Difference between revisions of "FSPXI:ImportIntegrityVerificationSeed"

From 3dbrew
Jump to navigation Jump to search
 
(12 intermediate revisions by 3 users not shown)
Line 6: Line 6:
 
|-
 
|-
 
| 0
 
| 0
| Header code [0x00460002]
+
| Header code [0x00450002]
 
|-
 
|-
 
| 1
 
| 1
| Always 0x00013004, for 0x130 size: (size<<8) <nowiki>|</nowiki> 4
+
| Always 0x00013006, for 0x130 size: (size<<8) <nowiki>|</nowiki> 6
 
|-
 
|-
 
| 2
 
| 2
Line 37: Line 37:
 
|  0x0
 
|  0x0
 
|  0x10
 
|  0x10
|  AES-CCM MAC over the cleartext SEED
+
|  AES-CBC MAC over a SHA256 hash, which hashes the first 0x110-bytes of the cleartext SEED.
 
|-
 
|-
 
|  0x10
 
|  0x10
 
|  0x120
 
|  0x120
|  The [[nand/private/movable.sed]], encrypted with AES-CCM
+
|  The [[nand/private/movable.sed]], encrypted with AES-CBC using the above MAC for the counter.
 
|}
 
|}
  
 
=Description=
 
=Description=
This decrypts the input SEED and verifies it with the input AES-CCM MAC, verifies the RSA-signature, then writes the data to [[nand/private/movable.sed]].
+
This decrypts the input SEED and verifies it with the input AES-CBC MAC, verifies the RSA-signature, then writes the data to [[nand/private/movable.sed]].

Latest revision as of 11:31, 28 July 2020

Request[edit]

Index Word Description
0 Header code [0x00450002]
1 Always 0x00013006, for 0x130 size: (size<<8) | 6
2 Input IntegrityVerificationSeed pointer

Response[edit]

Index Word Description
0 Header code
1 Result code

IntegrityVerificationSeed[edit]

Offset Size Description
0x0 0x10 AES-CBC MAC over a SHA256 hash, which hashes the first 0x110-bytes of the cleartext SEED.
0x10 0x120 The nand/private/movable.sed, encrypted with AES-CBC using the above MAC for the counter.

Description[edit]

This decrypts the input SEED and verifies it with the input AES-CBC MAC, verifies the RSA-signature, then writes the data to nand/private/movable.sed.