Sealedkey / pfsSKKey: Difference between revisions
Jump to navigation
Jump to search
Cfwprophet (talk | contribs) |
Cfwprophet (talk | contribs) (→De/En -Crypting: forgot about that c don't know 'string + string') |
||
| Line 55: | Line 55: | ||
Can be decrypted by frindly asking the OS to do it for you. You will need kernel rights to be able to ask the PS4 for it. | Can be decrypted by frindly asking the OS to do it for you. You will need kernel rights to be able to ask the PS4 for it. | ||
<source lang="c"> | <source lang="c"> | ||
/* Decryption */ | /* Decryption */ | ||
#define foreach(item, array) \ | #define foreach(item, array) \ | ||
for (int keep = 1, \ | for (int keep = 1, \ | ||
| Line 70: | Line 65: | ||
typedef unsigned char byte; /* byte defination for c/c++ */ | typedef unsigned char byte; /* byte defination for c/c++ */ | ||
const char USER1 = "10000000"; | |||
const cahr usb0 = "/mnt/usb0/"; | |||
const char usb1 = "/mnt/usb1/"; | |||
const char pfs = "dec_pfsSK.Key"; | |||
const char home = "/user/home/"; | |||
const char tropkey = "/trophy/data/sce_trop/sealedkey"; | |||
char usb_error = "[-] ERROR: Can't access usb0 nor usb1!\n[-] Will return now to caller.\n" | char usb_error = "[-] ERROR: Can't access usb0 nor usb1!\n[-] Will return now to caller.\n" | ||
char usb0path | char usb0path[(sizeof(usb0) + sizeof(pfs))]; | ||
char usb1path[sizeof(usb0path)]; | |||
byte pfsSKKey[96]; | byte pfsSKKey[96]; | ||
/* Get's the encrypted sealed key based on user id */ | /* Get's the encrypted sealed key based on user id */ | ||
byte get_pfsSKKey(char userID) { | byte get_pfsSKKey(const char *userID, const char path) { | ||
FILE *pfskey = fopen( | char toOpen[(sizeof(home) + sizeof(userID) + sizeof(path))]; | ||
FILE *pfskey = fopen(snprintf(toOpen, sizeof(toOpen), %s%s%s, home, userID, path), "rb"); | |||
if (!pfskey) return NULL; | if (!pfskey) return NULL; | ||
| Line 89: | Line 92: | ||
if (to != 0 || to != 1) return -2; | if (to != 0 || to != 1) return -2; | ||
byte | byte enc_pfsSKKey; | ||
if (sizeof(( | if (sizeof((enc_pfsSKKey = get_pfsSKKey(USER1, tropkey))) != 96) { | ||
printf("[-] Can not load the sealed key!\n"); | |||
return -1; | return -1; | ||
} | } | ||
/* Now decrpyt the key */ | /* Now decrpyt the key */ | ||
byte | byte dec_pfsSKKey[16]; | ||
int i = kernel.sceSblSsDecryptSealedKey( | int i = kernel.sceSblSsDecryptSealedKey(enc_pfsSKKey, dec_pfsSKKey); | ||
printf("[+] sceSblSsDecryptSealedKey returned %d\n", i); | |||
/* Sending over tcp */ | /* Sending over tcp */ | ||
if (i) { | if (i) { | ||
if (!to) { | if (!to) { | ||
printf("[+] Your decrypted sealedkey = "); | |||
foreach(byte *val, dec_pfsSKKey) { | foreach(byte *val, dec_pfsSKKey) { | ||
printf("%02X", *val); | |||
} | } | ||
printf("\n"); | |||
return 1; | return 1; | ||
} | } | ||
else { /* Saving to file */ | else { /* Saving to file */ | ||
printf("[+] Will try to save to file..."); | |||
usb0path | snprintf(usb0path, sizeof(usb0path), %s%s, usb0, pfs); | ||
usb1path | snprintf(usb1path, sizeof(usb1path), %s%s, usb1, pfs); | ||
FILE *dump = fopen(usb0path, "wb"); | FILE *dump = fopen(usb0path, "wb"); | ||
| Line 127: | Line 124: | ||
dump = fopen(usb1path, "wb"); | dump = fopen(usb1path, "wb"); | ||
if (!dump) { | if (!dump) { | ||
printf("fail!\n" + usb_error); | |||
return -3; | return -3; | ||
} | } | ||
} | } | ||
fwrite(dec_pfsSKKey, 16, 1, dump); | fwrite(dec_pfsSKKey, 16, 1, dump); | ||
printf("done!\n"); | |||
fclose(dump); | fclose(dump); | ||
return 1; | return 1; | ||
} | } | ||
} | } | ||
else | else printf("[+] Error!\n"); | ||
return -1; | return -1; | ||
} | } | ||
</source> | </source> | ||
Revision as of 07:20, 14 October 2016
This key can be found on different places and will be used for eg. SaveGame or Trophy Data decryption and encryption.
Paths
| Kind | Path |
|---|---|
| Trophys | /user/home/user Id/trophy/data/sce_trop/sealedkey |
| SaveGames | /user/home/user Id/title Id/save data directory/sce_sys/ |
Structure
- size always 96 bytes
| From | To | Description |
|---|---|---|
| 00 | 07 | MAGIC ("pfsSKKey") (?playstation file system sealed key key?) |
| 08 | 0F | Category (game=1 or version ?) |
| 10 | 1F | IV (16 bytes) |
| 20 | 3F | Encrypted key (32 bytes) |
| 40 | 5F | SHA-256 (32 bytes) |
C
typedef struct sealedkey {
const unsigned char MAGIC[8];
const unsigned char CAT[8];
const unsigned char IV[16];
const unsigned char KEY[32];
const unsigned char SHA256[32];
} selaedkey;
CSharp
protected internal struct sealedkey {
internal static byte[] MAGIC = new byte[8];
internal static byte[] CAT = new byte[8];
internal static byte[] IV = new byte[16];
internal static byte[] KEY = new byte[32];
internal static byte[] SHA256 = new byte[32];
}
Note: You can't use a const byte[] defination in C#. It need to be a static byte[].
De/En -Crypting
Can be decrypted by frindly asking the OS to do it for you. You will need kernel rights to be able to ask the PS4 for it.
/* Decryption */
#define foreach(item, array) \
for (int keep = 1, \
count = 0, \
size = sizeof(array) / sizeof(*array); \
keep && count != size; \
keep = !keep, count++) \
for (item = (array) + count; keep; keep = !keep)
typedef unsigned char byte; /* byte defination for c/c++ */
const char USER1 = "10000000";
const cahr usb0 = "/mnt/usb0/";
const char usb1 = "/mnt/usb1/";
const char pfs = "dec_pfsSK.Key";
const char home = "/user/home/";
const char tropkey = "/trophy/data/sce_trop/sealedkey";
char usb_error = "[-] ERROR: Can't access usb0 nor usb1!\n[-] Will return now to caller.\n"
char usb0path[(sizeof(usb0) + sizeof(pfs))];
char usb1path[sizeof(usb0path)];
byte pfsSKKey[96];
/* Get's the encrypted sealed key based on user id */
byte get_pfsSKKey(const char *userID, const char path) {
char toOpen[(sizeof(home) + sizeof(userID) + sizeof(path))];
FILE *pfskey = fopen(snprintf(toOpen, sizeof(toOpen), %s%s%s, home, userID, path), "rb");
if (!pfskey) return NULL;
byte pfsSKKey[96];
fread(pfsSKKey, 96, 1, pfskey);
fclose(pfskey);
return pfsSKKey;
}
/* Dump the sealedkey. Send over tcp and save to file */
int dumpDecryptedSealedKey(int to) {
if (to != 0 || to != 1) return -2;
byte enc_pfsSKKey;
if (sizeof((enc_pfsSKKey = get_pfsSKKey(USER1, tropkey))) != 96) {
printf("[-] Can not load the sealed key!\n");
return -1;
}
/* Now decrpyt the key */
byte dec_pfsSKKey[16];
int i = kernel.sceSblSsDecryptSealedKey(enc_pfsSKKey, dec_pfsSKKey);
printf("[+] sceSblSsDecryptSealedKey returned %d\n", i);
/* Sending over tcp */
if (i) {
if (!to) {
printf("[+] Your decrypted sealedkey = ");
foreach(byte *val, dec_pfsSKKey) {
printf("%02X", *val);
}
printf("\n");
return 1;
}
else { /* Saving to file */
printf("[+] Will try to save to file...");
snprintf(usb0path, sizeof(usb0path), %s%s, usb0, pfs);
snprintf(usb1path, sizeof(usb1path), %s%s, usb1, pfs);
FILE *dump = fopen(usb0path, "wb");
if (!dump) {
dump = fopen(usb1path, "wb");
if (!dump) {
printf("fail!\n" + usb_error);
return -3;
}
}
fwrite(dec_pfsSKKey, 16, 1, dump);
printf("done!\n");
fclose(dump);
return 1;
}
}
else printf("[+] Error!\n");
return -1;
}