Sealedkey / pfsSKKey: Difference between revisions

From PS4 Developer wiki
Jump to navigation Jump to search
No edit summary
Line 9: Line 9:
| SaveGames || /user/home/[[user Id]]/[[title Id]]/[[save data directory]]/[[sce_sys]]/
| SaveGames || /user/home/[[user Id]]/[[title Id]]/[[save data directory]]/[[sce_sys]]/
|}
|}


== Structure ==
== Structure ==

Revision as of 04:20, 27 September 2016

This key can be found on different places and will be used for eg. SaveGame or Trophy Data decryption and encryption.

Paths

Kind Path
Trophys /user/home/user Id/trophy/data/sce_trop/sealedkey
SaveGames /user/home/user Id/title Id/save data directory/sce_sys/

Structure

- size always 96 bytes

From To Description
00 07 MAGIC ("pfsSKKey") (?playstation file system sealed key key?)
08 0F Category (game=1 or version ?)
10 1F IV (16 bytes)
20 3F Encrypted key (32 bytes)
40 5F SHA-256 (32 bytes)


De/En -Crypting

Can be decrypted by frindly asking the OS to do it for you. You will need kernel rights to be able to ask the PS4 for it.

 /* Decryption */
 #define USER1 10000000
 #define usb0  "/mnt/usb0/"
 #define usb1  "/mnt/usb1/"
 #define pfs   "decrypted_pfsSKKey.key"
 
 char usb_error = "[-] ERROR: Can't access usb0 nor usb1!\n[-] Will return now to caller.\n"
 char usb0path, usb1path;
 unsigned char pfsSKKey[96];
 
 // Get's the encrypted sealed key based on user id.
 int get_pfsSKKey(int userID)
 {
   FILE *pfskey = fopen("host0:/user/home/" + userID + "/trophy/data/sce_trop/sealedkey", "r");
 
   if (pfskey == NULL)
     return 0;
  
   fread(pfsSKKey, 96, 1, pfskey);
   fclose(pfskey);
   return 1;
 }
 
 // Dump the sealedkey. Send over tcp and save to file.
 void dumpDecryptedSealedKey(int to)
 {
   int y = get_pfsSKKey(user1);                                              // First load the key into a buffer.
   if (!y) {
     knet_printf("[-] Can not load the sealed key!\n");
     kernel.printf("[-] Can not load the sealed key!\n");
     return -1;
   }
 
   unsigned char decyrpted_pfsSKKey[16];
   int i = kernel.sceSblSsDecryptSealedKey(pfsSKKey, decrpyted_pfsSKKey);    // Now decrpyt the key.
   knet_printf("[+] sceSblSsDecryptSealedKey returned %d\n", i);
   kernel.printf("[+] sceSblSsDecryptSealedKey returned %d\n", i);  
  
   if (i) {                                                                  // Sending over tcp.
     knet_printf("[+] Your save game key = ");
     kernel.printf("[+] Your save game key = ");  
 
     for(int x =0; x < 0x10; x++) {
	     knet_printf("%02X", dec_pfsSKKey[x]);
	     kernel.printf("%02X", dec_pfsSKKey[x]);
     }
     knet_printf("\n");
     kernel.printf("\n");
	
	  
     if (to == 1) {                                                          // Saving to file.
       knet_printf("[+] Will try to save to file...");
       kernel.printf("[+] Will try to save to file...");
	    
       usb0path = usb0 + pfs;
       usb1path = usb1 + pfs;
       FILE *dump = fopen(usb0path, "w");
	  
       if (dump == NULL) {
         dump = fopen(usb1path, "w");
           if (dump == NULL) {
             knet_printf("fail!\n" + usb_error);
             kernel.printf("fail!\n" + usb_error);
             return -1;
           }
       }
       fwrite(dec_pfsSKKey, 0x10, 1, dump);
       knet_printf("done!\n");
       kernel.printf("done!\n");
       fclose(dump);
     }
   }
   else {
     knet_printf("[+] Error!\n");
     kernel.printf("[+] Error!\n");
   }
 }