Editing User talk:Masterzorag
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 189: | Line 189: | ||
We got info0 + info1, 64bytes each | We got info0 + info1, 64bytes each | ||
content is 2845bytes, total is data | content is 2845bytes, total is data lenght 2973 | ||
info0, info1 are not encrypted | info0, info1 are not encrypted | ||
</pre> | </pre> | ||
Line 282: | Line 282: | ||
=collecting spkg_hdr.1 signatures= | =collecting spkg_hdr.1 signatures= | ||
I've started collecting into an SQLite database all publicily available ECDSA signatures | I've started collecting into an SQLite database all publicily available ECDSA signatures of spkg.hdr.1 files, to research.<br /> | ||
Note that here I've named 3.57 the 3.56#2 one! I know, 3.57 doesn't exist. | Note that here I've named 3.57 the 3.56#2 one! I know, 3.57 doesn't exist. | ||
*get spkg_hdr.tar file from PS3UPDAT.PUP, here I've just added an argument to pupunpack to extract only the needed section: | *get spkg_hdr.tar file from PS3UPDAT.PUP, here I've just added an argument to pupunpack to extract only the needed section: | ||
Line 323: | Line 323: | ||
sig = 0001bd4af80d5e8f190baea58e6613e5672d1c29a8000dcfad27f4edcef9f0b9f000759d89ebb050d871 | sig = 0001bd4af80d5e8f190baea58e6613e5672d1c29a8000dcfad27f4edcef9f0b9f000759d89ebb050d871 | ||
... | ... | ||
* | *collector can also export to STDOUT, we can filter, sort... | ||
# ./ps3tools/collector 2 | head -12 | # ./ps3tools/collector 2 | head -12 | ||
Connection successful | Connection successful | ||
Line 352: | Line 352: | ||
# ./ps3tools/collector 2 | grep "r =" | sort | uniq | wc -l | # ./ps3tools/collector 2 | grep "r =" | sort | uniq | wc -l | ||
298 lines (no same r!) | 298 lines (no same r!) | ||
*database can be accessed via SQL query too, it contains binary blobs | *database can be accessed via SQL query too, but it contains binary blobs... | ||
# sqlite3 /tmp/collector_db.sqlite3 | # sqlite3 /tmp/collector_db.sqlite3 | ||
SQLite version 3.8.5 2014-06-04 14:06:34 | SQLite version 3.8.5 2014-06-04 14:06:34 | ||
Enter ".help" for usage hints. | Enter ".help" for usage hints. | ||
sqlite> SELECT | sqlite> SELECT * FROM spkg_hdr WHERE name = "SYS_CON_FIRMWARE_01010303.pkg.spkg_hdr.1 3.70"; | ||
SYS_CON_FIRMWARE_01010303.pkg.spkg_hdr.1 3.70|rØxY£õûÙ©Zö£| | |||
*we can just use a browser plugin to deal with database | *we can just use a browser plugin to deal with database | ||
[[File:Collector.png|200px|thumb|spkg_hdr SQLite table]] | [[File:Collector.png|200px|thumb|spkg_hdr SQLite table]] | ||
=questions= | =questions= | ||
why you collect these hashes and signatures?<br /> | why you collect these hashes and signatures?<br /> | ||
Now if 2 digests are different then R signatures would be diffenet too. Pseudo Random number (that used to creating signature) now is F(digest);<br /> | Now if 2 digests are different then R signatures would be diffenet too. Pseudo Random number (that used to creating signature) now is F(digest);<br /> | ||
Line 369: | Line 368: | ||
<br /> | <br /> | ||
ECDSA signature is the (r, s) keypair:<br /> | ECDSA signature is the (r, s) keypair:<br /> | ||
http://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm#Signature_generation_algorithm | http://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm#Signature_generation_algorithm | ||
Line 394: | Line 393: | ||
*those two needs investigation | *those two needs investigation | ||
1. For every digest, we have 1 and only 1 signature (R,S).<br /> | |||
Sorry , but don't think so, because as you can have read, r comes from a random number. (I'll check)<br /> | |||
2. Pseudo Random number (that used to creating signature) now is F(digest);<br /> | |||
They can't be so idiots, since digest is ever known...<br /> | |||
Thanks for asking | |||
Thanks for the answer. So I will show for you that R = Function(digest) and what this fail is not so critical. | |||
Im was interested for edat algorithm and figured out how edats (and sdat) files are signed. It contains 2 non-randomfailed ecdsa signatures. http://www.psdevwiki.com/ps3/EDAT_files#Structure_.28Encrypted_Format.29 | |||
first one is metadata signature and the second one is header signature. There are some edat files created from data files with 0 byte length, that contains metadata with 0 byte length. There are examples: original pkg links: http://is.gd/naLaxh , http://is.gd/IFtWmq it contains destiny.edat and hdd_package_key.edat , both files have metadata with 0 byte length. Hex code of the edats: http://pastie.org/private/ejoloa5qjjy8wlkezadga , http://pastie.org/private/fbr9uphpjzm0xd4gqfuyg . So Both edats have metadata digiest = DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 , R = A2732E0161E20C290108FDD0B567120C42AAB3D2 , S = B894E8775AFF90A3CBB6CC08BC918C14F759D439 | |||
So if digests are same then pseudo_random_numbers are same and signatures are same. Please make your conclusions. |