Sealedkey: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 7: | Line 7: | ||
| 0x0 || 0x8 || magic "pfsSKKey" | | 0x0 || 0x8 || magic "pfsSKKey" | ||
|- | |- | ||
| 0x8 || | | 0x8 || 0x1 || major version (always 2) | ||
|- | |- | ||
| | | 0x9 || 0x1 || minor version (always 0) | ||
|- | |||
| 0xA || 0x6 || 00 Filler | |||
|- | |- | ||
| 0x10 || 0x10 || IV for encrypted key | | 0x10 || 0x10 || IV for encrypted key | ||
Revision as of 23:01, 5 December 2017
File Structure
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x8 | magic "pfsSKKey" |
| 0x8 | 0x1 | major version (always 2) |
| 0x9 | 0x1 | minor version (always 0) |
| 0xA | 0x6 | 00 Filler |
| 0x10 | 0x10 | IV for encrypted key |
| 0x20 | 0x10 | Encrypted key |
| 0x30 | 0x20 | HMAC Value |
The first step is to check the HMAC of the file. The process is to use the HMAC key from the Keys#PFS_Secret_Keys page to check the HMAC at position 0x30 in the file. If it is correct, it proceeds to use the pfsSKKey_EncKey to decrypt the value at +0x20 using the value at +0x10 as the IV.