Line 2: |
Line 2: |
| | | |
| == Generating PSVIMG == | | == Generating PSVIMG == |
− | When [[CMA]] is used to backup system, game, or savedata from the Vita to a PC or PS3, the following algorithm is used: | + | |
| + | When [[CMA]] is used to backup system, game, or savedata from the PSVita to a PC or PS3, the following algorithm is used: |
| | | |
| # Using a tar-like structure, stream all of the file data into a file. | | # Using a tar-like structure, stream all of the file data into a file. |
| # If making a PSVMD file, use the deflate algorithm to compress. | | # If making a PSVMD file, use the deflate algorithm to compress. |
| # Generate a random nonce for the first 0x10 bytes using the RndNumber syscall. | | # Generate a random nonce for the first 0x10 bytes using the RndNumber syscall. |
− | # Generate a unique session AES256 key using a secret phrase and the PSN account id of the PSVita. | + | # Generate a unique session AES256-CBC key using a secret phrase and the PSN account id. |
| # Generate a SHA256 hash of the plaintext every 0x8000 bytes and insert the hash into the filestream. | | # Generate a SHA256 hash of the plaintext every 0x8000 bytes and insert the hash into the filestream. |
− | # Encrypt the stream data using EncDecKeygen syscall from [[SceSblSsMgr#SceSblDmac5Mgr|SceSblDmac5Mgr]] with the nonce as the header and the AES256 session key. | + | # Encrypt the stream data using [[SceSblSsMgr#sceSblDmac5EncDecKeyGen|sceSblDmac5EncDecKeyGen]] with the nonce as the header and the AES256-CBC session key. |
| # Transmit to PC or PS3. | | # Transmit to PC or PS3. |
| | | |
| === Secrets === | | === Secrets === |
− | If you look at the 16 character hex directory name included in part of the backup path, that is your PSN Account Id. | + | |
− | The AES256 session key is calculated by doing a SHA256 hash of the 8 byte hex binary representation of the PSN Account Id followed by the secret phrase: | + | If you look on your PC at the 16 character hex directory name included in part of the backup path, that is your PSN Account Id. |
| + | The AES256-CBC session key is calculated by doing a SHA256 hash of the 8 byte hex binary representation of the PSN Account Id followed by the secret phrase: |
| <code>Sri Jayewardenepura Kotte</code> | | <code>Sri Jayewardenepura Kotte</code> |
| | | |
| ==== Example ==== | | ==== Example ==== |
| | | |
− | Buffer: | + | Buffer of an example of PSN Account Id: |
| <source> | | <source> |
| 01 23 45 67 89 AB CD EF 53 72 69 20 4A 61 79 65 77 | | 01 23 45 67 89 AB CD EF 53 72 69 20 4A 61 79 65 77 |
Line 25: |
Line 27: |
| </source> | | </source> |
| | | |
− | SHA256 of this buffer generates the AES256 session key of: | + | SHA256 of this buffer consists in the AES256-CBC session key: |
| <source> | | <source> |
| 02EAAB5A00EC9D4207E8B1F53F8A2F3F91F1A73AAFDD2A81CCFEE3E83E5B101A | | 02EAAB5A00EC9D4207E8B1F53F8A2F3F91F1A73AAFDD2A81CCFEE3E83E5B101A |
| </source> | | </source> |
| | | |
− | To generate the PSVIMG AES key, the buffer is decrypted using AES128ECB with a 128 bits key located at offset 0x82DC in the 3.60 kprx_auth_sm (Prototype units use another key located at offset 0x7294 in 1.03 kprx_auth_sm ). | + | To generate the PSVIMG AES key, the buffer is decrypted using AES128-ECB with a 128 bits key located at offset 0x82DC in the 3.60 kprx_auth_sm (Prototype units use another key located at offset 0x7294 in 1.03 kprx_auth_sm ). |
| | | |
| This key is set though kprx_auth_sm using [[F00D_Commands#0x50001|service 0x50001]]). | | This key is set though kprx_auth_sm using [[F00D_Commands#0x50001|service 0x50001]]). |
Line 44: |
Line 46: |
| </source> | | </source> |
| | | |
− | SHA-256: 186F29050C0D0D99038D86EFA9B6AD332E59564B7FFCA97985C09D64BD4BC442 | + | SHA-256: |
| + | <source> |
| + | 186F29050C0D0D99038D86EFA9B6AD332E59564B7FFCA97985C09D64BD4BC442 |
| + | </source> |
| | | |
| The encrypted above hash produces the following result: | | The encrypted above hash produces the following result: |