nca: add option to suppress decrypted keydata output

main.c

@@ -60,6 +60,7 @@ static void usage(void) {
  " --onlyupdated Ignore non-updated files in update partitions.\n"
  " --xcontenttype= Only extract contents if the content type matches an expected one.\n"
  " --appendsectypes Append a section type string to section paths.\n"
+ " --suppresskeys Suppress output of decrypted keys.\n"
  "NPDM options:\n"
  " --json=file Specify file path for saving JSON representation of program permissions to.\n"
  "KIP1 options:\n"
@@ -190,6 +191,7 @@ int main(int argc, char **argv) {
  {"listfiles", 0, NULL, 41},
  {"xcontenttype", 1, NULL, 42},
  {"appendsectypes", 0, NULL, 43},
+ {"suppresskeys", 0, NULL, 44},
  {NULL, 0, NULL, 0},
  };
 
@@ -432,6 +434,9 @@ int main(int argc, char **argv) {
  case 43:
  nca_ctx.tool_ctx->settings.append_section_types = 1;
  break;
+ case 44:
+ nca_ctx.tool_ctx->settings.suppress_keydata_output = 1;
+ break;
  default:
  usage();
  return EXIT_FAILURE;

nca.c

@@ -719,32 +719,38 @@ static void nca_print_key_area(nca_ctx_t *ctx) {
  if (ctx->format_version == NCAVERSION_NCA0_BETA) {
  printf("Key Area (Encrypted):\n");
  memdump(stdout, "Key (RSA-OAEP Encrypted): ", &ctx->header.encrypted_keys, 0x100);
- printf("Key Area (Decrypted):\n");
- for (unsigned int i = 0; i < 0x2; i++) {
- printf(" Key %"PRId32" (Decrypted): ", i);
- memdump(stdout, "", &ctx->decrypted_keys[i], 0x10);
+ if (!ctx->tool_ctx->settings.suppress_keydata_output) {
+ printf("Key Area (Decrypted):\n");
+ for (unsigned int i = 0; i < 0x2; i++) {
+ printf(" Key %"PRId32" (Decrypted): ", i);
+ memdump(stdout, "", &ctx->decrypted_keys[i], 0x10);
+ }
  }
  } else if (ctx->format_version == NCAVERSION_NCA0) {
  printf("Key Area (Encrypted):\n");
  for (unsigned int i = 0; i < 0x2; i++) {
  printf(" Key %"PRId32" (Encrypted): ", i);
  memdump(stdout, "", &ctx->header.encrypted_keys[i], 0x10);
  }
- printf("Key Area (Decrypted):\n");
- for (unsigned int i = 0; i < 0x2; i++) {
- printf(" Key %"PRId32" (Decrypted): ", i);
- memdump(stdout, "", &ctx->decrypted_keys[i], 0x10);
+ if (!ctx->tool_ctx->settings.suppress_keydata_output) {
+ printf("Key Area (Decrypted):\n");
+ for (unsigned int i = 0; i < 0x2; i++) {
+ printf(" Key %"PRId32" (Decrypted): ", i);
+ memdump(stdout, "", &ctx->decrypted_keys[i], 0x10);
+ }
  }
  } else {
  printf("Key Area (Encrypted):\n");
  for (unsigned int i = 0; i < 0x4; i++) {
  printf(" Key %"PRId32" (Encrypted): ", i);
  memdump(stdout, "", &ctx->header.encrypted_keys[i], 0x10);
  }
- printf("Key Area (Decrypted):\n");
- for (unsigned int i = 0; i < 0x4; i++) {
- printf(" Key %"PRId32" (Decrypted): ", i);
- memdump(stdout, "", &ctx->decrypted_keys[i], 0x10);
+ if (!ctx->tool_ctx->settings.suppress_keydata_output) {
+ printf("Key Area (Decrypted):\n");
+ for (unsigned int i = 0; i < 0x4; i++) {
+ printf(" Key %"PRId32" (Decrypted): ", i);
+ memdump(stdout, "", &ctx->decrypted_keys[i], 0x10);
+ }
  }
  }
 }
@@ -838,12 +844,16 @@ void nca_print(nca_ctx_t *ctx) {
  if (ctx->has_rights_id) {
  memdump(stdout, "Rights ID: ", &ctx->header.rights_id, 0x10);
  if (ctx->is_cli_target && ctx->tool_ctx->settings.has_cli_titlekey) {
- memdump(stdout, "Titlekey (Encrypted) (From CLI) ", ctx->tool_ctx->settings.cli_titlekey, 0x10);
- memdump(stdout, "Titlekey (Decrypted) (From CLI) ", ctx->tool_ctx->settings.dec_cli_titlekey, 0x10);
+ if (!ctx->tool_ctx->settings.suppress_keydata_output) {
+ memdump(stdout, "Titlekey (Encrypted) (From CLI) ", ctx->tool_ctx->settings.cli_titlekey, 0x10);
+ memdump(stdout, "Titlekey (Decrypted) (From CLI) ", ctx->tool_ctx->settings.dec_cli_titlekey, 0x10);
+ }
  } else if (settings_has_titlekey(&ctx->tool_ctx->settings, ctx->header.rights_id)) {
  titlekey_entry_t *entry = settings_get_titlekey(&ctx->tool_ctx->settings, ctx->header.rights_id);
- memdump(stdout, "Titlekey (Encrypted) ", entry->titlekey, 0x10);
- memdump(stdout, "Titlekey (Decrypted) ", entry->dec_titlekey, 0x10);
+ if (!ctx->tool_ctx->settings.suppress_keydata_output) {
+ memdump(stdout, "Titlekey (Encrypted) ", entry->titlekey, 0x10);
+ memdump(stdout, "Titlekey (Decrypted) ", entry->dec_titlekey, 0x10);
+ }
  } else {
  printf("Titlekey: Unknown\n");
  }

settings.h

@@ -84,6 +84,7 @@ typedef struct {
  int has_expected_content_type;
  unsigned int expected_content_type;
  int append_section_types;
+ int suppress_keydata_output;
  int has_cli_titlekey;
  unsigned char cli_titlekey[0x10];
  unsigned char dec_cli_titlekey[0x10];