NAND bad crypto

Discussion in 'Switch - Exploits, Custom Firmwares & Soft Mods' started by DripZ, Nov 17, 2019.

  1. DripZ
    OP

    DripZ Member

    Newcomer
    1
    Nov 2, 2019
    Panama
    I've got a switch stuck at boot logo, I have tried everything you can possibly imagine to revive it but everything fails. I've found a software called NxNandManager, I've mounted my rawNAND with TegraRCM and opened with this program, I put the keys and got a couple of messages (see image). Says BAD CRYPTO! and KEYSET NEEDED. Did someone know how to fix this? My keys works fine on HacDiskMount.
    nxnandmanager.
     
  2. Canna

    Canna Bad Ass Poisonous Mushroom

    Member
    8
    GBAtemp Patron
    Canna is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Jul 14, 2018
    United States
    AZ
    Backup Switch Nand as it is,
    Backup Biskeys with Lockpick RCM or Biskeydump payload

    Rebuild NAND image with Choidujour.exe in command prompt
    fw 5.1.0

    Use memloader payload and Mount boot and emmc

    Transfer Boot 0/1 With Etcher
    Restore choidujour output files into hacdiskmount,
    add and test and save biskeys for Prod,Safe,System,user

    Boot with the hekate provided FS patch and .ini on your sd card...


    Or

    Rebuild with choidujour.exe FW 5.1.0 send to NXnand manager
    add correct biskeys
    Save restore/


    So i think you should make a new nand image of 5.1.0 encrypt with the consoles biskeys and restore to console, boot with hekate..
     
  3. DripZ
    OP

    DripZ Member

    Newcomer
    1
    Nov 2, 2019
    Panama
    I think I haven't tried that FW version, I will do it.
     
  4. DripZ
    OP

    DripZ Member

    Newcomer
    1
    Nov 2, 2019
    Panama
    In case someone still reads this thread
    Act:
    I've found a NAND and boot0/1 backup that I made when all this begin, the switch was already stuck on bootloop when I made it so it won't boot but at least my nand was ok (no more bad crypto message on nxnandmanager), then I got fresh keys with biskeydump, made a 5.1.0 FW with choidujour and apply it with etcher and hacdiskmount (at this moment I checked every key in hacdiskmount and all were fine) , once I finished checked again on nxnandmanager and again says bad crypto, keys needed. Anyways a paste kip1 and .ini on sd and tried to boot but again, stuck at Nintendo Switch logo.

    Any ideas?

    — Posts automatically merged - Please don't double post! —

    Question. Can this problem be fixed by replacing the emmc memory chip? It looks like a corrupted emmc to me. I've saw a few ones on ebay, but wanted to know before.
     
  5. Canna

    Canna Bad Ass Poisonous Mushroom

    Member
    8
    GBAtemp Patron
    Canna is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Jul 14, 2018
    United States
    AZ
    Did you buy it broke or ?

    @mattytrog Power IC ? Bad boot ?
     
  6. DripZ
    OP

    DripZ Member

    Newcomer
    1
    Nov 2, 2019
    Panama
    No, it got stuck in bootlogo after running out of battery, never boot again since 20 days ago. I was working fine before that
     
  7. eliboa

    eliboa GBAtemp Regular

    Member
    6
    Jan 13, 2016
    France
    NxNandManager displays "BAD CRYPTO" instead of device id when it cannot decrypt CAL0 (PRODINFO) using biskey0 => https://github.com/eliboa/NxNandMan...7f51c44/NxNandManager/gui/mainwindow.cpp#L573.
    Do you have a backup of PRODINFO that you can restore ?
    Did you use tools that write on CAL0 such as Incognito ?
    Are you sure you can decrypt PRODINFO using biskey0 via HacDiskMount (once PRODINFO is dumped, open it with HxD. First four bytes should be "CAL0")?
     
    Canna likes this.
  8. DripZ
    OP

    DripZ Member

    Newcomer
    1
    Nov 2, 2019
    Panama
    I'll check that when I get back to home, thanks for the info.
     
  9. DripZ
    OP

    DripZ Member

    Newcomer
    1
    Nov 2, 2019
    Panama
    1. No, sadly I have no prodinfo backups of this switch. the only backup that I have is an already damaged rawnand and boot0/1 that I made before touching anything
    2. No, I haven't use incognito
    3. Yes, that's what HacDiskMount says (check img)
    Add: If I restore to the already damage rawnand backup that I have Nxnandmanager doesn't pop any message, everything looks OK, but when I try to boot up the switch stucks on SWITCH logo.

    So the problem must be on prodinfo? is there any way to fix that without a backup?

    Thank you so much for your help :D

    — Posts automatically merged - Please don't double post! —

    Forgot to attach img
    Same keys, one says OK, the other one says BAD CRYPTO! :)
    Anotación 2019-11-20 070629.
     
    Last edited by DripZ, Nov 20, 2019
  10. eliboa

    eliboa GBAtemp Regular

    Member
    6
    Jan 13, 2016
    France
    If you don't mind, and trust me enough, please DM me your prodinfo.bin and i'll look into.
     
Quick Reply
Draft saved Draft deleted
Loading...