thealexbarney / libhac Goto Github PK

Suggestion: Specify which files/folders to extract from a romfs. Wildcards may be a useful thing to have here too.

Allow extraction of specific extension or allow extraction of the tik files only from an NSP.

Hi,
Is it possible that you add the Support for a NJDC File? Is it in the Scope for this Library?

a example File are stored in the main nca (5b688cea764e57a9595897f118a2640c.nca) from Monster Hunter Rise.
The Path inside the nca (nsw_sys\customizedDictionary\dictionary_ja.a)
Or a have attached a zip file with that file

dictionary_ja.zip

• Documentation
• hactoolnet: Extract only the files that were changed in a patch
• Trim unused save data bytes
• Complete save data FS editing
• XCI reading
• Savefile reading
• Bucket Tree integrity verification
• Signature verification
• NCA ExeFS automatic detection
• NPDM reading
• Read additional data from patch Content Meta binaries
• Control.nacp reading
• Key derivation
• hactoolnet: Fail when a key is missing or when an integrity check fails
• IFileSystem, IFile and IDirectory interfaces
• 6.2.0 Key derivation

Basically, the --onlyupdated flag from hactool and a way to access this information programatically through IFile. I have gotten this working, but unfortunately all the necessary information is private, so an "official" way would be nice.

// Get the file
IFile file = romfs.OpenFile("/file.txt", OpenMode.Read);

// Get the offset
long fileOffset = nca.Sections[1].Header.IvfcInfo.LevelHeaders[5].Offset + (long)file.GetType().GetProperty("Offset", BindingFlags.NonPublic | BindingFlags.Instance).GetValue(file);

// Get the first RelocationEntry from the IndirectStorage
RelocationEntry relocationEntry = (RelocationEntry)indirectStorage.GetType().GetMethod("GetRelocationEntry", BindingFlags.NonPublic | BindingFlags.Instance).Invoke(indirectStorage, new object[] { fileOffset });

long remaining = file.GetSize();
long inPos = fileOffset;

// "Read" the whole file and check every entry's source, kinda copied from IndirectStorage b/c laziness
while (remaining > 0)
{
    if (relocationEntry.SourceIndex != 0)
    {
        // This file has been updated, do whatever
        break;
    }

    int bytesToRead = (int)Math.Min(relocationEntry.OffsetEnd - inPos, remaining);

    remaining -= bytesToRead;
    inPos += bytesToRead;

    if (inPos >= relocationEntry.OffsetEnd)
    {
        relocationEntry = relocationEntry.Next;
    }
}

Attempting to extract the romfs of an Update/Patch NCA (specifically FE3H's update NCA) using the --romfsdir option outputs the error:

when i try do nca..OpenDecryptedNca(); i get this error:

LibHac.LibHacException: Abort:  must not be nullptr.
   at LibHac.Diag.Abort.DoAbort(String message)
   at LibHac.Diag.Assert.ExecuteAssertionFailureOperation(AssertionFailureOperation operation, AssertionInfo& assertionInfo)
   at LibHac.Diag.Assert.InvokeAssertionFailureHandler(AssertionInfo& assertionInfo)
   at LibHac.Diag.Assert.OnAssertionFailure(AssertionType assertionType, String condition, String functionName, String fileName, Int32 lineNumber, String message)
   at LibHac.Diag.Impl.AssertImpl.InvokeAssertionNotNull(AssertionType assertionType, String valueText, String functionName, String fileName, Int32 lineNumber)
   at LibHac.Diag.Assert.NotNullImpl[T](AssertionType assertionType, T value, String valueText, String functionName, String fileName, Int32 lineNumber)
   at LibHac.Diag.Assert.SdkRequiresNotNull[T](T value, String valueText, String functionName, String fileName, Int32 lineNumber)
   at LibHac.FsSystem.BucketTree.NodeBuffer.Allocate(Int32 nodeSize)
   at LibHac.FsSystem.BucketTree.Initialize(SubStorage nodeStorage, SubStorage entryStorage, Int32 nodeSize, Int32 entrySize, Int32 entryCount)
   at LibHac.FsSystem.Aes128CtrExStorage..ctor(IStorage baseStorage, SubStorage nodeStorage, SubStorage entryStorage, Int32 entryCount, Byte[] key, Byte[] counter, Boolean leaveOpen)
   at LibHac.FsSystem.NcaUtils.Nca.OpenAesCtrExStorage(IStorage baseStorage, Int32 index, Boolean decrypting)
   at LibHac.FsSystem.NcaUtils.Nca.OpenDecryptedStorage(IStorage baseStorage, Int32 index, Boolean decrypting)
   at LibHac.FsSystem.NcaUtils.Nca.OpenRawStorage(Int32 index, Boolean openEncrypted)
   at LibHac.FsSystem.NcaUtils.Nca.OpenRawStorage(Int32 index)
   at LibHac.FsSystem.NcaUtils.Nca.OpenRawStorageWithPatch(Nca patchNca, Int32 index)
   at LibHac.FsSystem.NcaUtils.Nca.OpenStorageWithPatch(Nca patchNca, Int32 index, IntegrityCheckLevel integrityCheckLevel)
   at LibHac.FsSystem.NcaUtils.Nca.OpenFileSystemWithPatch(Nca patchNca, Int32 index, IntegrityCheckLevel integrityCheckLevel)
   at Mara.Switch.NCA.OpenFileSystem(Int32 index, Nca nca) in C:\Users\raul2\source\repos\Mara.switch\Mara.switch\NCA.cs:line 93

code:

            if (updatemountname != null)
            {
                foreach (DirectoryEntryEx entry in fs.EnumerateEntries(updatemountname.ToString(), "*.nca", SearchOptions.Default))
                {
                    Console.WriteLine(entry.FullPath);
                    fs.OpenFile(out FileHandle nca, entry.FullPath.ToU8Span(), OpenMode.Read);
                    //var meme = new Nca(hos.keys, new FileHandleStorage(fs, nca));
                    UpdateNcas.Add(new Nca(hos.keys, new FileHandleStorage(fs, nca)));
                }
            }

i try to extrakt the Romfs from XCI with hacktoolnet. i become an error directory not found.
the xci is 0100F17004156000 Retro City Rampage DX.
the command "hactoolnet.exe -t xci -h -k prod.keys --romfsdir test test.xci"
it worked before you made the last changes to the romfs
can you check this?

When verifying the CMAC signature of a save, hactoolnet 7.0 will report FAIL for an unmodified save file’s signature:

CMAC Signature (FAIL):   7F404B234AD960F0E21A95C339DBFAA2
Title ID:                01008db008c2c000

When verifying the same file’s signature with hactoolnet 6.0, it outputs GOOD. SciresM’s hactool also reports the signature as GOOD.

The file also gets incorrectly re-signed when using the --replacefile option, it outputs:

CMAC Signature (GOOD):   AE02AAC2310A738817D82AEE0E8B204F

Verifying the edited save with hactoolnet 6.0 and hactool will result in FAIL.

If I replace the original save file on Switch with this file and try to start the game, it gives me this message:

Corrupted data has been detected. Please run a check for corrupt data.

Pressing “Check” will result in a screen that prompts to delete the save data.

When editing and re-signing the save file with hactoolnet 6.0, it works properly on the Switch.

I’m using the Linux release of hactoolnet 7.0, but I also tried it on Windows and replicated the same problem. People in this thread seem to be having the same issue.

any chance in the future of Adding support to deal with decrypt AES-XTS keys in the Future? it's needed on Ryujinx for a few games to run and create saves

 ---> LibHac.HorizonResultException: ResultFsAesXtsFileHeaderInvalidKeysInRenameFile (2002-4747): Could not decrypt AES-XTS keys```

This might be out of scope, but could support for mounting files be added? So files can be accessed without taking up extra space on the hard drive).

In a Jan 2 update to ApplicationControlProperty.cs, DisplayVersion was changed from a U8SpanMutable to Array16<byte>. U8SpanMutable had a ToString override, Array16<byte> does not. So Application.DisplayVersion (assigned from ApplicationControlProperty.DisplayVersion) just holds the type name (as in typeof( LibHac.Common.FixedArrays.Array16<byte> ).ToString()).

Just wanted to find out where is this on the road map.

I've been trying to repack a BotW save, and don't really know what's going on here. Is something wrong with the syntax?

hactoolnet_native.exe -k (key file in same folder) -t save (save location) --repack (Folder with unpacked save)

I was trying to decrypt an encrypted NAX0 savedata with the following command:
hactoolnet -t nax0 0000000000000005 --sdseed <sdseed> --sdpath "save/0000000000000005" --plaintext 0000000000000005.dec

But it doesn't work, I believe that the sdpath is not correct, do you perhaps have an example?
Thanks

It seems to be unsafe to open more than one file within a savefile at a time. The moment I open more than one, the stream position of the first file gets messed up badly enough to cause exceptions to be thrown. For example, trying to read tickets more efficiently than by brute force reading.

using (var stream = File.Open(Path.Combine(Configuration.Data.SystemPath, "save", "80000000000000e1"), FileMode.Open, FileAccess.Read))
{
    var commonTickets = new Savefile(stream);
    var ticketList = new BinaryReader(commonTickets.OpenFile("/ticket_list.bin"));
    var tickets = new BinaryReader(commonTickets.OpenFile("/ticket.bin"));  //Opening this file
    ulong titleID;
    do
    {
        titleID = ticketList.ReadUInt64();  //causes this read to fail with an exception thrown.
        if (titleID == ulong.MaxValue) continue;
        ticketList.BaseStream.Position += 0x18;
        _tickets[$"{titleID:x16}"] = new Ticket(tickets.ReadBytes(0x400));
    } while (titleID != ulong.MaxValue);
}

use the kipreader.GetFileSize() this works

https://github.com/Thealexbarney/LibHac/blob/master/build/CodeGen/IncludedKeys.txt

:) ?

https://github.com/dotnet/corefx/blob/da3ba7ebe34771dde769b65dfb7f78fa55a5abb6/src/System.IO.FileSystem/src/System/IO/FileStatus.Unix.cs#L67-L157

You can change "RomFsFile" and "RomfsFile" in the namespace Libhac.IO
it is not unique in vb.net, c# have not a problem with it.

Attempting to extract a romfs binary (Atmosphère's /atmosphere/stratosphere.romfs, for example) using the --romfsdir option creates an empty output directory and displays nothing, whereas on v0.13.3 it extracts properly and displays the romfs file paths.

The option to extract exists for XCIs, and the option to list exists for NCAs, but the option to list does not exist for XCIs.

hi alex,

i have ported Yaz0 and Sarc (both readonly) contentfiles for your libhac library.
should i create a brunch?

jonny

Just another hactool feature that would be very much welcome in hactoolnet.

I'm currently parsing the decrypted key output from hactool in a Python script I made for No-Intro. The decrypted keys are then hashed -- then, these hashes get uploaded to DAT-o-MATIC.

However, lack of support for Sparse and Compressed storages in hactool makes the program exit prematurely when a NCA with these features is used, which is a really nasty problem.

I don't really want to reinvent the wheel and implement both key parsing and key derivation in my script. I firmly believe this would be useful for more than this use case.

On the other hand, supporting the --supresskeys argument from hactool would provide users a way to completely supress decrypted key output, which would be related to the forementioned feature request.

If it helps, hactool prints:

• All keys from the NCA key area in both encrypted and decrypted form, if the NCA uses standard crypto.
• The titlekey in both encrypted and decrypted form, if the NCA uses titlekey crypto.

Thanks in advance.

I was testing the --sign and --repack options for -t save. I'm not quite sure how they work and the expected behavior, if anyone could shed some light, that would be great. (-;

1. By repacking the size of the save data will not go beyond the Save Data Size -- is this normal? FYI, I tried to add a few files in the directory so the size will be 3 times bigger than the original save, however the resulting save is still the same size as original.

2. When I --repack the save, from --listfiles I can see that CMAC Signature and Header Hash are changed in the packed save. But when I --sign --repack the signature and hash are the same. What's the the use case of --sign?

3. Even if I --repack without data changed, the MAC Signature and Header Hash are changed in the repacked save, should I expect that the save shall be treated as a legitimate save?

Thanks!

P.S.: Using hactoolnet v0.6.0

This is more a question than a bug report as I haven't tested that assumption yet. There are stilll things I want to learn about cross platform programming.

I saw the use of Unsafe.As in the code and I asked myself if this code could run on systems with big endian instead of little endian like windows. To my understand it just reinterprets the binary pointer as a struct and thus relies on the endianness of the system?

(Btw. great library and clean architecture.)

Currently on mariko models, Lockpick_RCM does not produce prod.keys containing secure_boot_key and tsec_key, which is used by LibHac to derive save_mac_key_00 and save_mac_key_01.

prod.keys from mariko models does contain save_mac_key, which I believe is actually save_mac_key_00 (because only DeviceUniqueSaveMacKeys[0] is used in code, and Lockpick_RCM only derive save_mac_key, but not save_mac_key_00 or save_mac_key_01).

I renamed save_mac_key to save_mac_key_00 in prod.keys, and it works just fine. Save data can be signed by hactoolnet using the correct key, and is then accepted by the OFW/game.

Suggestion: support reading save_mac_key directly from prod.keys produced by Lockpick_RCM, or add some hints for those who want to sign save data files for their mariko models.

The project compiled fine for me when I added "netstandard2.0" to the TargetFrameworks property in the LibHac.csproj file.

This would help to add LibHac as a dependency of another netstandard project.

EDIT: Nevermind, I had an old clone of this repository.

In hactool we have an option to unpack an NSO file:

NSO0 options:
--uncompressed=f Specify file path for saving uncompressed NSO0.

Example:
hactool -t nso main --uncompressed=main_dec

Please can you add an option to do this with hactoolnet.

Thanks.

Hello,
I try to extract the module Id or build Id from an nsp file. My code works well for a bunch of files but I have an issue with two nsp which title Id are 01005FE01291A000 and 100947013122000.
For these files, I have this message:
LibHac.HorizonResultException: ResultFsPartitionSignatureVerificationFailed (2002-4644): Invalid Partition FS type "?f??" at LibHac.ThrowHelper.ThrowResult(Result result, String message) at LibHac.FsSystem.PartitionFileSystemHeader..ctor(BinaryReader reader) at LibHac.FsSystem.PartitionFileSystem..ctor(IStorage storage) at LibHac.FsSystem.NcaUtils.Nca.OpenFileSystem(IStorage storage, NcaFsHeader header) at LibHac.FsSystem.NcaUtils.Nca.OpenFileSystem(Int32 index, IntegrityCheckLevel integrityCheckLevel) at LibHac.FsSystem.NcaUtils.Nca.OpenFileSystem(NcaSectionType type, IntegrityCheckLevel integrityCheckLevel)
snippet of codes is:

if (nca.Header.ContentType == NcaContentType.Program)
                        {
                            PartitionFileSystem codeFileSystem = (PartitionFileSystem)nca.OpenFileSystem(NcaSectionType.Code, IntegrityCheckLevel.IgnoreOnInvalid);
.
.
.

PartitionFileSystem codeFileSystem = (PartitionFileSystem)nca.OpenFileSystem(NcaSectionType.Code, IntegrityCheckLevel.IgnoreOnInvalid); throws the error.

Have you an idea how to get the the FileSystem from the nca?
PS: I tried with hactoolnet and I had same message

For example, we're missing the Title ID and Master Key Revision fields.

Hi,
Are you planing to implement these functions (particularly NSO files support like in Hactool, the --disablekeywarns could be also usful when parsing a command result)?

Hi,
I'm developing an app for macOS using LibHac, and getting crashes during loading NCA

Here's the stacktrace

LibHac.Crypto.Rsa2048PssVerify(byte[] data, byte[] signature, byte[] modulus) in C:/LibHac/Crypto.cs:167
LibHac.NcaHeader..ctor(System.IO.BinaryReader reader, LibHac.Keyset keyset) in C:/LibHac/NcaStructs.cs:42
LibHac.Nca.DecryptHeader() in C:/LibHac/Nca.cs:308
LibHac.Nca..ctor(LibHac.Keyset keyset, LibHac.IO.SubStorage storage, bool leaveOpen) in C:/LibHac/Nca.cs:37

So when calling rsa.VerifyData(data, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pss) in Rsa2048PssVerify (Crypto.cs:157), it always crashes with System.Security.Cryptography.CryptographicException: Specified padding mode is not valid for this algorithm. exception

Based on what I read here https://github.com/dotnet/corefx/blob/master/Documentation/architecture/cross-platform-cryptography.md#rsa, apparently PSS padding is not supported when not using RSACng (which is only available on Windows)
Is there any workaround for that?

PS. I'm building from the source with USE_RSA_CNG disabled
If I enable it, then I'll get System.NotImplementedException instead. I guess RSACng implementation in Mono just throw that exception by default https://github.com/mono/mono/blob/master/mcs/class/referencesource/System.Core/System/Security/Cryptography/RsaCng.cs

Can you help me with this error. Im trying to re-encrypt with the inject file but i have some problem with a different file i use:

hactoolnet.exe -k prod.keys -t save save/0000000000000021 --replacefile /main out/0000000000000021/main
Failed to match key eticket_rsa_kek_source
Failed to match key eticket_rsa_kekek_source
Failed to match key rsa_oaep_kek_generation_source
Failed to match key rsa_private_kek_generation_source
Failed to match key ssl_rsa_kek_source_x
Failed to match key ssl_rsa_kek_source_y

ERROR: ResultFsPathNotFound (2002-0001)

Additional information:
at LibHac.ThrowHelper.ThrowResult(Result) + 0x2c
at LibHac.FsSystem.LocalFile..ctor(String, OpenMode) + 0x8e
at hactoolnet.ProcessSave.Process(Context) + 0x47e
at hactoolnet.Program.Run(String[]) + 0x271
at hactoolnet.Program.Main(String[]) + 0x1a

Hi, I'd like to point an issue with hactoolnet. Trying to run the command:
hactoolnet -t save -k prod.keys NX-X.Y.Z\SYSTEM\save\8000000000120 I get a result of failure that can be workarounded, repeating the command several times. Some times I get a GOOD result after 3 runs, others 8 runs .... I guess, maybe there is a memory issue when loading the keys. The keys file is growing and maybe memory reservation for reading the keys file is wrong.

I'm using prod.keys generated by lock pick RCM against firmware 9.0.1.

If you need further info don't hesitate to answer to me.

Thank you.

It has been noted that the Fat Library included throws an exception, if end of file has been reached AND you attempt to do another buffer read, instead of normal c# behavior of returning 0 indicating that nothing has been read. I will fix my code to not do that anymore, but it still has a potential to be an issue for anyone else using the library assuming they can just charge through with big reads, without checking how close to the end the read is.

Attempting to extract the exefs of a Patch NCA using the --exefsdir option outputs the error:

ERROR: Offset must be a multiple of 16

Additional information:
   at LibHac.FsSystem.SectorStorage.ValidateSize(Int64, Int64) + 0xbf
   at LibHac.FsSystem.Aes128CtrStorage.DoRead(Int64, Span`1) + 0x3c
   at LibHac.FsSystem.Aes128CtrExStorage.DoRead(Int64, Span`1) + 0x1c2
   at LibHac.FsSystem.ConcatenationStorage.DoRead(Int64, Span`1) + 0xde
   at LibHac.Fs.SubStorage.DoRead(Int64, Span`1) + 0x70
   at LibHac.FsSystem.StorageFile.DoRead(Int64&, Int64, Span`1, ReadOption&) + 0xa1
   at LibHac.Fs.Fsa.IFile.Read(Int64&, Int64, Span`1, ReadOption&) + 0x98
   at LibHac.FsSystem.FileReader.ReadInt64() + 0x75
   at LibHac.FsSystem.RomFs.RomfsHeader..ctor(IFile) + 0x16b
   at LibHac.FsSystem.RomFs.RomFsFileSystem..ctor(IStorage) + 0x5a
   at LibHac.FsSystem.NcaUtils.Nca.OpenFileSystem(IStorage, NcaFsHeader) + 0xc6
   at LibHac.FsSystem.NcaUtils.Nca.OpenFileSystem(Int32, IntegrityCheckLevel) + 0x50
   at hactoolnet.ProcessNca.<Process>g__OpenFileSystemByType|0_3(NcaSectionType, ProcessNca.<>c__DisplayClass0_0&, ProcessNca.<>c__DisplayClass0_1&) + 0x12b
   at hactoolnet.ProcessNca.Process(Context) + 0x1800
   at hactoolnet.Program.Run(String[]) + 0x356
   at hactoolnet.Program.Main(String[]) + 0x1a

With the --basenca option supplied, it instead outputs the error:

ERROR: ResultFsNullptrArgument (2002-6063): Error creating LocalFileSystem.

Additional information:
   at LibHac.FsSystem.LocalFileSystem..ctor(String) + 0x49
   at hactoolnet.ProcessNca.Process(Context) + 0x182a
   at hactoolnet.Program.Run(String[]) + 0x356
   at hactoolnet.Program.Main(String[]) + 0x1a

This problem is not present in v0.13.3.

EDIT: Looks like it's broken for Application NCAs as well, with the above ResultFsNullptrArgument error.

Using v0.13.3:

>hactoolnet -t nsp exefs.nsp --outdir exefs

PFS0:
Magic:                              PFS0
Number of files:                    2
Files:                              pfs0:/main                             000000000000-0000000199c7
                                    pfs0:/main.npdm                        0000000199c7-000000019d8f

/main
/main.npdm

Using v0.14.0 (and latest commit):

>hactoolnet -t nsp exefs.nsp --outdir exefs

PFS0:
Magic:                              PFS0
Number of files:                    2
Files:                              pfs0:/main                             000000000000-0000000199c7
                                    pfs0:/main.npdm                        0000000199c7-000000019d8f

/main
/main
/main.npdm
/main.npdm

Attempting to extract the romfs of a Update/Patch NCA (specifically FE3H's patch NCA) using the --romfsdir option outputs this error, similar to #212 and #249 :

C:\Users\lpleo\Desktop\hactoolnet-0.16.1-win>hactoolnet -k prod.keys --titlekeys title.keys --disablekeywarns --romfsdir romfs_out 137484960c8e8acef9f31d9e3565e052.nca

ERROR: Offset must be a multiple of 16

Additional information:
   at LibHac.Tools.FsSystem.SectorStorage.ValidateSize(Int64, Int64) + 0xea
   at LibHac.Tools.FsSystem.Aes128CtrStorage.Read(Int64, Span`1) + 0x3c
   at LibHac.Tools.FsSystem.Aes128CtrExStorage.Read(Int64, Span`1) + 0x307
   at LibHac.Tools.FsSystem.ConcatenationStorage.Read(Int64, Span`1) + 0xde
   at LibHac.Fs.SubStorage.Read(Int64, Span`1) + 0x6c
   at LibHac.FsSystem.StorageFile.DoRead(Int64&, Int64, Span`1, ReadOption&) + 0xa3
   at LibHac.Fs.Fsa.IFile.Read(Int64&, Int64, Span`1, ReadOption&) + 0x98
   at LibHac.Tools.FsSystem.FileReader.ReadInt64() + 0x75
   at LibHac.Tools.FsSystem.RomFs.RomfsHeader..ctor(IFile) + 0x168
   at LibHac.Tools.FsSystem.RomFs.RomFsFileSystem..ctor(IStorage) + 0x5a
   at LibHac.Tools.FsSystem.NcaUtils.Nca.OpenFileSystem(IStorage, NcaFsHeader) + 0xc6
   at LibHac.Tools.FsSystem.NcaUtils.Nca.OpenFileSystem(Int32, IntegrityCheckLevel) + 0x53
   at hactoolnet.ProcessNca.Process(Context) + 0xfd3
   at hactoolnet.Program.Run(String[]) + 0x2ad
   at hactoolnet.Program.Main(String[]) + 0x27

See screenshot below

No idea what the issue is, I have the keys as you can see in Notepad, so I don't know why it wont decrypt. I have title.keys and dev.keys too, literally just dumped them from my Switch with lockpick

since 0.14 whenever I do a "VerifyHeaderSignature" it returns that the header is invalid.

                            if (ncas[i].VerifyHeaderSignature() == LibHac.Validity.Valid)
                            {
                                FileSystemClient fs = hos.horizon.Fs;
                                fs.Register("exefs".ToU8Span(), OpenFileSystemByType(NcaSectionType.Code, ncas[i]));
                                fs.Register("romfs".ToU8Span(), OpenFileSystemByType(NcaSectionType.Data, ncas[i]));
                            }

this also happen in hactoolnet returning always: Fixed-Key Signature (FAIL):

I dumped this title using DarkMatterCore's nxdumptool rewrite branch (commit b8992d1) using the nx_dumper_stor tool. Per his advice, I disabled AuthoringTool output as this is a sparse title and that option causes an error in-app; I kept "remove console specific data on". Extracting the NCAs from the PFS0 file was fine, but attempting to open the NCA has issues

C:\Users\Inter\Downloads\nsp>hactoolnet -t pfs0 --outdir nca "Knockout City_ [01009EF00DDB4000][v851968][BASE].nsp"

PFS0:
Magic:                              PFS0
Number of files:                    7
Files:                              pfs0:/62f028253b7c9bf0739c330dd0ec8020.nca000000000000-000049b64000
                                    pfs0:/1f32e92f09bee619d88e77e602f13eeb.nca000049b64000-000049bb9800
                                    pfs0:/edb4a9837d98ba7b61201a7ede6cb2f0.nca000049bb9800-000049be0a00
                                    pfs0:/05e057ec3a0f8c93d84fb28a9e3714eb.nca000049be0a00-000049bfca00
                                    pfs0:/da2eb548b63997d83fea95702434b861.cnmt.nca000049bfca00-000049bfd800
                                    pfs0:/01009ef00ddb4000000000000000000d.tik000049bfd800-000049bfdac0
                                    pfs0:/01009ef00ddb4000000000000000000d.cert000049bfdac0-000049bfe1c0

/62f028253b7c9bf0739c330dd0ec8020.nca
/1f32e92f09bee619d88e77e602f13eeb.nca
/edb4a9837d98ba7b61201a7ede6cb2f0.nca
/05e057ec3a0f8c93d84fb28a9e3714eb.nca
/da2eb548b63997d83fea95702434b861.cnmt.nca
/01009ef00ddb4000000000000000000d.tik
/01009ef00ddb4000000000000000000d.cert

C:\Users\Inter\Downloads\nsp>cd nca


C:\Users\Inter\Downloads\nsp\nca>hactoolnet -t nca --exefsdir exefs --romfsdir romfs 62f028253b7c9bf0739c330dd0ec8020.nca

ERROR: Arg_OverflowException

Additional information:
   at System.Runtime.EH.FailedAllocation(EETypePtr, Boolean) + 0x21
   at LibHac.Tools.FsSystem.StorageExtensions.ToArray[T](IStorage) + 0x68
   at LibHac.Tools.FsSystem.RomFs.RomFsDictionary`1..ctor(IStorage, IStorage) + 0x1b
   at LibHac.Tools.FsSystem.RomFs.HierarchicalRomFileTable`1..ctor(IStorage, IStorage, IStorage, IStorage) + 0x35
   at LibHac.Tools.FsSystem.RomFs.RomFsFileSystem..ctor(IStorage) + 0xff
   at LibHac.Tools.FsSystem.NcaUtils.Nca.OpenFileSystem(IStorage, NcaFsHeader) + 0xc6
   at LibHac.Tools.FsSystem.NcaUtils.Nca.OpenFileSystem(Int32, IntegrityCheckLevel) + 0x53
   at hactoolnet.ProcessNca.Process(Context) + 0xfd3
   at hactoolnet.Program.Run(String[]) + 0x2ad
   at hactoolnet.Program.Main(String[]) + 0x27

It also states the NCA is invalid when trying to verify it:

C:\Users\Inter\Downloads\nsp\nca>hactoolnet -t nca -y 62f028253b7c9bf0739c330dd0ec8020.nca
Verifying section 0...
Verifying section 1...
Verifying section 2...

ERROR: ResultFsNonRealDataVerificationFailed (2002-4604): Hash error!

Additional information:
   at LibHac.Common.ThrowHelper.ThrowResult(Result, String) + 0x33
   at LibHac.Tools.FsSystem.IntegrityVerificationStorage.ReadImpl(Int64, Span`1, IntegrityCheckLevel) + 0x2a7
   at LibHac.Tools.FsSystem.CachedStorage.ReadBlock(CachedStorage.CacheBlock, Int64) + 0x86
   at LibHac.Tools.FsSystem.CachedStorage.GetBlock(Int64) + 0x146
   at LibHac.Tools.FsSystem.CachedStorage.Read(Int64, Span`1) + 0xa7
   at LibHac.Tools.FsSystem.IntegrityVerificationStorage.ReadImpl(Int64, Span`1, IntegrityCheckLevel) + 0x112
   at LibHac.Tools.FsSystem.CachedStorage.ReadBlock(CachedStorage.CacheBlock, Int64) + 0x86
   at LibHac.Tools.FsSystem.CachedStorage.GetBlock(Int64) + 0x146
   at LibHac.Tools.FsSystem.CachedStorage.Read(Int64, Span`1) + 0xa7
   at LibHac.Tools.FsSystem.StorageStream.Read(Byte[], Int32, Int32) + 0x7c
   at System.IO.BinaryReader.ReadBytes(Int32) + 0x5f
   at LibHac.FsSystem.PartitionFileSystemHeader..ctor(BinaryReader) + 0x43
   at LibHac.FsSystem.PartitionFileSystem..ctor(IStorage) + 0x86
   at LibHac.Tools.FsSystem.NcaUtils.Nca.OpenFileSystem(IStorage, NcaFsHeader) + 0xa0
   at hactoolnet.ProcessNca.VerifySignature2(Nca) + 0x18a
   at hactoolnet.ProcessNca.Print(ProcessNca.NcaHolder) + 0x467
   at hactoolnet.ProcessNca.Process(Context) + 0x1a5d
   at hactoolnet.Program.Run(String[]) + 0x2ad
   at hactoolnet.Program.Main(String[]) + 0x27

This also happens on a dump without the removal of console specific data:

C:\Users\Inter\Downloads\nsp>hactoolnet -t pfs0 --outdir nca2 "Knockout City_ [01009EF00DDB4000][v851968][BASE].nsp"

PFS0:
Magic:                              PFS0
Number of files:                    7
Files:                              pfs0:/62f028253b7c9bf0739c330dd0ec8020.nca000000000000-000049b64000
                                    pfs0:/1f32e92f09bee619d88e77e602f13eeb.nca000049b64000-000049bb9800
                                    pfs0:/edb4a9837d98ba7b61201a7ede6cb2f0.nca000049bb9800-000049be0a00
                                    pfs0:/05e057ec3a0f8c93d84fb28a9e3714eb.nca000049be0a00-000049bfca00
                                    pfs0:/da2eb548b63997d83fea95702434b861.cnmt.nca000049bfca00-000049bfd800
                                    pfs0:/01009ef00ddb4000000000000000000d.tik000049bfd800-000049bfdac0
                                    pfs0:/01009ef00ddb4000000000000000000d.cert000049bfdac0-000049bfe1c0

/62f028253b7c9bf0739c330dd0ec8020.nca
/1f32e92f09bee619d88e77e602f13eeb.nca
/edb4a9837d98ba7b61201a7ede6cb2f0.nca
/05e057ec3a0f8c93d84fb28a9e3714eb.nca
/da2eb548b63997d83fea95702434b861.cnmt.nca
/01009ef00ddb4000000000000000000d.tik
/01009ef00ddb4000000000000000000d.cert

C:\Users\Inter\Downloads\nsp>cd nca2

C:\Users\Inter\Downloads\nsp\nca2>hactoolnet -t nca -y 62f028253b7c9bf0739c330dd0ec8020.nca
Verifying section 0...
Verifying section 1...
Verifying section 2...

ERROR: ResultFsNonRealDataVerificationFailed (2002-4604): Hash error!

Additional information:
   at LibHac.Common.ThrowHelper.ThrowResult(Result, String) + 0x33
   at LibHac.Tools.FsSystem.IntegrityVerificationStorage.ReadImpl(Int64, Span`1, IntegrityCheckLevel) + 0x2a7
   at LibHac.Tools.FsSystem.CachedStorage.ReadBlock(CachedStorage.CacheBlock, Int64) + 0x86
   at LibHac.Tools.FsSystem.CachedStorage.GetBlock(Int64) + 0x146
   at LibHac.Tools.FsSystem.CachedStorage.Read(Int64, Span`1) + 0xa7
   at LibHac.Tools.FsSystem.IntegrityVerificationStorage.ReadImpl(Int64, Span`1, IntegrityCheckLevel) + 0x112
   at LibHac.Tools.FsSystem.CachedStorage.ReadBlock(CachedStorage.CacheBlock, Int64) + 0x86
   at LibHac.Tools.FsSystem.CachedStorage.GetBlock(Int64) + 0x146
   at LibHac.Tools.FsSystem.CachedStorage.Read(Int64, Span`1) + 0xa7
   at LibHac.Tools.FsSystem.StorageStream.Read(Byte[], Int32, Int32) + 0x7c
   at System.IO.BinaryReader.ReadBytes(Int32) + 0x5f
   at LibHac.FsSystem.PartitionFileSystemHeader..ctor(BinaryReader) + 0x43
   at LibHac.FsSystem.PartitionFileSystem..ctor(IStorage) + 0x86
   at LibHac.Tools.FsSystem.NcaUtils.Nca.OpenFileSystem(IStorage, NcaFsHeader) + 0xa0
   at hactoolnet.ProcessNca.VerifySignature2(Nca) + 0x18a
   at hactoolnet.ProcessNca.Print(ProcessNca.NcaHolder) + 0x467
   at hactoolnet.ProcessNca.Process(Context) + 0x1a5d
   at hactoolnet.Program.Run(String[]) + 0x2ad
   at hactoolnet.Program.Main(String[]) + 0x27

C:\Users\Inter\Downloads\nsp\nca2>hactoolnet -t nca --exefsdir exefs --romfsdir romfs 62f028253b7c9bf0739c330dd0ec8020.nca

ERROR: Arg_OverflowException

Additional information:
   at System.Runtime.EH.FailedAllocation(EETypePtr, Boolean) + 0x21
   at LibHac.Tools.FsSystem.StorageExtensions.ToArray[T](IStorage) + 0x68
   at LibHac.Tools.FsSystem.RomFs.RomFsDictionary`1..ctor(IStorage, IStorage) + 0x1b
   at LibHac.Tools.FsSystem.RomFs.HierarchicalRomFileTable`1..ctor(IStorage, IStorage, IStorage, IStorage) + 0x35
   at LibHac.Tools.FsSystem.RomFs.RomFsFileSystem..ctor(IStorage) + 0xff
   at LibHac.Tools.FsSystem.NcaUtils.Nca.OpenFileSystem(IStorage, NcaFsHeader) + 0xc6
   at LibHac.Tools.FsSystem.NcaUtils.Nca.OpenFileSystem(Int32, IntegrityCheckLevel) + 0x53
   at hactoolnet.ProcessNca.Process(Context) + 0xfd3
   at hactoolnet.Program.Run(String[]) + 0x2ad
   at hactoolnet.Program.Main(String[]) + 0x27```

Seems File.Exists happily returns the existent of the long filename of save\80000000000000e1, but attempting to open it causes the name too long exception. (same for any other save file).

Hello, I have a mariko device and I follow this guide https://gbatemp.net/threads/how-to-skip-the-connect-joycons-system-init-screen.559745/, however, when I use the signature save LibHac0.18.0 prompts an error, I use lockpick_Rcm1.9.10 and I have dumped prod.keys, thanks，I checked prod.keys and I'm sure I already have the required keys

This may be a bug

hactoolnet(0.18.0), when I use hactoolnet -t save -k prod.keys 80000000000000000050 --replacefile file (***), hactoolnet prompts that it does not have the required key file and cannot sign and save. hactoolnet 0.13.0 does not have any errors, it can sign and save

Hi,
Thanks for this great library and tool.

I'm confused with how to sign a save file.

I can extract the save contents to a directory (both save data --outdir, and all associated metadata --debugoutdir).

I've validated the save data, it is indeed the save I am interested in and is decrypted fine.

I'm having issues signing it again.

The sign argument seems to accept a single file only, not a directory.

In the source code I see only an option to extract the save file, not to create one.

I'm hoping I've just missed something really simple. Thanks in advance.

Found a strange issue with libhac, that I have tried to debug into, but I can not figure out.
If I use prod.keys from lockpick rcm the sd key is derived incorrectly.
If I pass the sd seed via _keyset.SetSdSeed("hash".ToBytes()) it works.

I'm attempting to use Hactoolnet to extract save data. When I run my extract.bat, I get an error about access denied. I am an adminstrator. I cannot run Hactoolnet as an admin, and running the extract.bat as admin does not work either. I get this error:

`D:\switch stuff\hactoolnet-0.11.2-win\ACNH>hactoolnet.exe -k prod.keys -t save sav/0000000000000018 --outdir out/0000000000000018
Failed to match key device_key_4x
Failed to match key eticket_rsa_kek_source
Failed to match key eticket_rsa_kekek_source
Failed to match key rsa_oaep_kek_generation_source
Failed to match key rsa_private_kek_generation_source
Failed to match key ssl_rsa_kek_source_x
Failed to match key ssl_rsa_kek_source_y

ERROR: Access to the path 'D:\switch stuff\hactoolnet-0.11.2-win\ACNH\sav\0000000000000018' is denied.

Additional information:
System.IO.DirectoryNotFoundException
at System.IO.FileStream.ValidateFileHandle(SafeFileHandle) + 0x9a
at System.IO.FileStream.CreateFileOpenHandle(FileMode, FileShare, FileOptions) + 0xa4
at System.IO.FileStream..ctor(String, FileMode, FileAccess, FileShare, Int32, FileOptions) + 0x14b
at LibHac.FsSystem.LocalStorage..ctor(String, FileAccess, FileMode) + 0x51
at hactoolnet.ProcessSave.Process(Context) + 0xa7
at hactoolnet.Program.Run(String[]) + 0x269
at hactoolnet.Program.Main(String[]) + 0x1a

D:\switch stuff\hactoolnet-0.11.2-win\ACNH>pause
Press any key to continue . . .`

I'm not concerned about the fails. I cannot figure out how to resolve the access denied issue. The extract.bat is running from the same folder that hactoolnet.exe is running from. It is in the same folder as the "save" folder, and it is also in the same folder as the prod.keys file.