We believe in your habilities.

HABILITIES.md

Muh Switch Keys

So you want to decrypt switch content ? Well, the good news is that all the tools required to do that are written up! The great news is, since this is crypto we're talking about, you'll have to find the keys. Yourself. Like it's easter.

So here you can find a template of the $HOME/.switch/prod.keys file that hactool uses to decrypt content. It contains all the SHA256 and location of the keys and seeds, so you can find them yourselves.

Note that all the seeds (the keys that end with _source) are used along with the master_key_## to derive an actual key. If you have somehow obtained the key without the seed, you can rename xxx_source to xxx_## (where ## is the master key number) and put your key there.

How the heck do I obtain dem keys ?

A lot changed in the couple last days. We now have the ability to do Fun Stuff. Here's what you need:

• A dump of your BOOT0 partition.
• Your console's SBK/TSEC key.
• A copy of your package1 and package2 files.

First, you'll want to find the keyblob_key_source, keyblob_mac_key_source and master_key_source. With those, hactool will gain the ability to derive the package1_key and master_key (look into the keygen option), with which you can decrypt the encrypted parts of package1. RTFM on how to do that. Then, you'll want to find the package2_key_source. And finally, everything else.

Here's a quick reminder of the versions:

• master_key_00: 1.0.0-2.3.0
• master_key_01: 3.0.0
• master_key_02: 3.0.1-3.0.2
• master_key_03: 4.0.0-4.1.0
• master_key_04: 5.0.0-current

Good luck with The Hunt. And remember: We believe in your habilities.

FAQ

• Q: The hashes are wrong !

  A: You are computing it wrong. Hex is only a representation. Binary is truth. Because I'm such a nice guy, I'll tell you this :

  SHA256(00FF00FF) = 7a7bf454c5f3cb1b9d9a20f81417f98d976fe3b3dd52c1b9968f02e89e7e8a2f

• Q: Is the order important?

  A: Yes, if you don't want to use leaked keys, they are! And you don't want to use leaked keys, do you? Tsktsk.

  Here's why the order is important:

  • keyblob_key_source, keyblob_mac_key_source and master_key_source gives package1_key
  • package1_key is used to decrypt package1, which contains Secure_Monitor.bin, in which you'll find some key sources and package2_key_source.
  • package2_key_source and master_key are then used to decrypt package2, which contains everything else.

• Q: How do I get my console's SBK/TSEC ?

  A: Take a look at fusee-launcher and biskeydump. Those two tools should give you what you want.

• Q: How do I get my hands on the package1/package2 ?

  A: Those two files are both located in the 0100000000000819.bin archive, which you can easily dump with pegaswitch. Look at the dumpArchive.js script.

  If pegaswitch isn't an option for you, you can also get them from a NAND backup. package1 is located at a fixed offset in BOOT0, and package2 is at a fixed offset in BCPKG2-1-Normal-Main. Check the wiki out. You can write a script to extract those files. It's easy, I swear!

• Q: RTFM ?

  A: Read The Fucking Manual. ./hactool --help will tell you everything else you need.

• Q: Can you just cut the chase and give me the keys ?

  A: No. I enjoy watching you suffer.

test.ini

; CONSOLE UNIQUE
; Dumpable using Fusee-Gelee and biskeydump.
; Secure boot key of the console associated with given BOOT0. Useful to
; derive master_key and package1_key.
secure_boot_key                           = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; CONSOLE UNIQUE
; Dumpable using Fusee-Gelee and biskeydump.
; TSEC key of the console associated with given BOOT0. Useful to
; derive master_key and package1_key.
tsec_key                                  = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

; Found in package1. Useful to guarantee that the keyblob_key_sources are correct.
; SHA256(keyblob_mac_key_source)          = B24BD293259DBC7AC5D63F88E60C59792498E6FC5443402C7FFE87EE8B61A3F0
keyblob_mac_key_source                    = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

; Found in package1. Used to derive the keyblob_key, which is then used to derive master_key and package1_key.
; Don't forget to replace ## with the appropriate number!
; SHA256(keyblob_key_source_00)           = 8A06FE274AC491436791FDB388BCDD3AB9943BD4DEF8094418CDAC150FD73786
; SHA256(keyblob_key_source_01)           = 2D5CAEB2521FEF70B47E17D6D0F11F8CE2C1E442A979AD8035832C4E9FBCCC4B
; SHA256(keyblob_key_source_02)           = 61C5005E713BAE780641683AF43E5F5C0E03671117F702F401282847D2FC6064
; SHA256(keyblob_key_source_03)           = 8E9795928E1C4428E1B78F0BE724D7294D6934689C11B190943923B9D5B85903
; SHA256(keyblob_key_source_04)           = 95FA33AF95AFF9D9B61D164655B32710ED8D615D46C7D6CC3CC70481B686B402
keyblob_key_source_##                     = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

; Found in package1. Used to derive master_key.
; SHA256(master_key_source)               = 7944862A3A5C31C6720595EFD302245ABD1B54CCDCF33000557681E65C5664A4
master_key_source                         = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

; Obtainable with TrustZone code execution, or derivable with tsec_key, secure_boot_key, keyblob_key_source,
; master_key_source and a dump of BOOT0.
; All the other keys are derived with this one.
; Don't forget to replace ## with the appropriate number!
; SHA256(master_key_00)                   = 0EE359BE3C864BB0782E1D70A718A0342C551EED28C369754F9C4F691BECF7CA
; SHA256(master_key_01)                   = 4FE707B7E4ABDAF727C894AAF13B1351BFE2AC90D875F73B2E20FA94B9CC661E
; SHA256(master_key_02)                   = 79277C0237A2252EC3DFAC1F7C359C2B3D121E9DB15BB9AB4C2B4408D2F3AE09
; SHA256(master_key_03)                   = 4F36C565D13325F65EE134073C6A578FFCB0008E02D69400836844EAB7432754
; SHA256(master_key_04)                   = 75FF1D95D26113550EE6FCC20ACB58E97EDEB3A2FF52543ED5AEC63BDCC3DA50
master_key_##                             = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

; Obtainable with Package1Ldr code execution, or derivable with tsec_key, secure_boot_key, keyblob_key_source,
; and a dump of BOOT0.
; Allows decrypting package1, which contains the bootloader, warmboot.bin and TrustZone (also called Secure_Monitor).
; Don't forget to replace ## with the appropriate number!
; SHA256(package1_key_00)                 = 4543CD1B7CAD7EE0466A3DE2086A0EF923805DCEA6C741541CDDB14F54F97B40
; SHA256(package1_key_01)                 = 984F1916834540FF3037D65133F374BD9E715DC3B162AAC77C8387F9B22CF909
; SHA256(package1_key_02)                 = 9E7510E4141AD89D0FB697E817326D3C80F96156DCE7B6903049AC033E95F612
; SHA256(package1_key_03)                 = E65C383CDF526DFFAA77682868EBFA9535EE60D8075C961BBC1EDE5FBF7E3C5F
; SHA256(package1_key_04)                 = 28AE73D6AE8F7206FCA549E27097714E599DF1208E57099416FF429B71370162
package1_key_##                           = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

; Found in TrustZone .rodata.
; Allows decrypting package2, which contains the kernel and builtins.
; SHA256(package2_key_source)             = 21E2DF100FC9E094DB51B47B9B1D6E94ED379DB8B547955BEF8FE08D8DD35603
package2_key_source                       = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

; Found in TrustZone .rodata.
; SHA256(aes_kek_generation_source)       = FC02B9D37B42D7A1452E71444F1F700311D1132E301A83B16062E72A78175085
aes_kek_generation_source                 = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in spl .rodata.
; SHA256(aes_key_generation_source)       = FBD10056999EDC7ACDB96098E47E2C3606230270D23281E671F0F389FC5BC585
aes_key_generation_source                 = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in TrustZone .rodata.
; SHA256(titlekek_source)                 = C48B619827986C7F4E3081D59DB2B460C84312650E9A8E6B458E53E8CBCA4E87
titlekek_source                           = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

; Found in FS .rodata.
; SHA256(key_area_key_application_source) = 04AD66143C726B2A139FB6B21128B46F56C553B2B3887110304298D8D0092D9E
key_area_key_application_source           = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in FS .rodata.
; SHA256(key_area_key_ocean_source)       = FD434000C8FF2B26F8E9A9D2D2C12F6BE5773CBB9DC86300E1BD99F8EA33A417
key_area_key_ocean_source                 = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in FS .rodata.
; SHA256(key_area_key_system_source)      = 1F17B1FD51AD1C2379B58F152CA4912EC2106441E51722F38700D5937A1162F7
key_area_key_system_source                = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in FS .rodata.
; SHA256(header_kek_source)               = 1888CAED5551B3EDE01499E87CE0D86827F80820EFB275921055AA4E2ABDFFC2
header_kek_source                         = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in FS .data.
; SHA256(header_key_source)               = 8F783E46852DF6BE0BA4E19273C4ADBAEE16380043E1B8C418C4089A8BD64AA6
header_key_source                         = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

; Found in FS .rodata. 1.0.0 FS didn't have this, as it didn't support sd cards.
; SHA256(sd_card_kek_source)              = 6B2ED877C2C52334AC51E59ABFA7EC457F4A7D01E46291E9F2EAA45F011D24B7
sd_card_kek_source                        = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in FS .rodata. 1.0.0 FS didn't have this, as it didn't support sd cards.
; SHA256(sd_card_save_key_source)         = D482743563D3EA5DCDC3B74E97C9AC8A342164FA041A1DC80F17F6D31E4BC01C
sd_card_save_key_source                   = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in FS .rodata. 1.0.0 FS didn't have this, as it didn't support sd cards.
; SHA256(sd_card_nca_key_source)          = 2E751CECF7D93A2B957BD5FFCB082FD038CC2853219DD3092C6DAB9838F5A7CC
sd_card_nca_key_source                    = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX