Kirk: Difference between revisions
Jump to navigation
Jump to search
CelesteBlue (talk | contribs) (Created page with "The PSP KIRK Crypto Engine is a security hardware device that is embedded into the TACHYON main IC chip. It is a bus master and can DMA to/from main DDR RAM memory, operating...") |
CelesteBlue (talk | contribs) No edit summary |
||
| Line 4: | Line 4: | ||
On PSP there are 18 KIRK commands. On PSVita, there are these 18 commands plus some new commands to support bigger keys (192 bits for example). See [https://wiki.henkaku.xyz/vita/F00D_Commands#gcauthmgr_sm.self F00D commands]. | On PSP there are 18 KIRK commands. On PSVita, there are these 18 commands plus some new commands to support bigger keys (192 bits for example). See [https://wiki.henkaku.xyz/vita/F00D_Commands#gcauthmgr_sm.self F00D commands]. | ||
== Table == | |||
{| class="wikitable" | {| class="wikitable" | ||
| Line 10: | Line 12: | ||
! scope="col"| Name | ! scope="col"| Name | ||
! scope="col"| Short description | ! scope="col"| Short description | ||
! scope="col"| Input | ! scope="col"| Input size | ||
! scope="col"| Output | ! scope="col"| Output size | ||
! scope="col"| Result | ! scope="col"| Result | ||
! scope="col"| Used in | ! scope="col"| Used in | ||
| Line 18: | Line 20: | ||
| | | | ||
| Super-Duper decryption (no inverse) | | Super-Duper decryption (no inverse) | ||
| | | buf_size+0x40 | ||
| | | buf_size | ||
| | | | ||
| memlmd, mesg_led | | memlmd, mesg_led | ||
| Line 42: | Line 44: | ||
| | | | ||
| Encrypt Operation (inverse of cmd 7) (IV=0) | | Encrypt Operation (inverse of cmd 7) (IV=0) | ||
| | | buf_size+0x14 | ||
| | | buf_size+0x14 | ||
| | | | ||
| chnnlsv, memab | | chnnlsv, memab | ||
| Line 50: | Line 52: | ||
| | | | ||
| Encrypt Operation (inverse of cmd 8) (IV=FuseID) | | Encrypt Operation (inverse of cmd 8) (IV=FuseID) | ||
| | | buf_size+0x14 | ||
| | | buf_size+0x14 | ||
| | | | ||
| chnnlsv | | chnnlsv | ||
| Line 66: | Line 68: | ||
| | | | ||
| Decrypt Operation (inverse of cmd 4) (IV=0) | | Decrypt Operation (inverse of cmd 4) (IV=0) | ||
| | | buf_size+0x14 | ||
| | | buf_size+0x14 | ||
| | | | ||
| memlmd, mesg_led,chnnlsv, memab | | memlmd, mesg_led,chnnlsv, memab | ||
| Line 74: | Line 76: | ||
| | | | ||
| Decrypt Operation (inverse of cmd 5) (IV=FuseID) | | Decrypt Operation (inverse of cmd 5) (IV=FuseID) | ||
| | | buf_size+0x14 | ||
| | | buf_size+0x14 | ||
| | | | ||
| chnnlsv | | chnnlsv | ||
| Line 98: | Line 100: | ||
| | | | ||
| SHA1 Hash | | SHA1 Hash | ||
| | | buf_size >= 0x14 | ||
| | | ?buf_size? | ||
| | | | ||
| memlmd, mesg_led, memab | | memlmd, mesg_led, memab | ||
| Line 106: | Line 108: | ||
| | | | ||
| Mul1 | | Mul1 | ||
| | | 0 | ||
| | | 0x3C | ||
| | | | ||
| memab | | memab | ||
| Line 114: | Line 116: | ||
| | | | ||
| Mul2 | | Mul2 | ||
| | | 0x3C | ||
| | | 0x3C | ||
| | | | ||
| | | | ||
| Line 122: | Line 124: | ||
| | | | ||
| Pseudo Random Number Generation | | Pseudo Random Number Generation | ||
| | | 0 | ||
| | | 0x14 | ||
| | | | ||
| mesg_led,chnnlsv,memab,semawm | | mesg_led, chnnlsv, memab, semawm | ||
|- | |- | ||
| 15 (0xF) | | 15 (0xF) | ||
| Line 138: | Line 140: | ||
| | | | ||
| Signature Generation | | Signature Generation | ||
| | | 0x34 | ||
| | | 0x34 | ||
| | | | ||
| memab | | memab | ||
| Line 146: | Line 148: | ||
| | | | ||
| Signature Check (checks for generated sigs) | | Signature Check (checks for generated sigs) | ||
| | | 0x64 | ||
| | | 0 | ||
| | | | ||
| memab | | memab | ||
| Line 153: | Line 155: | ||
| 18 (0x12) | | 18 (0x12) | ||
| | | | ||
| Certificate Check ( | | Certificate Check (IDStorage certificates signatures and digests) | ||
| | | 0xB8 | ||
| | | 0 | ||
| | | | ||
| openpsid, memab | | openpsid, memab | ||
|} | |} | ||
== Command 1 == | |||
=== Usages === | |||
=== Algorithm === | |||
=== Vulnerabilities === | |||
== Command 2 == | |||
== Command 3 == | |||
== Command 4 == | |||
== Command 5 == | |||
== Command 6 == | |||
== Command 7 == | |||
== Command 8 == | |||
== Command 9 == | |||
== Command 10 == | |||
== Command 11 == | |||
== Command 12 == | |||
== Command 13 == | |||
== Command 14 == | |||
== Command 15 == | |||
== Command 16 == | |||
== Command 17 == | |||
== Command 18 == | |||
= Library = | = Library = | ||
Revision as of 01:04, 26 February 2020
The PSP KIRK Crypto Engine is a security hardware device that is embedded into the TACHYON main IC chip. It is a bus master and can DMA to/from main DDR RAM memory, operating independantly of the CPU. It is intefaced via memory mapped registers at base of 0xBDE00000 ([SPOCK Crypto Engine] on the other hand is mapped to 0xBDF00000). It is capable of performing AES encryption, decryption, SHA1 Hash, pseudo random number generation, and signature checks (OMAC and ECDSA).
Commands
On PSP there are 18 KIRK commands. On PSVita, there are these 18 commands plus some new commands to support bigger keys (192 bits for example). See F00D commands.
Table
| Command ID | Name | Short description | Input size | Output size | Result | Used in |
|---|---|---|---|---|---|---|
| 1 | Super-Duper decryption (no inverse) | buf_size+0x40 | buf_size | memlmd, mesg_led | ||
| 2 | Encrypt Operation (inverse of cmd 3) | |||||
| 3 | Decrypt Operation (inverse of cmd 2) | |||||
| 4 | Encrypt Operation (inverse of cmd 7) (IV=0) | buf_size+0x14 | buf_size+0x14 | chnnlsv, memab | ||
| 5 | Encrypt Operation (inverse of cmd 8) (IV=FuseID) | buf_size+0x14 | buf_size+0x14 | chnnlsv | ||
| 6 | Encrypt Operation (inverse of cmd 9) (IV=UserDefined) | |||||
| 7 | Decrypt Operation (inverse of cmd 4) (IV=0) | buf_size+0x14 | buf_size+0x14 | memlmd, mesg_led,chnnlsv, memab | ||
| 8 | Decrypt Operation (inverse of cmd 5) (IV=FuseID) | buf_size+0x14 | buf_size+0x14 | chnnlsv | ||
| 9 | Decrypt Operation (inverse of cmd 6) (IV=UserDefined) | |||||
| 10 (0xA) | Private Signature Check (checks for private SCE sig) | |||||
| 11 (0xB) | SHA1 Hash | buf_size >= 0x14 | ?buf_size? | memlmd, mesg_led, memab | ||
| 12 (0xC) | Mul1 | 0 | 0x3C | memab | ||
| 13 (0xD) | Mul2 | 0x3C | 0x3C | |||
| 14 (0xE) | Pseudo Random Number Generation | 0 | 0x14 | mesg_led, chnnlsv, memab, semawm | ||
| 15 (0xF) | (absolutely no idea – could be KIRK initialization) | |||||
| 16 (0x10) | Signature Generation | 0x34 | 0x34 | memab | ||
| 17 (0x11) | Signature Check (checks for generated sigs) | 0x64 | 0 | memab | ||
| 18 (0x12) | Certificate Check (IDStorage certificates signatures and digests) | 0xB8 | 0 | openpsid, memab |
Command 1
Usages
Algorithm
Vulnerabilities
Command 2
Command 3
Command 4
Command 5
Command 6
Command 7
Command 8
Command 9
Command 10
Command 11
Command 12
Command 13
Command 14
Command 15
Command 16
Command 17
Command 18
Library
Calling commands using KIRK registers
Notes
In 2008 SilverSpring wrote:
Currently what is known about the cipher is that it is: a block cipher operating in CBC mode an all zero 128-bit initialization vector 128-bit block and key sizes cmd4/7 uses a static key that is identical in all PSP’s cmd5/8 uses a key based off the fuseID making all operations unique per PSP cmd6/9 uses a user-defined 128-bit key cmd1/2/3 uses the block cipher but also signature algorithms the remaining KIRK cmd’s do not use the block cipher (sig, hash, & prng algo’s) </source>