Undocumented SPU Channels: Difference between revisions

From PS3 Developer wiki
Jump to navigation Jump to search
(6 intermediate revisions by 4 users not shown)
Line 52: Line 52:
//...
//...
}
}
</pre>
Seems lv1ldr 3.60+ storing [[Keys#Root_scramble_keys| root scramble key]] with its version to this buffer:
<pre>
example for version 3.66:
version:  00 03 00 66 00 00 00 00 00 00 00 00
rootkey:  86    51    28 F7 45 84 59 47 A0 CE
finalbuf: 86 03 51 66 28 F7 45 84 59 47 A0 CE
</pre>
</pre>


== Channel 74 ==
== Channel 74 ==
Isolated binaries messing with sb/sc use this channel to get some keygen (?) data from it.
 
Returns random data. Mostly used as a seed to feed a FIPS 186 PRNG with it.<br>
Official name is CH_RNG
 
Sample data (256 MB):
https://mega.co.nz/#!gNc0hQrR!4rC-Stz5yqi7yqvp6OWOQcxB_XhlrOadoE_fE5fyDxE
 
A bitmap generated from RNG samples:
[[File:Ch74_bitmap.png|200px|A bitmap generated from RNG samples|left|A bitmap generated from RNG samples.]]
 
{{Development}}<noinclude>[[Category:Main]]</noinclude>

Revision as of 14:05, 27 September 2017

Channels 64, 72 and 73

Used for storing the version.

Reading/writing the data: 

void read_ch73(u32 skip, u32 *buf, u32 len)
{
	u32 i;
	spu_wrch(64, 0x10000);
	for(i = 0; i < skip; i++)
		spu_rdch(73);
	for(i = 0; i < len; i++)
		buf[i] = spu_rdch(73);
}

void write_ch72(u32 skip, u32 *buf, u32 len)
{
	u32 i:
	spu_wrch(64, 0x10000);
	for(i = 0; i < skip; i++)
		spu_wrch(72, spu_rdch(73));
	for(i = 0; i < len; i++)
		spu_wrch(72, buf[i]);
}

lv1ldr writes the version: 

s64 lv1ldr_main(...)
{
	//...
	u64 ldr_ver = 0x0003004100000000;
	write_ch72(0, &ldr_ver, 2);
	//...
}

Other isolated binaries check the version: 

s64 check_version(u64 ldr_ver)
{
	u64 stored_ver;
	read_ch73(0, &stored_ver, 2);
	//...
}

s64 load_isoself(...)
{
	ldr_ver = 0x0003004100000000;
	if(check_version(ldr_ver) != 0)
		return 0x30;
	//...
}

Seems lv1ldr 3.60+ storing root scramble key with its version to this buffer: 

example for version 3.66:
version:  00 03 00 66 00 00 00 00 00 00 00 00 
rootkey:  86    51    28 F7 45 84 59 47 A0 CE
finalbuf: 86 03 51 66 28 F7 45 84 59 47 A0 CE

Channel 74

Returns random data. Mostly used as a seed to feed a FIPS 186 PRNG with it.
Official name is CH_RNG

Sample data (256 MB): https://mega.co.nz/#!gNc0hQrR!4rC-Stz5yqi7yqvp6OWOQcxB_XhlrOadoE_fE5fyDxE

A bitmap generated from RNG samples:

A bitmap generated from RNG samples.
SDK
VSH
IDs + labels
Reference
Others
Retrieved from "http://www.psdevwiki.com/ps3/index.php?title=Undocumented_SPU_Channels&oldid=46494"