Add trf support.
This commit is contained in:
SilicaAndPina
parent
40d18fb72a
commit
3cb1e1d0fd
|
|
@ -33,41 +33,74 @@ namespace CpUpES2_Decrypt
|
||||||
static int Main(string[] args)
|
static int Main(string[] args)
|
||||||
{
|
{
|
||||||
RsaKeyParameters Rsa_Public_Key = new RsaKeyParameters(false, new BigInteger("A7CCAE0F501188527BF3DACCA3E231C8D8701E7B91927390701DE5E7A96327DAD87167A8F01368ADDFE490E325A290533697058FBA775766698010AFD8FD7A3FFD265E0A52FE04928BCE8B4302F4C70FFAC3C9397FD24B106271E57BDA20D2D702298F6F990ECF9B0FE04FF6CCEE170B555304232012D78E6019DAB29763829E6AF5ADA802204FA551631179CBFE6164732662E8576741949BB136456C11DE355F487211D230267DC05E699A2652AD5C6D74B0568326F4F2F5B86AD956E94404D3A65928F4EA2189567CE9989911B04808517F4C76A8B25DF1D6ABBE8595C469BFD7E870C4F00A89610C2C9B79F625A42CA2B4C6B8D37E62CE9EC61A856FD32F", 16), new BigInteger("10001", 16));
|
RsaKeyParameters Rsa_Public_Key = new RsaKeyParameters(false, new BigInteger("A7CCAE0F501188527BF3DACCA3E231C8D8701E7B91927390701DE5E7A96327DAD87167A8F01368ADDFE490E325A290533697058FBA775766698010AFD8FD7A3FFD265E0A52FE04928BCE8B4302F4C70FFAC3C9397FD24B106271E57BDA20D2D702298F6F990ECF9B0FE04FF6CCEE170B555304232012D78E6019DAB29763829E6AF5ADA802204FA551631179CBFE6164732662E8576741949BB136456C11DE355F487211D230267DC05E699A2652AD5C6D74B0568326F4F2F5B86AD956E94404D3A65928F4EA2189567CE9989911B04808517F4C76A8B25DF1D6ABBE8595C469BFD7E870C4F00A89610C2C9B79F625A42CA2B4C6B8D37E62CE9EC61A856FD32F", 16), new BigInteger("10001", 16));
|
||||||
|
RsaKeyParameters FsImage_Public_Key = new RsaKeyParameters(false, new BigInteger("A9697F9D9343CADE68E04F9E356E6AB6BBC7DE36A4D81B98A83BC12BE3F6DF96ED7A64389456ACA933BEBFBA4FFEF05CF45F2F886F434FBBC3A01348533070C0B7D5E9C21EFE53E95A6019DB51C12C6BAFEB94E992287963448E59606384B99F3FF3E5EB6AA08BF32A4DBA7A312520CEC2B69BB20A6D0640B117170AA2DDA1FB590AEE7ADFC4E80DFCF27FA55DDEC92C07922FDD05AB1618DCB727AA6FF70027A9410BC845E50EAFD46C0FD92FF500672DE56489C669B0AA481FFD75E99E21A8DC2F9F9E87957B46BBF63FB7DDBE8B8CA861BA349A62458E855EE78C3DD6791F92E76422144E51295B1337E15C126DF6FA0C29321BC1D7C00E3C19EEF3A3E7A5", 16), new BigInteger("10001", 16));
|
||||||
|
|
||||||
if(args.Length < 1)
|
if(args.Length < 1)
|
||||||
{
|
{
|
||||||
Console.WriteLine("Usage: CpUpES2Decrypt.exe <UpdaterES2.CpUp File>");
|
Console.WriteLine("Usage: CpUpES2-Decrypt.exe <UpdaterES2.CpUp File OR fsimage1.trf File>");
|
||||||
return 2;
|
return 2;
|
||||||
}
|
}
|
||||||
else if(File.Exists(args[0]))
|
else if(File.Exists(args[0]))
|
||||||
{
|
{
|
||||||
|
|
||||||
// Parse Header
|
// Parse Header
|
||||||
FileStream fs = File.OpenRead(args[0]);
|
FileStream fs = File.OpenRead(args[0]);
|
||||||
BinaryReader bfs = new BinaryReader(fs);
|
BinaryReader bfs = new BinaryReader(fs);
|
||||||
|
|
||||||
UInt32 Magic = bfs.ReadUInt32();
|
UInt32 Magic = bfs.ReadUInt32();
|
||||||
UInt32 Version = bfs.ReadUInt32();
|
UInt32 Version = bfs.ReadUInt32();
|
||||||
UInt64 Reserved = bfs.ReadUInt64();
|
UInt32 TrfSize = bfs.ReadUInt32();
|
||||||
UInt32 Type = bfs.ReadUInt32();
|
UInt32 TrfStartAddress = bfs.ReadUInt32();
|
||||||
|
UInt32 TrfExtractedSize = bfs.ReadUInt32();
|
||||||
UInt32 FullSize = bfs.ReadUInt32();
|
UInt32 FullSize = bfs.ReadUInt32();
|
||||||
UInt32 StartAddress = bfs.ReadUInt32();
|
UInt32 StartAddress = bfs.ReadUInt32();
|
||||||
UInt32 ExtractedSize = bfs.ReadUInt32();
|
UInt32 ExtractedSize = bfs.ReadUInt32();
|
||||||
|
|
||||||
if (Magic == 0x43705570) //CpUp
|
|
||||||
|
if (Magic == 0x43705570 || Magic == 0x23642745)
|
||||||
{
|
{
|
||||||
Console.WriteLine("CpUp Magic: 0x" + Magic.ToString("X"));
|
String FileType = "CpUp";
|
||||||
Console.WriteLine("CpUp Version: 0x" + Version.ToString("X"));
|
if (Magic == 0x23642745)
|
||||||
Console.WriteLine("CpUp Reserved Space: 0x" + Reserved.ToString("X"));
|
FileType = "Trf";
|
||||||
Console.WriteLine("CpUp Type: 0x" + Type.ToString("X"));
|
|
||||||
Console.WriteLine("CpUp Size: 0x" + FullSize.ToString("X"));
|
UInt32 UsedStartAddress = StartAddress;
|
||||||
Console.WriteLine("CpUp Start Address: 0x" + StartAddress.ToString("X"));
|
UInt32 UsedSize = FullSize;
|
||||||
Console.WriteLine("CpUp Extracted Size: 0x" + ExtractedSize.ToString("X"));
|
UInt32 UsedExtractedSize = ExtractedSize;
|
||||||
|
Boolean IsEncrypted = true;
|
||||||
|
String FileName = Path.ChangeExtension(args[0], "tar.gz");
|
||||||
|
if (FileType == "Trf")
|
||||||
|
{
|
||||||
|
UsedStartAddress = TrfStartAddress;
|
||||||
|
UsedSize = TrfSize;
|
||||||
|
UsedExtractedSize = TrfExtractedSize;
|
||||||
|
FileName = Path.ChangeExtension(args[0], "img");
|
||||||
|
|
||||||
|
fs.Seek(UsedStartAddress, SeekOrigin.Begin); // Hacky but it works.
|
||||||
|
UInt32 EncMagic = bfs.ReadUInt32();
|
||||||
|
if (EncMagic == 0xCDE4A048)
|
||||||
|
IsEncrypted = false;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
Console.WriteLine(FileType+" Magic: 0x" + Magic.ToString("X"));
|
||||||
|
Console.WriteLine(FileType + " Version: 0x" + Version.ToString("X"));
|
||||||
|
Console.WriteLine(FileType + " TSize: 0x" + TrfSize.ToString("X"));
|
||||||
|
Console.WriteLine(FileType + " TStart Address: 0x" + TrfStartAddress.ToString("X"));
|
||||||
|
Console.WriteLine(FileType + " TExtracted Size: 0x" + TrfExtractedSize.ToString("X"));
|
||||||
|
|
||||||
|
Console.WriteLine(FileType + " CSize: 0x" + FullSize.ToString("X"));
|
||||||
|
Console.WriteLine(FileType + " CStart Address: 0x" + StartAddress.ToString("X"));
|
||||||
|
Console.WriteLine(FileType + " CExtracted Size: 0x" + ExtractedSize.ToString("X"));
|
||||||
Console.WriteLine("\n\nRSA Decrypting Key Information...");
|
Console.WriteLine("\n\nRSA Decrypting Key Information...");
|
||||||
|
|
||||||
|
|
||||||
// Dervie AES Key
|
// Dervie AES Key
|
||||||
Pkcs1Encoding pkcs1Encoding = new Pkcs1Encoding(new RsaEngine());
|
Pkcs1Encoding pkcs1Encoding = new Pkcs1Encoding(new RsaEngine());
|
||||||
pkcs1Encoding.Init(false, Rsa_Public_Key);
|
if(FileType == "Trf")
|
||||||
|
pkcs1Encoding.Init(false, FsImage_Public_Key);
|
||||||
|
else if (FileType == "CpUp")
|
||||||
|
pkcs1Encoding.Init(false, Rsa_Public_Key);
|
||||||
|
|
||||||
pkcs1Encoding.GetInputBlockSize();
|
pkcs1Encoding.GetInputBlockSize();
|
||||||
|
|
||||||
fs.Seek(-0x100, SeekOrigin.End);
|
fs.Seek(-0x100, SeekOrigin.End);
|
||||||
|
|
@ -84,21 +117,23 @@ namespace CpUpES2_Decrypt
|
||||||
Array.ConstrainedCopy(HeaderDecrypted, 0x10, Key, 0x0, 0x10);
|
Array.ConstrainedCopy(HeaderDecrypted, 0x10, Key, 0x0, 0x10);
|
||||||
Array.ConstrainedCopy(HeaderDecrypted, 0x20, Sha1Hash, 0x0, 0x14);
|
Array.ConstrainedCopy(HeaderDecrypted, 0x20, Sha1Hash, 0x0, 0x14);
|
||||||
|
|
||||||
Console.WriteLine("CpUp Key: " + BitConverter.ToString(Key));
|
Console.WriteLine(FileType + " Key: " + BitConverter.ToString(Key));
|
||||||
Console.WriteLine("CpUp Iv: " + BitConverter.ToString(Iv));
|
Console.WriteLine(FileType + " Iv: " + BitConverter.ToString(Iv));
|
||||||
Console.WriteLine("CpUp Sha1: " + BitConverter.ToString(Sha1Hash));
|
Console.WriteLine(FileType + " Sha1: " + BitConverter.ToString(Sha1Hash));
|
||||||
|
|
||||||
Console.WriteLine("\n\nAES Decrytping CpUp File...");
|
Console.WriteLine("\n\nAES Decrypting "+FileType+" File...");
|
||||||
// Decrypt Update
|
// Decrypt Update
|
||||||
fs.Seek(StartAddress, SeekOrigin.Begin);
|
|
||||||
Byte[] UpdateData = new Byte[(FullSize - StartAddress) - 0x100];
|
fs.Seek(UsedStartAddress, SeekOrigin.Begin);
|
||||||
|
Byte[] UpdateData = new Byte[(UsedSize - UsedStartAddress) - 0x100];
|
||||||
fs.Read(UpdateData, 0x00, UpdateData.Length);
|
fs.Read(UpdateData, 0x00, UpdateData.Length);
|
||||||
Byte[] UpdateDecrypted = Aes_128_Decrypt(UpdateData, Key, Iv);
|
if(IsEncrypted)
|
||||||
|
UpdateData = Aes_128_Decrypt(UpdateData, Key, Iv);
|
||||||
fs.Close();
|
fs.Close();
|
||||||
|
|
||||||
String FileName = Path.ChangeExtension(args[0], "tar.gz");
|
|
||||||
fs = File.OpenWrite(FileName);
|
fs = File.OpenWrite(FileName);
|
||||||
fs.Write(UpdateDecrypted, 0x00, (Int32)ExtractedSize);
|
fs.Write(UpdateData, 0x00, (Int32)UsedExtractedSize);
|
||||||
fs.Close();
|
fs.Close();
|
||||||
Console.WriteLine("Decrypted file saved to: " + FileName);
|
Console.WriteLine("Decrypted file saved to: " + FileName);
|
||||||
|
|
||||||
|
|
@ -111,7 +146,7 @@ namespace CpUpES2_Decrypt
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
Console.WriteLine("Invalid CPUP! (Magic = 0x" + Magic.ToString("X")+")");
|
Console.WriteLine("Unknown Filetype! (Magic = 0x" + Magic.ToString("X")+")");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
14
README.md
14
README.md
|
|
@ -1,9 +1,7 @@
|
||||||
# CpUpES2-Decrypt
|
# CpUpES2-Decrypt
|
||||||
A tool to decrypt "UpdaterES2.CpUp" from PSVita DevKit Update Files
|
A tool to decrypt "UpdaterES2.CpUp" from PSVita DevKit Update Files as well as the "fsimage1.trf" Encrypted AXFS Filesystem image inside it.
|
||||||
|
|
||||||
Made possible by Zecoaxco and VVildCard777 for dumping the CP EMMC.
|
Made possible by Zecoaxco and VVildCard777 for dumping the CP EMMC.
|
||||||
And Mathieulh for helping me with stuffs, and answering all my stupid questions.
|
And Mathieulh for helping me with stuffs, and answering all my stupid questions.
|
||||||
|
|
||||||
Output is a tar.gz file, where fsimage1.trf is encrypted, and fsimage0.trf is signed (but unencrypted) AXFS file-system image.
|
Output is a tar.gz file, where fsimage1.trf is encrypted, and fsimage0.trf is signed (but unencrypted) AXFS file-system image.
|
||||||
|
|
||||||
fsimage decryption : <to-be-developed>
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue