prpr
Well-Known Member
Is the cron service running?
Beta Offline decryption utility
- Thread starter af123
- Start date
Black Hole
May contain traces of nut
Indeed not. It was marked "auto start" but status was "off". Things are now happening, auto.log is rapidly expanding. cron must never have auto-started for some reason, it's not as if the unit never gets rebooted at all.
Black Hole
May contain traces of nut
Code:
Humax HD-Fox T2 (HDFOX3) 1.03.02/3.13
To return to the menu, type: exit
HDFOX3# nugget cryptokey
Unknown command.
HDFOX3# nugget
nugget <command>
ping - Test nugget connectivity.
status - Show nugget status and version.
schedule.load - Load recording schedule from disk.
schedule.save - Save recording schedule to disk.
schedule.slot - Update timers for schedule slot.
schedule.db - sqlite3 database handle info.
schedule.epg - Display EPG information for slot.
schedule.timers - Show internal timers.
cryptokey - Set or display encryption key.
HDFOX3# nugget cryptokey
Unknown command.
HDFOX3#¿Que?
MontysEvilTwin
Well-Known Member
Try
Code:
nugget statusprpr
Well-Known Member
s/may/will/
MontysEvilTwin
Well-Known Member
FYI, on my HD-FOX (running 1.03.02)
nugget cryptokey lists the native encryption key as all zeros. Webif>Diagnostics lists the correct key. I appreciate that the beta version of nugget is a work in progress.Edit:
I rebooted then gave the unit a new key and now nugget has picked up the native key:
Code:
HDFox# nugget cryptokey
Native key: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Using key: <no custom key in use>
HDFox# nugget cryptokey 01010101010101010101010101010101
Using key: 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01
HDFox# nugget cryptokey
Native key: 00 03 78 9d xx xx xx xx xx xx xx xx xx xx xx xx
Using key: 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01
HDFox#
Last edited:
MontysEvilTwin
Well-Known Member
To add to the above, on the HD-FOX, decryption through Webif (in-place or queued) currently works if the recording was made with the native encryption key, but not with a custom key.
OP
I know, just haven’t had time to finish it yet. In the meantime you can just do something like
echo 0000000000000000 > /mod/boot/cryptokey and reboot. Then nugget will install that key and stripts will use it. (That key is 30 30 30...30 but it doesn’t really matter as long as the first and second half are the same)
OP
I've published updated webif, stripts & nugget packages.
Since I only record on my HD if the HDR is tied up and that doesn't happen often, I've just set my HD to have the same encryption key as my HDR and then I just copy the recordings over and get them decrypted there.
(1) - crude because it's just a box where you can type in a key - in the future it might allow entry of MAC address & serial number in the case where you want to use one HDR to rescue encrypted recordings from another..
- The timestamp problem in nugget should be fixed;
stripts -@can now function without a .hmt file being present;- there's a new
stripts -/for checking an encryption key against a file; - the queue for drop down in the file browser allows queuing for direct decryption on the HDR as a separate option;
- The decryption de-queue process now tries a number of encryption keys in direct mode - it will try whatever is in
/mod/boot/cryptokey, the current key as reported bynuggetand the box native key. This allows changing the key but still allowing old files to decrypt properly (and other scenarios..)
Since I only record on my HD if the HDR is tied up and that doesn't happen often, I've just set my HD to have the same encryption key as my HDR and then I just copy the recordings over and get them decrypted there.
(1) - crude because it's just a box where you can type in a key - in the future it might allow entry of MAC address & serial number in the case where you want to use one HDR to rescue encrypted recordings from another..
Last edited:
Black Hole
May contain traces of nut
Double-Like
HD-FOX test process:
HD-FOX test process:
- Make test recording A
- Make key 1 = key 2
- Make test recording B (similar file size as A)
- Play A - should fail
- Play B - should pass
- Cold restart
- Play A - should fail
- Play B - should pass
- Decrypt A
- Decrypt B - should take ~⅓︎ the time of decrypt A
Last edited:
peterworks
Ye Olde Bowler
As they have the same key is decryption necessary ?
Black Hole
May contain traces of nut
We've always regarded decryption as A GOOD THING for disaster recovery and off-line use. However, as you say, if you make your constellation of Humii have a common encryption key, you can share content between them (even by SMB/NFS) without decryption.
Last edited:
OP
Any results?
OP
No - I just routinely decrypt everything - not least for ad-detection.
Black Hole
May contain traces of nut
af123 uses a common key and then the hardware-accelerated decryption available on the HDR-FOX (I guess you can do this directly by file share?) rather than the much slower software decryption (even with K1=K2) on the HD-FOX. I also record with the HD-FOX only when essential (or as a convenience to avoid network bottlenecks), so I will decrypt when necessary rather than by routine, with the knowledge that we have the technology to decrypt even if the original unit goes US.
Decryption is necessary for the likes of detectads, but if you are not interested in that, and now we have the means for off-line disaster recovery, a case could be made for not routinely decrypting to reduce the duty cycle on the HDD (and other components), using a common key, and only decrypting when there is a particular need (export).
Decryption is necessary for the likes of detectads, but if you are not interested in that, and now we have the means for off-line disaster recovery, a case could be made for not routinely decrypting to reduce the duty cycle on the HDD (and other components), using a common key, and only decrypting when there is a particular need (export).
Black Hole
May contain traces of nut
Gimme a chance - needs fitting in with other things, and when I'm not using the HD-FOX
Black Hole
May contain traces of nut
Any reason we can't standardise on, say, all zeros as the suggested/recommended custom key? I can't see much benefit (at the moment) in everyone adopting the same key, but there is also no reason not to.
MontysEvilTwin
Well-Known Member
It probably makes little difference but I am using 01(x16) as the decryption key. The reason is that this is one of the two weak keys in DES (the other being FE (x16)]. Weak keys cause all sixteen subkeys to be equal and make encryption and decryption modes behave identically. This should give recordings the weakest possible encryption. Also the simplicity of the key, and the fact that it is a weak key makes it easy to remember.
Regarding decryption, with the above key, recordings are decrypted at about 2 MiB/s (HD-FOX with 500GB USB2 hard drive), compared to about 8 MiB/s on a HDR-FOX using the DLNA decryption method.
prpr
Well-Known Member
Previously I've tried sharing (between HDRs) before things have been decrypted and it's then completely mucked up the subsequent decryption process. There was no easy way of telling from the UI when decryption had occurred on the remote box.
If thumbnail generation could be made to work without having to do a full decrypt then that would be mega-useful for me and I could stop having to decrypt everything.