• The forum software that supports hummy.tv has been upgraded to XenForo 2.3!

    Please bear with us as we continue to tweak things, and feel free to post any questions, issues or suggestions in the upgrade thread.

Beta Offline decryption utility

Indeed not. It was marked "auto start" but status was "off". Things are now happening, auto.log is rapidly expanding. cron must never have auto-started for some reason, it's not as if the unit never gets rebooted at all.
 
Code:
Humax HD-Fox T2 (HDFOX3) 1.03.02/3.13                                                                                 
                                                                                                                      
To return to the menu, type: exit                                                                                     
                                                                                                                      
HDFOX3# nugget cryptokey                                                                                               
Unknown command.                                                                                                       
HDFOX3# nugget                                                                                                         
nugget <command>                                                                                                       
  ping             - Test nugget connectivity.                                                                         
  status           - Show nugget status and version.                                                                   
  schedule.load    - Load recording schedule from disk.                                                               
  schedule.save    - Save recording schedule to disk.                                                                 
  schedule.slot    - Update timers for schedule slot.                                                                 
  schedule.db      - sqlite3 database handle info.                                                                     
  schedule.epg     - Display EPG information for slot.                                                                 
  schedule.timers  - Show internal timers.                                                                             
  cryptokey        - Set or display encryption key.                                                                   
HDFOX3# nugget cryptokey                                                                                               
Unknown command.                                                                                                       
HDFOX3#

¿Que?
 
Code:
Humax HD-Fox T2 (HDFOX3) 1.03.02/3.13                                                                                
                                                                                                                     
To return to the menu, type: exit                                                                                    
                                                                                                                     
HDFOX3# nugget cryptokey                                                                                              
Unknown command.                                                                                                      
HDFOX3# nugget                                                                                                        
nugget <command>                                                                                                      
  ping             - Test nugget connectivity.                                                                        
  status           - Show nugget status and version.                                                                  
  schedule.load    - Load recording schedule from disk.                                                              
  schedule.save    - Save recording schedule to disk.                                                                
  schedule.slot    - Update timers for schedule slot.                                                                
  schedule.db      - sqlite3 database handle info.                                                                    
  schedule.epg     - Display EPG information for slot.                                                                
  schedule.timers  - Show internal timers.                                                                            
  cryptokey        - Set or display encryption key.                                                                  
HDFOX3# nugget cryptokey                                                                                              
Unknown command.                                                                                                      
HDFOX3#

¿Que?
Try
Code:
nugget status
to see which version is loaded into the kernel. Although you can see the options for the latest version, you may need to reboot for it to be loaded up.
 
nugget 0.98-1 should have the addresses in it now, so testing nugget cryptokey on various versions on both HDR & HD would be useful.. just make sure it looks like the right key.
I've tested HDR/1.03.12 and HD/1.03.02
FYI, on my HD-FOX (running 1.03.02) nugget cryptokey lists the native encryption key as all zeros. Webif>Diagnostics lists the correct key. I appreciate that the beta version of nugget is a work in progress.
Edit:
I rebooted then gave the unit a new key and now nugget has picked up the native key:
Code:
HDFox# nugget cryptokey                                  
Native key: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Using key:  <no custom key in use>                        
HDFox# nugget cryptokey 01010101010101010101010101010101  
Using key:  01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01
HDFox# nugget cryptokey                                  
Native key: 00 03 78 9d xx xx xx xx xx xx xx xx xx xx xx xx
Using key:  01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01
HDFox#
I obscured some of the native key, though I am not sure if this was necessary or just security paranoia.
 
Last edited:
To add to the above, on the HD-FOX, decryption through Webif (in-place or queued) currently works if the recording was made with the native encryption key, but not with a custom key.
 
To add to the above, on the HD-FOX, decryption through Webif (in-place or queued) currently works if the recording was made with the native encryption key, but not with a custom key.
I know, just haven’t had time to finish it yet. In the meantime you can just do something like echo 0000000000000000 > /mod/boot/cryptokey and reboot. Then nugget will install that key and stripts will use it. (That key is 30 30 30...30 but it doesn’t really matter as long as the first and second half are the same)
 
I've published updated webif, stripts & nugget packages.
  • The timestamp problem in nugget should be fixed;
  • stripts -@ can now function without a .hmt file being present;
  • there's a new stripts -/ for checking an encryption key against a file;
  • the queue for drop down in the file browser allows queuing for direct decryption on the HDR as a separate option;
  • The decryption de-queue process now tries a number of encryption keys in direct mode - it will try whatever is in /mod/boot/cryptokey, the current key as reported by nugget and the box native key. This allows changing the key but still allowing old files to decrypt properly (and other scenarios..)
Lastly, there's a crude(1) method for changing a box's encryption key through Settings->Advanced. That will change it straight away and it will persist over reboots. If you have a HD unit, you can set it to all the same character - all zeroes or similar - as that will allow for the fastest decryption.

Since I only record on my HD if the HDR is tied up and that doesn't happen often, I've just set my HD to have the same encryption key as my HDR and then I just copy the recordings over and get them decrypted there.

(1) - crude because it's just a box where you can type in a key - in the future it might allow entry of MAC address & serial number in the case where you want to use one HDR to rescue encrypted recordings from another..
 
Last edited:
Double-Like

HD-FOX test process:
  1. Make test recording A
  2. Make key 1 = key 2
  3. Make test recording B (similar file size as A)
  4. Play A - should fail
  5. Play B - should pass
  6. Cold restart
  7. Play A - should fail
  8. Play B - should pass
  9. Decrypt A
  10. Decrypt B - should take ~⅓︎ the time of decrypt A
 
Last edited:
We've always regarded decryption as A GOOD THING for disaster recovery and off-line use. However, as you say, if you make your constellation of Humii have a common encryption key, you can share content between them (even by SMB/NFS) without decryption.
 
Last edited:
af123 uses a common key and then the hardware-accelerated decryption available on the HDR-FOX (I guess you can do this directly by file share?) rather than the much slower software decryption (even with K1=K2) on the HD-FOX. I also record with the HD-FOX only when essential (or as a convenience to avoid network bottlenecks), so I will decrypt when necessary rather than by routine, with the knowledge that we have the technology to decrypt even if the original unit goes US.

Decryption is necessary for the likes of detectads, but if you are not interested in that, and now we have the means for off-line disaster recovery, a case could be made for not routinely decrypting to reduce the duty cycle on the HDD (and other components), using a common key, and only decrypting when there is a particular need (export).
 
Any reason we can't standardise on, say, all zeros as the suggested/recommended custom key? I can't see much benefit (at the moment) in everyone adopting the same key, but there is also no reason not to.
 
Any reason we can't standardise on, say, all zeros as the suggested/recommended custom key? I can't see much benefit (at the moment) in everyone adopting the same key, but there is also no reason not to.
It probably makes little difference but I am using 01(x16) as the decryption key. The reason is that this is one of the two weak keys in DES (the other being FE (x16)]. Weak keys cause all sixteen subkeys to be equal and make encryption and decryption modes behave identically. This should give recordings the weakest possible encryption. Also the simplicity of the key, and the fact that it is a weak key makes it easy to remember.
Regarding decryption, with the above key, recordings are decrypted at about 2 MiB/s (HD-FOX with 500GB USB2 hard drive), compared to about 8 MiB/s on a HDR-FOX using the DLNA decryption method.
 
However, as you say, if you make your constellation of Humii have a common encryption key, you can share content between them (even by SMB/NFS) without decryption.
Previously I've tried sharing (between HDRs) before things have been decrypted and it's then completely mucked up the subsequent decryption process. There was no easy way of telling from the UI when decryption had occurred on the remote box.
only decrypting when there is a particular need (export).
If thumbnail generation could be made to work without having to do a full decrypt then that would be mega-useful for me and I could stop having to decrypt everything.
 
Back
Top