HDD Encryption/Decryption

From PS3 Developer wiki
Jump to: navigation, search

Introduction[edit]

  • The goal is to mount a PS3 HDD on a FreeBSD PC (or FreeBSD PS3) and do changes to it without ENCDEC device.
  • And learn the cool FreeBSD GEOM framework as well :)
  • Everything was tested by me on FreeBSD 9.1.

GEOM bswap16[edit]

  • Swaps bytes in every 16-bit word
  • Similar to dm-bswap16 on Linux.
  • The kernel module needs a user-space GEOM counterpart, a shared library which is loaded and used by geom application to send commands to the kernel part.

http://gitorious.ps3dev.net/ps3freebsd/geom-bswap16

http://gitorious.ps3dev.net/ps3freebsd/geom-bswap16-lib

Test[edit]

# UI shared library for GEOM bswap16

cp geom_bswap16.so /lib/geom

# Load kernel module

kldload geom_bswap16.ko

# Create a memory block device for testing

mdconfig -a -t vnode -f ~/test.bin -u 0

# Create /dev/md0.bswap16

geom bswap16 create /dev/md0

hexdump -C /dev/md0

00000000  bb aa dd cc 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000020  ee ff 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000030  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00100000

hexdump -C /dev/md0.bswap16

00000000  aa bb cc dd 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000020  ff ee 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000030  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00100000

geom bswap16 destroy md0.bswap16

mdconfig -d -u 0

GEOM geli[edit]

  • Problem: how to set masterkey in GELI ?
  • GEOM geli is a wrong approach and won't work. We need a new GEOM class for PS3 HDD decryption !!!

GEOM AES-XTS[edit]

  • Use opencrypto framework for AES-XTS algorithm.
  • The kernel module needs a user-space GEOM counterpart, a shared library which is loaded and used by geom application to send commands to the kernel part.

http://gitorious.ps3dev.net/ps3freebsd/geom-aes-xts

http://gitorious.ps3dev.net/ps3freebsd/geom-aes-xts-lib

Test[edit]

# UI shared library for GEOM AES-XTS

cp geom_aes_xts.so /lib/geom

# Load kernel module

kldload geom_aes_xts.ko

mdconfig -a -t vnode -f  ~/ps3da_enc.bin -u 1

geom bswap16 create md1

echo <your data key as hex string> <your tweak key as hex string> | xxd -r -p > hdd_key.bin

geom aes_xts create -k hdd_key.bin /dev/md1.bswap1

ls -l /dev/md1.bswap1.aes_xts

sudo dd if=/dev/md1.bswap16.aes_xts bs=512 count=1 | hexdump -C

00000000  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000010  00 00 00 00 0f ac e0 ff  00 00 00 00 de ad fa ce  |................|
00000020  00 00 00 00 00 00 00 03  00 00 00 00 00 00 00 02  |................|
00000030  00 00 00 00 00 00 00 08  00 00 00 00 00 08 00 00  |................|
00000040  10 70 00 00 01 00 00 01  00 00 00 00 00 00 00 0b  |.p..............|
00000050  10 70 00 00 02 00 00 01  00 00 00 00 00 00 00 03  |.p..............|
00000060  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
000000c0  00 00 00 00 00 08 00 10  00 00 00 00 03 9a 8b 2d  |...............-|
000000d0  10 70 00 00 01 00 00 01  00 00 00 00 00 00 00 03  |.p..............|
000000e0  10 70 00 00 02 00 00 01  00 00 00 00 00 00 00 03  |.p..............|
000000f0  10 20 00 00 03 00 00 01  00 00 00 00 00 00 00 03  |. ..............|
00000100  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00000150  00 00 00 00 03 a2 8b 45  00 00 00 00 00 3f ff f8  |.......E.....?..|
00000160  10 70 00 00 01 00 00 01  00 00 00 00 00 00 00 03  |.p..............|
00000170  10 70 00 00 02 00 00 01  00 00 00 00 00 00 00 03  |.p..............|
00000180  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
000001e0  00 00 00 00 03 e2 8b 46  00 00 00 00 19 39 ce 0c  |.......F.....9..|
000001f0  10 70 00 00 02 00 00 01  00 00 00 00 00 00 00 03  |.p..............|
00000200

GEOM part PS3[edit]

  • Alternative: Parse the PS3 partition table manually and use gnop GEOM to create regions
  • But GEOM part is cooler because it does it automatically and we want to learn how to implement GEOM classes.

Links[edit]