Sealedkey / pfsSKKey: Difference between revisions

From PS4 Developer wiki
Jump to navigation Jump to search
Line 60: Line 60:
  #define usb1  "/mnt/usb1/"
  #define usb1  "/mnt/usb1/"
  #define pfs  "decrypted_pfsSKKey.key"
  #define pfs  "decrypted_pfsSKKey.key"
#define foreach(item, array) \
    for (int keep = 1, \
              count = 0, \
              size = sizeof(array) / sizeof(*array); \
          keep && count != size; \
          keep = !keep, count++) \
        for (item = (array) + count; keep; keep = !keep)
   
   
  typedef unsigned char byte;              /* byte defination for c/c++ */
  typedef unsigned char byte;              /* byte defination for c/c++ */
  char usb_error = "[-] ERROR: Can't access usb0 nor usb1!\n[-] Will return now to caller.\n"
  char usb_error = "[-] ERROR: Can't access usb0 nor usb1!\n[-] Will return now to caller.\n"
  char usb0path, usb1path;
  char usb0path, usb1path;
Line 101: Line 108:
             kernel.printf("[+] Your decrypted sealedkey = ");   
             kernel.printf("[+] Your decrypted sealedkey = ");   
   
   
             for(int x =0; x < 0x10; x++) {
             foreach(byte *val, dec_pfsSKKey) {
                 knet_printf("%02X", dec_pfsSKKey[x]);
                 knet_printf("%02X", *val);
        kernel.printf("%02X", dec_pfsSKKey[x]);
        kernel.printf("%02X", *val);
             }
             }
             knet_printf("\n");
             knet_printf("\n");

Revision as of 05:19, 9 October 2016

This key can be found on different places and will be used for eg. SaveGame or Trophy Data decryption and encryption.

Paths

Kind Path
Trophys /user/home/user Id/trophy/data/sce_trop/sealedkey
SaveGames /user/home/user Id/title Id/save data directory/sce_sys/

Structure

- size always 96 bytes

From To Description
00 07 MAGIC ("pfsSKKey") (?playstation file system sealed key key?)
08 0F Category (game=1 or version ?)
10 1F IV (16 bytes)
20 3F Encrypted key (32 bytes)
40 5F SHA-256 (32 bytes)

C

 typedef struct sealedkey {
     const unsigned char MAGIC;
     const unsigned char CAT;
     const unsigned char IV;
     const unsigned char KEY;
     const unsigned char SHA256;
 } selaedkey;

CSharp

 protected internal struct sealedkey {
     internal static byte[] MAGIC = new byte[8];
     internal static byte[] CAT = new byte[8];
     internal static byte[] IV = new byte[16];
     internal static byte[] KEY = new byte[32];
     internal static byte[] SHA256 = new byte[32];
 }

Note: You can't use a const byte[] defination in C#. It need to be a static byte[].

De/En -Crypting

Can be decrypted by frindly asking the OS to do it for you. You will need kernel rights to be able to ask the PS4 for it.

 /* Decryption */
 #define USER1 10000000
 #define usb0  "/mnt/usb0/"
 #define usb1  "/mnt/usb1/"
 #define pfs   "decrypted_pfsSKKey.key"
 
 #define foreach(item, array) \
     for (int keep = 1, \
              count = 0, \
              size = sizeof(array) / sizeof(*array); \
          keep && count != size; \
          keep = !keep, count++) \
         for (item = (array) + count; keep; keep = !keep)
 
 typedef unsigned char byte;              /* byte defination for c/c++ */
 char usb_error = "[-] ERROR: Can't access usb0 nor usb1!\n[-] Will return now to caller.\n"
 char usb0path, usb1path;
 byte pfsSKKey[96];
 
 /* Get's the encrypted sealed key based on user id */
 byte get_pfsSKKey(char userID) {
     FILE *pfskey = fopen("/user/home/" + userID + "/trophy/data/sce_trop/sealedkey", "rb"); 
     if (pfskey == NULL) return 0;
  
     byte pfsSKKey[96];
     fread(pfsSKKey, 96, 1, pfskey);
     fclose(pfskey);
     return pfsSKKey;
 }
 
 /* Dump the sealedkey. Send over tcp and save to file */
 int dumpDecryptedSealedKey(int to) {
     if (to != 0 || to != 1) return -2;
 
     byte pfsSKKey;
     if (sizeof((pfsSKKey = get_pfsSKKey(USER1))) != 96) {
         knet_printf("[-] Can not load the sealed key!\n");
         kernel.printf("[-] Can not load the sealed key!\n");
         return -1;
     }
 
     /* Now decrpyt the key */
     byte decyrpted_pfsSKKey[16];
     int i = kernel.sceSblSsDecryptSealedKey(pfsSKKey, decrpyted_pfsSKKey);
     knet_printf("[+] sceSblSsDecryptSealedKey returned %d\n", i);
     kernel.printf("[+] sceSblSsDecryptSealedKey returned %d\n", i);  
 
     /* Sending over tcp */
     if (i) {
         if (to == 0) {
             knet_printf("[+] Your decrypted sealedkey = ");
             kernel.printf("[+] Your decrypted sealedkey = ");  
 
             foreach(byte *val, dec_pfsSKKey) {
                 knet_printf("%02X", *val);
	         kernel.printf("%02X", *val);
             }
             knet_printf("\n");
             kernel.printf("\n");
             return 1;
         }
         else { /* Saving to file */
             knet_printf("[+] Will try to save to file...");
             kernel.printf("[+] Will try to save to file...");
	    
             usb0path = usb0 + pfs;
             usb1path = usb1 + pfs;
             FILE *dump = fopen(usb0path, "wb");
	  
             if (dump == NULL) {
                 dump = fopen(usb1path, "wb");
                 if (dump == NULL) {
                     knet_printf("fail!\n" + usb_error);
                     kernel.printf("fail!\n" + usb_error);
                     return -3;
                 }
             }
             fwrite(dec_pfsSKKey, 16, 1, dump);
             knet_printf("done!\n");
             kernel.printf("done!\n");
             fclose(dump);
             return 1;
         }
     }
     else {
         knet_printf("[+] Error!\n");
         kernel.printf("[+] Error!\n");
     }
     return -1;
 }