fix: encryption IV is constant, and don't overwrite encryption IV with header IV.

2024-11-23 23:00:56 +01:00 · 2024-07-22 13:48:20 +00:00 · 2024-07-22 13:48:20 +00:00 · e55107fe2a
commit e55107fe2a
parent fcde905a13
1 changed files with 13 additions and 16 deletions
--- a/segafs/makesegafs.py
+++ b/segafs/makesegafs.py
@ -22,6 +22,7 @@ from construct import (

 # ---- Configuration
 ENCRYPTION_KEY = bytes.fromhex("")
+ENCRYPTION_IV = bytes.fromhex("")
 INPUT_FILE = ""  # Should not be encrypted.
 OUTPUT_FILE = ""
 BOOTID = {
@ -48,7 +49,9 @@ BOOTID = {
    "unk2": 0,
    "hw_family": b"ACA",
    "hw_generation": 0,
-    "org_timestamp": {
+
+    # Fill in orig_timestamp/orig_version if you're making an app patch.
+    "orig_timestamp": {
        "year": 0,
        "month": 0,
        "day": 0,
@ -57,11 +60,12 @@ BOOTID = {
        "second": 0,
        "milli": 0,
    },
-    "org_version": {
+    "orig_version": {
        "release": 0,
        "minor": 0,
        "major": 0,
    },
+    
    "os_version": {
        "release": 1,
        "minor": 54,
@ -136,8 +140,8 @@ BootID = Struct(
    "unk2" / Int64ul,
    "hw_family" / Bytes(3),
    "hw_generation" / Int8ul,
-    "org_timestamp" / Timestamp,
-    "org_version" / Version,
+    "orig_timestamp" / Timestamp,
+    "orig_version" / Version,
    "os_version" / Version,
    "strings" / Bytes(0x27AC),
 )
@ -147,26 +151,19 @@ def get_page_iv(iv: bytes, offset: int):
    return bytes(x ^ (offset >> (8 * (i % 8))) & 0xFF for (i, x) in enumerate(iv))


-iv = secrets.token_bytes(16)
-
-if BOOTID["type"] == 0x02:
-    iv = bytes(x ^ EXFAT_HEADER[i] ^ OPTION_IV[i] for (i, x) in enumerate(iv))
-
-print(f"Generated IV: {iv.hex()}")
-
 filesize = os.stat(INPUT_FILE).st_size
 BOOTID["block_count"] = ceil(filesize / BOOTID["block_size"]) + 8

-key = secrets.token_bytes(16)
-iv = secrets.token_bytes(16)
-encrypted_keypair = PKCS1_OAEP.new(HEADER_META_PUBKEY).encrypt(key + iv)
+header_key = secrets.token_bytes(16)
+header_iv = secrets.token_bytes(16)
+encrypted_keypair = PKCS1_OAEP.new(HEADER_META_PUBKEY).encrypt(header_key + header_iv)
 header_meta = struct.pack("<Q", int(time.time())) + os.path.abspath(INPUT_FILE).encode(
    "utf-8"
 ) + b"\x00"
 header_meta += secrets.token_bytes(
    BOOTID["block_size"] - len(header_meta) - len(encrypted_keypair)
 )
-header_meta = encrypted_keypair + AES.new(key, AES.MODE_CBC, iv).encrypt(header_meta)
+header_meta = encrypted_keypair + AES.new(header_key, AES.MODE_CBC, header_iv).encrypt(header_meta)
 header_meta_crc32 = zlib.crc32(header_meta)
 block_crc32s = [
    0,
@ -201,7 +198,7 @@ with open(INPUT_FILE, "rb") as fin, open(OUTPUT_FILE, "w+b") as fout:
    block_crc32 = 0

    while to_read > 0:
-        page_iv = get_page_iv(iv, total_written)
+        page_iv = get_page_iv(ENCRYPTION_IV, total_written)
        contents = fin.read(4096)
        contents_len = len(contents)