search

tofurky / tegra30_debrick

fusee-gelee payload, supporting files, and guide for debricking Tegra 3 devices (2012 Nexus 7 and Ouya)
GNU General Public License v2.0
43 stars 15 forks source link

Contact method¿ #18

Closed markyy1991 closed 2 weeks ago

markyy1991 commented 2 weeks ago

Hello, do u have email for requests?

tofurky commented 2 weeks ago

other than what's in git history, no. but you should use a github issue.

markyy1991 commented 2 weeks ago

Ok no problem, i have one question abouit the nvidia keys.

I have a Tegra T18X . ive dumped the NAND content, but i need help for extract a key.

I make my own script for extract and i know the part where the key is load, but i cant get it...

Can u help me?

thanks

tofurky commented 2 weeks ago

what key are you referring to in NAND?

SBK (secure boot key) is burned into the SoC.

you might be better off asking in a general reverse engineering chat/forum rather than here.

markyy1991 commented 2 weeks ago

need extract the Skb or esk... Keys

tofurky commented 2 weeks ago

t18x is tegra x2, original fusee which this repo is based on is described as working only on earlier SoC than x2, so i'm not sure. but i can't help, sorry.

markyy1991 commented 2 weeks ago

Where was the original fusee key?

tofurky commented 2 weeks ago

https://github.com/jevinskie/fusee-launcher/blob/b6e03fd7042ba2f1c989c1d007ebee6d4b5165ef/dump-sbk-via-usb.S#L35C9-L37 registers will vary by SoC, that is for tegra30. i have no idea what it is for other SoCs. that payload dump-sbk-via-usb isn't in the x1 version of fusee-launcher, it was added by jevinskie.

markyy1991 commented 2 weeks ago

Yep, with my script i alredy manage to extract the sbk partition.

This is alredy done.

Now i make a script for try keys in that partition, but i think is bad programmed or so...

Its based on this repo:

https://gitlab.incom.co/CM-Shield/tegraflash/-/blob/master/tools/eks/README_KEY_EXTRACT

tofurky commented 2 weeks ago

EKS is a partition name and is not the same as SBK. EKS is encrypted using SBK, it shows it in that README_KEY_EXTRACT file: https://gitlab.incom.co/CM-Shield/tegraflash/-/blob/master/tools/eks/README_KEY_EXTRACT#L38-42

markyy1991 commented 2 weeks ago

yes, thats the problem in that case, i manage to extract the EKS partition, but need the SBK key.

Y make a script, but i have errors when try with a few keys i found...

Maybe u can help me to check that?

This is the problem actually.

tofurky commented 2 weeks ago

how did you obtain the sbk?

markyy1991 commented 2 weeks ago

The problem is that I don't know how to get that key.

tofurky commented 2 weeks ago

sorry, neither do i.