Editing ENCDEC Device Reverse Engineering
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
=Introduction= | =Introduction= | ||
* The following information was reverse engineered from LV1, Storage Manager in LPAR1, sb_iso_spu_module.self and sv_iso_spu_module.self. | * The following information was reverse engineered from LV1, Storage Manager in LPAR1, sb_iso_spu_module.self and sv_iso_spu_module.self. | ||
Line 26: | Line 25: | ||
* Before a secure communication channel is established, host and ENCDEC device use static AES-CBC-192 keys to encrypt communication data. The static keys can be found e.g. in sb_iso_spu_module.self or sv_iso_spu_module.self. | * Before a secure communication channel is established, host and ENCDEC device use static AES-CBC-192 keys to encrypt communication data. The static keys can be found e.g. in sb_iso_spu_module.self or sv_iso_spu_module.self. | ||
* Static ENCDEC keys depend on SB bus version. To get your SB bus version, read v2 of repository node SB bus id. | * Static ENCDEC keys depend on SB bus version. To get your SB bus version, read v2 of repository node SB bus id. | ||
* During the communication, host and ENCDEC device use random IVs which are sent unencrypted together with encrypted payload. | * During the communication, host and ENCDEC device use random IVs which are sent unencrypted together with encrypted payload. | ||
* The ENCDEC commands, which are encrypted with the session key, contain magic 24 bytes which are checked by ENCDEC device and if some bits are not correct then the command is denied. The magic bytes can be found in sb_iso_spu_module.self too. | * The ENCDEC commands, which are encrypted with the session key, contain magic 24 bytes which are checked by ENCDEC device and if some bits are not correct then the command is denied. The magic bytes can be found in sb_iso_spu_module.self too. | ||
Line 61: | Line 45: | ||
* Used by host to send ENCDEC command to ENCDEC device. | * Used by host to send ENCDEC command to ENCDEC device. | ||
* Sent data is encrypted with the session key. | * Sent data is encrypted with the session key. | ||
==KGEN_FLASH (0x84)== | ==KGEN_FLASH (0x84)== | ||
Line 75: | Line 58: | ||
=Set ENCDEC Keys= | =Set ENCDEC Keys= | ||