Editing Talk:BD Drive Reverse Engineering
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 5: | Line 5: | ||
First you need to get the sv_iso_spu_module.self individuals seed that can be found in the metadata header: | First you need to get the sv_iso_spu_module.self individuals seed that can be found in the metadata header: | ||
<pre> | |||
3E C2 0C 17 02 19 01 97 8A 29 71 79 38 29 D3 08 | |||
04 29 FA 84 E3 3E 7F 73 0C 1D 41 6E EA 25 CA FB | |||
3D E0 2B C0 05 EA 49 0B 03 E9 91 98 F8 3F 10 1F | |||
1B A3 4B 50 58 94 28 AD D2 B3 EB 3F F4 C3 1A 58 | |||
</pre> | |||
Using your console specific eid_root_key/iv (e.g. from metldr dump) and libeeid (insert the seed in keys.c) you can then decrypt EID4 directly by calling | Using your console specific eid_root_key/iv (e.g. from metldr dump) and libeeid (insert the seed in keys.c) you can then decrypt EID4 directly by calling | ||
< | <pre> | ||
u8 eid4[0x30] = {/* your EID4 */}; | |||
eid4_decrypt_buffer(eid4); | |||
</ | </pre> | ||
Now you got the two keys you need in eid4+0x00 and eid4+0x10 :) | Now you got the two keys you need in eid4+0x00 and eid4+0x10 :) | ||
Line 23: | Line 25: | ||
First you need to get the fdm_spu_module.self individuals seed that can be found in the metadata header: | First you need to get the fdm_spu_module.self individuals seed that can be found in the metadata header: | ||
<pre> | |||
74 92 XX XX XX XX XX XX XX XX XX XX XX XX XX XX | |||
66 83 XX XX XX XX XX XX XX XX XX XX XX XX XX XX | |||
BC 1A XX XX XX XX XX XX XX XX XX XX XX XX XX XX | |||
09 57 XX XX XX XX XX XX XX XX XX XX XX XX XX XX | |||
</pre> | |||
Using your console specific eid_root_key/iv (e.g. from metldr dump) and libeeid (insert the seed, key and IV in keys.c) you can then decrypt EID2 directly by calling | Using your console specific eid_root_key/iv (e.g. from metldr dump) and libeeid (insert the seed, key and IV in keys.c) you can then decrypt EID2 directly by calling | ||
<pre> | <pre> | ||
u8 eid2[0x730] = {/* your EID2 */}; | |||
p_block = eid2_generate_block_buffer(p_block_enc, EID2_BLOCKTYPE_P); | |||
s_block = eid2_generate_block_buffer(s_block_enc, EID2_BLOCKTYPE_S); | |||
eid2_decrypt_block(p_block + 0x10, 0x60); | |||
eid2_decrypt_block(s_block + 0x10, 0x670); | |||
} | |||
</pre> | </pre> |