Validate mariko keyslot contents; dump class keys

This commit is contained in:
shchmue 2021-08-21 16:02:19 -06:00
parent fe17b12ea7
commit d84ab5796a
3 changed files with 104 additions and 10 deletions

View file

@ -11,6 +11,29 @@ Usage
* Upon completion, keys will be saved to `/switch/prod.keys` and titlekeys to `/switch/title.keys` on SD
* If the console has Firmware 7.x or higher, the `/sept/` folder from [Atmosphère](https://github.com/Atmosphere-NX/Atmosphere/releases) or [Kosmos](https://github.com/AtlasNX/Kosmos/releases) release zip must be present on SD or else only keyblob master key derivation is possible (ie. up to `master_key_05` only)
Mariko-Specific Keys
=
Mariko consoles have several unique keys and protected keyslots. To get your SBK or the Mariko specific keys, you will need to use the `/switch/partialaes.keys` file along with a brute forcing tool such as <https://files.sshnuke.net/PartialAesKeyCrack.zip>. The contents of this file are the keyslot number followed by the result of that keyslot encrypting 16 null bytes. With the tool linked above, enter them in sequence for a given keyslot you want the contents of, for example: `PartialAesKeyCrack.exe <num1> <num2> <num3> <num4>` with the `--numthreads=N` where N is the number of threads you can dedicate to the brute force.
The keyslots are as follows, with names recognized by `hactool`:
* 0-11 - `mariko_aes_class_key_xx` (this is not used by the Switch but is set by the bootrom; hactoolnet recognizes it but it serves no purpose)
* 12 - `mariko_kek` (not unique - this is used for master key derivation)
* 13 - `mariko_bek` (not unique - this is used for BCT and package1 decryption)
* 14 - `secure_boot_key` (console unique - this isn't needed for further key derivation than what Lockpick_RCM does but might be nice to have for your records)
* 15 - Secure storage key (console unique - this is not used on retail or dev consoles and not recognized by any tools)
So if you want to brute force the `mariko_kek`, open your `partialaes.keys` and observe the numbers beneath keyslot 12. Here's an example with fake numbers:
```
12
11111111111111111111111111111111 22222222222222222222222222222222 33333333333333333333333333333333 44444444444444444444444444444444
```
Then take those numbers and open a command prompt window at the location of the exe linked above and type:
`PartialAesKeyCrack.exe 11111111111111111111111111111111 22222222222222222222222222222222 33333333333333333333333333333333 44444444444444444444444444444444` and if you're on a powerful enough multicore system, add ` --numthreads=[whatever number of threads]`, ideally not your system's maximum if it's, for example, an older laptop with a low-end dual core CPU. On a Ryzen 3900x with 24 threads this generates a lot of heat but finishes in about 45 seconds.
These keys never change so a brute force need only be conducted once.
This works due to the security engine immediately flushing writes to keyslots which can be written one 32-bit chunk at a time. See: <https://switchbrew.org/wiki/Switch_System_Flaws#Hardware>
Building
=
Install [devkitARM](https://devkitpro.org/) and run `make`.

View file

@ -52,6 +52,23 @@ static const u8 master_key_vectors[KB_FIRMWARE_VERSION_MAX + 1][0x10] __attribut
{0xC1, 0x8D, 0x16, 0xBB, 0x2A, 0xE4, 0x1D, 0xD4, 0xC2, 0xC1, 0xB6, 0x40, 0x94, 0x35, 0x63, 0x98}, /* Master key 0A encrypted with Master key 0B. */
};
static const u8 mariko_key_vectors[][0x10] __attribute__((aligned(4))) = {
{0x20, 0x9E, 0x97, 0xAE, 0xAF, 0x7E, 0x6A, 0xF6, 0x9E, 0xF5, 0xA7, 0x17, 0x2F, 0xF4, 0x49, 0xA6}, /* Zeroes encrypted with AES Class Key 00. */
{0x83, 0x1C, 0xC7, 0x7F, 0xB8, 0xB2, 0x66, 0x16, 0xFC, 0x6B, 0x81, 0xBB, 0xF6, 0x05, 0x07, 0x49}, /* Zeroes encrypted with AES Class Key 01. */
{0x61, 0x19, 0xBA, 0x39, 0x6D, 0xFA, 0xF4, 0x63, 0x27, 0x8E, 0x9E, 0xB1, 0xEA, 0xD4, 0x65, 0xCC}, /* Zeroes encrypted with AES Class Key 02. */
{0x6C, 0xDB, 0x10, 0xD4, 0x14, 0x3A, 0xBD, 0x22, 0xC9, 0xCC, 0xEF, 0xE4, 0xA0, 0x94, 0x85, 0x87}, /* Zeroes encrypted with AES Class Key 03. */
{0xD3, 0x40, 0xC7, 0x86, 0xDC, 0x77, 0x50, 0x7C, 0x01, 0x56, 0x11, 0xDE, 0x18, 0xDF, 0x30, 0xCA}, /* Zeroes encrypted with AES Class Key 04. */
{0xC4, 0x8B, 0xD7, 0x5A, 0x22, 0x6C, 0xF7, 0x85, 0xE4, 0xC0, 0x68, 0xFC, 0xB4, 0xD8, 0x76, 0x6C}, /* Zeroes encrypted with AES Class Key 05. */
{0x83, 0x86, 0xEF, 0xE6, 0x6B, 0x38, 0x24, 0xD3, 0xC9, 0xB0, 0xE7, 0x03, 0x59, 0xC8, 0x54, 0xB9}, /* Zeroes encrypted with AES Class Key 06. */
{0xDA, 0xC0, 0xD3, 0x27, 0x1D, 0x35, 0xAB, 0x4B, 0x01, 0x63, 0x90, 0xED, 0x1B, 0x5D, 0xA7, 0x6C}, /* Zeroes encrypted with AES Class Key 07. */
{0x96, 0x75, 0x0E, 0x4F, 0xF5, 0x1A, 0xAF, 0xD4, 0x30, 0x73, 0x8C, 0x61, 0x03, 0xE5, 0xF7, 0x80}, /* Zeroes encrypted with AES Class Key 08. */
{0x74, 0xF2, 0x1D, 0xA1, 0x4C, 0x48, 0x91, 0xE6, 0xE0, 0xD5, 0x19, 0x42, 0x2A, 0x2B, 0x5D, 0xF8}, /* Zeroes encrypted with AES Class Key 09. */
{0x7D, 0xA6, 0xFE, 0xDA, 0xF9, 0xEF, 0x83, 0xD8, 0x29, 0x40, 0x24, 0x6D, 0x70, 0x8D, 0x99, 0x93}, /* Zeroes encrypted with AES Class Key 0A. */
{0xF6, 0x71, 0xAD, 0xC3, 0xCD, 0xD4, 0x2F, 0x37, 0xAB, 0x50, 0x1C, 0x9B, 0xAF, 0x3B, 0xE6, 0xC3}, /* Zeroes encrypted with AES Class Key 0B. */
{0x01, 0x96, 0x59, 0x07, 0x62, 0xF4, 0xF4, 0x2D, 0x13, 0x60, 0xD8, 0x03, 0xFB, 0xF0, 0xAE, 0xC8}, /* Zeroes encrypted with Mariko KEK. */
{0x95, 0x48, 0xC1, 0x59, 0x0F, 0x84, 0x19, 0xC4, 0xAB, 0x69, 0x05, 0x88, 0x01, 0x31, 0x52, 0x59}, /* Zeroes encrypted with Mariko BEK. */
};
//======================================Keys======================================//
// from Package1 -> Secure_Monitor
static const u8 aes_kek_generation_source[0x10] __attribute__((aligned(4))) = {

View file

@ -682,15 +682,28 @@ static bool _derive_emmc_keys(key_derivation_ctx_t *keys, titlekey_buffer_t *tit
// The security engine supports partial key override for locked keyslots
// This allows for a manageable brute force on a PC
// Then we can recover the Mariko KEK, BEK, unique SBK and SSK
static void _save_mariko_partial_keys(char *text_buffer) {
// Then the Mariko AES class keys, KEK, BEK, unique SBK and SSK can be recovered
static void _save_mariko_partial_keys(u32 start, u32 count, bool append) {
if (start + count > SE_AES_KEYSLOT_COUNT) {
return;
}
u32 pos = 0;
u32 zeros[4] = {0};
u8 *data = malloc(4 * AES_128_KEY_SIZE);
for (u32 ks = 12; ks < 16; ks++) {
// First, encrypt zeros with complete key
char *text_buffer = calloc(1, 0x100 * count);
for (u32 ks = start; ks < start + count; ks++) {
// Check if key is as expected
if (ks < ARRAY_SIZE(mariko_key_vectors)) {
se_aes_crypt_block_ecb(ks, 0, &data[0], mariko_key_vectors[ks]);
if (_key_exists(data)) {
continue;
}
}
// Encrypt zeros with complete key
se_aes_crypt_block_ecb(ks, 1, &data[3 * AES_128_KEY_SIZE], zeros);
pos += s_printf(&text_buffer[pos], "%d\n", ks);
// We only need to overwrite 3 of the dwords of the key
for (u32 i = 0; i < 3; i++) {
@ -699,15 +712,49 @@ static void _save_mariko_partial_keys(char *text_buffer) {
// Encrypt zeros with more of the key zeroed out
se_aes_crypt_block_ecb(ks, 1, &data[(2 - i) * AES_128_KEY_SIZE], zeros);
}
// Skip saving key if two results are the same indicating unsuccessful overwrite or empty slot
if (memcmp(&data[0], &data[SE_KEY_128_SIZE], AES_128_KEY_SIZE) == 0) {
continue;
}
pos += s_printf(&text_buffer[pos], "%d\n", ks);
for (u32 i = 0; i < 4; i++) {
for (u32 j = 0; j < AES_128_KEY_SIZE; j++)
pos += s_printf(&text_buffer[pos], "%02x", data[i * AES_128_KEY_SIZE + j]);
pos += s_printf(&text_buffer[pos], "\n");
pos += s_printf(&text_buffer[pos], " ");
}
pos += s_printf(&text_buffer[pos], "\n");
}
free(data);
sd_save_to_file(text_buffer, strlen(text_buffer), "sd:/switch/partialaes.keys");
if (strlen(text_buffer) == 0) {
EPRINTF("Failed to dump partial keys.");
return;
}
FIL fp;
u32 res = 0;
BYTE mode = FA_WRITE;
if (append) {
mode |= FA_OPEN_APPEND;
} else {
mode |= FA_CREATE_ALWAYS;
}
res = f_open(&fp, "sd:/switch/partialaes.keys", mode);
if (res) {
EPRINTF("Unable to write partial keys to SD.");
return;
}
f_write(&fp, text_buffer, strlen(text_buffer), NULL);
f_close(&fp);
gfx_printf("%kWrote partials to sd:/switch/partialaes.keys\n", colors[(color_idx++) % 6]);
free(text_buffer);
}
static void _save_keys_to_sd(key_derivation_ctx_t *keys, titlekey_buffer_t *titlekey_buffer, const pkg1_id_t *pkg1_id, u32 start_whole_operation_time, u32 derivable_key_count) {
@ -797,8 +844,7 @@ static void _save_keys_to_sd(key_derivation_ctx_t *keys, titlekey_buffer_t *titl
EPRINTF("Unable to save keys to SD.");
if (h_cfg.t210b01) {
memset(text_buffer, 0, text_buffer_size);
_save_mariko_partial_keys(text_buffer);
_save_mariko_partial_keys(12, 4, true);
}
if (_titlekey_count == 0) {
@ -836,8 +882,16 @@ static bool _check_keyslot_access() {
}
static void _derive_keys() {
if (!f_stat("sd:/switch/partialaes.keys", NULL)) {
f_unlink("sd:/switch/partialaes.keys");
}
if (h_cfg.t210b01) {
_save_mariko_partial_keys(0, 12, false);
}
if (!_check_keyslot_access()) {
EPRINTF("Unable to set crypto keyslots!\nTry launching payload differently\n or flash Spacecraft-NX if using a modchip!");
EPRINTF("Unable to set crypto keyslots!\nTry launching payload differently\n or flash Spacecraft-NX if using a modchip.");
return;
}