Editing Keys

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 1: Line 1:
[[Category:Software]]
[[Category:Software]]<noinclude>[[Category:Main]]</noinclude>
<noinclude>
[[Category:Main]]
</noinclude>


= Useful Information =
= Useful Information =
Line 21: Line 18:
* priv file (private): %s-priv-%s
* priv file (private): %s-priv-%s


= Per-console keys =
= MESH VALUES / FUSE ID PSP / VISIBLE ID =


See [https://www.psdevwiki.com/psp/Kirk#Individual_Seed Kirk documentation] for usage of PSP-related individual seeds.
== Visible ID AKA 0x600 (Test Subject 9) ==
 
== Cmep Keyring 0x600 - Visible ID (Test Subject 9 PS Vita) ==


<pre>
<pre>
00 00 01 01 AC 72 45 00 F5 68 96 03 80 57 C8 1A
2D 74 0F 86 E9 23 96 E9 F2 89 A4 73 A1 21 99 25 visible id
25 99 21 A1 73 A4 89 F2 E9 96 23 E9 86 0F 74 2D
1A C8 57 80 03 96 68 F5 00 45 72 AC 01 01 00 00 visible id
</pre>
</pre>


* Contains the console's [https://wiki.henkaku.xyz/vita/VisibleId Visible ID].
== Mesh Value 1 Mesh Value 0 AKA Keyslot 0x601 (Test Subject 9) ==


== Cmep Keyring 0x601 - ScePspIndividualKeyMeshCert first half (Test Subject 9 PS Vita) ==
* endian swapped
 
* Contains the first half (0x20 bytes) of of the console's [https://www.psdevwiki.com/psp/Kirk#PSP_Individual_Key_Mesh_Certificate ScePspIndividualKeyMeshCert].
* Warning: the dump presented here is byte-swapped.


<pre>
<pre>
B9 18 4E 22 83 8B 91 6D 19 86 72 D5 FB 10 FD A3 <- byte-swapped key_mesh.derivation_seed_1
B9 18 4E 22 83 8B 91 6D 19 86 72 D5 FB 10 FD A3 mesh1
4A 4E 72 CB 02 6E 96 E9 96 B2 C3 23 B9 CF 36 A4 <- byte-swapped key_mesh.derivation_seed_0
4A 4E 72 CB 02 6E 96 E9 96 B2 C3 23 B9 CF 36 A4 mesh0
</pre>
</pre>


== Cmep Keyring 0x602 - ScePspIndividualKeyMeshCert second half (Test Subject 9 PS Vita) ==
== Mesh Value 2, Partial Mesh Value 3, Fuse ID PSP AKA Keyslot 0x602 (Test Subject 9) ==
 
* Contains the second half (0x20 bytes) of the console's [https://www.psdevwiki.com/psp/Kirk#PSP_Individual_Key_Mesh_Certificate ScePspIndividualKeyMeshCert].
* Warning: the dump presented here is byte-swapped.


<pre>
* endian swapped
85 4B 14 AB 00 00 00 00 00 45 72 AC 01 01 08 10 <- byte-swapped hash, byte-swapped reserved, byte-swapped fuse_id
FF 9A 3E E5 A2 B9 F5 25 32 4D E0 2A 8F B1 8F B9 <- byte-swapped key_mesh.derivation_key
</pre>


== ScePspIndividualKeyMeshCert (Test Subject 9 PS Vita) ==
* By byte-swapping keyrings 0x601 and 0x602 or by taking Fuse ID only and running the ScePspIndividualKeyMeshCert generation algorithm (see PSP Jig Kick flashData.prx), we can obtain ScePspIndividualKeyMeshCert.
<pre>
<pre>
A4 36 CF B9 23 C3 B2 96 E9 96 6E 02 CB 72 4E 4A <- key_mesh.derivation_seed_0
85 4B 14 AB 00 00 00 00 00 45 72 AC 01 01 08 10 mesh3 (8 bytes) fuse_id_psp (8 bytes)
A3 FD 10 FB D5 72 86 19 6D 91 8B 83 22 4E 18 B9 <- key_mesh.derivation_seed_1
FF 9A 3E E5 A2 B9 F5 25 32 4D E0 2A 8F B1 8F B9 mesh2
B9 8F B1 8F 2A E0 4D 32 25 F5 B9 A2 E5 3E 9A FF <- key_mesh.derivation_key
10 08 01 01 AC 72 45 00 00 00 00 00 AB 14 4B 85 <- fuse_id, reserved, hash
</pre>
</pre>


Line 911: Line 892:
* Used with other possible keys besides AA key (5 possibilities)
* Used with other possible keys besides AA key (5 possibilities)
* Never seen used
* Never seen used


== Second Loader ==
== Second Loader ==
Line 942: Line 925:
1C7FD39E8D63AA32D386413EE6A01C15C4876BF614CA954E36C1602DD7871C4F KEY
1C7FD39E8D63AA32D386413EE6A01C15C4876BF614CA954E36C1602DD7871C4F KEY
051DFE9D9BEA8087F66EB8F631010D88 IV
051DFE9D9BEA8087F66EB8F631010D88 IV
</pre>
=== Unknown GCAUTHMGR Key and IV ===
<pre>
821C5714415E9804D6AAE324EB3DDDFE7BB73E8EC0F9E04D3D6D60BCD0CF4EE9
</pre>
<pre>
CEC36FCD7DB3102A80E9C2AA65734FC1
</pre>
</pre>


Line 967: Line 959:
=== SMI (Slot 0x213) ===
=== SMI (Slot 0x213) ===
<pre>
<pre>
AB7097356FDD49D83878540167F0C4AD85537C5A56BD15DF0EB5F7F0D9E276E6 Seed First Derivation SMI
310D20077AF3BF121F21D9ADAF389CDA IV First Derivation SMI  
310D20077AF3BF121F21D9ADAF389CDA IV First Derivation SMI  


Line 1,002: Line 992:
AC78EE86799148699B9CB3F5C6CAB73A6AC45EB11F44E9151232CF8F123C7D88
AC78EE86799148699B9CB3F5C6CAB73A6AC45EB11F44E9151232CF8F123C7D88
</pre>
</pre>
== GcAuthMgr ==
=== Master Key Seeds ===
As part of gc authentication, some keys are derived using these key seeds
& 0x345 and 0x348 bbmac.
different key seeds are used depending on the key id used by the gamecart.
==== KeyID 0x1 ====
KEYSEED:
<pre>
7f1fd065dd2f40b3e26579a6390b616d
</pre>
IV:
<pre>
8b14c8a1e96f30a7f101a96a3033c55b
</pre>
==== KeyID 0x8001 ====
KEYSEED:
<pre>
6f2285ed463a6e57c5f3550ddcc81feb
</pre>
==== KeyID 0x8002 ====
KEYSEED:
<pre>
da9608b528825d6d13a7af1446b8ec08
</pre>
==== KeyID 0x8003 ====
KEYSEED:
<pre>
368b2eb5437a821862a6c95596d8c135
</pre>
=== Unknown GcAuthMgr Key and IV ===
<pre>
821C5714415E9804D6AAE324EB3DDDFE7BB73E8EC0F9E04D3D6D60BCD0CF4EE9
</pre>
<pre>
CEC36FCD7DB3102A80E9C2AA65734FC1
</pre>
== KPRX_AUTH ==
keys part of kprx_auth_sm
=== Bind Data HMAC Key ===
used for ksceSblAuthMgrDecBindData
<pre>
901a84fb13a744a378c5018a60f58c22
</pre>
HMAC-SHA256 using this key
result is the key to aes-cbc-decrypt bind data
first 0x10 is key, last 0x10 is iv.


== AIMGR ==
== AIMGR ==
Line 3,316: Line 3,254:
! Type !! Version !! Modulus !! Usage || Notes
! Type !! Version !! Modulus !! Usage || Notes
|-
|-
| 0 and 1 || 1.00+ ||
| 0 and 1 || 1.00+ ||  
     9CCCE3A536FA641B2D1354EE98F093C2
     9CCCE3A536FA641B2D1354EE98F093C2
     68470F722C024B86CD60274E08E0067A
     68470F722C024B86CD60274E08E0067A
Line 3,400: Line 3,338:
! Type !! Version !! Modulus !! Usage || Notes
! Type !! Version !! Modulus !! Usage || Notes
|-
|-
| PSP || 1.00+ ||
| PSP || 1.00+ ||  
     BBDB6AA32E3B51A6D4708D5FC9899919
     BBDB6AA32E3B51A6D4708D5FC9899919
     395A2AAD83E98F4864C3BA43A5D6906F
     395A2AAD83E98F4864C3BA43A5D6906F
Line 3,472: Line 3,410:
== NID generation suffixes ==
== NID generation suffixes ==


* The algorithm is sha1(name + suffix).
* algo is sha1(name + suffix)


=== No suffix ===
=== No suffix ===
Line 3,478: Line 3,416:
For some PSP and PS Vita old NIDs, there was no suffix at all: algo was simply sha1(name).
For some PSP and PS Vita old NIDs, there was no suffix at all: algo was simply sha1(name).


=== PS3 NONAME suffix ===
=== PS3 NONAME default suffix ===


<pre>"0xbc5eba9e042504905b64274994d9c41f"</pre>
<pre>bc5eba9e042504905b64274994d9c41f</pre>


* Note that this ASCII string is used but not the hexadecimal value for it.
To check how to use this suffix (see: [https://www.psdevwiki.com/ps3/Keys#PS3_NONAME_NIDs_Salt]).


=== PS3 default suffix ===
=== PS3 default suffix ===
Line 3,488: Line 3,426:
<pre>6759659904250490566427499489741A</pre>
<pre>6759659904250490566427499489741A</pre>


* Note that this hexadecimal value is used but not the ASCII string for it.
=== PS Vita NONAME default suffix ===
 
=== PS Vita NONAME suffix ===


<pre>c1b886af5c31846467e7ba5e2cffd64a</pre>
<pre>c1b886af5c31846467e7ba5e2cffd64a</pre>
* Note that this hexadecimal value is used but not the ASCII string for it.


== SceKrm ==
== SceKrm ==
Please note that all contributions to Vita Developer wiki are considered to be released under the GNU Free Documentation License 1.2 (see Vita Developer wiki:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:

Cancel Editing help (opens in new window)