Editing SELF - SPRX
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
SELF stands for Signed Executable and Linkable Format. | SELF stands for Signed Executable and Linkable Format. SPRX stands for Signed Playstation Relocatable eXecutable. They are the format used by the executables on the PS3 and PSVita. | ||
[[File:Self.png|thumb|alt=A screenshot of f0f's presentation at CCC2010.]] | [[File:Self.png|thumb|alt=A screenshot of f0f's presentation at CCC2010.]] | ||
Line 6: | Line 6: | ||
= Introduction = | = Introduction = | ||
It consists of a CF header with an extended header followed by the encapsulated ELF file. ELF sections can be compressed using gzip. SELFs are encrypted and signed, unlike fSELFs. ELF sections are encrypted using AES128 and signed using ECDSA160 or RSA2048 + HMAC-SHA1 or HMAC-SHA256. SELF file has a specific header called Extended header where it stores all the parameters for this program. | |||
*Extended Header | *Extended Header | ||
It consists of information regarding the structure and offsets of the SELF. The first part is in plaintext until you reach Encryption Root Header. | |||
*Encryption Root Header | *Encryption Root Header | ||
Encryption Root Header is encrypted under | Encryption Root Header is itself encrypted under AES256CBC. It contains key and ivec to further decrypt the Certification data using AES128(CBC or CTR). | ||
*Certification data | *Certification data | ||
Certification Header, Certification Body and | The Certification Header, Certification Body and Certification Footer are encrypted under this AES128 layer and are decrypted with the key above. | ||
*Certification Header | *Certification Header | ||
Certification Header contains the info required to authenticate the Certification. The Certification Footer signature is ECDSA160 of the SHA1 digest of the SELF file starting at offset 0x0 and ending at offset footer_offset, or RSA2048 ?of the same data?. | |||
*Data | *Data Sections | ||
The data sections can be encrypted and/or compressed. SHA1/HMAC-SHA1/HMAC-SHA256 is used to ensure that they have not been modified. | |||
= Cryptography = | = Cryptography = | ||
Line 29: | Line 29: | ||
Basically here are the steps being involved by the loaders: | Basically here are the steps being involved by the loaders: | ||
Loaders all have a static key and iv called respectively <abbr title="ERK - 256bit Encryption Round Key">erk</abbr> and <abbr title="RIV - 128bit Reset Initialization Vector">riv</abbr>. Those are keys for the first decryption step which is to decrypt the | Loaders all have a static key and iv called respectively <abbr title="ERK - 256bit Encryption Round Key">erk</abbr> and <abbr title="RIV - 128bit Reset Initialization Vector">riv</abbr>. Those are keys for the first decryption step which is to decrypt the very first 0x40 bytes of the SELF's metadata using <abbr title="AES256CBC - Advanced Encryption Standard - 256 bit - Cipher-block chaining">AES256CBC</abbr>. When the SELF is protected by [[NPDRM]] ?instead of using static keys?, erk and riv are derived by decrypting klicensee using "NP_klic_key". | ||
Then the result is used as key and iv to decrypt the rest of the Certification data using <abbr title="AESCTR - Advanced Encryption Standard - Counter Mode">AES128CTR</abbr> (PS3) or AES128CBC ( | Then the result is used as key and iv to decrypt the rest of the Certification data using <abbr title="AESCTR - Advanced Encryption Standard - Counter Mode">AES128CTR</abbr> (PS3) or AES128CBC (PSVita). Finally the decrypted Certification data contains the key and iv for each data sections which are still decrypted following the Segment Certification Header information. This security model is based on the fact that the Certification Root Header once decrypted by the static AES256CBC key in the loader should never be the same from one binary to the other. The same goes for any other value used as an AES128 key or iv. | ||
Loaders are also involved with inflating the binaries using zlib. | Loaders are also involved with inflating the binaries using zlib. | ||
The SELF authenticity is based on other independent steps, <abbr title="HMAC-SHA1 - Hash-based Message Authentication Code - Secure Hash Algorithm 1">HMAC-SHA1</abbr> or HMAC-SHA256 of the data | The SELF authenticity is based on other independent steps, <abbr title="HMAC-SHA1 - Hash-based Message Authentication Code - Secure Hash Algorithm 1">HMAC-SHA1</abbr> or HMAC-SHA256 of the data sections and <abbr title="ECDSA - Elliptic Curve Digital Signature Algorithm">ECDSA160</abbr> or RSA2048 for the signature of the header and the Certification data. | ||
== Short references == | == Short references == | ||
Line 48: | Line 48: | ||
= fSELF = | = fSELF = | ||
fSELF stands for fake signed ELF. It is the format | fSELF stands for fake signed ELF. It is the format ouput by developer SDK. As it name suggests, it is not signed nor encrypted. If it was, that would imply SDK embeds private keys to sign it and keys to encrypt it. | ||
A fSELF has Attribute set to 0x8000. ?always? | A fSELF has Attribute set to 0x8000. ?always? | ||
A fSELF has usually less rights than a | A fSELF has usually less rights than a System SELF. The OS recognizes a fSELF by looking at its program-authority-id. | ||
To document more... | To document more... | ||
Line 60: | Line 60: | ||
== PS3 == | == PS3 == | ||
Files with extensions: eboot.bin, | Files with extensions: eboot.bin, .self, .sprx. | ||
See also [[SELFs inside ELFs]]. | See also [[SELFs inside ELFs]]. | ||
== | == PSVita == | ||
Files with extensions: eboot.bin, | Files with extensions: eboot.bin, .self, .suprx, .skprx. | ||
= File Format = | = File Format = | ||
Notes: | Notes: | ||
* Warning: PS3 uses big endian, | * Warning: PS3 uses big endian, PSVita uses little endian. | ||
* Encapsulated ELF header fields are useless (only the EI_CLASS EI_DATA and EI_VERSION fields are checked). | * Encapsulated ELF header fields are useless (only the EI_CLASS EI_DATA and EI_VERSION fields are checked). | ||
Line 82: | Line 82: | ||
</pre> | </pre> | ||
== Special | == Special SELFs == | ||
=== Warhawk public beta release 012 === | === Warhawk public beta release 012 === | ||
Oldest official game SELF ( | Oldest official game SELF (not NPDRM !!!) I have found for now: 2007-06-08. | ||
*https://web.archive.org/web/*/http://download-prod.online.scea.com/medius-patch/warhawk-pubeta/warhawk//* | *https://web.archive.org/web/*/http://download-prod.online.scea.com/medius-patch/warhawk-pubeta/warhawk//* | ||
Line 121: | Line 121: | ||
! field !! offset !! type !! notes | ! field !! offset !! type !! notes | ||
|- | |- | ||
| Extended Header version || 0x0 || u64 || 3 for PS3, 4 for | | Extended Header version || 0x0 || u64 || 3 for PS3, 4 for PSVita | ||
|- | |- | ||
| Program Identification Header offset || 0x8 || u64 || Offset to Program Identification Header. | | Program Identification Header offset || 0x8 || u64 || Offset to Program Identification Header. | ||
Line 144: | Line 144: | ||
=== Comments === | === Comments === | ||
The real ELF data is located after the Extended Header (see Extended Header size in [[Certified File#Header|Certified File Header]]). It is encrypted, unless [[Certified File]] attribute is 0x8000 (fake CF). unfself works by cutting the SCE header from the fSELF and if needed decompressing | The real ELF data is located after the Extended Header (see Extended Header size in [[Certified File#Header|Certified File Header]]). It is encrypted, unless [[Certified File]] attribute is 0x8000 (fake CF). unfself works by cutting the SCE header from the fSELF and if needed decompressing sections. | ||
== Program Identification Header == | == Program Identification Header == | ||
Temp name was App Info. Official name is Program Identification Header. | |||
=== Struct === | === Struct === | ||
Line 211: | Line 211: | ||
[http://www.openwatcom.com/ftp/devel/docs/elf-64-gen.pdf ELF-64 Object File Format] | [http://www.openwatcom.com/ftp/devel/docs/elf-64-gen.pdf ELF-64 Object File Format] | ||
==== | ==== PSVita ==== | ||
<source lang="C"> | <source lang="C"> | ||
Line 272: | Line 272: | ||
|} | |} | ||
See also [https://wiki.henkaku.xyz/vita/images/a/a2/Vita_SDK_specifications.pdf | See also specifications: | ||
[https://wiki.henkaku.xyz/vita/images/a/a2/Vita_SDK_specifications.pdf yifanlu specs] | |||
=== SCE specific ELF types (e_type) === | === SCE specific ELF types (e_type) === | ||
Line 289: | Line 290: | ||
#define ET_SCE_PSPRELEXEC 0xFFA0 /* SCE PSP Relocatable Executable */ | #define ET_SCE_PSPRELEXEC 0xFFA0 /* SCE PSP Relocatable Executable */ | ||
#define ET_SCE_PPURELEXEC 0xFFA4 /* SCE PPU Relocatable Executable */ | #define ET_SCE_PPURELEXEC 0xFFA4 /* SCE PPU Relocatable Executable */ | ||
#define ET_SCE_ARMRELEXEC 0xFFA5 /* ?SCE ARM Relocatable Executable ( | #define ET_SCE_ARMRELEXEC 0xFFA5 /* ?SCE ARM Relocatable Executable (PSVita FW <=0.931) */ | ||
#define ET_SCE_PSPOVERLAY 0xFFA8 /* ? */ | #define ET_SCE_PSPOVERLAY 0xFFA8 /* ? */ | ||
</source> | </source> | ||
Line 319: | Line 320: | ||
</source> | </source> | ||
==== | ==== PSVita ==== | ||
<source lang="C"> | <source lang="C"> | ||
Line 339: | Line 340: | ||
=== SCE specific segment types (p_type) === | === SCE specific segment types (p_type) === | ||
<source lang=" | <source lang="C"> | ||
#define PT_SCE_RELA 0x60000000 | #define PT_SCE_RELA 0x60000000 | ||
#define PT_SCE_LICINFO_1 0x60000001 | #define PT_SCE_LICINFO_1 0x60000001 | ||
#ddfine PT_SCE_LICINFO_2 0x60000002 | #ddfine PT_SCE_LICINFO_2 0x60000002 | ||
#define PT_SCE_DYNLIBDATA 0x61000000 | #define PT_SCE_DYNLIBDATA 0x61000000 | ||
#define | #define PT_SCE_PROCPARAM 0x61000001 | ||
#define | #define PT_SCE_UNK_61000010 0x61000010 | ||
#define PT_SCE_COMMENT 0x6FFFFF00 | #define PT_SCE_COMMENT 0x6FFFFF00 | ||
#define PT_SCE_LIBVERSION 0x6FFFFF01 | #define PT_SCE_LIBVERSION 0x6FFFFF01 | ||
Line 356: | Line 356: | ||
#define PT_SCE_PPURELA 0x700000A4 | #define PT_SCE_PPURELA 0x700000A4 | ||
#define PT_SCE_SEGSYM 0x700000A8 | #define PT_SCE_SEGSYM 0x700000A8 | ||
</source> | </source> | ||
Line 436: | Line 401: | ||
== Segment Extended Header == | == Segment Extended Header == | ||
Temp name was SELF Section Info. Official name is segment_ext_header. | |||
A table which maps each phdr entry to the actual offset/size within the encrypted CF. Indeed, because sections can be compressed, they might not match the values listed within the ELF phdr/shdr. | |||
There is one of these entries for each ELF phdr (ELF Program Segment Header) entry in the ELF file so that the console knows where to decrypt the data from | There is one of these entries for each ELF phdr (ELF Program Segment Header) entry in the ELF file so that the console knows where to decrypt the data from (because it might also be compressed). | ||
=== Struct === | === Struct === | ||
Line 515: | Line 480: | ||
== Supplemental Header Table == | == Supplemental Header Table == | ||
Temp name was Control Information. Official name is supplemental_header_table. | |||
=== Struct === | === Struct === | ||
Line 524: | Line 489: | ||
unsigned char s[0x1C]; | unsigned char s[0x1C]; | ||
} ECDSA224_signature; | } ECDSA224_signature; | ||
typedef struct { | typedef struct { | ||
uint32_t type; // 1=PS3 plaintext_capability; 2=PS3 ELF digest; 3=PS3 NPDRM, 4= | uint32_t type; // 1=PS3 plaintext_capability; 2=PS3 ELF digest; 3=PS3 NPDRM, 4=PSVita ELF digest; 5=PSVita NPDRM; 6=PSVita boot param; 7=PSVita shared secret | ||
uint32_t size; | uint32_t size; | ||
uint64_t next; // 1 if another Supplemental Header element follows else 0 | uint64_t next; // 1 if another Supplemental Header element follows else 0 | ||
Line 549: | Line 503: | ||
// type 2, 0x40 bytes | // type 2, 0x40 bytes | ||
struct { // 0x30 bytes of data | struct { // 0x30 bytes of data | ||
uint8_t constant[0x14]; // same for every PS3 | uint8_t constant[0x14]; // same for every PSVita/PS3 SELF, hardcoded in make_fself.exe: 627CB1808AB938E32C8C091708726A579E2586E4 | ||
uint8_t elf_digest[0x14]; // SHA-1. Hash F2C552BF716ED24759CBE8A0A9A6DB9965F3811C is blacklisted by appldr | uint8_t elf_digest[0x14]; // SHA-1. Hash F2C552BF716ED24759CBE8A0A9A6DB9965F3811C is blacklisted by appldr | ||
uint64_t required_system_version; // filled on Sony | uint64_t required_system_version; // filled on Sony auth server, contains decimal PS3_SYSTEM_VER value from PARAM.SFO | ||
} PS3_elf_digest_header_40; | } PS3_elf_digest_header_40; | ||
Line 567: | Line 521: | ||
// type 4, 0x50 bytes | // type 4, 0x50 bytes | ||
struct { // 0x40 bytes of data | struct { // 0x40 bytes of data | ||
uint8_t constant[0x14]; // same for every PS3 | uint8_t constant[0x14]; // same for every PSVita/PS3 SELF, hardcoded in make_fself.exe: 627CB1808AB938E32C8C091708726A579E2586E4 | ||
uint8_t elf_digest[0x20]; // SHA-256 of source ELF file. | uint8_t elf_digest[0x20]; // SHA-256 of source ELF file. | ||
uint8_t padding[8]; | uint8_t padding[8]; | ||
Line 576: | Line 530: | ||
struct { // 0x100 bytes of data | struct { // 0x100 bytes of data | ||
uint32_t magic; // 7F 44 52 4D (".DRM") | uint32_t magic; // 7F 44 52 4D (".DRM") | ||
uint32_t finalized_flag; // ex: 80 00 00 01 | uint32_t finalized_flag; // ex: 80 00 00 01 | ||
uint32_t drm_type; // [[NPDRM#DRM_Type]] | uint32_t drm_type; // [[NPDRM#DRM_Type]] ex: 2 local, 0xD free with license requirement | ||
uint32_t padding; | uint32_t padding; | ||
uint8_t content_id[0x30]; | uint8_t content_id[0x30]; | ||
uint8_t digest[0x10]; // ?sha-1 hash of debug | uint8_t digest[0x10]; // ?sha-1 hash of debug self/sprx created using make_fself_npdrm? content_id hash? | ||
uint8_t padding_78[0x78]; | uint8_t padding_78[0x78]; | ||
ECDSA224_signature sig[0x38]; // signature of PSVita_npdrm_header? signature of an external NPDRM file? | ECDSA224_signature sig[0x38]; // signature of PSVita_npdrm_header? signature of an external NPDRM file? | ||
Line 592: | Line 546: | ||
// type 7, 0x50 bytes | // type 7, 0x50 bytes | ||
struct { // 0x40 bytes of data | struct { // 0x40 bytes of data | ||
uint8_t shared_secret_0[0x10]; // ex: 0x7E7FD126A7B9614940607EE1BF9DDF5E or full of zeroes | |||
uint8_t shared_secret_1[0x10]; // ex: full of zeroes | |||
uint8_t shared_secret_2[0x10]; // ex: full of zeroes | |||
uint8_t shared_secret_3[0x10]; // ex: full of zeroes | |||
} PSVita_shared_secret_header; | } PSVita_shared_secret_header; | ||
}; | }; | ||
Line 609: | Line 566: | ||
uint8[0x14] elf_digest; /* sha1 hash of the ELF file */ | uint8[0x14] elf_digest; /* sha1 hash of the ELF file */ | ||
uint32_t unknown_0; /* seems to be padding */ | uint32_t unknown_0; /* seems to be padding */ | ||
uint64_t | uint64_t required_system_vesion; /* PS3_SYSTEM_VER, decimal format */ | ||
} supplemental_header_table; | } supplemental_header_table; | ||
</source> | </source> | ||
Line 623: | Line 580: | ||
** Decrypt the data using the algorithm, key and ivec from the Segment Certification specified by keyIndex and ivecIndex in the Segment Certification Header. | ** Decrypt the data using the algorithm, key and ivec from the Segment Certification specified by keyIndex and ivecIndex in the Segment Certification Header. | ||
** Uncompress the data using the algorithm specified in the Segment Certification Header. | ** Uncompress the data using the algorithm specified in the Segment Certification Header. | ||
** Write the output data to the ELF file as the program section specified by | ** Write the output data to the ELF file as the program section specified by program_idx in the Segment Certification Header. | ||
= Tools = | = Tools = | ||
Line 651: | Line 608: | ||
=== some tool by geohot (2009) === | === some tool by geohot (2009) === | ||
To | To document. | ||
=== scetool by fail0verflow (?2010?) === | === scetool by fail0verflow (?2010?) === | ||
To | To document. | ||
=== some tool by xorloser === | === some tool by xorloser === | ||
To | To document. | ||
{{File Formats}}<noinclude> | {{File Formats}}<noinclude>[[Category:Main]]</noinclude> | ||
[[Category:Main]] | |||
</noinclude> |