Sealedkey: Difference between revisions
Jump to navigation
Jump to search
| Line 24: | Line 24: | ||
If it is correct, it proceeds to use the <code>pfsSKKey__EncKey</code> from the [[Keys#PFS_Secret_Keys]] to decrypt the <code>Encrypted key</code> at offset 0x20 using the <code>IV</code> at offset 0x10. | If it is correct, it proceeds to use the <code>pfsSKKey__EncKey</code> from the [[Keys#PFS_Secret_Keys]] to decrypt the <code>Encrypted key</code> at offset 0x20 using the <code>IV</code> at offset 0x10. | ||
=== Usage === | |||
sealedkey data can be created using [[SceSblPostSsMgr#sceSblPostSsMgrEncryptSealedkeyForDriver|sceSblPostSsMgrEncryptSealedkeyForDriver]] | |||
sealedkey data can be decrypted using [[SceSblPostSsMgr#sceSblPostSsMgrDecryptSealedkeyForDriver|sceSblPostSsMgrDecryptSealedkeyForDriver]] | |||
Revision as of 21:52, 8 December 2017
File Structure
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x8 | magic "pfsSKKey" |
| 0x8 | 0x1 | major version (always 2) |
| 0x9 | 0x1 | minor version (always 0) |
| 0xA | 0x6 | 00 Filler |
| 0x10 | 0x10 | IV |
| 0x20 | 0x10 | Encrypted key |
| 0x30 | 0x20 | HMAC Value |
The first step is to check the HMAC of the file. The process is to use the HMAC key pfsSKKey__Secret from the Keys#PFS_Secret_Keys page to check the HMAC Value at position 0x30 in the file.
If it is correct, it proceeds to use the pfsSKKey__EncKey from the Keys#PFS_Secret_Keys to decrypt the Encrypted key at offset 0x20 using the IV at offset 0x10.
Usage
sealedkey data can be created using sceSblPostSsMgrEncryptSealedkeyForDriver sealedkey data can be decrypted using sceSblPostSsMgrDecryptSealedkeyForDriver