Keys: Difference between revisions

From Vita Developer wiki
Jump to navigation Jump to search
m (→‎Content PKG Keys: Added by math on Henkaku wiki)
Line 31: Line 31:
* pub file (public): %s-pub-%s
* pub file (public): %s-pub-%s
* priv file (private): %s-priv-%s
* priv file (private): %s-priv-%s
== Screaming VITA Key ==
<pre>
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
</pre>
* master key that decrypts everything in vita
* algo is cbc 128
* iv is random and located in bootrom
* decrypts second_loader and secure_kernel located in package_0.pkg (must use a vita to decrypt and then fetch the result, bls2 is located in nand also but perconsole encrypted)


==F00D keys==
==F00D keys==

Revision as of 19:39, 29 December 2018


Useful information

PSVita uses F00D and KIRK for high security of keys.

F00D keys have not be shared publicly yet but have certainly been found by a F00D hack.

KIRK have been hacked on PSP and almost fully reversed in 2008.

The KIRK keys are mainly the same than on PSP but some have been changed past 3.60 (before 3.67).

KIRK10 (used in IDStorage) explanation: [1]

Save Data Source: [2]

Kirk Engine source (there exists other version of kirk-engine): [3]

Location

For deroad's scetool, keyfiles should be placed in ~/.vita or %userprofile%\vitakeys.

Naming Conventions

naming:

  • file prefix: pkg
  • file suffix: 092 103 105 106 150 151... etc.
  • key file (erk): %s-key-%s
  • iv file (riv): %s-iv-%s
  • ctype file (curvetype): %s-ctype-%s
  • pub file (public): %s-pub-%s
  • priv file (private): %s-priv-%s

Screaming VITA Key

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
  • master key that decrypts everything in vita
  • algo is cbc 128
  • iv is random and located in bootrom
  • decrypts second_loader and secure_kernel located in package_0.pkg (must use a vita to decrypt and then fetch the result, bls2 is located in nand also but perconsole encrypted)

F00D keys

Module Version ERK RIV PUBLIC
Update Packages
(Internal)
System Debugger - 0.940+ 23F1D525244266E6DA7A52DA9446318301EE8CC58D54901AE94D93010F7DEE6B 3721F7C05DE5F55ECC39BDDB4A6C585D BD824E911F2F61AEC796A1B930D181A527B49C798F46945982603ED32FFE0AAA3DBF62E85858589D81A92917F8CCF1390E6537D83DFC56DCC17D81EBE5F7FCE8AF002397F9EBF1867EB4A461ADF5E8ABFF2127CBA6467EAACC5E19ADBD1290BA824E14D1443A438DFD19AD0A189C8F3CB641731DA5175D0F4D1804C0D74DF334C1C9D53BB8DFE89258F70957E30DB72B39404A68B8C547BCEC7A93E18E40BD1CCD3B3F4488F8E39C222E25CC37D40D0B9AE63E86F9EDB26F1E24A05DB3AE683A56FD5FD62FB530ED5F891B4E546A5B204CB4E9E478C89E849C33110B8C88A1FD125E83D5CA1452248AF145F68150B122FE308F579A450220875C4747A94952E1
Kernel_boot_loader
(Internal)
System Debugger - 0.940+ 9D3F28DE30DED1D503DB6FA762A571C422A88D0F361899EF36D357059C72EC43 30E43CFB57D418A5A0D32A9939D23501 C8195172CB70B06A29FAEF059251754B87DEE210A6C35CBA5367D5965BAD4A4306F7E5B1CB2B135CB240349CAB66B5F2208F3FBBFB3B2D01E0059BF64C4DE894F716F8AB18057F52ACE45940A7D6760480B4E9E993E5010AFD5492028BBCA663D3E59032AD52D0712CDF16927479832352855F4688420157D02B28DB22E760CD81DEAA802BE2D1E5A33FB51F6B3713E8F524F34CFEAB50C5593366657C3C70907516B0227E93672FB4D5E3A3D64A07436B5A6CC514F2D76F3AC5BDF38DC08D6A007336A88690EFF5BCA98DCB13B52E2B713CBFECDA9825AAD6BBE41EE4BB1A5AAA052741E71586CBF5BAB7670F997B0D23E43C08C6A1313E6A3E52A5E714D01B
Secure Modules
(Internal)
System Debugger - 0.940+ AED9D76EE1E29290002BFF32D4B0656EEE40FBDA4F8B55BE5BE0ED83530F27D2 DB50912F2416B54F7F36227169ECE500 D970E1ECEE27CBA9EACA424950D74C4390022429265D38FD0AC1ADC2FDC9C569F696A857F2E86D609F448611C1E2FFAB2CEF575B92DF78182B2F0BBF3EFBA62F5800B22EC649E2870E6B0829EC9BB4C904D24A99F269C960FA3E12314D8F08D5124C671F7C92900DE0EF45CBB4415C2D1AFE74A40633804A05D9A789916EDAB52A71B6DDCB0AE21B810C4FA69CE5AE590250747394F88E3A711A9A1D92E65857383EB0F6D81D7ACD003EB2033B7029AE44E500ED82179F3B1DC37EE89E2D6DF5A5784339F714C1281392BADEC780F569CB0D8AD41CF1568D7B7DFD96F975C07CF53615766E6ACB7C70C5125BFCD9E9ED219BBCDC34BF4B420ECF4A62AA185D47
Applier/KPRX AUTH (kernel prx)
(Internal)
System Debugger - 0.940+ 74F6D2A1D2A093AE32B83337E0AE4AD2E6D93B034F5BF3B68DB77131883310D4 926AB55BDADC45DBB610E90E56A0368C C2F385A70C3ABA5BEF408374C29CB022DDB2B1E24C4F06174AA37EFC38AAEF4BD1813C86500B1BB8E7C6FD13FD3EE0712BC384C43488F67D1239B088D34C72638612F7402B218E733D02939FEB3EF087604F481BD17821258585FE52DFDC904798396F34DC69CBCA782D8A3BBEB1AB4980DC0004435E77BDDDFEC9D6BB80FA065E0B5751416C23EFBEC40DFC42B05086CC1CCE7AF7CFC2404DFCCE05F5BFD56F3FEAA9738536AC356E0D028B4098C44912E096CB3575D2900F06DB5DDED3B36B6844F4860B9753BA9981ECB74EDB3828476DED1BD9A9784D3B69C801688C3DE58325CA05160CD9C362BEF13740E0E5B92C14A62B925FCDA754B2B106BA42EF1D
Applier/KPRX AUTH (Userland prx)
(Internal)
System Debugger - 0.940+ 322D706CB6EBEA14DEF7BFE45F812971347DC95CD7697C16A71EA4B2A1E12C0D 31FA2E606031EDF39665B5616E9F937D ADF0C3B17044488306735EDC7A0B326F3BAD99AF586B233958B82C921DDE3EC567B69DAB66FC674F7C4E99DD496792448F012C7136E68E21CFEFDA257D4D18ECA7040BB9972C5AB9B30BCEE77C3C9AAD6CBB34B7A83766159B041DD02EBD4AEACB491F1818E640FCB1C145A14993B92C05D5207D6B9FEF460E621A48403438DD25CAE7A8934001BC89EC98ADBB1436C31AC0D4EBB5592BB548AEF8A2585585BC1B3F4625E35BE3B85930B7E36FAA38E4B1B21D1960D66376FAB1CF6F0ECB33643BD5B4D8DF8323634F7B61AFBCF8928FC07893F10C1485C315961A76C25B49C2D0EC8348F3F67405687270FCA1CC2B50C0B8CF62DE5D852B61ADE9DEE8F17CB3


Content PKG Keys

These AES-CTR 128-bit keys are used in Content PKG file decryption.

PSVita keys use a different algorithm: you first encrypt the IV with the correct type of key, then use the result as the actual key for the CTR. Every pkg will use a different key as a result of this.

Type Version ERK
PSP / soonest PSVita 1.00+ 07F2C68290B50D2C33818D709B60E62B
PSVita 1.00+ Type 2 E31A70C9CE1DD72BF3C0622963F2ECCB
? 1.00+ Type 3 423ACA3A2BD5649F9686ABAD6FD8801F
PSM 1.00+ Type 4 AF07FD59652527BAF13389668B17D9EA

index.dat keysets

These AES-CBC 256-bit keys are used in vs0:vsh/etc/index.dat file decryption.

Type Version RIV ERK
index.dat 1.00-1.691 37FA4ED2B6618B59B34F770FBB92947B 06CC2E8FD40805A736F17CF2C13D58A6C8CF107E9E4A66AE25D39CA21C2531CC
index.dat 1.80+ 37FA4ED2B6618B59B34F770FBB92947B

272AE4378CB06BF3F658F51C77ACA2769BE87FB19BBF3D4D6B1B0ED226E39CC6

Title Update Download Link keyset

This HMAC key is for downloading game title updates. See link here for details.

Compiled GUI App: Vita Tools

Type Version HMAC
Title Update 1.00+ E5E278AA1EE34082A088279C83F9BBC806821C52F2AB5D2B4ABD995450355114

PFS Keys

Type Version ERK Usage
PFS EncKey 1.00+ 00298CDF4428E72C8785DAE0923C60BD
PFS Secret 1.00+ 8C5D3A4B9D9BF4B453BCE6CDC34331D8 Check HMAC at position 0x30 of file sealedkey, from the first 0x30 bytes of the file

Passcode / Keystone Keys

Type Version ERK Usage
Keystone HMAC Key 1.00+ 310C2F2D70A62226F4582B4FF03E24196EEF01EF73A8981F2504BD50549A478F
Passcode HMAC Key 1.00+ 543E368DF6629D682CD5A43644B1B2D733F0F2964DCD2CE8E9CB95D76C9DD928

RSA RIF Keys

Type Version Modulus Usage Notes
0 and 1 1.00+
   9CCCE3A536FA641B2D1354EE98F093C2
   68470F722C024B86CD60274E08E0067A
   3CB0DBA3D33DB2ACE44AA070B10B612A
   C4546E51B5EDFA23F5ED507F23365F9A
   0A09C1807D43E6172225AEB81630AC59
   79C4A534460A41A6207E6B426F3DF8CA
   A0FBA7ED2B6A474C2AAB50A92DC743F2
   232228FAC48FED218A8190F0423AD00C
   595DCB410D18845DA90CCF2FDFD6B90E
   23074B52B57C4866B93DD6A7C7336D74
   D26D9E30D8A1B1C94459F34312AB0A46
   B1B281D22B38809352A487C00D60340F
   EAC1834BCF88DA25D980B37847087574
   27D40948493D2F5A8FEEB5B74B2961FF
   B4E7F3832207CE6481F07E88164E3208
   1801B68F8D141541CED6D7D966A08DCB  
PS3 Rifs Inside SceNpDrm
2 1.00+
   8F347CAE575CE487ADC5482E64D041AB
   C32F1012E4B69478904738A8145D62BF
   F98C6D2C361B75D3C165E42B999A5B63
   6B914889EBB5F216362A8BDDD72AE8D0
   A45A730F79A3E9BB513895754C142874
   70213CEE44C675178F01E09A6BB0C451
   5C1DB9C9BF40F1481E361EFC7F9F236D
   183C59A1B7F0136BAF10A62FA92ABDD5
   E852B9EC2C1B17B080C1D31FB288954B
   F94F93B0419CFCEB8673E93874A34027
   17F8B1DA761876C6CADAF9FD11B6EA50
   F800D2EB33AB217EFF4C603FEA56C299
   138A5F2912EAB936BFA879CFBCC8FA19
   A64404C79F61B80C3DF68A466208870B
   1C7BEE3AC4F2056AF3EF64CCE10D311F
   B3D7F42C73EDF33163435F0AFA727507
Inside SceNpDrm
3 1.00+
   A6E0B2D4B582C0E204808C4583AB7607
   6B3496B96FFC90174AB1E03567B4FCD7
   69406D9DE3A8CEEBA2E7D4CDB23E2BEE
   471C53D2F71B9DD82233CDD8168BE3A5
   67592D7ED55FB45C717917756FFCB39E
   C755157AB97F89F7BC1E7592F54755ED
   BA4914F08F0C77E0B3EAFF9CEE876F3B
   713E6581EC09E5173E212B612DA70DB3
   66039B320802E0228B9E422E3C814B4C
   F8C50207DA9EC689B5F4456173446356
   8AB65363DAAB3C605C9DA80DF7756480
   68BB375E99A8FAA80269E094D775A781
   EBFE0B7C39DB82272049852C4395B8BF
   67A9E25CBFCFD40BE6B2C1895CE63534
   E552D7C4F04659A7CD3C59841E2C242D
   26501EB4FF1C553BA90F320428A760F3
Inside SceNpDrm
4 and 5 1.80?+
   F30CA7B21C19D18794607698EF935DB9
   FAF6CDB684EC36587465DF1F43F7CEAB
   5ABCCDE0B38259591462D5F65C9AF5A6
   A2F1CC2F87F00C0228AA37CF19841065
   93F84ABB14AC57A70188B158A68DB1F1
   37891DE69ECE1DB876AC74B4F6B15601
   4B06CFD017C32BFB07A3271EF466F19A
   26294197C5972B34BB2E3CBF585A429B
   A9124FC50E2E483B0A5C90F1A04988B3
   96A2A0B59A411AF90D1B914C528E1606
   013A411AB7690F2BD622F8D5BA3AD03C
   AF8CFD581887BF34E74782E226FFAB27
   CF5E40184341663286491EC0743A4019
   24B0EC6061155E72A18784E67C878CA5
   1F9D49DA923881F432CDD9342F1F923C
   D380CC417592606E84F71B0173E41967
Inside SceNpDrm
  • RSA Exponent is 65537 (0x10001)

RSA PKG Keys

Type Version Modulus Usage Notes
PSP 1.00+
   BBDB6AA32E3B51A6D4708D5FC9899919
   395A2AAD83E98F4864C3BA43A5D6906F
   476E73535BFA8EF9C3720826A1F227B8
   FF06F69F39963987635EBFFBCA51D0FB
   8ED6BF178BBEA8F6AEDD64B401392905
   3F169B7EAD97698E75C060ADADCC7026
   EFFE531672F9DD1A11718D4A4E5D43A1
   625F53360699257CEA1A051499C31FF7
   E4AFCCB9A9DA2E7031C8E468C1612D1A
   0EBC22F42B30A2E53D802BC5ACE8A719
   8B909202ACBC234E7FC7D8321137B3B2
   AD0F0D0985DC891363FAA3AD8D379AD6
   5A7194AEA09DC2907BD3C88896565457
   A659A662AAD4E6FB4018B2CDF1886C43
   E16AADE1ABA75E8879F6B9D545C7C4D0
   2567107CDE1C1ACC43E51BBFB8519DD5
Inside SceNpDrm
PSV 1.00+
   85D72F79A67C9A04D2691B1D2D30274A
   731CF624E3BC68FE8B3BAD9DEFB50784
   C4BBAF63D5CC431119911288854E38EA
   61D7571B33EB12C7AD3BCD4610FA1CA1
   B4C77D204550D6F72AB1E680A4609CCF
   890B953AAC6CDCDAED9F102729843914
   CA4A88BCB88D41EE0DC0E4D3E657A795
   012807C500AE13A0B44247D5E40B5F9E
   4ACEF46C0FA2882DF3F510961C6B8AE1
   139EE661350CDD8C7A5D4F9C1CD55E04
   49CB0065A88CF6376664F6C4F522AFC9
   C556F16A36DA79F822D28D3C2F63DDD1
   18E62B162BC73E2BE1B13F8391EEE462
   70D820C8BBF3A023683EA1D079D7B4D6
   F2F557A73A168AA23F882ACFDBA9A0B3
   7C7EAEAE6B88B869DECDD6892813A6C3
Inside SceNpDrm
Live Area 1.00+
   8E5C3B05CECFC0CA1328C25009D740B2
   7376208F678AC454D015BB3E67B37D05
   B09990B67F6C0FE63E30AC7CC93CB2A1
   C83517CCCDF37AE7A2DE3E1F817919B1
   944F5ABC9C00C846D01A9A5E014FF15C
   3B840669AE25D06BA0449EF6ED1C14D7
   23EBA9151756B94DA5265F93AE364816
   BE152285B01A56E380F285AD2106D6B5
   41D950B2C84BA68559B3A10115403780
   8A85884D3A74612AF76F68B646A70FEB
   0EF244876671B7CB2FF0D1CC926B7CFF
   8C440C12AE322E3A1EA2856EFCA24BD9
   B8967C3F26038EF44B26AF23A684814B
   CE28806B81DC9227CE387F3820AF13FB
   A964F3A343D692154EEBEB917ABE861E
   84EEAD728C30A33473895376E9FDC62D
Inside SceNpDrm
  • RSA Exponent is 65537 (0x10001)

PSMDA "protected_kconsole_cache.dat" HMAC Key

   B70x390x660x320x0E0x280x6A0xDC0x030xF00x540x650xCA0x9E0x2F0x920x380x8A0xEE0x230x6D0x430x880x310x350xBA0xB00xA50xBD0x500x430xEA

PSMDA "NSXVID-PSS.VT.WW-GLOBAL.xml" RSA Private

   -----BEGIN PRIVATE KEY-----
   MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCxl+8fRzDzyWb0
   89L9ssKWMO4IYJATVV/qsGPqL5XtgjqlSY6dV3QHWtdiqm4B9h8cy325+XEORMC8
   oErllSl7yovu956/D5laLLGqRkyFPcNer+DOjO99bDfJTTV1bSHuwc9oo3mJn6AO
   WuiY3aguCIYxNgSlDsfavjmCDXa3Q85hFOxJnn7HlM4X6rNxFi9y48LqUrDyWw0L
   bs+07bqNLoYHXtMoZcNQHqNmGtIHGx4RuFzZ4hduorjNsmSKHiQSz+ydJgJWtLJO
   tC2EM8zj8zStmlDiMTyAqKPHjENp4FBLoF87PISLsbyf4dTdWk35TvnsU/+tGVyH
   bVNcEAzvAgMBAAECggEBAKSil//kDIKD/BkrDDc6h9+aHqDPe+EgbVnxCb8pPBFB
   gEKIbVh5oUvMMA38txzEYNVd5AELOH6kyBRVePlajWmAPLddAOJYgK6y7kVPBFMl
   Db/yxjJVPxODxjeshtmEQUfIjhGQMvSdcVC9gBFusyFxr41haW7mw+mKHV/uQVbk
   TM/ZnEaN2Zrl7FfCUwXa3qyMrwj01bbAXXEqdM9ZF3UIXCLzihtNDKPAbpcVoQXH
   fItXVFeHjXqVCOVcKTI1PgElM6Q7VsVsU4pJGOmKy2gFbKqF4eniDK6gdGitbVpp
   rlXIrS2P8ZOfT+fSMjLbrr+mJEc2np4LYFlEHcJgtkkCgYEAwMrmf1LasiU/sijh
   0fOTV6TXefSrOxnpiq9Qs/oTSZ5USTh5FrunF0dX5Isy4XjYKWfIVwVl9LnAXRqR
   QTiHkbFon2KMYYyQfDUe4T9kuX6cAqp8WjBaivxs8chErM8rzZns62bR1B9+/IX4
   VIiHA1jfP9eiCl+1lMhhnnNIHX0CgYEA69Ffc2w5UCJ1cHxu8dR9V4otY57vBJFN
   2Svb8h3kJnO9LfU/RYMeXTgJSklh9Tw/zXPOMEQnxi7LocrDd1713vQTTspT3wWd
   3AJ25l0BP3NGnbEtGwv6It+VnUULr964vOUv/bl4UMQs52JsnxURts+GPZ3gAF1S
   U2AVxvVej9sCgYBAk7Yhb99RTKjJRGhfqvbvpIeIkivI4CUaDx85KcrMHfydig0F
   UFXntj36j6W7YH8HX3v7qhM8pfuJNBzze7vtUT96I8hh5HOBJ0nwqQtUFtSrD/AX
   RZsOcv8K/coDGGHTvHtfXlFqfCJM85L6vcB7nokpGVFtqCFqdLQ+Ht9JAQKBgQCU
   Ao/0dCLs5xPrDE7ePk6FmVavxlui9Eh2XI7qQlSmxdIhfGLAEHIIdFlwZOq076Hk
   JCFwLfcA7vIklI1m6RVNYMiVlWxa+L2CD5HtOMbFumbCJyh2Z2gSZ18SnPme4x30
   ga1DhRu9JcRBXodqueCqa0qIdgTYdbpsVkyU2gEGLQKBgGotuH/yrXNfifTc6Y24
   TSaqk/Dq6OvQOEFSIzgOzaQhWvwZjlz3uOnmi3vUo/guG9q/J1JWucWoXNXkkcmb
   trc3RYwzy6Rn+0uGHGA91e2bn6vT6PLNOgNUE7YCRDJe5DsDYHtUNILNbRVdSvNs
   rnh1i22Y3zLWChh3swswqgf7
   -----END PRIVATE KEY-----

Used by the Playstation Mobile development assistant to sign the NSXVID-PSS.VT.WW-GLOBAL.xml file to prevent you from modifying it.

registry.db0 XOR Key

This key is used by SceRegistryMgr to decode os0:kd/registry.db0.

 89FA9548CB6D779DA22534FDA935596E

Database Reconstruction Magic

BEBAFECA (or CAFEBABE byteswapped)

PSP/PSP2/PS3 NID Suffixes

PS3 noname exports

bc5eba9e042504905b64274994d9c41f
  • algo is sha1(name + 0xsuffix) where name+suffix is all ascii

PSVITA noname exports

c1b886af5c31846467e7ba5e2cffd64a
  • algo is sha1(name + suffix) where name + suffix is hex