Difference between revisions of "IQueCrypt"
(Created page with "{{Lowercase title}} {{infobox_homebrew |HB_title=iQueCrypt |HB_Author=Jbop |HB_Type=PC utility |HB_License=GPL |HB_Version=1.1.0 |HB_Released=June 13, 2018 |HB_W...") |
m (Add category) |
||
Line 36: | Line 36: | ||
# Decrypt the result of the previous step with the common key and title key iv. | # Decrypt the result of the previous step with the common key and title key iv. | ||
# The result of the above step will be the plaintext title key of the game or app. | # The result of the above step will be the plaintext title key of the game or app. | ||
+ | |||
+ | [[Category:PC utilities]] |
Revision as of 13:50, 16 June 2018
IQueCrypt | |
Author(s) | Jbop |
Type | PC utility |
License | GPL |
Version | 1.1.0 |
Release date | June 13, 2018 |
Website | GitHub |
Download link |
iQueCrypt is a tool for extracting information from a CMD file, from a console's ticket.sys file, or from a Virage2 dump; as well as for encrypting and decrypting apps and title keys. To obtain these files, a user will need a NAND dump of their iQue or already-extracted files. Some operations also require a Virage2 dump.
Usage
iQueCrypt has four modes: encrypt, decrypt, extract, and ecdh. See the usage manual for more in-depth instructions.
Encryption
The main use for the encrypt mode is to create an "injection", where an app is encrypted with the recrypt key of another (legitimately-obtained) app on an iQue. When this encrypted app is run, the iQue treats it as the legitimate app, and decrypts and executes it normally. This can be used to run other, normal iQue games as well as hacks or homebrew.
Decryption
This allows the user to obtain plaintext versions of title keys and apps (if given the appropriate keys and ivs).
Extraction
Extract mode can extract keys, initialization vectors, and other information from CMDs, ticket.sys files, and V2 dumps. This makes it easy to obtain the files or information a user needs to encrypt or decrypt files.
ECDH
iQueCrypt can compute the ECDH of a console's ECC private key and a ticket's ECC public key, in order to create the AES key used to re-encrypt the title key in a game's CMD. This allows the owner of an iQue to obtain the title key for each game that they own by following these steps:
- Dump the console's NAND or otherwise obtain its ticket.sys file.
- Dump the console's Virage2.
- Extract the iQue common key and ECC private key from the V2 dump.
- Extract the ticket of the desired game to obtain its (twice-encrypted) title key, title key iv, title key iv 2, and ECC public key
- Use the ecdh mode with the V2 ECC private key and the ticket's ECC public key to generate the file ecdh_key.bin.
- Decrypt the title key using ecdh_key.bin and title key iv 2.
- Decrypt the result of the previous step with the common key and title key iv.
- The result of the above step will be the plaintext title key of the game or app.