Decryption On PC Using Linux

[Peter H]

Hi,
I want to decrypt a HD file but cannot find the latest suggested informatiom and would appreciate a link or links.

I have recorded a small HD test file and downloaded it to my Fedora PC.
I assume i need to remove the "enc" tag before using a script, is this correct?

Thanks

 

[Black Hole]

I want to decrypt a HD file but cannot find the latest suggested informatiom and would appreciate a link or links.

Easy meat (the Custom Firmware section of the forum would be the normal starting point, and a search for "decryption" would provide what you seek):

Rescuing Recordings from a Dead HDR-FOX

Users of the CF have the option/facility to decrypt recordings automatically, immediately after (or even while) they are recorded. However, this can also be done off-line. In the case where the original HDR-FOX is broken with no intention to replace, and where the recordings have not been decrypted:

1. You will need the HDD from the HDR-FOX, and you will need to know the serial number and MAC (as printed on the product label). These details could also be obtained from the unit itself, if it weren't broken...
   
   
2. Hook up the HDD to a PC. This is not as straightforward as it sounds, because the HDD is formatted Ext3, which is a Linux format and Windows will not play ball with it. The physical hook-up can be direct if your PC has a spare SATA bay, or using an external USB-SATA adapter. I then prefer to boot Linux (using a downloaded live boot Linux DVD or bootable USB if necessary), but some people have had success by loading an Ext3 driver in Windows (see Things Every... section 12). NB: Booting a "Live Linux" means you can use the PC in Linux without affecting the Windows installation. Modern Linuxes are very Windows-like, so they are not difficult to use.
   
   You only need to copy off the .ts files to somewhere accessible at this stage, after that you can reboot to Windows if you're more comfortable with that. The other files (.hmt. .nts etc) are of no relevance away from a HDR-FOX.
   
   
3. For the decryption utility, see:
   

   Linux version: https://hummy.tv/forum/threads/offline-decryption-utility.8676/
   Windows version: https://hummy.tv/forum/threads/windows-version-of-offline-decryption-hfodu.8770/

   
   
4. For the decryption key:
   

   How to compute the key (from https://wiki.hummy.tv/wiki/Custom_Firmware_Package_Notes#Stripts): concatenate the 12 hex digits of the MAC, with 20 hex digits obtained from the S/N by converting the first 10 digits to hex ASCII. Presuming the S/N is purely numeric, this is not so difficult as it sounds because the decimal-to-hexASCII conversion is simply to prefix each digit with "3". Thus, for example: for MAC 00-03-78-bd-11-f3 and S/N 6371044960-1234, the first 12 hex digits of the key will be 000378bd11f3, and the subsequent 20 digits 36333731303434393630, so the whole key is 000378bd11f336333731303434393630.

Obviously you can ignore steps 1 and 2 if you already have the files extracted.

I assume i need to remove the "enc" tag before using a script, is this correct?

The various flags are only relevant to hardware decryption on an HDR-FOX. Any of the software methods, on or off the box, only require the .ts as input and the .hmt (containing the flags) is irrelevant.

However, if all you are trying to do is obtain a decrypted file, it is much easier to do that on the HDR-FOX itself (before exporting the file).

 

[Peter H]

Thanks for the info. I was not sure if this was the correct forum as I was using Linux to decrypt!

I had run one of these:

https://hpkg.tv/misc/stripts-linux

but it failed with a UTF-8 error in the first line so wrote here just in case I was not using the latest recommended method.

I will go and re-check what I did and got to the CF forum if I still have a problem.

Peter H

 

[Black Hole]

I had run one of these:
https://hpkg.tv/misc/stripts-linux

That's the one, never tried it myself but I'm sure we would know if it didn't work.

I was not sure if this was the correct forum as I was using Linux to decrypt!

It's still "custom"!

I will go and re-check what I did and got to the CF forum if I still have a problem.

Don't bother starting a new thread, we'll move this one.

Is there some reason you don't want to decrypt on the box, as it clearly is working?

 

[MartinLiddle]

I had run one of these:

https://hpkg.tv/misc/stripts-linux

but it failed with a UTF-8 error in the first line so wrote here just in case I was not using the latest recommended method.

Are you confident you have the correct encryption key?

 

[Peter H]

Will be re-checking as I am obviously doing something wrong, I was trying to run the script and thought I needed the key when I ran it.
Thanks

 

[prpr]

I had run one of these:
https://hpkg.tv/misc/stripts-linux but it failed with a UTF-8 error in the first line

Can you expand on that a bit more? Or at least show your command and what it produces?

FWIW, I updated the Linux builds - see here.

 

[Peter H]

I have put a small .ts file in "Downloads folder" on my Linux box, I unzipped the stripts.zip file and have 2 unziped files in a "stripts" folder that contain, "stripts32" and "stripts64" which are both executable and read write by me.

I assume the above is correct!?


i now want to decrypt the .ts file then play it using vlc before editing.

Do I need to put the "stripts64" in a specific folder to run it and what is the command I must use to pipe the file through stripts to unencrypt the file?

I assume I will need the fox's key and can get the mac address/serial number manually and assume there is a terminal in the CF to find the key but not yet found it!


Apologies its a basic problem.but i cannot find details of how to install the stripts

 

[prpr]

I assume the above is correct!?

Yes.

Do I need to put the "stripts64" in a specific folder to run it

You don't have to - you can run it from the current directory with e.g. ./stripts64 but it's probably easier to move it to somewhere like /usr/local/bin which should be in the PATH variable, then you can just run it without worrying where it is.

what is the command I must use to pipe the file through stripts to unencrypt the file?

Running it tells you what the syntax is but basically it's stripts64 -@key filein.ts fileout.ts substituting for filein, fileout and key as appropriate.

I assume I will need the fox's key and can get the mac address/serial number manually and assume there is a terminal in the CF to find the key but not yet found it!

Yes, it's on the Diagnostics page in the WebIf, at the bottom labelled "Native Encryption Key".

 

[Peter H]

Thats fine, I will try it later today or tomorrow and confirm it works

Thanks

 

[Peter H]

It seems to need libcrypto but it seems thing have changed (or I am still doing something wrong).
Attached are some outputs. Its opening openssl but it seems there is no libcrypto.
Will have another look tomorrow but at least its running!!

 

[Peter H]

Just did a dnf install libcrypto and its not there in fc37.

do I need to try to install it manually from somewhere else!?

 

[prpr]

It seems to need libcrypto but it seems thing have changed (or I am still doing something wrong).
Attached are some outputs. Its opening openssl but it seems there is no libcrypto.

No, you're doing things right. Something has indeed changed, as mine has stopped working too. It seems libcrypto.so.1.1 has been obsoleted.
This is the Linux equivalent of Windows' DLL hell.
I'll have to see if I can compile a new one against whatever is contemporary.

do I need to try to install it manually from somewhere else!?

I managed to get the old one running by recovering the old library file from a backup, just to prove it to myself, but it's not recommended.

 

[prpr]

I'll have to see if I can compile a new one against whatever is contemporary.

This works for me: https://dl.dropbox.com/s/vu3whg47ph0teiu/stripts.zip

 

[xyz321]

It is contained within the openssl-libs package on fc37.

 

[/df]

Good news: OpenSSL 1.1.1 becomes EOL on 11 September. Better news: $15k for extended support. Meanwhile: 3.0.0 supported until 2026.

 

[Peter H]

I think that's whats it says here:

how to fix missing libcrypto.so.1.1?

So i first encountered this problem when i tried to run nodejs on my system. And i got this error message node: error while loading shared libraries: libcrypto.so.1.1: cannot open shared object fil...

unix.stackexchange.com

and just checked:

peter@fedora ~]$ ldconfig -p | grep libcrypto
libcrypto.so.3 (libc6,x86-64) => /lib64/libcrypto.so.3
libcrypto.so.1.1 (libc6) => /lib/libcrypto.so.1.1
[peter@fedora ~]$

 

[Peter H]

FYI
I have /lib64 linked to /usr/lib64
In there I have libcrypto.so.3 and libcrypto.so.3.0.9, with a link from 3 to 3.0.9.
This is a little towards the extent of my knowledge but i assume my fc7 is using libcrypto.so.3.0.9!?

Do I need to try again using the dropbox "stripts" or does it still need to be recompiled?

Thanks

 

[prpr]

I have recompiled it. Download the new version from the link in #14 and dispose of the old version(s).

 

[Peter H]

Thanks very much for updating your stript.
I do not have much time ATM but hope to try it on my 5 minute test recording tomorrow or Tuesday and will confirm the result for completeness and information to any lurkers.

For my own personal knowledge, do you have to update programs every time a library updates!?
If so, for main programmers is there some configuration control that warns them of upstream updates?

Thanks again for your time keeping the Humax box(s) up to date and keeping them a useful piece of H/W.

Peter H