Keystone: Difference between revisions
CelesteBlue (talk | contribs) No edit summary |
CelesteBlue (talk | contribs) No edit summary |
||
| Line 44: | Line 44: | ||
The first step is to check the Digest of the keystone file (using [[SceSblPostSsMgr#sceSblPostSsMgrVerifyKeystoneForDriver|sceSblPostSsMgrVerifyKeystoneForDriver]]). The process is to use the <code>Keystone HMAC Key</code> (see [https://www.psdevwiki.com/vita/Keys#PFS_Keys]) to check the <code>keystone Digest</code> at position 0x40 in the file. | The first step is to check the Digest of the keystone file (using [[SceSblPostSsMgr#sceSblPostSsMgrVerifyKeystoneForDriver|sceSblPostSsMgrVerifyKeystoneForDriver]]). The process is to use the <code>Keystone HMAC Key</code> (see [https://www.psdevwiki.com/vita/Keys#PFS_Keys]) to check the <code>keystone Digest</code> at position 0x40 in the file. | ||
If it is correct, it proceeds to check the passcode Digest, which is not present on retail units. Use <code>Passcode HMAC Key</code> (see [https://www.psdevwiki.com/vita/Keys#PFS_Keys]) to calculate the digest of the <code>passcode</code> stored at offset 0x20. | If it is correct, it proceeds to check the passcode Digest, ?which is not present on retail units?. Use <code>Passcode HMAC Key</code> (see [https://www.psdevwiki.com/vita/Keys#PFS_Keys]) to calculate the digest of the <code>passcode</code> stored at offset 0x20. | ||
== Debug Usage == | == Debug Usage == | ||
Latest revision as of 03:01, 14 December 2024
The Keystone is a an encrypted key used on PS Vita, PS4 and PS5 to prevent files modification and extraction. It can be found on different places in the filesystem and is used for Save Data, Trophy Data, Game Data and Additional Contents decryption and encryption.
The keystone is used to verify that:
- somebody who wants to extract/verify a PKG file is the owner of the product
- a patch data is published by the creator of the app data
The keystone is generated from a unique Passcode chosen by the developer when building a PKG file. The keystone is stored in a hashed file named keystone, stored in the sce_sys folder of the content and encrypted under the PFS layer, then packed into a PKG file.
PS Vita
Location
The keystone file is located in the sce_sys folder of every applications/patches/additional contents/savedata/trophies. It is PFS encrypted.
<save data directory>:/sce_sys/keystone
Structure
| Offset | Size | Description | Notes |
|---|---|---|---|
| 0x0 | 0x8 | Magic | "keystone" |
| 0x8 | 0x2 | Type | always 2 |
| 0xA | 0x2 | Version | always 1 |
| 0xC | 0x14 | Padding | always zeroed |
| 0x20 | 0x20 | Passcode Digest | HMAC-SHA256 |
| 0x40 | 0x20 | Keystone Digest | HMAC-SHA256 |
Usage
Generation
SCE provides in official SDK a tool called pc2ks that converts a passcode to a keystone.
Verification
The first step is to check the Digest of the keystone file (using sceSblPostSsMgrVerifyKeystoneForDriver). The process is to use the Keystone HMAC Key (see [1]) to check the keystone Digest at position 0x40 in the file.
If it is correct, it proceeds to check the passcode Digest, ?which is not present on retail units?. Use Passcode HMAC Key (see [2]) to calculate the digest of the passcode stored at offset 0x20.
Debug Usage
On TestKits/DevKits/internal PS Vita consoles, more functions are provided by the API to encrypt, verify and decrypt the keystones.
sceSblPostSsMgrVerifyKeystoneWithPasscodeForDriver