Talk:HDD Encryption: Difference between revisions
Jump to navigation
Jump to search
m (→HDD's end) |
|||
| Line 38: | Line 38: | ||
! Chunk !! Offset !! Length !! Example !! Description !! Notes | ! Chunk !! Offset !! Length !! Example !! Description !! Notes | ||
|- | |- | ||
| rowspan="6" | 1 || 0x0 || 0x10 || A2A0D0EBE5B9334487C068B6B72699C7 || || '''key1''' ? | | rowspan="6" | 1 || 0x0 || 0x10 || A2A0D0EBE5B9334487C068B6B72699C7 || || '''partition1 key1''' ? (same for all partitions in the list) | ||
|- | |- | ||
| 0x10 || 0x10 || DA7BD0E6BE941449B84EDE147F9705BA || || '''key2''' ? | | 0x10 || 0x10 || DA7BD0E6BE941449B84EDE147F9705BA || || '''partition1 key2''' ? | ||
|- | |- | ||
| 0x20 || 0x8 || 2200000000000000 || || '''offset of''' ? | | 0x20 || 0x8 || 2200000000000000 || || '''offset of''' ? | ||
|- | |- | ||
| 0x28 || 0x8 || E5513C0000000000 || || '''offset of''' ? | | 0x28 || 0x8 || E5513C0000000000 || || '''offset of''' ? / '''sector count''' ? | ||
|- | |- | ||
| 0x30 || 0x8 || 0000000000000000 || ''not used'' || | | 0x30 || 0x8 || 0000000000000000 || ''not used'' || | ||
| Line 50: | Line 50: | ||
| 0x38 || 0x48 || p r i m a r y || || ''identifyer'' ? | | 0x38 || 0x48 || p r i m a r y || || ''identifyer'' ? | ||
|- | |- | ||
| rowspan="6" | 2 || 0x80 || 0x10 || A2A0D0EBE5B9334487C068B6B72699C7 || || '''key1''' ? | | rowspan="6" | 2 || 0x80 || 0x10 || A2A0D0EBE5B9334487C068B6B72699C7 || || '''partition2 key1''' ? (same for all partitions in the list) | ||
|- | |- | ||
| 0x90 || 0x10 || FB2718C324FC9947907A18267C30F0FE || || '''key2''' ? | | 0x90 || 0x10 || FB2718C324FC9947907A18267C30F0FE || || '''partition2 key2''' ? | ||
|- | |- | ||
| 0xA0 || 0x8 || 00583C0000000000 || || '''offset of''' ? | | 0xA0 || 0x8 || 00583C0000000000 || || '''offset of''' ? | ||
|- | |- | ||
| 0xA8 || 0x8 || FF37B60000000000 || || '''offset of''' ? | | 0xA8 || 0x8 || FF37B60000000000 || || '''offset of''' ? / '''sector count''' ? | ||
|- | |- | ||
| 0xB0 || 0x8 || 0000000000000000 || ''not used'' || | | 0xB0 || 0x8 || 0000000000000000 || ''not used'' || | ||
Revision as of 05:19, 16 September 2013
Getting keys the easier way
First you need to get the sb_iso_spu_module.self individuals seed that can be found in the metadata header:
D9 2D 65 DB 05 7D 49 E1 A6 6F 22 74 B8 BA C5 08 83 84 4E D7 56 CA 79 51 63 62 EA 8A DA C6 03 26 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C3 B3 B5 AA CC 74 CD 6A 48 EF AB F4 4D CD F1 6E 37 9F 55 F5 77 7D 09 FB EE DE 07 05 8E 94 BE 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
also found in lv1ldr
Using your console specific eid_root_key/iv (e.g. from metldr dump) and libeeid you can then generate the keys directly by calling
u8 indivs[0x100];
u8 chunk1[0x40] = {0xD9, 0x2D, /*...*/, 0x00};
u8 chunk2[0x40] = {0xC3, 0xB3, /*...*/, 0x00};
indiv_gen(chunk1, chunk2, NULL, NULL, indivs);
Now you have your console specific ATA data key in indivs[0x00-0x20] and the ATA tweak key in indivs[0x40-0x60] :)
About "ENCDEC IV and key"
This key/iv pair set by metldr is your eid_root_key, it's not just used for one purpose. (-> https://nwert.wordpress.com/2012/07/11/eeid-cryptography/)
HDD's end
This was found at the end of an HDD backup, 41 sectors from the end, 33 sectors in size, followed by zero bytes (8 sectors) It's very uncanny how this is formed after decryption. Maybe there's a new layer of encryption at the end of the disc?
https://dl.dropboxusercontent.com/u/35197530/hddend.bin
| Chunk | Offset | Length | Example | Description | Notes |
|---|---|---|---|---|---|
| 1 | 0x0 | 0x10 | A2A0D0EBE5B9334487C068B6B72699C7 | partition1 key1 ? (same for all partitions in the list) | |
| 0x10 | 0x10 | DA7BD0E6BE941449B84EDE147F9705BA | partition1 key2 ? | ||
| 0x20 | 0x8 | 2200000000000000 | offset of ? | ||
| 0x28 | 0x8 | E5513C0000000000 | offset of ? / sector count ? | ||
| 0x30 | 0x8 | 0000000000000000 | not used | ||
| 0x38 | 0x48 | p r i m a r y | identifyer ? | ||
| 2 | 0x80 | 0x10 | A2A0D0EBE5B9334487C068B6B72699C7 | partition2 key1 ? (same for all partitions in the list) | |
| 0x90 | 0x10 | FB2718C324FC9947907A18267C30F0FE | partition2 key2 ? | ||
| 0xA0 | 0x8 | 00583C0000000000 | offset of ? | ||
| 0xA8 | 0x8 | FF37B60000000000 | offset of ? / sector count ? | ||
| 0xB0 | 0x8 | 0000000000000000 | not used | ||
| 0xB8 | 0x48 | p r i m a r y | identifyer ? | ||
| 3 | 0x100 | 0x80 | not used | filled with zeroes | |
| 4 | 0x180 | 0x80 | not used | filled with zeroes |
- Notes
- divided in 4 chunks of 0x80 each
- offsets are relative to the sector start