Sealedkey / pfsSKKey
sealedkey file is located in sce_sys folder of savedata/trophies. It is not PFS encrypted.
It is used as a per savedata/trophy key in PFS encryption/decryption whilst gamedata/addcont uses klicensee.
File Structure[edit | edit source]
|Type (always 2)
|Padding / unk
|IV for encrypted key
Decryption[edit | edit source]
The first step is to check the HMAC of the file. The process is to use the HMAC key from the Keys#PFS_Secret_Keys page to check the HMAC at position 0x30 in the file. If it is correct, it proceeds to use the pfsSKKey_EncKey to decrypt the value at +0x20 using the value at +0x10 as the IV.