Editing Certified File
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
Certified Files are the most common encrypted files on PS3 and | Certified Files are the most common encrypted files on PS3 and PSVita. | ||
= Introduction = | = Introduction = | ||
Line 6: | Line 6: | ||
* revoke list | * revoke list | ||
* PS3 security policy profile | * PS3 security policy profile | ||
* system software package (.pkg | * system software package (e.g. .pkg, .spkg_hdr.X) | ||
* PSVita diff file (never met such a file yet) | |||
* | * PSVita game cartridge param.sfo (gro0:gc/param.sfo) | ||
* | |||
= Structure = | = Structure = | ||
It is important to notice that PS3 uses big-endian whilst | It is important to notice that PS3 uses big-endian whilst PSVita uses little-endian. | ||
== Header == | == Header == | ||
Line 20: | Line 18: | ||
<source lang="C"> | <source lang="C"> | ||
typedef struct { // Size is 0x20 for v2, 0x30 for v3 | typedef struct { // Size is 0x20 for v2, 0x30 for v3 | ||
uint32_t magic; | |||
uint32_t version; | |||
uint16_t attribute; | |||
uint16_t category; | |||
uint32_t ext_header_size; | |||
uint64_t file_offset; | |||
uint64_t file_size; | |||
union { | |||
struct { | |||
uint64_t cf_file_size; | |||
uint64_t padding; | |||
}; | |||
}; | |||
} __attribute__((packed)) cf_header; | } __attribute__((packed)) cf_header; | ||
</source> | </source> | ||
Line 41: | Line 39: | ||
| Magic || 0x0 || u32 || Must be "SCE\0". | | Magic || 0x0 || u32 || Must be "SCE\0". | ||
|- | |- | ||
| Version || 0x4 || u32 || 2 for PS3, 3 for | | Version || 0x4 || u32 || 2 for PS3, 3 for PSVita. | ||
|- | |- | ||
| Attribute || 0x8 || u16 || Corresponds to the revision of the | | Attribute || 0x8 || u16|| Corresponds to the revision of the enc/dec key. See [https://www.psdevwiki.com/ps3/Revision_versus_Version Attribute]. | ||
|- | |- | ||
| Category || 0xA || u16 || See [[Certified_File#Category|Category]]. | | Category || 0xA || u16 || See [[Certified_File#Category|Category]]. | ||
|- | |- | ||
| Extended Header size || 0xC || u32 || For SELF category only, set to 0 for other categories. See | | Extended Header size || 0xC || u32 || For SELF category only, set to 0 for other categories. See Extended Header. | ||
|- | |- | ||
| File offset || 0x10 || u64 || Offset to encapsulated data. | | File offset || 0x10 || u64 || Offset to encapsulated data. | ||
Line 63: | Line 61: | ||
! Value !! Type !! Name !! Remark | ! Value !! Type !! Name !! Remark | ||
|- | |- | ||
| 1 || SELF - SPRX || signed-elf - signed-prx || Used for storing ELF and PRX. Both PS3 and | | 1 || SELF - SPRX || signed-elf - signed-prx || Used for storing ELF and PRX. Both PS3 and PSVita. | ||
|- | |- | ||
| 2 || SRVK || signed-revoke-list || Used for [[Revokation]]. Both PS3 and | | 2 || SRVK || signed-revoke-list || Used for [[Revokation]]. Both PS3 and PSVita. | ||
|- | |- | ||
| 3 || SPKG || signed-package || Used for [[PKG_files#Firmware_Packages|System Software Packages]]. Both PS3 and | | 3 || SPKG || signed-package || Used for [[PKG_files#Firmware_Packages|System Software Packages]]. Both PS3 and PSVita. | ||
|- | |- | ||
| 4 || SSPP || signed-security-policy-profile || The only file of this category is [[Default.spp]]. PS3 only. | | 4 || SSPP || signed-security-policy-profile || The only file of this category is [[Default.spp]]. PS3 only. | ||
|- | |- | ||
| 5 || SDIFF || signed-diff || Used in Prototype | | 5 || SDIFF || signed-diff || Used in Prototype PSVita Applier module. PSVita only. Never met such a file yet. | ||
|- | |- | ||
| 6 || SPSFO || signed-param-sfo || Spsfo (signed param.sfo) file is located in game cartridge at path gro0:gc/param.sfo. | | 6 || SPSFO || signed-param-sfo || Spsfo (signed param.sfo) file is located in game cartridge at path gro0:gc/param.sfo. PSVita only. | ||
|} | |} | ||
== Encryption Root Header == | == Encryption Root Header == | ||
Temp name was Metadata Information. Official name is encryption_root_header. | |||
This is not present in fCF (fSELF, fSPP, etc...). | |||
The key and iv fields are encrypted using AES256CBC. | |||
=== Struct === | === Struct === | ||
Line 88: | Line 86: | ||
<source lang="C"> | <source lang="C"> | ||
typedef struct { | typedef struct { | ||
uint8_t key[16]; | |||
uint8_t key_pad[16]; | |||
uint8_t iv[16]; | |||
uint8_t iv_pad[16]; | |||
} __attribute__((packed)) | } __attribute__((packed)) encryption_root_header; | ||
</source> | </source> | ||
Line 99: | Line 97: | ||
== Certification Header == | == Certification Header == | ||
Temp name was Metadata Header. Official name is certification_header. | |||
It is only present if the Encryption Root Header is present. | |||
It is decrypted using AES128 with the key and iv entries from the Encryption Root Header. | |||
It is located after the Encryption Root Header in the SELF file. | |||
=== Struct === | === Struct === | ||
Line 109: | Line 109: | ||
<source lang="C"> | <source lang="C"> | ||
typedef struct { | typedef struct { | ||
uint64_t footer_offset; | |||
uint32_t sign_algorithm; // 1 = ECDSA160, 5 = RSA2048 | |||
uint32_t segment_count; | |||
uint32_t blocks_count; // was keyCount | |||
uint32_t optional_header_size; | |||
uint64_t unknown06; | |||
} __attribute__((packed)) | } __attribute__((packed)) certification_header; | ||
</source> | </source> | ||
Line 122: | Line 122: | ||
== Certification Body == | == Certification Body == | ||
*It is decrypted with the key and iv entries from the Encryption Root Header. | |||
=== Segment Certification Header === | === Segment Certification Header === | ||
Temp name was Metadata Section Header. Official name is segment_certification_header. | |||
It is only present if the Certification Header is present. | |||
The number of | The number of sections is indicated by the segment_count entry in the Certification Header. | ||
Segment Certification Header is located after the Certification Header. | The Segment Certification Header is located after the Certification Header in the SELF file. | ||
==== Struct ==== | ==== Struct ==== | ||
Line 140: | Line 138: | ||
<source lang="C"> | <source lang="C"> | ||
typedef struct { | typedef struct { | ||
uint64_t segment_offset; | |||
uint64_t segment_size; | |||
uint32_t segment_type; // 1 = shdr, 2 = phdr, 3 = sceversion | |||
uint32_t program_idx; // 0,1,2,3,etc for phdr, always 3 for shdrs, sceversion shdr number for sceversion | |||
uint32_t sign_algorithm; // ?1 = none?, 2 = sha1_hmac, 3 = sha1, 6 = sha256_hmac | |||
uint32_t sign_idx; | |||
uint32_t decrypt_algorithm; // 1 = none, 2 = aes128cbccfb, 3 = aes128ctr | |||
uint32_t decrypt_idx; // -1 when decrypt_algorithm = none | |||
uint32_t iv_idx; // -1 when decrypt_algorithm = none | |||
uint32_t comp_algorithm; // 1 = none, 2 = zlib | |||
} __attribute__((packed)) | } __attribute__((packed)) segment_certification_header; | ||
</source> | </source> | ||
==== Comments ==== | ==== Comments ==== | ||
* Segment data is decrypted using | Notes: | ||
* The segment_offset | *Segment data is decrypted using decrypt_algorithm with the key and iv from the Segment Certification specified by key_idx and iv_idx. | ||
*The segment_offset of the Segment Certification Header matches in general the offset from the Segment Extended Header. | |||
=== | === Segment Certification === | ||
Temp name was Metadata Keys, Section Hash. Official name might be Segment Certification. | |||
The number of | The number of Segment Certifications is indicated by the segment_count entry in the Certification Header. | ||
The Segment Certifications are located after the Segment Certification Headers in the SELF file. | |||
==== Struct ==== | ==== Struct ==== | ||
<source lang="C"> | <source lang="C"> | ||
typedef struct { | typedef struct { | ||
union { // size is 0x60 bytes | |||
uint8_t signature[0x20]; // hmac_sha1 | |||
uint8_t unk1[0x40]; // certainly hmac_key | |||
} signature_type2; | |||
union { // size is 0x40 bytes | |||
uint8_t signature[0x20]; // hmac_sha256 | |||
uint8_t hmac_key[0x20]; | |||
} signature_type6; | |||
union { // size is 0x20 bytes | |||
uint8_t key[0x10]; | |||
uint8_t iv[0x10]; | |||
} encryption_params; // present for type 2 and 3 | |||
} __attribute__((packed)) segment_certification; | |||
} __attribute__((packed)) | |||
</source> | </source> | ||
==== Comments ==== | ==== Comments ==== | ||
* The | Notes: | ||
*The HMAC-SHA1 is calculated on the decrypted data and before the decompression. | |||
=== Optional Header Table === | === Optional Header Table === | ||
Temp name was Signature Info, Capabilities Info. Official name is optional_header_table. | |||
Optional Header Table is only present if optional_header_size in the Certification Header is not zero | The Optional Header Table is located after the Section Hash in the SELF file. | ||
It is only present if optional_header_size in the Certification Header is not zero. | |||
==== Struct ==== | ==== Struct ==== | ||
Line 204: | Line 203: | ||
uint32_t type; // 1=capability_header, 2=individual_seed_header, 3=attribute_header | uint32_t type; // 1=capability_header, 2=individual_seed_header, 3=attribute_header | ||
uint32_t size; | uint32_t size; | ||
uint64_t next; // 1 if another | uint64_t next; // 1 if another optional_header structure follows else 0 | ||
union { | union { | ||
// type 1 | // type 1 | ||
Line 219: | Line 218: | ||
} attribute_header; | } attribute_header; | ||
}; | }; | ||
} __attribute__((packed)) | } __attribute__((packed)) optional_header; | ||
</source> | </source> | ||
=== Comments === | |||
* | * Type 1 contains encrypted_capability. See [[Capability Flags]]. | ||
== | == Certification Footer == | ||
Temp name was Signature. | |||
It is located at the Certification Header footer_offset in the SELF file. | |||
It is decrypted with the key and iv entries from the Encryption Root Header. | |||
It can be ECDSA160 or RSA2048, according to the Certification Header. | |||
=== Struct === | === Struct === | ||
Line 240: | Line 239: | ||
<source lang="C"> | <source lang="C"> | ||
typedef struct { | typedef struct { | ||
union { | |||
uint8_t r[21]; | |||
uint8_t s[21]; | |||
uint8_t padding[6]; | |||
} ECDSA160; | |||
union { | |||
uint8_t rsa[0x100]; | |||
} RSA2048; | |||
} __attribute__((packed)) | } __attribute__((packed)) certification_footer; | ||
</source> | </source> | ||
=== Comments === | === Comments === | ||
* | * footer_offset is the number of bytes which are used to generate the SHA-1 which is used to generate the ECDSA signature. The length should be eveything from the beginning until the signature itself. The decrypted version of the input data is used for signature. | ||
= Decryption = | = Decryption = | ||
Line 263: | Line 262: | ||
On PS3, TO DOCUMENT. | On PS3, TO DOCUMENT. | ||
On | On PSVita, static key and IV are contained within the relevant Secure Module. For example, SPKG keys are located in update_service_sm.self, KPRX keys are located in kprx_auth_sm.self, Secure Modules (SM) as well as kernel_boot_loader.self keys are located in secure_kernel. | ||
* Step 1: Get Encryption Root | * Step 1: Get Encryption Root key and IV | ||
Decrypt the Certification Header using AES256CBC on | Decrypt the Certification Header using AES256CBC on PSVita (to document for PS3). | ||
This results into the key and IV used in step 2. | This results into the key and IV used in step 2. | ||
Line 273: | Line 272: | ||
* Step 2: Get plain Certification | * Step 2: Get plain Certification | ||
Use the key and IV decrypted from the Encryption Root Header to decrypt the Certification using AES128CBC on | Use the key and IV decrypted from the Encryption Root Header to decrypt the Certification using AES128CBC on PSVita (what on PS3 ?). | ||
* Step 3: Parse Certification | * Step 3: Parse Certification | ||
SELF Certification is typically stored in the following format | The SELF Certification is typically stored in the following format (below is a CF metadata example of a 4 sections PSVita SELF). | ||
SPKG Certification follows the same principles but is slightly different (different Magic/Header). | The SPKG Certification follows the same principles but is slightly different (different Magic/Header). | ||
<source lang = "C"> | <source lang = "C"> | ||
Line 286: | Line 285: | ||
00000000 F0 07 00 00 00 00 00 00 05 00 00 00 04 00 00 00 ð............... <<< Certification Header | 00000000 F0 07 00 00 00 00 00 00 05 00 00 00 04 00 00 00 ð............... <<< Certification Header | ||
00000010 18 00 00 00 70 01 00 00 00 00 00 00 00 00 00 00 ....p........... <<< Certification Header | 00000010 18 00 00 00 70 01 00 00 00 00 00 00 00 00 00 00 ....p........... <<< Certification Header | ||
00000020 00 0A 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 ........À....... <<< First | 00000020 00 0A 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 ........À....... <<< First section address | ||
00000030 02 00 00 00 01 00 00 00 06 00 00 00 00 00 00 00 ................ | 00000030 02 00 00 00 01 00 00 00 06 00 00 00 00 00 00 00 ................ | ||
00000040 03 00 00 00 04 00 00 00 05 00 00 00 01 00 00 00 ................ | 00000040 03 00 00 00 04 00 00 00 05 00 00 00 01 00 00 00 ................ | ||
00000050 00 0B 00 00 00 00 00 00 FC B4 07 00 00 00 00 00 ........ü´...... <<< Second | 00000050 00 0B 00 00 00 00 00 00 FC B4 07 00 00 00 00 00 ........ü´...... <<< Second section address | ||
00000060 02 00 00 00 02 00 00 00 06 00 00 00 06 00 00 00 ................ | 00000060 02 00 00 00 02 00 00 00 06 00 00 00 06 00 00 00 ................ | ||
00000070 03 00 00 00 0A 00 00 00 0B 00 00 00 01 00 00 00 ................ | 00000070 03 00 00 00 0A 00 00 00 0B 00 00 00 01 00 00 00 ................ | ||
00000080 00 C0 07 00 00 00 00 00 98 1E 00 00 00 00 00 00 .À......˜....... <<< Third | 00000080 00 C0 07 00 00 00 00 00 98 1E 00 00 00 00 00 00 .À......˜....... <<< Third section address | ||
00000090 02 00 00 00 03 00 00 00 06 00 00 00 0C 00 00 00 ................ | 00000090 02 00 00 00 03 00 00 00 06 00 00 00 0C 00 00 00 ................ | ||
000000A0 03 00 00 00 10 00 00 00 11 00 00 00 01 00 00 00 ................ | 000000A0 03 00 00 00 10 00 00 00 11 00 00 00 01 00 00 00 ................ | ||
000000B0 00 DF 07 00 00 00 00 00 9D BA 02 00 00 00 00 00 .ß.......º...... <<< Fourth | 000000B0 00 DF 07 00 00 00 00 00 9D BA 02 00 00 00 00 00 .ß.......º...... <<< Fourth section address | ||
000000C0 02 00 00 00 04 00 00 00 06 00 00 00 12 00 00 00 ................ | 000000C0 02 00 00 00 04 00 00 00 06 00 00 00 12 00 00 00 ................ | ||
000000D0 03 00 00 00 16 00 00 00 17 00 00 00 01 00 00 00 ................ | 000000D0 03 00 00 00 16 00 00 00 17 00 00 00 01 00 00 00 ................ | ||
000000E0 AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA ªªªªªªªªªªªªªªªª <<< First | 000000E0 AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA ªªªªªªªªªªªªªªªª <<< First Section Hash | ||
000000F0 AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA ªªªªªªªªªªªªªªªª <<< First | 000000F0 AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA ªªªªªªªªªªªªªªªª <<< First Section Hash | ||
00000100 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ | 00000100 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ | ||
00000110 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ | 00000110 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ | ||
00000120 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< First | 00000120 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< First Section random key | ||
00000130 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< First | 00000130 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< First Section random IV | ||
00000140 BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB »»»»»»»»»»»»»»»» <<< Second | 00000140 BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB »»»»»»»»»»»»»»»» <<< Second Section Hash | ||
00000150 BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB »»»»»»»»»»»»»»»» <<< Second | 00000150 BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB »»»»»»»»»»»»»»»» <<< Second Section Hash | ||
00000160 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< HMAC key | 00000160 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< HMAC key | ||
00000170 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< HMAC key | 00000170 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< HMAC key | ||
00000180 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< Second | 00000180 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< Second Section random key | ||
00000190 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< Second | 00000190 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< Second Section random IV | ||
000001A0 CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC ÌÌÌÌÌÌÌÌÌÌÌÌÌÌÌÌ <<< Third | 000001A0 CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC ÌÌÌÌÌÌÌÌÌÌÌÌÌÌÌÌ <<< Third Section Hash | ||
000001B0 CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC ÌÌÌÌÌÌÌÌÌÌÌÌÌÌÌÌ <<< Third | 000001B0 CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC ÌÌÌÌÌÌÌÌÌÌÌÌÌÌÌÌ <<< Third Section Hash | ||
000001C0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< HMAC key | 000001C0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< HMAC key | ||
000001D0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< HMAC key | 000001D0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< HMAC key | ||
000001E0 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< Third | 000001E0 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< Third Section random key | ||
000001F0 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< Third | 000001F0 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< Third Section random IV | ||
00000200 DD DD DD DD DD DD DD DD DD DD DD DD DD DD DD DD ÝÝÝÝÝÝÝÝÝÝÝÝÝÝÝÝ <<< Fourth | 00000200 DD DD DD DD DD DD DD DD DD DD DD DD DD DD DD DD ÝÝÝÝÝÝÝÝÝÝÝÝÝÝÝÝ <<< Fourth Section Hash | ||
00000210 DD DD DD DD DD DD DD DD DD DD DD DD DD DD DD DD ÝÝÝÝÝÝÝÝÝÝÝÝÝÝÝÝ <<< Fourth | 00000210 DD DD DD DD DD DD DD DD DD DD DD DD DD DD DD DD ÝÝÝÝÝÝÝÝÝÝÝÝÝÝÝÝ <<< Fourth Section Hash | ||
00000220 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< HMAC key | 00000220 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< HMAC key | ||
00000230 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< HMAC key | 00000230 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< HMAC key | ||
00000240 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< Fourth | 00000240 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< Fourth Section random key | ||
00000250 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< Fourth | 00000250 EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE EE îîîîîîîîîîîîîîîî <<< Fourth Section random IV | ||
00000260 01 00 00 00 30 00 00 00 01 00 00 00 00 00 00 00 ....0........... <<< type (u32), | 00000260 01 00 00 00 30 00 00 00 01 00 00 00 00 00 00 00 ....0........... <<< type (u32), section size (u32), isMoreSections (u32) | ||
00000270 80 00 00 00 C0 00 F0 00 00 00 00 00 FF FF FF FF €...À.ð.....ÿÿÿÿ | 00000270 80 00 00 00 C0 00 F0 00 00 00 00 00 FF FF FF FF €...À.ð.....ÿÿÿÿ | ||
00000270 80 00 00 00 C0 00 F0 00 00 00 00 00 FF FF FF FF €...À.ð.....ÿÿÿÿ | 00000270 80 00 00 00 C0 00 F0 00 00 00 00 00 FF FF FF FF €...À.ð.....ÿÿÿÿ | ||
00000280 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | 00000280 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | ||
00000290 02 00 00 00 10 01 00 00 01 00 00 00 00 00 00 00 ................ <<< type (u32), | 00000290 02 00 00 00 10 01 00 00 01 00 00 00 00 00 00 00 ................ <<< type (u32), section size (u32), isMoreSections (u32) | ||
000002A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | 000002A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | ||
000002B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | 000002B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | ||
Line 343: | Line 342: | ||
00000380 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | 00000380 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | ||
00000390 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | 00000390 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | ||
000003A0 03 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 ....0........... <<< type (u32), | 000003A0 03 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 ....0........... <<< type (u32), section size (u32), isMoreSections (u32) | ||
000003B0 80 09 80 03 00 00 C3 00 00 00 80 09 80 00 00 00 €.€...Ã...€.€... | 000003B0 80 09 80 03 00 00 C3 00 00 00 80 09 80 00 00 00 €.€...Ã...€.€... | ||
000003C0 00 00 00 00 00 00 00 00 00 00 00 00 FF FF FF FF ............ÿÿÿÿ | 000003C0 00 00 00 00 00 00 00 00 00 00 00 00 FF FF FF FF ............ÿÿÿÿ | ||
000003D0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 000003D0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
000003E0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 000003E0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
000003F0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 000003F0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000400 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000400 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000410 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000410 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000420 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000420 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000430 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000430 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000440 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000440 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000450 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000450 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000460 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000460 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000470 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000470 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000480 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000480 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000490 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000490 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
000004A0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 000004A0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
000004B0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 000004B0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
000004C0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 000004C0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
000004D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ <<< Certification Body end, padding | 000004D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ <<< Certification Body end, padding | ||
</source> | </source> | ||
Line 394: | Line 393: | ||
00000170 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< Random key | 00000170 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< Random key | ||
00000180 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< Random IV | 00000180 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ <<< Random IV | ||
00000190 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000190 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
000001A0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 000001A0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
000001B0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 000001B0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
000001C0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 000001C0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
000001D0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 000001D0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
000001E0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 000001E0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
000001F0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 000001F0 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000200 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000200 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000210 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000210 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000220 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000220 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000230 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000230 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000240 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000240 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000250 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000250 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000260 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000260 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
00000270 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< | 00000270 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 ................ <<< RSA SIG | ||
</source> | </source> | ||
* Step 4: | * Step 4: Get plain CF sections | ||
Use the keys and IVs with the specified algorithm from the Segment Certification to decrypt the respective sections. | |||
* Step 5: Uncompress CF | * Step 5: Uncompress CF sections if needed | ||
CF | CF sections can be compressed. This is reported in the Segment Certification Header. | ||
{{File Formats}} | {{File Formats}} | ||
<noinclude>[[Category:Main]]</noinclude> | <noinclude>[[Category:Main]]</noinclude> |