BD Drive Reverse Engineering: Difference between revisions
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
=Information about EID4= | |||
* EID4 contains 2 128bit keys which are necessary to establish a secure communication channel to BD drive for sending vendor specific security commands. | |||
* EID4 is encrypted with AES-CBC-128 algorithm. | |||
* EID4 is of size 0x30 bytes: 0x0-0xf bytes = 1st key, 0x10-0x1f - 2nd key, 0x20-0x2f - CMAC-OMAC1 of EID4 | |||
* The first key is used for encrypting data sent from host to BD drive. | |||
* The second key is used for decrypting data sent from BD drive to host. | |||
=Dumping EID4 IV and Key= | =Dumping EID4 IV and Key= | ||
* EID4 | * I modified sv_iso_spu_module.self to dump EID4 IV and key. | ||
* I used spuisofs kernel module and the below SPU program to dump EID4 IV key. | |||
* EID4 is of size | |||
My program to dump EID4 AES-CBC-128 IV and key to PPU memory: | |||
<pre> | |||
/* | |||
* Dump EID4 IV and key to EA with MFC | |||
* | |||
* Copyright (C) 2012 glevand <[email protected]> | |||
* All rights reserved. | |||
* | |||
* This program is free software; you can redistribute it and/or modify it | |||
* under the terms of the GNU General Public License as published | |||
* by the Free Software Foundation; version 2 of the License. | |||
* | |||
* This program is distributed in the hope that it will be useful, but | |||
* WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
* General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU General Public License along | |||
* with this program; if not, write to the Free Software Foundation, Inc., | |||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |||
*/ | |||
.text | |||
start: | |||
ila $2, 0x3dfa0 | |||
lr $sp, $2 | |||
ila $80, 0x3e000 | |||
lr $81, $3 | |||
stqd $7, 0($80) | |||
stqd $8, 0x10($80) # store EID4 IV | |||
stqd $9, 0x20($80) # store upper 16bytes of EID4 key | |||
stqd $10, 0x30($80) # store lower 16bytes of EID4 key | |||
stqd $11, 0x40($80) | |||
stqd $12, 0x50($80) | |||
lr $3, $80 | |||
lr $4, $81 | |||
il $5, 0x60 | |||
il $6, 0x7 | |||
il $7, 0x20 | |||
brsl $lr, 0x10 # mfc_dma_xfer | |||
il $3, 0x7 | |||
brsl $lr, 0x28 # mfc_dma_wait | |||
stop 0x666 # our evil stop code :) | |||
/* | |||
* r3 - LSA | |||
* r4 - EA | |||
* r5 - size | |||
* r6 - tag | |||
* r7 - cmd | |||
*/ | |||
mfc_dma_xfer: | |||
wrch $ch16, $3 | |||
wrch $ch17, $4 | |||
shlqbyi $4, $4, 4 | |||
wrch $ch18, $4 | |||
wrch $ch19, $5 | |||
wrch $ch20, $6 | |||
wrch $ch21, $7 | |||
bi $lr | |||
/* | |||
* r3 - tag | |||
*/ | |||
mfc_dma_wait: | |||
il $2, 0 | |||
nop $127 | |||
hbra 2f, 1f | |||
wrch $ch23, $2 | |||
1: | |||
rchcnt $2, $ch23 | |||
ceqi $2, $2, 1 | |||
nop $127 | |||
nop $127 | |||
nop $127 | |||
nop $127 | |||
nop $127 | |||
2: | |||
brz $2, 1b | |||
hbr 3f, $lr | |||
rdch $2, $ch24 | |||
il $2, 1 | |||
shl $2, $2, $3 | |||
wrch $ch22, $2 | |||
il $2, 2 | |||
wrch $ch23, $2 | |||
rdch $2, $ch24 | |||
nop $127 | |||
3: | |||
bi $lr | |||
</pre> | |||
Revision as of 21:24, 14 August 2012
Information about EID4
- EID4 contains 2 128bit keys which are necessary to establish a secure communication channel to BD drive for sending vendor specific security commands.
- EID4 is encrypted with AES-CBC-128 algorithm.
- EID4 is of size 0x30 bytes: 0x0-0xf bytes = 1st key, 0x10-0x1f - 2nd key, 0x20-0x2f - CMAC-OMAC1 of EID4
- The first key is used for encrypting data sent from host to BD drive.
- The second key is used for decrypting data sent from BD drive to host.
Dumping EID4 IV and Key
- I modified sv_iso_spu_module.self to dump EID4 IV and key.
- I used spuisofs kernel module and the below SPU program to dump EID4 IV key.
My program to dump EID4 AES-CBC-128 IV and key to PPU memory:
/* * Dump EID4 IV and key to EA with MFC * * Copyright (C) 2012 glevand <[email protected]> * All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published * by the Free Software Foundation; version 2 of the License. * * This program is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License along * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ .text start: ila $2, 0x3dfa0 lr $sp, $2 ila $80, 0x3e000 lr $81, $3 stqd $7, 0($80) stqd $8, 0x10($80) # store EID4 IV stqd $9, 0x20($80) # store upper 16bytes of EID4 key stqd $10, 0x30($80) # store lower 16bytes of EID4 key stqd $11, 0x40($80) stqd $12, 0x50($80) lr $3, $80 lr $4, $81 il $5, 0x60 il $6, 0x7 il $7, 0x20 brsl $lr, 0x10 # mfc_dma_xfer il $3, 0x7 brsl $lr, 0x28 # mfc_dma_wait stop 0x666 # our evil stop code :) /* * r3 - LSA * r4 - EA * r5 - size * r6 - tag * r7 - cmd */ mfc_dma_xfer: wrch $ch16, $3 wrch $ch17, $4 shlqbyi $4, $4, 4 wrch $ch18, $4 wrch $ch19, $5 wrch $ch20, $6 wrch $ch21, $7 bi $lr /* * r3 - tag */ mfc_dma_wait: il $2, 0 nop $127 hbra 2f, 1f wrch $ch23, $2 1: rchcnt $2, $ch23 ceqi $2, $2, 1 nop $127 nop $127 nop $127 nop $127 nop $127 2: brz $2, 1b hbr 3f, $lr rdch $2, $ch24 il $2, 1 shl $2, $2, $3 wrch $ch22, $2 il $2, 2 wrch $ch23, $2 rdch $2, $ch24 nop $127 3: bi $lr