daily pastebin goal
66%
SHARE
TWEET

tsec

shchmue Jan 23rd, 2019 91 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. static pkg1_id_t _pkg1_ids[] = {
  2.     { "20161121183008", 0, 0x1900, 0x3FE0, { 2, 1, 0 }, 0x4002B020, 0x8000D000, true,  NULL, NULL },     //1.0.0 (Patched relocator)
  3.     { "20170210155124", 0, 0x1900, 0x3FE0, { 0, 1, 2 }, 0x4002D000, 0x8000D000, true,  NULL, NULL },     //2.0.0 - 2.3.0
  4.     { "20170519101410", 1, 0x1A00, 0x3FE0, { 0, 1, 2 }, 0x4002D000, 0x8000D000, true,  NULL, NULL },     //3.0.0
  5.     { "20170710161758", 2, 0x1A00, 0x3FE0, { 0, 1, 2 }, 0x4002D000, 0x8000D000, true,  NULL, NULL },     //3.0.1 - 3.0.2
  6.     { "20170921172629", 3, 0x1800, 0x3FE0, { 1, 2, 0 }, 0x4002B000, 0x4003B000, false, NULL, NULL },     //4.0.0 - 4.1.0
  7.     { "20180220163747", 4, 0x1900, 0x3FE0, { 1, 2, 0 }, 0x4002B000, 0x4003B000, false, NULL, NULL },     //5.0.0 - 5.1.0
  8.     { "20180802162753", 5, 0x1900, 0x3FE0, { 1, 2, 0 }, 0x4002B000, 0x4003D800, false, NULL, NULL },     //6.0.0 - 6.1.0
  9.     { "20181107105733", 6, 0x0E00, 0x6FE0, { 1, 2, 0 }, 0x4002B000, 0x4003D800, false, NULL, NULL }, //6.2.0
  10.     { NULL } //End.
  11. };
  12.  
  13.     extern void *fileBuf;
  14.     gfx_puts(&gfx_con, "Get TSEC...");
  15.  
  16.     u32 start_time = get_tmr_ms(), end_time;
  17.     _key_count = 0;
  18.     u32 retries = 0;
  19.     u32 key_ver_max = 1;
  20.  
  21.     tsec_ctxt_t tsec_ctxt;
  22.  
  23.     // Read package1.
  24.     u8 *pkg1 = (u8 *)malloc(0x40000);
  25.    
  26.     fileBuf = sd_file_read(firmpath);
  27.     memcpy(pkg1, fileBuf, filesize);
  28.     free(fileBuf);
  29.     fileBuf = NULL;
  30.     gfx_puts(&gfx_con, "got pkg1\n");
  31.  
  32.     const pkg1_id_t *pkg1_id = &_pkg1_ids[0]; // rob double check this
  33.     /*const pkg1_id_t *pkg1_id = pkg1_identify(pkg1);
  34.     if (!pkg1_id) {
  35.         EPRINTFARGS("Unknown package1 version for reading\nTSEC firmware (= '%s').",
  36.             (char *)pkg1 + 0x10);
  37.         goto out_wait;
  38.     }*/
  39.  
  40.     u8 tsec_keys[0x10 * 3];
  41.     int res = 0;
  42.  
  43.     tsec_ctxt.size = 0xF00;
  44.     tsec_ctxt.fw = (u8 *)pkg1 + pkg1_id->tsec_off;
  45.     tsec_ctxt.pkg1 = pkg1;
  46.     tsec_ctxt.pkg11_off = pkg1_id->pkg11_off;
  47.     tsec_ctxt.secmon_base = pkg1_id->secmon_base;
  48.  
  49.     if (pkg1_id->kb >= KB_FIRMWARE_VERSION_620) {
  50.         tsec_ctxt.size = 0x2900;
  51.         u8 *tsec_paged = (u8 *)page_alloc(3);
  52.         memcpy(tsec_paged, (void *)tsec_ctxt.fw, tsec_ctxt.size);
  53.         tsec_ctxt.fw = tsec_paged;
  54.  
  55.         key_ver_max = 1;
  56.     }
  57.  
  58.     for (u32 i = 1; i <= key_ver_max; i++) {
  59.         tsec_ctxt.key_ver = i;
  60.  
  61.         while (tsec_query(tsec_keys + ((i - 1) * 0x10), pkg1_id->kb, &tsec_ctxt) < 0) {
  62.             if (pkg1_id->kb <= KB_FIRMWARE_VERSION_600)
  63.                 memset(tsec_keys + ((i - 1) * 0x10), 0x00, 0x10);
  64.             else
  65.                 memset(tsec_keys, 0x00, 0x30);
  66.  
  67.             retries++;
  68.  
  69.             if (retries > 3) {
  70.                 res = -1;
  71.                 break;
  72.             }
  73.         }
  74.     }
  75.     free(pkg1);
  76.  
  77.     if (res < 0) {
  78.         EPRINTF("ERROR dumping TSEC. Try again.\n");
  79.         goto out_wait;
  80.     }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top