From e55107fe2acca8c3babce4ee136b3a0fa8daac0c Mon Sep 17 00:00:00 2001 From: beerpsi Date: Mon, 22 Jul 2024 13:48:20 +0000 Subject: [PATCH] fix: encryption IV is constant, and don't overwrite encryption IV with header IV. --- segafs/makesegafs.py | 29 +++++++++++++---------------- 1 file changed, 13 insertions(+), 16 deletions(-) diff --git a/segafs/makesegafs.py b/segafs/makesegafs.py index 85614d7..75b2394 100644 --- a/segafs/makesegafs.py +++ b/segafs/makesegafs.py @@ -22,6 +22,7 @@ from construct import ( # ---- Configuration ENCRYPTION_KEY = bytes.fromhex("") +ENCRYPTION_IV = bytes.fromhex("") INPUT_FILE = "" # Should not be encrypted. OUTPUT_FILE = "" BOOTID = { @@ -48,7 +49,9 @@ BOOTID = { "unk2": 0, "hw_family": b"ACA", "hw_generation": 0, - "org_timestamp": { + + # Fill in orig_timestamp/orig_version if you're making an app patch. + "orig_timestamp": { "year": 0, "month": 0, "day": 0, @@ -57,11 +60,12 @@ BOOTID = { "second": 0, "milli": 0, }, - "org_version": { + "orig_version": { "release": 0, "minor": 0, "major": 0, }, + "os_version": { "release": 1, "minor": 54, @@ -136,8 +140,8 @@ BootID = Struct( "unk2" / Int64ul, "hw_family" / Bytes(3), "hw_generation" / Int8ul, - "org_timestamp" / Timestamp, - "org_version" / Version, + "orig_timestamp" / Timestamp, + "orig_version" / Version, "os_version" / Version, "strings" / Bytes(0x27AC), ) @@ -147,26 +151,19 @@ def get_page_iv(iv: bytes, offset: int): return bytes(x ^ (offset >> (8 * (i % 8))) & 0xFF for (i, x) in enumerate(iv)) -iv = secrets.token_bytes(16) - -if BOOTID["type"] == 0x02: - iv = bytes(x ^ EXFAT_HEADER[i] ^ OPTION_IV[i] for (i, x) in enumerate(iv)) - -print(f"Generated IV: {iv.hex()}") - filesize = os.stat(INPUT_FILE).st_size BOOTID["block_count"] = ceil(filesize / BOOTID["block_size"]) + 8 -key = secrets.token_bytes(16) -iv = secrets.token_bytes(16) -encrypted_keypair = PKCS1_OAEP.new(HEADER_META_PUBKEY).encrypt(key + iv) +header_key = secrets.token_bytes(16) +header_iv = secrets.token_bytes(16) +encrypted_keypair = PKCS1_OAEP.new(HEADER_META_PUBKEY).encrypt(header_key + header_iv) header_meta = struct.pack(" 0: - page_iv = get_page_iv(iv, total_written) + page_iv = get_page_iv(ENCRYPTION_IV, total_written) contents = fin.read(4096) contents_len = len(contents)