Editing Sealedkey / pfsSKKey

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 1: Line 1:
The Sealed Key is a an encrypted key used on PS Vita, PS4 and PS5 to prevent files modification and extraction. It can be found on different places in the filesystem and is used for Save Data and Trophy Data decryption and encryption.
The Sealed Key is a an encrypted key used on PS Vita, PS4 and PS5 to prevent files modification and extraction. It can be found on different places in the filesystem and is used for Save Data and Trophy Data decryption and encryption.
See also [https://wiki.henkaku.xyz/vita/Sealedkey PS Vita Sealedkey].


= PS4 =
= PS4 =
Line 26: Line 24:
{| class="wikitable"
{| class="wikitable"
|-
|-
! Offset !! Size !! Description !! Notes
! Offset !! Size !! Description !! Value
|-
|-
| 0 || 8 || Magic || "pfsSKKey" standing for PFS SealedKey Key
| 0 || 8 || Magic || "pfsSKKey" meaning PFS sealedkey key
|-
|-
| 0x8 || 2 || [[#Keyset]] ||
| 0x8 || 2 || [[#Keyset]] ||
Line 34: Line 32:
| 0xA || 6 || Padding || Zeroed
| 0xA || 6 || Padding || Zeroed
|-
|-
| 0x10 || 16 || IV || AES-128-CBC IV for use with the pfsSKKey__EncKey Key
| 0x10 || 16 || IV ||
|-
|-
| 0x20 || 32 || Encrypted Sealed Key ||
| 0x20 || 32 || Encrypted Sealed Key ||
|-
|-
| 0x40 || 32 || Digest || HMAC-SHA256 digest for use with the pfsSKKey__Secret Key
| 0x40 || 32 || Digest || HMAC-SHA-256 ||
|}
|}


Line 62: Line 60:
| 2 || 4.55 ||  
| 2 || 4.55 ||  
|-
|-
| 3 || ?4.70? ||
| 3 || ?5.05? ||  
|-
| 4 || 5.05 ||
|-
| 5 || ? ||
|-
| 6 || ? ||
|-
| 7 || ? ||
|-
| 8 || ? ||
|-
| 9 || ? ||  
|-
|-
| 10 || ?8.00?-12.00 ||  
| 10 || 12.00 ||  
|}
|}


For example, in PS4 4.55 kernel, the function '''sceSblSsDecryptSealedKey''' checks that the keyset is less or equal 2 before calling '''sceSblSsDecryptWithPortability'''.
For example, in PS4 4.55 kernel, the function '''sceSblSsDecryptSealedKey''' checks that keyset is less or equal 2 before calling '''sceSblSsDecryptWithPortability'''.


== Usage ==
== Usage ==


With code execution in PS4 kernel, the sealed key can be decrypted by asking the PS4 kernel:
With code execution in PS4 kernel, the sealed key can be decrypted by asking the PS4 kernel.
* with '''sceSblSsDecryptSealedKey''' (see Talk page),
* or with '''sceSblSsDecryptWithPortability''' (reimplement '''sceSblSsDecryptSealedKey''' by reversing Kernel),
* or with portability master keys (see [[Vulnerabilities#%3C=_?7.55?_-_Missing_HMAC_key_length_check_in_Secure_Kernel_leading_to_Partial_SAMU_KeyRings_bruteforce]]).




{{File Formats}}
{{File Formats}}
<noinclude>[[Category:Main]]</noinclude>
<noinclude>[[Category:Main]]</noinclude>
Please note that all contributions to PS4 Developer wiki are considered to be released under the GNU Free Documentation License 1.2 (see PS4 Developer wiki:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:

Cancel Editing help (opens in new window)

Templates used on this page:

Retrieved from "http://www.psdevwiki.com/ps4/Sealedkey_/_pfsSKKey"