Sam ipl

From PS4 Developer wiki
Jump to: navigation, search

SAMU IPL, codenamed as 80000001, is the main loader of the Secure Kernel (80010001)
The header contained in it contains the following information:

Header Info[edit]

Offset Size Description Notes
0x0 4 Magic 5E D7 9A 0B
0x4 4 Header Size Little Endian (0x280)
0x8 4 Entry Point Little Endian (0x100)
0xC 4 Payload Size Little Endian (e.g 0x232D0)
0x10 0x10 Padding Zeroes
0x20 0x20 SHA256 of the decrypted payload Verified from 0x280 to 0x23550
0x40 0x100 Padding Ascii Zeroes, from this point onward, SAM IPL is encrypted with two layers of CBC crypto
0x140 0x40 Metadata
0x180 0x100 RSA Header Signature Verified with rsa modulus from SAMU BootROM from 0 to 0x180
0x280 0x232D0 Payload
0x23550 0x100 RSA Footer Signature Verified from header + body (somewhere else, likely PUP SM Manager)

MetaData Info[edit]

Offset Size Description Notes
0x0 0x20 MetaData Body Contains Keyslot Keys
0x20 0x20 HDR + MetaData SHA256HMAC SHA256 of hdr plus metadata (HMAC)

MetaData Body[edit]

Offset Size Description Notes
0x0 0x20 KeySlot 1