Keystone: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
(7 intermediate revisions by one other user not shown) | |||
Line 19: | Line 19: | ||
|} | |} | ||
The first step is to check the HMAC of the file. The process is to use the HMAC | The first step is to check the HMAC of the file. The process is to use the <code>Keystone HMAC Key</code> from the [[Keys#PFS_Secret_Keys]] page to check the <code>keystone HMAC</code> at position 0x40 in the file. | ||
If it is correct, it proceeds to passcode HMAC check which is not present on retail units. | |||
Use <code>Passcode HMAC Key</code> from the [[Keys#PFS_Secret_Keys]] to calculate HMAC of <code>passcode</code> and check <code>passcode HMAC</code> at offset 0x20. <code>passcode</code> is a string of 0x20 bytes long that should match [A-Za-z0-9\-_] regex. | |||
=== Usage === | |||
Retail: | |||
[[SceSblPostSsMgr#sceSblPostSsMgrVerifyKeystoneForDriver|sceSblPostSsMgrVerifyKeystoneForDriver]] | |||
Debug: | |||
[[SceSblPostSsMgr#sceSblPostSsMgrVerifyKeystoneWithPasscodeForDriver|sceSblPostSsMgrVerifyKeystoneWithPasscodeForDriver]] | |||
[[SceSblPostSsMgr#sceSblPostSsMgrDebugEncryptKeystoneForDriver|sceSblPostSsMgrDebugEncryptKeystoneForDriver]] | |||
[[SceSblPostSsMgr#sceSblPostSsMgrDebugDecryptKeystoneForDriver|sceSblPostSsMgrDebugDecryptKeystoneForDriver]] | |||
[[Category:Formats]] |
Latest revision as of 22:12, 1 May 2023
File Structure
Offset | Size | Description |
---|---|---|
0x0 | 0x8 | magic "keystone" |
0x8 | 0x2 | Type (always 2) |
0xA | 0x2 | Version (always 1) |
0xC | 0x14 | 00 Filler |
0x20 | 0x20 | passcode HMAC |
0x40 | 0x20 | keystone HMAC |
The first step is to check the HMAC of the file. The process is to use the Keystone HMAC Key
from the Keys#PFS_Secret_Keys page to check the keystone HMAC
at position 0x40 in the file.
If it is correct, it proceeds to passcode HMAC check which is not present on retail units.
Use Passcode HMAC Key
from the Keys#PFS_Secret_Keys to calculate HMAC of passcode
and check passcode HMAC
at offset 0x20. passcode
is a string of 0x20 bytes long that should match [A-Za-z0-9\-_] regex.
Usage
Retail:
sceSblPostSsMgrVerifyKeystoneForDriver
Debug:
sceSblPostSsMgrVerifyKeystoneWithPasscodeForDriver