx, keyset->package1_mac_keys[i], keyset->tsec_auth_signatures[i-6], 0x10); + free_aes_ctx(pk11_mac_ctx); + } + + /* Derive package1 key */ + if (memcmp(keyset->package1_kek, zeroes, 0x10) != 0) { + aes_ctx_t *pk11_ctx = new_aes_ctx(keyset->package1_kek, 0x10, AES_MODE_ECB); + aes_encrypt(pk11_ctx, keyset->package1_keys[i], keyset->tsec_auth_signatures[i-6], 0x10); + free_aes_ctx(pk11_ctx); + } + } for (unsigned int i = 0x6; i < 0x20; i++) { /* Do new keygen for 6.2.0+. */ - if (memcmp(keyset->tsec_root_key, zeroes, 0x10) == 0) { + if (memcmp(keyset->tsec_root_keys[i-6], zeroes, 0x10) == 0) { continue; } if (memcmp(keyset->master_kek_sources[i], zeroes, 0x10) == 0) { continue; } - aes_ctx_t *tsec_root_ctx = new_aes_ctx(keyset->tsec_root_key, 0x10, AES_MODE_ECB); + aes_ctx_t *tsec_root_ctx = new_aes_ctx(keyset->tsec_root_keys[i-6], 0x10, AES_MODE_ECB); aes_decrypt(tsec_root_ctx, keyset->master_keks[i], keyset->master_kek_sources[i], 0x10); free_aes_ctx(tsec_root_ctx); } @@ -1222,7 +381,17 @@ void pki_print_keys(nca_keyset_t *keyset) { PRINT_KEY_WITH_NAME(keyset->secure_boot_key, secure_boot_key); PRINT_KEY_WITH_NAME(keyset->tsec_key, tsec_key); - PRINT_KEY_WITH_NAME(keyset->tsec_root_key, tsec_root_key); + PRINT_KEY_WITH_NAME(keyset->tsec_root_kek, tsec_root_kek); + PRINT_KEY_WITH_NAME(keyset->package1_mac_kek, package1_mac_kek); + PRINT_KEY_WITH_NAME(keyset->package1_kek, package1_kek); + printf("\n"); + for (unsigned int i = 0x6; i < 0x20; i++) { + PRINT_KEY_WITH_NAME_IDX(keyset->tsec_auth_signatures[i-6], tsec_auth_signature, i-6); + } + printf("\n"); + for (unsigned int i = 0x6; i < 0x20; i++) { + PRINT_KEY_WITH_NAME_IDX(keyset->tsec_root_keys[i-6], tsec_root_key, i-6); + } printf("\n"); PRINT_KEY_WITH_NAME(keyset->keyblob_mac_key_source, keyblob_mac_key_source); for (unsigned int i = 0; i < 0x6; i++) { @@ -1263,6 +432,10 @@ void pki_print_keys(nca_keyset_t *keyset) { PRINT_KEY_WITH_NAME_IDX(keyset->package1_keys[i], package1_key, i); } printf("\n"); + for (unsigned int i = 0x6; i < 0x20; i++) { + PRINT_KEY_WITH_NAME_IDX(keyset->package1_mac_keys[i], package1_mac_key, i); + } + printf("\n"); PRINT_KEY_WITH_NAME(keyset->package2_key_source, package2_key_source); printf("\n"); for (unsigned int i = 0; i < 0x20; i++) { diff --git a/settings.h b/settings.h index 293c06c..520ca85 100644 --- a/settings.h +++ b/settings.h @@ -24,11 +24,16 @@ typedef struct { unsigned char keyblobs[0x20][0x90]; /* Actual decrypted keyblobs (EKS). */ unsigned char keyblob_key_sources[0x20][0x10]; /* Seeds for keyblob keys. */ unsigned char keyblob_mac_key_source[0x10]; /* Seed for keyblob MAC key derivation. */ - unsigned char tsec_root_key[0x10]; /* Seed for master kek decryption, from TSEC firmware on 6.2.0+. */ + unsigned char tsec_root_kek[0x10]; /* Used to generate TSEC root keys. */ + unsigned char package1_mac_kek[0x10]; /* Used to generate Package1 MAC keys. */ + unsigned char package1_kek[0x10]; /* Used to generate Package1 keys. */ + unsigned char tsec_auth_signatures[0x20][0x10]; /* Auth signatures, seeds for tsec root key/package1 mac kek/package1 key on 6.2.0+. */ + unsigned char tsec_root_keys[0x20][0x10]; /* Key for master kek decryption, from TSEC firmware on 6.2.0+. */ unsigned char master_kek_sources[0x20][0x10]; /* Seeds for firmware master keks. */ unsigned char master_keks[0x20][0x10]; /* Firmware master keks, stored in keyblob prior to 6.2.0. */ unsigned char master_key_source[0x10]; /* Seed for master key derivation. */ unsigned char master_keys[0x20][0x10]; /* Firmware master keys. */ + unsigned char package1_mac_keys[0x20][0x10]; /* Package1 MAC keys. */ unsigned char package1_keys[0x20][0x10]; /* Package1 keys. */ unsigned char package2_keys[0x20][0x10]; /* Package2 keys. */ unsigned char package2_key_source[0x10]; /* Seed for Package2 key. */