Split off key extraction into own application

Author: tuxuser

DurangoKeyExtractor/DurangoKeyExtractor.csproj

@@ -0,0 +1,13 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>netcoreapp2.0</TargetFramework>
+  </PropertyGroup>
+  <ItemGroup>
+    <PackageReference Include="NDesk.Options.Patched" Version="0.3.1" />
+  </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="..\LibXboxOne\LibXboxOne.csproj" />
+  </ItemGroup>
+</Project>

DurangoKeyExtractor/Extractor.cs

@@ -0,0 +1,109 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using LibXboxOne;
+using LibXboxOne.Keystore;
+
+namespace DurangoKeyExtractor
+{
+    public class KeyExtractor
+    {
+        public readonly Dictionary<string,byte[]> FoundCikKeys;
+        public readonly Dictionary<string,byte[]> FoundOdkKeys;
+        public readonly Dictionary<string,byte[]> FoundXvdSignKeys;
+        public string FilePath { get; private set; }
+
+        public KeyExtractor(string filePath)
+        {
+            if (!File.Exists(filePath))
+                throw new InvalidOperationException($"File {filePath} does not exist");
+
+            FilePath = filePath;
+            FoundCikKeys = new Dictionary<string, byte[]>();
+            FoundOdkKeys = new Dictionary<string, byte[]>();
+            FoundXvdSignKeys = new Dictionary<string, byte[]>();
+        }
+
+        void StoreKey(string keyName, IKeyEntry keyEntry, byte[] keyData)
+        {
+
+            switch (keyEntry.KeyType)
+            {
+                case KeyType.CikKey:
+                    // Assemble GUID + keyData blob
+                    var assembledKey = new byte[0x30];
+                    Array.Copy(((CikKeyEntry)keyEntry).KeyId.ToByteArray(), 0, assembledKey, 0, 16);
+                    Array.Copy(keyData, 0, assembledKey, 16, 32);
+
+                    FoundCikKeys[keyName] = assembledKey;
+                    break;
+                case KeyType.OdkKey:
+                    FoundOdkKeys[keyName] = keyData;
+                    break;
+                case KeyType.XvdSigningKey:
+                    FoundXvdSignKeys[keyName] = keyData;
+                    break;
+                default:
+                    throw new InvalidDataException("Invalid KeyType provided");
+            }
+        }
+
+        public int PullKeysFromFile()
+        {
+            var exeData = File.ReadAllBytes(FilePath);
+
+            int foundCount = 0;
+            for (int i = 0; i < exeData.Length - 32; i += 8)
+            {
+                byte[] hash32 = HashUtils.ComputeSha256(exeData, i, 32);
+                foreach(var kvp in DurangoKeys.KnownKeys)
+                {
+                    string keyName = kvp.Key;
+                    IKeyEntry keyEntry = kvp.Value;
+                    
+                    if ((keyEntry.DataSize == 32 && hash32.IsEqualTo(keyEntry.SHA256Hash)) ||
+                        (keyEntry.DataSize != 32 && keyEntry.DataSize <= (exeData.Length - i) &&
+                         keyEntry.SHA256Hash.IsEqualTo(HashUtils.ComputeSha256(exeData, i, keyEntry.DataSize))))
+                    {
+                        Console.WriteLine($"Found {keyEntry.KeyType} \"{keyName}\" at offset 0x{i:X}");
+                        
+                        byte[] keyData = new byte[keyEntry.DataSize];
+                        Array.Copy(exeData, i, keyData, 0, keyData.Length);
+                        StoreKey(keyName, keyEntry, keyData);
+                        foundCount++;
+                    }
+                }
+            }
+
+            return foundCount;
+        }
+
+        public bool SaveFoundKeys(string destinationDirectory)
+        {
+            if (!Directory.Exists(destinationDirectory))
+            {
+                Directory.CreateDirectory(destinationDirectory);
+            }
+
+            foreach(var entry in FoundCikKeys)
+            {
+                var path = Path.Combine(destinationDirectory, $"CIK_{entry.Key}.bin");
+                File.WriteAllBytes(path, entry.Value);
+            }
+
+            foreach(var entry in FoundOdkKeys)
+            {
+                var path = Path.Combine(destinationDirectory, $"ODK_{entry.Key}.bin");
+                File.WriteAllBytes(path, entry.Value);
+            }
+
+            foreach(var entry in FoundXvdSignKeys)
+            {
+                var path = Path.Combine(destinationDirectory, $"XVDSIGN_{entry.Key}.bin");
+                File.WriteAllBytes(path, entry.Value);
+            }
+
+            return true;
+        }
+    }
+}

DurangoKeyExtractor/Program.cs

@@ -0,0 +1,68 @@
+using System;
+using NDesk.Options;
+using LibXboxOne;
+using System.IO;
+
+namespace DurangoKeyExtractor
+{
+    class Program
+    {
+        static void Main(string[] args)
+        {
+            const string fmt = "    ";
+
+            var printHelp = false;
+            var outputFolder = String.Empty;
+
+            var p = new OptionSet {
+                { "h|?|help", v => printHelp = v != null },
+                { "o|output", v => outputFolder = v}
+            };
+
+            var extraArgs = p.Parse(args);
+
+            Console.WriteLine("durangokeyextractor 0.1: Durango key extractor");
+
+            if (printHelp || extraArgs.Count <= 0)
+            {
+                Console.WriteLine("Usage  : durangokeyextractor.exe [file path]");
+                Console.WriteLine();
+                Console.WriteLine("Parameters:");
+                Console.WriteLine(fmt + "-h (-help) - print program usage");
+                Console.WriteLine(fmt + "-o (-output) - Output folder to store extracted keys");
+                Console.WriteLine();
+                return;
+            }
+
+            if (outputFolder == String.Empty)
+            {
+                outputFolder = Path.Combine(System.AppDomain.CurrentDomain.BaseDirectory, "extracted");
+            }
+
+            var filePath = extraArgs[0];
+            KeyExtractor extractor;
+
+            try
+            {
+                extractor = new KeyExtractor(filePath);
+            }
+            catch (Exception e)
+            {
+                Console.WriteLine($"Error setting up KeyExtractor: {e.Message}");
+                return;
+            }
+
+            Console.WriteLine($"Scanning {filePath} for known keys...");
+            int foundCount = extractor.PullKeysFromFile();
+            if (foundCount == 0)
+            {
+                Console.WriteLine("No keys found :(");
+                return;
+            }
+
+            Console.WriteLine($"Found {foundCount} keys :)");
+            Console.WriteLine($"Saving keys to \"{outputFolder}\"...");
+            extractor.SaveFoundKeys(outputFolder);
+        }
+    }
+}

LibXboxOne.Tests/XvdFileTests.cs

@@ -233,6 +233,7 @@ public void Unsigned_XVD_Encrypt_Test()
             Assert.True(generatedHash.IsEqualTo(expectedHash));
         }
 
+        /*
         [Fact(Skip="Relies on xvd data blob")]
         public void XvdSign_Key_Extract()
         {
@@ -266,5 +267,6 @@ public void XvdSign_Key_Extract()
             XvdFile.OdkKeyLoaded = false;
             XvdFile.SignKeyLoaded = false;
         }
+        */
     }
 }

LibXboxOne/Keystore/DurangoKeys.cs

@@ -0,0 +1,22 @@
+using System;
+using System.Collections.Generic;
+
+namespace LibXboxOne.Keystore
+{
+    public static class DurangoKeys
+    {
+        public static readonly Dictionary<string,IKeyEntry> KnownKeys = new Dictionary<string, IKeyEntry>(){
+            // Cik keys
+            {"TestCIK", new CikKeyEntry(new Guid("33EC8436-5A0E-4F0D-B1CE-3F29C3955039"), sha256Hash: "6786C11B788ED5CCE3C7695425CB82970347180650893D1B5613B2EFB33F9F4E", dataSize: 0x20)},
+            {"Unknown0CIK", new CikKeyEntry(new Guid("F0522B7C-7FC1-D806-43E3-68A5DAAB06DA"), sha256Hash: "B767CE5F83224375E663A1E01044EA05E8022C033D96BED952475D87F0566642", dataSize: 0x20)},
+            
+            // Odk keys
+            {"RedODK", new OdkKeyEntry(2, sha256Hash: "CA37132DFB4B811506AE4DC45F45970FED8FE5E58C1BACB259F1B96145B0EBC6", dataSize: 0x20)},
+            
+            // Xvd signing keys
+            {"RedXvdPrivateKey", new XvdSignKeyEntry(4096, privateKey: true, sha256Hash: "8E2B60377006D87EE850334C42FC200081386A838C65D96D1EA52032AA9628C5", dataSize: 0x91B)},
+            {"GreenXvdPublicKey", new XvdSignKeyEntry(4096, privateKey: false, sha256Hash: "618C5FB1193040AF8BC1C0199B850B4B5C42E43CE388129180284E4EF0B18082", dataSize: 0x21B)},
+            {"GreenGamesPublicKey", new XvdSignKeyEntry(4096, privateKey: false, sha256Hash: "183F0AE05431E4AD91554E88946967C872997227DBE6C85116F5FD2FD2D1229E", dataSize: 0x21B)},
+        };
+    }
+}

LibXboxOne/Keystore/KeyEntry.cs

@@ -0,0 +1,64 @@
+using System;
+
+namespace LibXboxOne.Keystore
+{
+    public interface IKeyEntry
+    {
+        int DataSize { get; }
+        byte[] SHA256Hash { get; }
+        KeyType KeyType { get; }
+    }
+
+    public class CikKeyEntry : IKeyEntry
+    {
+        public Guid KeyId { get; }
+        public byte[] SHA256Hash { get; }
+        public int DataSize { get; }
+        public KeyType KeyType => KeyType.CikKey;
+
+        public CikKeyEntry(Guid keyId, string sha256Hash, int dataSize)
+        {
+            KeyId = keyId;
+            SHA256Hash = sha256Hash.ToBytes();
+            DataSize = dataSize;
+            if (SHA256Hash.Length != 0x20)
+                throw new DataMisalignedException("Invalid length for SHA256Hash");
+        }
+    }
+
+    public class OdkKeyEntry : IKeyEntry
+    {
+        public uint KeyId { get; }
+        public byte[] SHA256Hash { get; }
+        public int DataSize { get; }
+        public KeyType KeyType => KeyType.OdkKey;
+
+        public OdkKeyEntry(uint keyId, string sha256Hash, int dataSize)
+        {
+            KeyId = keyId;
+            SHA256Hash = sha256Hash.ToBytes();
+            DataSize = dataSize;
+            if (SHA256Hash.Length != 0x20)
+                throw new DataMisalignedException("Invalid length for SHA256Hash");
+        }
+    }
+
+    public class XvdSignKeyEntry : IKeyEntry
+    {
+        public int KeyStrengthBits { get; }
+        public bool IsPrivate { get; }
+        public byte[] SHA256Hash { get; }
+        public int DataSize { get; }
+        public KeyType KeyType => KeyType.XvdSigningKey;
+
+        public XvdSignKeyEntry(int keyStrengthBits, bool privateKey, string sha256Hash, int dataSize)
+        {
+            KeyStrengthBits = keyStrengthBits;
+            IsPrivate = privateKey;
+            SHA256Hash = sha256Hash.ToBytes();
+            DataSize = dataSize;
+            if (SHA256Hash.Length != 0x20)
+                throw new DataMisalignedException("Invalid length for SHA256Hash");
+        }
+    }
+}

LibXboxOne/Keystore/KeyType.cs

@@ -0,0 +1,11 @@
+using System;
+
+namespace LibXboxOne.Keystore
+{
+    public enum KeyType
+    {
+        XvdSigningKey,
+        OdkKey, // Offline Distribution Key, AES256 (32 bytes) key
+        CikKey // Content Instance Key, Guid (16 bytes) + AES256 (32 bytes) key
+    }
+}

LibXboxOne/Shared.cs

@@ -219,6 +219,16 @@ public static string ToHexString(this ushort[] array)
             return array.Aggregate("", (current, b) => current + "0x" + (b.ToString("X4") + " "));
         }
 
+        public static byte[] ToBytes(this string hexString)
+        {
+            hexString = hexString.Replace(" ", "");
+
+            byte[] retval = new byte[hexString.Length / 2];
+            for (int i = 0; i < hexString.Length; i += 2)
+                retval[i / 2] = Convert.ToByte(hexString.Substring(i, 2), 16);
+            return retval;
+        }
+
         public static bool IsArrayEmpty(this byte[] bytes)
         {
             return bytes.All(b => b == 0);