Fix for trophy decryption (#2005)

* fix for trophy decryption * more sanity checks * switch back to strings for simplicity * get rid of unnecessary span
2025-12-13 07:08:49 +00:00 · 2025-01-01 19:11:30 +01:00
parent 15c9bb0e83
commit 444016df7e
4 changed files with 27 additions and 18 deletions
--- a/src/core/crypto/crypto.cpp
+++ b/src/core/crypto/crypto.cpp
@@ -2,7 +2,7 @@
 // SPDX-License-Identifier: GPL-2.0-or-later

 #include <array>
-#include <common/config.h>
+
 #include "crypto.h"

 CryptoPP::RSA::PrivateKey Crypto::key_pkg_derived_key3_keyset_init() {
@@ -138,29 +138,19 @@ void Crypto::aesCbcCfb128DecryptEntry(std::span<const CryptoPP::byte, 32> ivkey,
    }
 }

-static void hexToBytes(const char* hex, unsigned char* dst) {
-    for (size_t i = 0; hex[i] != 0; i++) {
-        const unsigned char value = (hex[i] < 0x3A) ? (hex[i] - 0x30) : (hex[i] - 0x37);
-        dst[i / 2] |= ((i % 2) == 0) ? (value << 4) : (value);
-    }
-}
-
-void Crypto::decryptEFSM(std::span<CryptoPP::byte, 16> NPcommID,
+void Crypto::decryptEFSM(std::span<CryptoPP::byte, 16> trophyKey,
+                         std::span<CryptoPP::byte, 16> NPcommID,
                         std::span<CryptoPP::byte, 16> efsmIv, std::span<CryptoPP::byte> ciphertext,
                         std::span<CryptoPP::byte> decrypted) {

-    std::vector<CryptoPP::byte> TrophyIV = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
    // step 1: Encrypt NPcommID
    CryptoPP::CBC_Mode<CryptoPP::AES>::Encryption encrypt;

-    const char* TrophyKeyget = Config::getTrophyKey().c_str();
-    std::vector<CryptoPP::byte> TrophyKey;
-    hexToBytes(TrophyKeyget, TrophyKey.data());
-
+    std::vector<CryptoPP::byte> trophyIv(16, 0);
    std::vector<CryptoPP::byte> trpKey(16);

+    encrypt.SetKeyWithIV(trophyKey.data(), trophyKey.size(), trophyIv.data());
    encrypt.ProcessData(trpKey.data(), NPcommID.data(), 16);
-    encrypt.SetKeyWithIV(TrophyKey.data(), TrophyKey.size(), TrophyIV.data());

    // step 2: decrypt efsm.
    CryptoPP::CBC_Mode<CryptoPP::AES>::Decryption decrypt;
--- a/src/core/crypto/crypto.h
+++ b/src/core/crypto/crypto.h
@@ -32,7 +32,8 @@ public:
    void aesCbcCfb128DecryptEntry(std::span<const CryptoPP::byte, 32> ivkey,
                                  std::span<CryptoPP::byte> ciphertext,
                                  std::span<CryptoPP::byte> decrypted);
-    void decryptEFSM(std::span<CryptoPP::byte, 16>, std::span<CryptoPP::byte, 16> efsmIv,
+    void decryptEFSM(std::span<CryptoPP::byte, 16> trophyKey,
+                     std::span<CryptoPP::byte, 16> NPcommID, std::span<CryptoPP::byte, 16> efsmIv,
                     std::span<CryptoPP::byte> ciphertext, std::span<CryptoPP::byte> decrypted);
    void PfsGenCryptoKey(std::span<const CryptoPP::byte, 32> ekpfs,
                         std::span<const CryptoPP::byte, 16> seed,