const QByteArray Wad::Content( quint16 i )
{
if( tmdData.isEmpty() || tikData.isEmpty() )
{
Err( "Can't decryte data without a TMD and ticket" );
return QByteArray();
}
Ticket ticket( tikData );
Tmd t( tmdData );
if( partsEnc.size() != t.Count() || i >= partsEnc.size() )
{
Err( "I dont know whats going on some number is out of range and i dont like it" );
return QByteArray();
}
QByteArray encData = partsEnc.at( i );
AesSetKey( ticket.DecryptedKey() );
QByteArray decData = AesDecrypt( t.Index( i ), encData );
decData.resize( t.Size( i ) );
QByteArray realHash = GetSha1( decData );
if( realHash != t.Hash( i ) )
{
Err( QString( "hash doesnt match for content %1" ).arg( i ) );
return QByteArray();
}
return decData;
}
TEST(ec, VerifyRealWorldSignature)
{
static constexpr std::array<u8, 60> MS_PUBKEY = {
{0x00, 0xfd, 0x56, 0x04, 0x18, 0x2c, 0xf1, 0x75, 0x09, 0x21, 0x00, 0xc3, 0x08, 0xae, 0x48,
0x39, 0x91, 0x1b, 0x6f, 0x9f, 0xa1, 0xd5, 0x3a, 0x95, 0xaf, 0x08, 0x33, 0x49, 0x47, 0x2b,
0x00, 0x01, 0x71, 0x31, 0x69, 0xb5, 0x91, 0xff, 0xd3, 0x0c, 0xbf, 0x73, 0xda, 0x76, 0x64,
0xba, 0x8d, 0x0d, 0xf9, 0x5b, 0x4d, 0x11, 0x04, 0x44, 0x64, 0x35, 0xc0, 0xed, 0xa4, 0x2f}};
static constexpr std::array<u8, 0x180> DEVICE_CERT = {
{0x00, 0x01, 0x00, 0x02, 0x00, 0x54, 0xe3, 0x9a, 0x0f, 0xe6, 0xe1, 0x61, 0xb6, 0x2f, 0x9d,
0x0c, 0xaa, 0x1e, 0xc5, 0x58, 0x85, 0xa1, 0xeb, 0x93, 0xa5, 0x1e, 0xf4, 0x06, 0x99, 0x77,
0x9a, 0x46, 0x76, 0x01, 0x00, 0xb7, 0xe4, 0x72, 0x10, 0x6e, 0xa2, 0x21, 0x57, 0xe0, 0xe3,
0xbe, 0x48, 0x9d, 0x7b, 0xa5, 0x2d, 0x46, 0x2f, 0x33, 0x93, 0xae, 0xb0, 0x4b, 0x53, 0xcb,
0xb9, 0xef, 0x16, 0x70, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x52, 0x6f, 0x6f, 0x74, 0x2d, 0x43, 0x41,
0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x31, 0x2d, 0x4d, 0x53, 0x30, 0x30, 0x30, 0x30,
0x30, 0x30, 0x30, 0x32, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x02, 0x4e, 0x47, 0x30, 0x34, 0x65, 0x35, 0x34, 0x32, 0x31, 0x64, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x6f, 0x1e, 0x5f, 0x58, 0x01, 0xa8, 0x1a, 0x89, 0x8d, 0x04,
0xe4, 0x0e, 0x44, 0x6c, 0x99, 0x52, 0xef, 0xe8, 0xe9, 0x8a, 0xec, 0x2b, 0x73, 0xea, 0x13,
0x56, 0x93, 0xf5, 0x1a, 0xd8, 0x53, 0xa8, 0xc5, 0xf2, 0x00, 0x41, 0xe9, 0x5e, 0x0a, 0x5d,
0x0c, 0xdf, 0xf0, 0xc6, 0x96, 0x2c, 0x98, 0x96, 0xa9, 0x0f, 0xf0, 0x2e, 0x1f, 0x0d, 0x1a,
0xcf, 0xa8, 0x35, 0x52, 0x74, 0x36, 0x13, 0x88, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}};
const auto device_cert = IOS::ES::CertReader{{std::cbegin(DEVICE_CERT), std::cend(DEVICE_CERT)}};
EXPECT_TRUE(Common::ec::VerifySignature(MS_PUBKEY.data(), device_cert.GetSignatureData().data(),
device_cert.GetSha1().data()));
}
SHA1EngineExt::~SHA1EngineExt()
{
GetSha1(m_refId);
}
Wad::Wad( const QByteArray &stuff )
{
ok = false;
if( !stuff.size() )//prevent error text when it isnt required
return;
if( stuff.size() < 0x80 )//less than this and there is definitely nothing there
{
Err( "Size is < 0x80" );
return;
}
QByteArray copy = stuff;
QBuffer b( © );
b.open( QIODevice::ReadOnly );
quint32 tmp;
if(b.read( (char*)&tmp, 4 ) != 4)
{
b.close();
Err( "Can't read header size" );
return;
}
if( qFromBigEndian( tmp ) != 0x20 )
{
b.close();
hexdump(stuff, 0, 0x10);
Err( "Bad header size" );
return;
}
b.read( (char*)&tmp, 4 );
tmp = qFromBigEndian( tmp );
if( tmp != 0x49730000 &&
tmp != 0x69620000 &&
tmp != 0x426b0000 )
{
b.close();
hexdump( stuff, 0, 0x40 );
Err( "Bad file magic word" );
return;
}
quint32 certSize;
quint32 tikSize;
quint32 tmdSize;
quint32 appSize;
quint32 footerSize;
b.read( (char*)&certSize, 4 );
certSize = qFromBigEndian( certSize );
b.seek( 0x10 );
b.read( (char*)&tikSize, 4 );
tikSize = qFromBigEndian( tikSize );
b.read( (char*)&tmdSize, 4 );
tmdSize = qFromBigEndian( tmdSize );
b.read( (char*)&appSize, 4 );
appSize = qFromBigEndian( appSize );
b.read( (char*)&footerSize, 4 );
footerSize = qFromBigEndian( footerSize );
b.close();//close the buffer, the rest of the data can be checked without it
//sanity check this thing
quint32 s = stuff.size();
if( s < ( RU( certSize, 0x40 ) + RU( tikSize, 0x40 ) + RU( tmdSize, 0x40 ) + RU( appSize, 0x40 ) + RU( footerSize, 0x40 ) ) )
{
Err( "Total size is less than the combined sizes of all the parts that it is supposed to contain" );
return;
}
quint32 pos = 0x40;
certData = stuff.mid( pos, certSize );
pos += RU( certSize, 0x4 );
tikData = stuff.mid( pos, tikSize );
pos += RU( tikSize, 0x40 );
tmdData = stuff.mid( pos, tmdSize );
pos += RU( tmdSize, 0x40 );
Ticket ticket( tikData );
Tmd t( tmdData );
//the constructor for Ticket may have fixed a bad key index. replace the data just incase it did
tikData = ticket.Data();
//hexdump( tikData );
//hexdump( tmdData );
if( ticket.Tid() != t.Tid() )
qWarning() << "wad contains 2 different TIDs";
quint32 cnt = t.Count();
//qDebug() << "Wad contains" << hex << cnt << "contents";
//another quick sanity check
quint32 totalSize = 0;
for( quint32 i = 0; i < cnt; i++ )
totalSize += t.Size( i );
if( totalSize > appSize )
{
Err( "Size of all the apps in the tmd is greater than the size in the wad header" );
return;
}
//read all the contents, check the hash, and remember the data ( still encrypted )
for( quint32 i = 0; i < cnt; i++ )
{
quint32 s = RU( t.Size( i ), 0x40 );
//qDebug() << "content" << i << "is at" << hex << pos
// << "with size" << s;
QByteArray encData = stuff.mid( pos, s );
pos += s;
//doing this here in case there is some other object that
//is using the AES that would change the key on us
AesSetKey( ticket.DecryptedKey() );
QByteArray decData = AesDecrypt( t.Index( i ), encData );
decData.resize( t.Size( i ) );
QByteArray realHash = GetSha1( decData );
if( realHash != t.Hash( i ) )
{
Err( QString( "hash doesnt match for content %1" ).arg( i ) );
}
partsEnc << encData;
}
//wtf? some VC titles have a full banner as the footer? maybe somebody's wad packer is busted
//QByteArray footer = stuff.mid( pos, stuff.size() - pos );
//qDebug() << "footer";
//hexdump( footer );
ok = true;
}
Wad::Wad( QDir dir )
{
ok = false;
QFileInfoList tmds = dir.entryInfoList( QStringList() << "*.tmd" << "tmd.*", QDir::Files );
if( tmds.isEmpty() )
{
Err( "TMD not found" );
return;
}
tmdData = ReadFile( tmds.at( 0 ).absoluteFilePath() );
if( tmdData.isEmpty() )
return;
QFileInfoList tiks = dir.entryInfoList( QStringList() << "*.tik" << "cetk", QDir::Files );
if( tiks.isEmpty() )
{
Err( "Ticket not found" );
return;
}
tikData = ReadFile( tiks.at( 0 ).absoluteFilePath() );
if( tikData.isEmpty() )
return;
Tmd t( tmdData );
Ticket ticket( tikData );
//make sure to only add the tmd & ticket without all the cert mumbo jumbo
tmdData = t.Data();
tikData = ticket.Data();
t = Tmd( tmdData );
ticket = Ticket( tikData );
quint16 cnt = t.Count();
bool tmdChanged = false;
for( quint16 i = 0; i < cnt; i++ )
{
QByteArray appD = ReadFile( dir.absoluteFilePath( t.Cid( i ) + ".app" ) );
if( appD.isEmpty() )
{
Err( t.Cid( i ) + ".app not found" );
return;
}
if( (quint32)appD.size() != t.Size( i ) )
{
t.SetSize( i, appD.size() );
tmdChanged = true;
}
QByteArray realHash = GetSha1( appD );
if( t.Hash( i ) != realHash )
{
t.SetHash( i, realHash );
tmdChanged = true;
}
AesSetKey( ticket.DecryptedKey() );
appD = PaddedByteArray( appD, 0x40 );
QByteArray encData = AesEncrypt( t.Index( i ), appD );
partsEnc << encData;
}
//if something in the tmd changed, fakesign it
if( tmdChanged )
{
if( !t.FakeSign() )
{
Err( "Error signing the wad" );
return;
}
else
{
tmdData = t.Data();
}
}
QFileInfoList certs = dir.entryInfoList( QStringList() << "*.cert", QDir::Files );
if( !certs.isEmpty() )
{
certData = ReadFile( certs.at( 0 ).absoluteFilePath() );
}
ok = true;
}
