Editing BD Drive Reverse Engineering
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 22: | Line 22: | ||
My program to dump EID4 AES-CBC-256 IV and key to PPU memory: | My program to dump EID4 AES-CBC-256 IV and key to PPU memory: | ||
< | <pre> | ||
/* | /* | ||
* Dump EID4 IV and key to EA with MFC | * Dump EID4 IV and key to EA with MFC | ||
Line 127: | Line 127: | ||
bi $lr | bi $lr | ||
</ | </pre> | ||
==Result== | ==Result== | ||
Line 155: | Line 155: | ||
* ATAPI commands SEND_KEY and REPORT_KEY are used to exchange random number between host and BD drive. | * ATAPI commands SEND_KEY and REPORT_KEY are used to exchange random number between host and BD drive. | ||
* Exchanged random numbers are used to derive the session key which is used later to send vendor-specific ATAPI commands (0xE0 and 0xE1) to BD drive. | * Exchanged random numbers are used to derive the session key which is used later to send vendor-specific ATAPI commands (0xE0 and 0xE1) to BD drive. | ||
* The same procedue is | * The same procedue is follwed e.g. by Storage Manager which runs in LPAR1. | ||
* 3DES-CBC with 2 keys is used to encrypt commands sent to BD drive. | * 3DES-CBC with 2 keys is used to encrypt commands sent to BD drive. | ||
Line 170: | Line 170: | ||
==Program== | ==Program== | ||
< | <pre> | ||
/*- | /*- | ||
* Copyright (C) 2012 glevand <[email protected]> | * Copyright (C) 2012 glevand <[email protected]> | ||
Line 1,083: | Line 1,083: | ||
exit(0); | exit(0); | ||
} | } | ||
</ | </pre> | ||
==Result== | ==Result== | ||
Line 1,111: | Line 1,111: | ||
TODO | TODO | ||