Sealedkey / pfsSKKey: Difference between revisions
Jump to navigation
Jump to search
Red-EyeX32 (talk | contribs) No edit summary |
Cfwprophet (talk | contribs) |
||
| Line 47: | Line 47: | ||
#define usb1 "/mnt/usb1/" | #define usb1 "/mnt/usb1/" | ||
#define pfs "decrypted_pfsSKKey.key" | #define pfs "decrypted_pfsSKKey.key" | ||
typedef unsigned char byte; /* byte defination for c/c++ */ | |||
char usb_error = "[-] ERROR: Can't access usb0 nor usb1!\n[-] Will return now to caller.\n" | char usb_error = "[-] ERROR: Can't access usb0 nor usb1!\n[-] Will return now to caller.\n" | ||
char usb0path, usb1path; | char usb0path, usb1path; | ||
byte pfsSKKey[96]; | |||
/ | /* Get's the encrypted sealed key based on user id */ | ||
byte get_pfsSKKey(char userID) { | |||
FILE *pfskey = fopen("/user/home/" + userID + "/trophy/data/sce_trop/sealedkey", "r"); | |||
if (pfskey == NULL) return 0; | |||
byte pfsSKKey[96]; | |||
fread(pfsSKKey, 96, 1, pfskey); | |||
fclose(pfskey); | |||
return pfsSKKey; | |||
} | } | ||
/ | /* Dump the sealedkey. Send over tcp and save to file */ | ||
int dumpDecryptedSealedKey(int to) { | |||
if (to != 0 || to != 1) return -2; | |||
byte pfsSKKey; | |||
if (sizeof((pfsSKKey = get_pfsSKKey(USER1))) != 96) { | |||
knet_printf("[-] Can not load the sealed key!\n"); | |||
kernel.printf("[-] Can not load the sealed key!\n"); | |||
return -1; | |||
} | |||
/* Now decrpyt the key */ | |||
byte decyrpted_pfsSKKey[16]; | |||
int i = kernel.sceSblSsDecryptSealedKey(pfsSKKey, decrpyted_pfsSKKey); | |||
knet_printf("[+] sceSblSsDecryptSealedKey returned %d\n", i); | |||
kernel.printf("[+] sceSblSsDecryptSealedKey returned %d\n", i); | |||
/* Sending over tcp */ | |||
if (i) { | |||
if (to == 0) { | |||
knet_printf("[+] Your decrypted sealedkey = "); | |||
kernel.printf("[+] Your decrypted sealedkey = "); | |||
for(int x =0; x < 0x10; x++) { | |||
knet_printf("%02X", dec_pfsSKKey[x]); | |||
kernel.printf("%02X", dec_pfsSKKey[x]); | |||
} | |||
knet_printf("\n"); | |||
kernel.printf("\n"); | |||
return 1; | |||
} /* Saving to file */ | |||
else { | |||
knet_printf("[+] Will try to save to file..."); | |||
kernel.printf("[+] Will try to save to file..."); | |||
usb0path = usb0 + pfs; | |||
usb1path = usb1 + pfs; | |||
FILE *dump = fopen(usb0path, "w"); | |||
if (dump == NULL) { | |||
dump = fopen(usb1path, "w"); | |||
if (dump == NULL) { | |||
knet_printf("fail!\n" + usb_error); | |||
kernel.printf("fail!\n" + usb_error); | |||
return -3; | |||
} | |||
} | |||
fwrite(dec_pfsSKKey, 16, 1, dump); | |||
knet_printf("done!\n"); | |||
kernel.printf("done!\n"); | |||
fclose(dump); | |||
return 1; | |||
} | |||
} | } | ||
else { | |||
knet_printf("[+] Error!\n"); | |||
kernel.printf("[+] Error!\n"); | |||
} | |||
return -1; | |||
} | } | ||
</source> | </source> | ||
Revision as of 04:43, 9 October 2016
This key can be found on different places and will be used for eg. SaveGame or Trophy Data decryption and encryption.
Paths
| Kind | Path |
|---|---|
| Trophys | /user/home/user Id/trophy/data/sce_trop/sealedkey |
| SaveGames | /user/home/user Id/title Id/save data directory/sce_sys/ |
Structure
- size always 96 bytes
| From | To | Description |
|---|---|---|
| 00 | 07 | Magic ("pfsSKKey") (?playstation file system sealed key key?) |
| 08 | 0F | Version (game=1 or version ?) |
| 10 | 1F | IV (16 bytes) |
| 20 | 3F | Sealed Key (32 bytes) |
| 40 | 5F | SHA-256 (32 bytes) |
C
typedef struct {
const char magic[8];
unsigned long version;
unsigned char iv[16];
unsigned char key[32];
unsigned char digest[32];
} sealed_key;
De/En -Crypting
Can be decrypted by asking the OS to do it for you. You will need kernel rights to be able to ask the PS4 for it.
/* Decryption */
#define USER1 10000000
#define usb0 "/mnt/usb0/"
#define usb1 "/mnt/usb1/"
#define pfs "decrypted_pfsSKKey.key"
typedef unsigned char byte; /* byte defination for c/c++ */
char usb_error = "[-] ERROR: Can't access usb0 nor usb1!\n[-] Will return now to caller.\n"
char usb0path, usb1path;
byte pfsSKKey[96];
/* Get's the encrypted sealed key based on user id */
byte get_pfsSKKey(char userID) {
FILE *pfskey = fopen("/user/home/" + userID + "/trophy/data/sce_trop/sealedkey", "r");
if (pfskey == NULL) return 0;
byte pfsSKKey[96];
fread(pfsSKKey, 96, 1, pfskey);
fclose(pfskey);
return pfsSKKey;
}
/* Dump the sealedkey. Send over tcp and save to file */
int dumpDecryptedSealedKey(int to) {
if (to != 0 || to != 1) return -2;
byte pfsSKKey;
if (sizeof((pfsSKKey = get_pfsSKKey(USER1))) != 96) {
knet_printf("[-] Can not load the sealed key!\n");
kernel.printf("[-] Can not load the sealed key!\n");
return -1;
}
/* Now decrpyt the key */
byte decyrpted_pfsSKKey[16];
int i = kernel.sceSblSsDecryptSealedKey(pfsSKKey, decrpyted_pfsSKKey);
knet_printf("[+] sceSblSsDecryptSealedKey returned %d\n", i);
kernel.printf("[+] sceSblSsDecryptSealedKey returned %d\n", i);
/* Sending over tcp */
if (i) {
if (to == 0) {
knet_printf("[+] Your decrypted sealedkey = ");
kernel.printf("[+] Your decrypted sealedkey = ");
for(int x =0; x < 0x10; x++) {
knet_printf("%02X", dec_pfsSKKey[x]);
kernel.printf("%02X", dec_pfsSKKey[x]);
}
knet_printf("\n");
kernel.printf("\n");
return 1;
} /* Saving to file */
else {
knet_printf("[+] Will try to save to file...");
kernel.printf("[+] Will try to save to file...");
usb0path = usb0 + pfs;
usb1path = usb1 + pfs;
FILE *dump = fopen(usb0path, "w");
if (dump == NULL) {
dump = fopen(usb1path, "w");
if (dump == NULL) {
knet_printf("fail!\n" + usb_error);
kernel.printf("fail!\n" + usb_error);
return -3;
}
}
fwrite(dec_pfsSKKey, 16, 1, dump);
knet_printf("done!\n");
kernel.printf("done!\n");
fclose(dump);
return 1;
}
}
else {
knet_printf("[+] Error!\n");
kernel.printf("[+] Error!\n");
}
return -1;
}