upgrade pdddbg to use basis decryption routines from the common libs

gsora · Nov 1, 2022 · 4e2d799 · 4e2d799
1 parent 54e929e
commit 4e2d799
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 27 deletions.
diff --git a/tools/pddbcommon.py b/tools/pddbcommon.py
@@ -765,7 +765,7 @@ def get_key(index, keyrom, length):
 #   - basis_credentials is a list of the secret Bases
 # Returns:
 #   - A dictionary of keys, by Basis name
-def extract_keys(keyrom, pddb, boot_pw, basis_credentials=None):
+def extract_keys(keyrom, pddb, boot_pw, basis_credentials={}):
     user_key_enc = get_key(40, keyrom, 32)
     pepper = get_key(248, keyrom, 16)
     pepper[0] = pepper[0] ^ 1 # encodes the "boot" password type into the pepper

diff --git a/tools/pddbdbg.py b/tools/pddbdbg.py
@@ -19,39 +19,62 @@ def main():
     parser.add_argument(
         "--renode", required=False, help="Override flex-size settings and read a Renode bin file", action="store_true"
     )
+    parser.add_argument(
+        "--basis", type=str, help="Extra Bases to unlock, as `name:pass`. Each additional basis requires another --basis separator. Note that : is not legal to use in a Basis name.", action="append", nargs="+"
+    )
     args = parser.parse_args()
 
-    if args.name == None:
-        keyfile = './tools/pddb-images/pddb.key'
-        imagefile = './tools/pddb-images/pddb.bin'
-    else:
-        keyfile = './tools/pddb-images/{}.key'.format(args.name)
-        imagefile = './tools/pddb-images/{}.bin'.format(args.name)
-
-    if args.dump:
-        DO_CI_TESTS = False
-
     numeric_level = getattr(logging, args.loglevel.upper(), None)
     if not isinstance(numeric_level, int):
         raise ValueError('Invalid log level: %s' % args.loglevel)
     logging.basicConfig(level=numeric_level)
 
-    keys = {}
-    with open(keyfile, 'rb') as key_f:
-        raw_key = key_f.read()
-        num_keys = int.from_bytes(raw_key[:4], 'little')
-        for i in range(num_keys):
-            name_all = raw_key[4 + i*128 : 4 + i*128 + 64]
-            name_bytes = bytearray(b'')
-            for b in name_all:
-                if b != 0:
-                    name_bytes.append(b)
-                else:
-                    break
-            name = name_bytes.decode('utf8', errors='ignore')
-            key_data = raw_key[4 + i*128 + 64 : 4 + i*128 + 96]
-            key_pt = raw_key[4 + i*128 + 96 : 4 + i*128 + 128]
-            keys[name] = [key_pt, key_data]
+
+    if args.renode is True:
+        keyfile = "./emulation/renode-keybox.bin"
+        imagefile = "./tools/pddb-images/renode.bin"
+        basis_credentials = {}
+        if args.basis:
+            for pair in args.basis:
+                credpair = pair[0].split(':', 1)
+                if len(credpair) != 2:
+                    logging.error("Basis credential pair with name {} has a formatting problem, aborting!".format(credpair[0]))
+                    exit(1)
+                basis_credentials[credpair[0]] = credpair[1]
+
+        with open(keyfile, 'rb') as key_f:
+            keyrom = key_f.read()
+            with open(imagefile, 'rb') as img_f:
+                raw_img = img_f.read()
+                raw_img = raw_img[0x01D80000:0x07F80000]
+                keys = extract_keys(keyrom, raw_img, 'a', basis_credentials)
+    else:
+        if args.name == None:
+            keyfile = './tools/pddb-images/pddb.key'
+            imagefile = './tools/pddb-images/pddb.bin'
+        else:
+            keyfile = './tools/pddb-images/{}.key'.format(args.name)
+            imagefile = './tools/pddb-images/{}.bin'.format(args.name)
+
+        if args.dump:
+            DO_CI_TESTS = False
+
+        keys = {}
+        with open(keyfile, 'rb') as key_f:
+            raw_key = key_f.read()
+            num_keys = int.from_bytes(raw_key[:4], 'little')
+            for i in range(num_keys):
+                name_all = raw_key[4 + i*128 : 4 + i*128 + 64]
+                name_bytes = bytearray(b'')
+                for b in name_all:
+                    if b != 0:
+                        name_bytes.append(b)
+                    else:
+                        break
+                name = name_bytes.decode('utf8', errors='ignore')
+                key_data = raw_key[4 + i*128 + 64 : 4 + i*128 + 96]
+                key_pt = raw_key[4 + i*128 + 96 : 4 + i*128 + 128]
+                keys[name] = [key_pt.hex(), key_data.hex()]
 
     logging.info("Found basis keys (pt, data):")
     logging.info(str(keys))