Keystone: Difference between revisions
Jump to navigation
Jump to search
Line 13: | Line 13: | ||
| 0xC || 0x14 || 00 Filler | | 0xC || 0x14 || 00 Filler | ||
|- | |- | ||
| 0x20 || | | 0x20 || 0x20 || passcode HMAC | ||
|- | |- | ||
| 0x40 || 0x20 || keystone HMAC | |||
| 0x40 || 0x20 || HMAC | |||
|- | |- | ||
|} | |} | ||
The first step is to check the HMAC of the file. The process is to use the HMAC key from the [[Keys#PFS_Secret_Keys]] page to check the HMAC at position 0x40 in the file. If it is correct, it proceeds to use another key to decrypt the value at 0x30 using the value at 0x20 as the IV. | The first step is to check the HMAC of the file. The process is to use the HMAC key from the [[Keys#PFS_Secret_Keys]] page to check the HMAC at position 0x40 in the file. If it is correct, it proceeds to use another key to decrypt the value at 0x30 using the value at 0x20 as the IV. |
Revision as of 21:30, 8 December 2017
File Structure
Offset | Size | Description |
---|---|---|
0x0 | 0x8 | magic "keystone" |
0x8 | 0x2 | Type (always 2) |
0xA | 0x2 | Version (always 1) |
0xC | 0x14 | 00 Filler |
0x20 | 0x20 | passcode HMAC |
0x40 | 0x20 | keystone HMAC |
The first step is to check the HMAC of the file. The process is to use the HMAC key from the Keys#PFS_Secret_Keys page to check the HMAC at position 0x40 in the file. If it is correct, it proceeds to use another key to decrypt the value at 0x30 using the value at 0x20 as the IV.