This is a ground-up C++17 rewrite of homebrew key derivation software, namely kezplez-nx. It also dumps titlekeys. This will dump all keys through *_key_05 on firmwares below 6.2.0 and through *_key_06 on 6.2.0 and above.
What this software does differently
- Dumps titlekeys
- Dumps 6.2.0 keys
- Uses the superfast xxHash instead of sha256 when searching exefs for keys for a ~5x speed improvement
- Gets all possible keys from running process memory - this means no need to decrypt Package2 at all, let alone decompress KIPs
- Gets header_key without tsec, sbk, master_key_00 or aes sources - which may or may not be the same way ChoiDujourNX does it 👀 (and I'm gonna issue a challenge to homebrew title installers to implement similar code so you don't need your users to use separate software like this 😜 it's up to you to figure out if the same can be done for key_area_keys if needed)
- Use Hekate v4.5+ to dump TSEC and fuses:
- Launch CFW of choice
- Open Homebrew Menu
- Run Lockpick
- Use the resulting prod.keys file as needed and rename if required
You may instead use biskeydump and dump to SD to get all keys prior to the 6.2.0 generation - all keys up to those ending in 05. This will dump all keys up to that point regardless which firmware it's run on.
To get keys ending in 06, you must have firmware 6.2.0 installed
No one knows package1_key_06, it's derived and erased fully within the encrypted TSEC payload. While there's a way to extricate tsec_root_key due to the way it's used, this is unfortunately not true of the package1 key
If for some reason you dump TSEC keys on 6.2.0 and not fuses (secure_boot_key) you will still get everything except any of the package1 or keyblob keys (without secure_boot_key, you can't decrypt keyblobs and that's where package1 keys live)
Que novedades incluye la versión 1.2
Update for libnx v2.0.0 compatibility and still runs when built with v1.6.0
- The binary got even smaller!
Accelerate finding FS keys
- No longer find BIS sources as they're hardcoded (whoops)
- Find all keys on first pass hashing FS instead of hashing the whole thing from the beginning repeatedly (whoops)