Sealedkey: Difference between revisions

From Vita Development Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
 
(7 intermediate revisions by one other user not shown)
Line 7: Line 7:
| 0x0 || 0x8 || magic "pfsSKKey"
| 0x0 || 0x8 || magic "pfsSKKey"
|-
|-
| 0x8 || 0x4 || Type (always 2)
| 0x8 || 0x1 || major version (always 2)
|-
|-
| 0xC || 0x4 || 00 Filler
| 0x9 || 0x1 || minor version (always 0)
|-
|-
| 0x10 || 0x10 || IV for encrypted key
| 0xA || 0x6 || 00 Filler
|-
| 0x10 || 0x10 || IV
|-
|-
| 0x20 || 0x10 || Encrypted key
| 0x20 || 0x10 || Encrypted key
Line 19: Line 21:
|}
|}


The first step is to check the HMAC of the file. The process is to use the HMAC key from the [[Keys#PFS_Secret_Keys]] page to check the HMAC at position 0x30 in the file. If it is correct, it proceeds to use the pfsSKKey_EncKey to decrypt the value at +0x20 using the value at +0x10 as the IV.
The first step is to check the HMAC of the file. The process is to use the HMAC key <code>pfsSKKey__Secret</code> from the [[Keys#PFS_Secret_Keys]] page to check the <code>HMAC Value</code> at position 0x30 in the file.  
 
If it is correct, it proceeds to use the <code>pfsSKKey__EncKey</code> from the [[Keys#PFS_Secret_Keys]] to decrypt the <code>Encrypted key</code> at offset 0x20 using the <code>IV</code> at offset 0x10.
 
=== Usage ===
 
sealedkey data can be created using [[SceSblPostSsMgr#sceSblPostSsMgrEncryptSealedkeyForDriver|sceSblPostSsMgrEncryptSealedkeyForDriver]]
 
sealedkey data can be decrypted using [[SceSblPostSsMgr#sceSblPostSsMgrDecryptSealedkeyForDriver|sceSblPostSsMgrDecryptSealedkeyForDriver]]
 
main application of sealedkey is to store randomly generated <code>secret</code> which serves the same purpose as <code>klicensee</code> in PFS encryption.
 
sealedkey is created for savedata, trophies etc
 
[[Category:Formats]]

Latest revision as of 22:14, 1 May 2023

File Structure

Offset Size Description
0x0 0x8 magic "pfsSKKey"
0x8 0x1 major version (always 2)
0x9 0x1 minor version (always 0)
0xA 0x6 00 Filler
0x10 0x10 IV
0x20 0x10 Encrypted key
0x30 0x20 HMAC Value

The first step is to check the HMAC of the file. The process is to use the HMAC key pfsSKKey__Secret from the Keys#PFS_Secret_Keys page to check the HMAC Value at position 0x30 in the file.

If it is correct, it proceeds to use the pfsSKKey__EncKey from the Keys#PFS_Secret_Keys to decrypt the Encrypted key at offset 0x20 using the IV at offset 0x10.

Usage

sealedkey data can be created using sceSblPostSsMgrEncryptSealedkeyForDriver

sealedkey data can be decrypted using sceSblPostSsMgrDecryptSealedkeyForDriver

main application of sealedkey is to store randomly generated secret which serves the same purpose as klicensee in PFS encryption.

sealedkey is created for savedata, trophies etc