Keystone: Difference between revisions

From Vita Development Wiki
Jump to navigation Jump to search
 
No edit summary
 
(8 intermediate revisions by one other user not shown)
Line 13: Line 13:
| 0xC || 0x14 || 00 Filler
| 0xC || 0x14 || 00 Filler
|-
|-
| 0x20 || 0x10 || IV for encrypted key
| 0x20 || 0x20 || passcode HMAC
|-
|-
| 0x30 || 0x10 || Encrypted key
| 0x40 || 0x20 || keystone HMAC
|-
| 0x40 || 0x20 || HMAC Value
|-
|-
|}
|}


The first step is to check the HMAC of the file. The process is to use the HMAC key from the [[Keys#PFS_Secret_Keys]] page to check the HMAC at position 0x40 in the file. If it is correct, it proceeds to use another key to decrypt the value at 0x30 using the value at 0x20 as the IV.
The first step is to check the HMAC of the file. The process is to use the <code>Keystone HMAC Key</code> from the [[Keys#PFS_Secret_Keys]] page to check the <code>keystone HMAC</code> at position 0x40 in the file.  
 
If it is correct, it proceeds to passcode HMAC check which is not present on retail units.
 
Use <code>Passcode HMAC Key</code> from the [[Keys#PFS_Secret_Keys]] to calculate HMAC of <code>passcode</code> and check <code>passcode HMAC</code> at offset 0x20. <code>passcode</code> is a string of 0x20 bytes long that should match [A-Za-z0-9\-_] regex.
 
=== Usage ===
 
Retail:
 
[[SceSblPostSsMgr#sceSblPostSsMgrVerifyKeystoneForDriver|sceSblPostSsMgrVerifyKeystoneForDriver]]
 
Debug:
 
[[SceSblPostSsMgr#sceSblPostSsMgrVerifyKeystoneWithPasscodeForDriver|sceSblPostSsMgrVerifyKeystoneWithPasscodeForDriver]]
 
[[SceSblPostSsMgr#sceSblPostSsMgrDebugEncryptKeystoneForDriver|sceSblPostSsMgrDebugEncryptKeystoneForDriver]]
 
[[SceSblPostSsMgr#sceSblPostSsMgrDebugDecryptKeystoneForDriver|sceSblPostSsMgrDebugDecryptKeystoneForDriver]]
 
[[Category:Formats]]

Latest revision as of 22:12, 1 May 2023

File Structure

Offset Size Description
0x0 0x8 magic "keystone"
0x8 0x2 Type (always 2)
0xA 0x2 Version (always 1)
0xC 0x14 00 Filler
0x20 0x20 passcode HMAC
0x40 0x20 keystone HMAC

The first step is to check the HMAC of the file. The process is to use the Keystone HMAC Key from the Keys#PFS_Secret_Keys page to check the keystone HMAC at position 0x40 in the file.

If it is correct, it proceeds to passcode HMAC check which is not present on retail units.

Use Passcode HMAC Key from the Keys#PFS_Secret_Keys to calculate HMAC of passcode and check passcode HMAC at offset 0x20. passcode is a string of 0x20 bytes long that should match [A-Za-z0-9\-_] regex.

Usage

Retail:

sceSblPostSsMgrVerifyKeystoneForDriver

Debug:

sceSblPostSsMgrVerifyKeystoneWithPasscodeForDriver

sceSblPostSsMgrDebugEncryptKeystoneForDriver

sceSblPostSsMgrDebugDecryptKeystoneForDriver