I guess you could do it that way. I just run the commands manually though. After all the housekeeping at the beginning, it runs this command to extract the bundle:
Then it reads the keyfiles from MFS (in /State/Keyring/) and tries to match up a particular key for the .skey file extracted from the bundle. In the case of swsystem slices, it's usually SWE_STA-xx. If you look at that key in MFS, the Type is 2 (ElGamal) and the Value is a long hex string. Copy the long hex string and use it with the next command it runs to decrypt the session key:
cpio -i -I <source file, ie. swsystem-xxxxxxxxx-x.slice.bnd>
which resolves to:
$Inc::TS_KEY_PROG -x -ddm $keyval $keymatch
That will give you a short hex string which is the session key to decrypt the slice.gz.bf file. Use that with the next command to decrypt the file:
crypto -x -ddm <long hex string> <name of .skey file from bundle>
which resolves to:
$Inc::TS_DECRYPT_PROG $sessionkey < $file > $basefile
And there's your gziped slice file.
/tvbin/bf -d <short hex string> < <name of slice.gz.bf file> > <filename without .bf extension>
The "$Inc::XX_XXXX_XX" variables are defined in /tvlib/tcl/tv/Inc.itcl . I use grep to find the ones I'm looking for.
The SWE_STA-xx keys are only downloaded to your keyring when they're needed. Ie. when there's a software update waiting for you. Then they're deleted.
If you look in your Otclient log immediately after it downloads new software, you can divine the URLs that the slice files are downloaded from and then just download them yourself with your browser. I find this more palatable than capturing them as the Tivo downloads them.
I'm not even sure if unbundler.tcl is actually used during the normal Tivo download process. It may actually be handled by an internal process, so modifying that file may or may not have the desired effect.