Editing User talk:Masterzorag

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 189: Line 189:


We got info0 + info1, 64bytes each
We got info0 + info1, 64bytes each
content is 2845bytes, total is data length 2973
content is 2845bytes, total is data lenght 2973
info0, info1 are not encrypted
info0, info1 are not encrypted
</pre>
</pre>
Line 420: Line 420:
{| class="wikitable"
{| class="wikitable"
|-
|-
|'''m'''<br />You have already seen differences between two files, but maybe some other not. Here a png.<br />Page is telling me that at 0xB0 there is an ECDSA signature, and you are pointing out that we have the same (ECDSA) signature on two different files !?!<br />1. I see your "same signature", but how do you get "metadata digest = DA39A3EE5E6B4B0D3255BFEF95601890AFD80709" from both?<br />2. Conclusion to me are that at 0xB0 there is not an ECDSA signature, so: have you checked? Have you validated? Have you proven that r, s is the valid signature for the digest?<br />3. There is also another aspect to not forget: alignment (%16 = 0), so there is an ECDSA signature in 40 bytes? does not sound good to me...<br />4. SHA-1 produces a fixed length of 20 bytes: at wiki page I read "''0x40 QA digest, size 0x10 (seems like to be a SHA-1 hash of the non-finalized file) ... Can be ... zeroed on forged file.''" !?!<br />5. There are two ECDSA signatures on an EDAT file and only one to protect CORE_OS_PACKAGE.pkg from alteration !?!?! || [[File:EDATs diff.png|thumbnail|100px]]
|'''m'''<br />You have already seen differences between two files, but maybe some other not. Here a png.<br />Page is telling me that at 0xB0 there is an ECDSA signature, and you are pointing out that we have the same (ECDSA) signature on two different files !?!<br />1. I see your "same signature", but how do you get "metadata digest = DA39A3EE5E6B4B0D3255BFEF95601890AFD80709" from both?<br />2. Conclusion to me are that at 0xB0 there is not an ECDSA signature, so: have you checked? Have you validated? Have you proven that r, s is the valid signature for the digest?<br />3. There is also another aspect to not forget: alignment (%16 = 0), so there is an ECDSA signature in 40 bytes? does not sound good to me...<br />4. SHA-1 produces a fixed lenght of 20 bytes: at wiki page I read "''0x40 QA digest, size 0x10 (seems like to be a SHA-1 hash of the non-finalized file) ... Can be ... zeroed on forged file.''" !?!<br />5. There are two ECDSA signatures on an EDAT file and only one to protect CORE_OS_PACKAGE.pkg from alteration !?!?! || [[File:EDATs diff.png|thumbnail|100px]]
|}
|}
<br />
<br />
Line 451: Line 451:
  r =    00a2732e0161e20c290108fdd0b567120c42aab3d2
  r =    00a2732e0161e20c290108fdd0b567120c42aab3d2
  s =    00b894e8775aff90a3cbb6cc08bc918c14f759d439
  s =    00b894e8775aff90a3cbb6cc08bc918c14f759d439
  hash =  da39a3ee5e6b4b0d3255bfef95601890afd80709 < zerolength metadata digest
  hash =  da39a3ee5e6b4b0d3255bfef95601890afd80709 < zerolenght metadata digest
  call to check_ecdsa return 1, signature is VALID!
  call to check_ecdsa return 1, signature is VALID!
  r =    00ff83adbd03d9ba619f3a6d80efef6408561f08d2
  r =    00ff83adbd03d9ba619f3a6d80efef6408561f08d2
Line 474: Line 474:


*conclusion<br />
*conclusion<br />
when you EDAT have your famous zero metadata length, so the same digest, they MUST use EVER the same signature, else they let us solve the math!<br />
when you EDAT have your famous zero metadata lenght, so the same digest, they MUST use EVER the same signature, else they let us solve the math!<br />
that's the real reason that explain also your wrong think about "''there is only one signature''" for a digest.
that's the real reason that explain also your wrong think about "''there is only one signature''" for a digest.


* [https://www.youtube.com/watch?v=9UbTT_2yxeM sample psl1ght app: ec_gmp]
* [https://www.youtube.com/watch?v=9UbTT_2yxeM sample psl1ght app: ec_gmp]
[https://github.com/andoma/ps3toolchain ps3toolchain and psl1ght from andoma], [https://gmplib.org gmplib] port, [https://github.com/masterzorag/xbm_tools xbm font] in [https://scognito.wordpress.com/2010/11/07/sconsole-a-simple-function-for-printing-strings-on-ps3 sconsole]: compute P = kG to eternity
[https://github.com/andoma/ps3toolchain ps3toolchain and psl1ght from andoma], [https://gmplib.org gmplib] port, [https://github.com/masterzorag/xbm_tools xbm font] in [https://scognito.wordpress.com/2010/11/07/sconsole-a-simple-function-for-printing-strings-on-ps3 sconsole]: compute P = kG to eternity
=Petitboot NAND/NOR precompiled images=
* Not sure what is happening with you right now, but do you have some petitboot precompiled images? That'd be nice contribution for the wiki. Thanks :)
Please note that all contributions to PS3 Developer wiki are considered to be released under the GNU Free Documentation License 1.2 (see PS3 Developer wiki:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:

Cancel Editing help (opens in new window)