Editing Seeds

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 35: Line 35:
* Location: aim_spu_module.self/isoldr/appldr/lv1ldr/spu_token_processor.self/spu_utoken_processor.self
* Location: aim_spu_module.self/isoldr/appldr/lv1ldr/spu_token_processor.self/spu_utoken_processor.self


==== EID0 section 0 seed for enc/dec + CMAC (Kirk command 0x12) ====
==== EID0 section 0 seed ====


<pre>2ED7CE8D1D55454585BF6A3281CD03AF</pre>
<pre>2ED7CE8D1D55454585BF6A3281CD03AF</pre>
Line 41: Line 41:
* Location: aim_spu_module.self
* Location: aim_spu_module.self


==== EID0 section 6 seed for enc/dec + CMAC (Kirk command 0x12) ====
==== EID0 section 6 seed ====


<pre>3AB0E6C4ACFFB629362FFBBBDBC854BC</pre>
<pre>3AB0E6C4ACFFB629362FFBBBDBC854BC</pre>
Line 47: Line 47:
* Location: pspemudrm (KIRK)
* Location: pspemudrm (KIRK)


==== EID0 section 0xA seed for enc/dec + CMAC (Kirk command 0x12) ====
==== EID0 section 6 seed for encrypted ECDSA private key ====


<pre>30B0395DC5835AAA3A7986B44AFAE684</pre>
<pre>33793B9F79E2EBAE55D4D6BF0ED376E6</pre>


* Location: aim_spu_module.self
Notes:
* This seed is the equivalent of the PSP KIRK command 0x10 AES128ECB seed (idskey0).
* Does EID0 section 0xA (or others) use the same seed ? Else why not to search their seed ;) ?


==== EID0 section 6 seed for encrypted ECDSA private key (Kirk command 0x10) ====
1) aes-256-ecb encrypt the seed with per-console EID0_key, in order to obtain the 128bit decryption key to decrypt your per-console encrypted ECDSA private key.


<pre>33793B9F79E2EBAE55D4D6BF0ED376E6</pre>
2) aes-128-ecb decrypt the encrypted ECDSA private key, located in the decrypted EID0 section 6 at offset 0x88.


Notes:
3) Verify the ECDSA private key. See KIRK command 0x10 on PSP or PS3 wiki (same public key and curve).
* This seed is the equivalent of the PSP Kirk command 0x10 AES128ECB seed (idskey0).
* EID0 sections 7-0xA use a different and unknown seed.


1) aes-256-ecb encrypt the seed with per-console EID0_key (indiv+0x20) and EID0_iv (indiv+0x10), in order to obtain the 128bit decryption key to decrypt per-console encrypted ECDSA private key.
* Location: pspemudrm (KIRK)


2) aes-128-cbc decrypt with iv=0 the encrypted ECDSA private key, located at certificate offset 0x88.
==== EID0 section 0xA seed ====


3) Verify the ECDSA private key by using the ECDSA public key at certificate offset 0x10. See KIRK command 0x10 on PSP or PS3 wiki (same constant public key and curve).
<pre>30B0395DC5835AAA3A7986B44AFAE684</pre>


* Location: pspemudrm (KIRK)
* Location: aim_spu_module.self


=== EID1 ===
=== EID1 ===
Line 423: Line 423:
= Notes =
= Notes =


* There are some tools that to work with these seeds: libeeid / ps3hdd_poc / ps3_decrypt_tools.
* libeeid / ps3hdd_poc / ps3_decrypt_tools were adapted to work with these seeds. So use these toosl.
* https://github.com/zecoxao/ps3_decrypt_tools Up-to-date tool for EID decryption and encryption.
* https://github.com/zecoxao/ps3_decrypt_tools Up-to-date tools for decrypting and encrypting.
* The seeds are scattered all over the wiki, so it's nice to have a spot where you can look at the seed you wish :)
* The seeds are scattered all over the wiki, so it's nice to have a spot where you can look at the seed you wish :)
* Many thanks to fail0verfl0w for this. Gotta love the print_hash function :3
* Many thanks to fail0verfl0w for this. Gotta love the print_hash function :3
Line 444: Line 444:
= References =
= References =


[[Iso_module|Isolated modules]] <- used as reference for EID specific seeds, amongst others
[Iso_module isolated modules] <- used as reference for EID specific seeds, amongst others




{{Reverse engineering}}<noinclude>[[Category:Main]]</noinclude>
{{Reverse engineering}}<noinclude>[[Category:Main]]</noinclude>
Please note that all contributions to PS3 Developer wiki are considered to be released under the GNU Free Documentation License 1.2 (see PS3 Developer wiki:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:

Cancel Editing help (opens in new window)

Templates used on this page:

Retrieved from "http://www.psdevwiki.com/ps3/Seeds"