Talk:Keys: Difference between revisions

From Vita Developer wiki
Jump to navigation Jump to search
No edit summary
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
= Ernie HandShake Keys (Not in Ernie) =
= OpenSSL usage =
==== Keyset 4 ====


Step 2 AES128ECB key:
== PFS HMAC Usage (Vitashell Example) ==
<pre>
A6CD383341CB9B0D69FD4A243E30F4B1
</pre>
Initial key to encrypt step 2 packet.
 
Step 3 AES128ECB key:
<pre>
D3EFEDE608691946CB77E14F8DEC69FA
</pre>
Intermediate key used to decrypt Syscon step 3 response.
 
Ernie communication session key AES128ECB master key:
<pre>
15C7B32429F8603216F4F3E081D7C86D
</pre>
Master key to generate Ernie communication session key (stored in Bigmac keyslot 0x511) by encrypting step 2 data.
 
Step 2 passphrase:
<pre>
9ABD1B275C7537F7E62AB93AB3EB76F9
</pre>
Checked by Syscon only.
 
Step 4-5 passphrase:
<pre>
DC454ED5F6E8A2B1B24D34A82215B2A5
</pre>
Checked by both Syscon (step 4) and cMeP (step 5) to ensure packet authenticity.
 
==== Keyset 6 ====
 
Step 2 AES128ECB key:
<pre>
1053143BEAECC59FCFF1A195F8F5AFB0
</pre>
Initial key to encrypt step 2 packet.
 
Step 3 AES128ECB key:
<pre>
F90CDCBF009BA8367F841B25E8B10306
</pre>
Intermediate key used to decrypt Syscon step 3 response.
 
Ernie communication session key AES128ECB master key:
<pre>
6F6374FD1A41A75269EE15832451DEBF
</pre>
Master key to generate Ernie communication session key (stored in Bigmac keyslot 0x511) by encrypting step 2 data.
 
Step 2 passphrase:
<pre>
B6806F9F58706D72B0E03717197D430C
</pre>
Checked by Syscon only.
 
Step 4-5 passphrase:
<pre>
0E08A20C8718BD3B158E2E6992202DE7
</pre>
Checked by both Syscon (step 4) and cMeP (step 5) to ensure packet authenticity.
 
==== Keyset 0xC (AuthEtoI, similar to command 0xA0) ====
 
Step 2 AES128ECB key:
<pre>
3CF54027DAE2F45C929B76927DFFD269
</pre>
Initial key to encrypt step 2 packet.
 
Step 3 AES128ECB key:
<pre>
39AF55239062D2F3F6CBB401EDC54C09
</pre>
Intermediate key used to decrypt Syscon step 3 response.
 
Ernie communication session key AES128ECB master key:
<pre>
00000000000000000000000000000000
</pre>
Unused with command AuthEtoI.
 
Step 2 passphrase:
<pre>
4231FFB14B941DBFEB44DFF97E64EC7D
</pre>
Checked in Syscon only.
 
=== SNVS Keys ===
 
==== Prototype SNVS Keys (min FW < 0.996) ====
 
Maybe also eMMC Keys.
 
These constant keys are used instead of per-console keys stored in Bigmac keyslots 0x502-0x504.
 
===== AES XTS Tweak Key =====
 
<pre>
E122F9C47E1C94F082536A1F244B9A9C
E08DA5E8E122F9C47E1C94F082536A1F
</pre>
 
===== AES XTS Decryption Key =====
 
<pre>
244B9A9CE08DA5E8E122F9C47E1C94F0
82536A1F244B9A9CE08DA5E8E122F9C4
</pre>
 
===== HMAC-SHA256 Key =====
 
<pre>
EDF481EF0AFF55CD1A643E8A7AF50911
36A7749CEDF481EF0AFF55CD1A643E8A
</pre>
 
= IdStorage Related (224 bit) =
<pre>
1A9146C3AB04FBA1C32027C47C7906947CC2AB1E247AF59A8D714AF44CA559E78A2C164A77DAD5A878F516E4D905D810C73C39E70EA93198 Sec.0(vita?)
A17772FD3E86091EAE2B246D5E05CE80A8E24A03C6764D26CD2443AE3DD656F919A10F87C67CB2AE280D0751E15ECD3C4FDFC9D71D7F067C Sec.1(vita?)
056891AE27047A7D5DE88C57612E1A7D0A7CCD369E8CF2F8F374FEA34155B20B613236C2BDFFE8187AC09C7EDF194D81A440BEB91DC6F257 Sec.2(vita?)
6B0AB6A5570334E8B559CC06BA811618ADD2A1EC587A98D35A04E8B98B1D5903711469EE3049B06E1EC81EEB72A9E181D5920B453CF2C21F Sec.3(vita?)
1C1816019AE3F8955021892257535F0E92D988E11EA45C2E908E2E208C10F3D7F3ED189EEFC027C8A91B6770A727402423CE976A3435FF8A Sec.4(vita?)
108464CCDB76611475AEA911FBD1D476FF41F1C70D811031C552DB9B85E9941A3FD79644B717E0FEE48C4CF7387CF10E900BDBC2D7A35F5D Sec.5(vita?)
</pre>
 
* note : Qx/Qy combined public keys of the 224bit part of idstorage (vita?)
 
= IdStorage Related (160 bit) =
 
<pre>
4004C80BD9C8BA38221065923E324B5F0EC165ED6CFF7D9F2C420B84DFDA6E96C0AEE29927BCAF1E Sec.0 (psp)
06485FD029853B552F7EFDD67A2DE7A1A4E25537B2459D8786426D5B27EFA5A9311CB8ABABFA0ECE Sec.1 (psp)
3F8C34F210AEC48E1520FF2A44899E054A0DA33DF8B9754B09C0EC7E61867A5126FE6926972196F5 Sec.2 (psp)
CCB3440DC4836DD519E13B2805B30870DCAEE462136B3888651A98E02B29FA0CD34F1616F1ED5786 Sec.3 (psp)
08B336925C2B445D03A9BE51B9AABF54E4CC142EA72A23BB8060B03B71CDE0772DE82AD8931648D6 Sec.4 (psp)
4F0A2BC9987640860E22EE5D86087C9692470BDF59DC4C1F2E38F92CE7B66875B59ED10C9D84FA6A Sec.5 (psp)
94D100BE6E24991D65D93F3DA938858CEC2D133051F47DB4287AC86631719B31573EF7CCE071CA8A Sec.0 (ps3?)
071984A1F27D1E91196410D57C828AF7115BF1A32071AA1EC25B7FBF4884F5322A26483C46D8B43C Sec.1 (ps3?)
1B6389CECD99843CA088E325C796F510A151C1545C5DE4E37A1D892D2504A8604C094F59063D589F Sec.2 (ps3?)
17BE639B87F138049D94398E8929DE535D1CB0DC5E7C04D720D2F3DE86F9B581DD1B6F7CDCF80DE4 Sec.4 (ps3?)
4B4F044420207907E3BC7D5423FF4D05E9DAA10B1F973327F7FEDEAE498BC656FF7C7459C9B993F4 Sec.5 (ps3?)
1F960A3BD61462553A0DC015AEC66C818CBAA8F62F733AC9F0C287D496F321058AC26669ECBED3DB Sec.6 (ps3?)
</pre>
 
* note : Qx/Qy combined public keys of the 160bit part of idstorage (psp) (ps3?)
 
= PFS HMAC Usage (Vitashell Example) =


* input : <code> echo -n '706673534b4b657902000000000000008cf037f28ea485a53610a0e2b0c57c4d704bfdae23f27bdb82be52bbcee7220f' | xxd -r -p | openssl dgst -sha256 -mac hmac -macopt hexkey:8c5d3a4b9d9bf4b453bce6cdc34331d8 </code>
* input : <code> echo -n '706673534b4b657902000000000000008cf037f28ea485a53610a0e2b0c57c4d704bfdae23f27bdb82be52bbcee7220f' | xxd -r -p | openssl dgst -sha256 -mac hmac -macopt hexkey:8c5d3a4b9d9bf4b453bce6cdc34331d8 </code>
Line 156: Line 7:
* output : <code> dad6825c22e67e45ed29ea8d16d32b6bc16d513210007df4cb23e723e4494bca </code>
* output : <code> dad6825c22e67e45ed29ea8d16d32b6bc16d513210007df4cb23e723e4494bca </code>


= PFS CBC Usage (Vitashell Example) =
== PFS CBC Usage (Vitashell Example) ==


* input : <code> openssl aes-128-cbc -d -in encrypted_key.bin -out key.bin -nosalt -K 00298CDF4428E72C8785DAE0923C60BD -iv 8CF037F28EA485A53610A0E2B0C57C4D -p -nopad </code>
* input : <code> openssl aes-128-cbc -d -in encrypted_key.bin -out key.bin -nosalt -K 00298CDF4428E72C8785DAE0923C60BD -iv 8CF037F28EA485A53610A0E2B0C57C4D -p -nopad </code>
Line 163: Line 14:


= Portability Keysets =
= Portability Keysets =
To do: verify all these keys (most can be found in SceShell), and add the master keys (from encdec_w_portability_sm).


== Enc Key 0 (SceShell) ==
== Enc Key 0 (SceShell) ==
Line 217: Line 70:
* also read as <code>ASCII: afuteyq-Bmhzmgg8y6Halufetgfaumfa</code>
* also read as <code>ASCII: afuteyq-Bmhzmgg8y6Halufetgfaumfa</code>


== Keyset 13 (PostSs) (Internal) ==
== Keyset 13 (PostSsMgr) (Internal) ==


* <code>985AB256F18C336A8CDE05F1FF08D73615A5710F62CA4DA9B4671F2CABAE4720</code>
* <code>985AB256F18C336A8CDE05F1FF08D73615A5710F62CA4DA9B4671F2CABAE4720</code>


== Keyset 14 (PostSs) (External) ==
== Keyset 14 (PostSsMgr) (External) ==


* <code>706673534B4B65795F5F456E634B657900298CDF4428E72C8785DAE0923C60BD</code>
* <code>706673534B4B65795F5F456E634B657900298CDF4428E72C8785DAE0923C60BD</code>
* ASCII: <code>pfsSKKey__EncKey</code> followed by the key
* ASCII: <code>pfsSKKey__EncKey</code> followed by the key


== Keyset 15 (PostSs) (External) ==
== Keyset 15 (PostSsMgr) (External) ==


* <code> 706673534B4B65795F5F5365637265748C5D3A4B9D9BF4B453BCE6CDC34331D8 </code>
* <code> 706673534B4B65795F5F5365637265748C5D3A4B9D9BF4B453BCE6CDC34331D8 </code>
* ASCII: <code> pfsSKKey__Secret </code> followed by the key
* ASCII: <code> pfsSKKey__Secret </code> followed by the key


== Keyset 16 (PostSs) (Internal) ==
== Keyset 16 (PostSsMgr) (Internal) ==


* <code> 1A2F5EBC915D58983884751FB8193A8450F2FA50FA11A80298BFC32664BE37FE </code>
* <code> 1A2F5EBC915D58983884751FB8193A8450F2FA50FA11A80298BFC32664BE37FE </code>

Latest revision as of 18:37, 8 June 2020

OpenSSL usage[edit source]

PFS HMAC Usage (Vitashell Example)[edit source]

  • input : echo -n '706673534b4b657902000000000000008cf037f28ea485a53610a0e2b0c57c4d704bfdae23f27bdb82be52bbcee7220f' | xxd -r -p | openssl dgst -sha256 -mac hmac -macopt hexkey:8c5d3a4b9d9bf4b453bce6cdc34331d8
  • output : dad6825c22e67e45ed29ea8d16d32b6bc16d513210007df4cb23e723e4494bca

PFS CBC Usage (Vitashell Example)[edit source]

  • input : openssl aes-128-cbc -d -in encrypted_key.bin -out key.bin -nosalt -K 00298CDF4428E72C8785DAE0923C60BD -iv 8CF037F28EA485A53610A0E2B0C57C4D -p -nopad
  • output : 42B015D142B0F35F8251607A0AE87A0F

Portability Keysets[edit source]

To do: verify all these keys (most can be found in SceShell), and add the master keys (from encdec_w_portability_sm).

Enc Key 0 (SceShell)[edit source]

  • 6AA3C1F8641C9142822BBC7A74CC9241A18CD5B1B9A4B89E472F21EBAA254072

Dec Key 0 (SceShell)[edit source]

  • 454250564C34350A8C3AA565A6DD8F41F61F794D65B870D0D07A58D8420FC9EA
  • Starts With EBP Magic!

Keyset 3 (SceShell)[edit source]

  • A9138DADE0F2C77DB24BF111ED8D16B9

Keyset 4 (SceShell)[edit source]

  • 65848998426DD3E96636616436313035

Keyset 5 (SceShell)[edit source]

  • 6DBA79D496009D32D47D8F89B815ECC38A8D1734B0912E3529A11DFC1E72AF32

PSN X-PassPhrase (SceShell)[edit source]

  • 65848998426DD3E9663731616165323733656435653136303165326661383430
  • Magic 65 84 89 98 42 6D D3 E9

Keyset 7 (SceShell)[edit source]

  • 30D3E17C0A295898690459CB5A42FE0AA16FFDB373FF2E55CA1A58D695762604

Keyset 8 (SceShell)[edit source]

  • 0772879FED34D12910C53B8608C42755392B0E084A9568F5A5B16F4C50939E81

Keyset 9 (SceShell)[edit source]

  • CD5BD9489D49E31E0D3F5989590BBEF4

Keyset 10 (SceShell)[edit source]

  • 6F6A3466697168657379752B51346453
  • also read as ASCII: oj4fiqhesyu+Q4dS

Keyset 11 (SceShell)[edit source]

  • 716D616B656C7A637A39696A6772654470666A7964297265736C396F6C624E64
  • also read as ASCII: qmakelzcz9ijgreDpfjyd)resl9olbNd

Keyset 12 (SceShell)[edit source]

  • 616675746579712D426D687A6D676738793648616C75666574676661756D6661
  • also read as ASCII: afuteyq-Bmhzmgg8y6Halufetgfaumfa

Keyset 13 (PostSsMgr) (Internal)[edit source]

  • 985AB256F18C336A8CDE05F1FF08D73615A5710F62CA4DA9B4671F2CABAE4720

Keyset 14 (PostSsMgr) (External)[edit source]

  • 706673534B4B65795F5F456E634B657900298CDF4428E72C8785DAE0923C60BD
  • ASCII: pfsSKKey__EncKey followed by the key

Keyset 15 (PostSsMgr) (External)[edit source]

  • 706673534B4B65795F5F5365637265748C5D3A4B9D9BF4B453BCE6CDC34331D8
  • ASCII: pfsSKKey__Secret followed by the key

Keyset 16 (PostSsMgr) (Internal)[edit source]

  • 1A2F5EBC915D58983884751FB8193A8450F2FA50FA11A80298BFC32664BE37FE