~PSP files are definately compressed

Discuss the development of new homebrew software, tools and libraries.

Moderators: cheriff, TyRaNiD

User avatar
Shazz
Posts: 244
Joined: Tue Aug 31, 2004 11:42 pm
Location: Somewhere over the rainbow
Contact:

Post by Shazz »

This is how I would do.... true or not, relevant or not... ;-)

Image
Image

Edited with Steddy's comments :
- sign compressed binary
- optional simple gzip compression before delivery by Dev
- multiple PKIs for AES key (possible?) encryption & authentication

Some interesting links which give me confidence :
RSA BSAFE PKI : http://www.rsasecurity.com/press_releas ... 48&id=1034
AES : http://www.us.playstation.com/pressreleases.aspx?id=207
Last edited by Shazz on Wed May 25, 2005 9:50 pm, edited 4 times in total.
- TiTAN Art Division -
http://www.titandemo.org
Guest

Post by Guest »

Hey Shazz, that looks cool...did you make that slide yourself ? or what was the source ? :)
User avatar
Shazz
Posts: 244
Joined: Tue Aug 31, 2004 11:42 pm
Location: Somewhere over the rainbow
Contact:

Post by Shazz »

Yep by myself :D or maybe some images ripped from Google, no $ony material...
- TiTAN Art Division -
http://www.titandemo.org
steddy
Posts: 139
Joined: Mon Apr 04, 2005 3:53 am

Post by steddy »

Emm... they look far to offical :)

I would have this point to make made in my original post..

3. Its safer and common practise to sign data BEFORE encrypting it. There are known crypto attacks against RSA if done the other way around.

Therefor, the signature is taken off the decrypted data, not the encrypted data. If these images come from a legit source then its possible Sony haven't done it this way, but it is common practice.

Also, maybe worth updating the diagrams to include compression as per my list on page 1.

Good work
Steddy
User avatar
Shazz
Posts: 244
Joined: Tue Aug 31, 2004 11:42 pm
Location: Somewhere over the rainbow
Contact:

Post by Shazz »

steddy wrote:Emm... they look far to offical :)
No no, that's my job to do powerpoint slides :D
steddy wrote: I would have this point to make made in my original post..

3. Its safer and common practise to sign data BEFORE encrypting it. There are known crypto attacks against RSA if done the other way around.

Therefor, the signature is taken off the decrypted data, not the encrypted data. If these images come from a legit source then its possible Sony haven't done it this way, but it is common practice.

Also, maybe worth updating the diagrams to include compression as per my list on page 1.

Good work
Steddy
Yep, I agree, signing before encrypting may be a safer choice, I chosed this schema as I was thinking the encryption could be done by the dev studio and not the authentication.... But it is not a relevant assumption... why the hell this session key would be generated by the studio...

So in this case, the binary will be decrypted before authentication check

So I think you're right... the plaintext binary should be signed first :D
I'll update my slides !

About compression, Do you think it is a separated process, I should have seen somewhere some kind of modified encrypting algortihms which performs packing while encrypting too... no ?

I can add the step but quite unclear for me...

Thanks for the comment :D
I always thought a good schema worths tons of words :D
- TiTAN Art Division -
http://www.titandemo.org
steddy
Posts: 139
Joined: Mon Apr 04, 2005 3:53 am

Post by steddy »

Well, you sure are good at those slides :)

Its also possible that the session key is NOT encrypted, but just stored in the file. I would leave that step in your slides for now though since its more complete. These are the decode steps I had which mention decompression... I recommend re-reading the entire thread on how offset 6 is used:
The file loader should do all of the following and this may give a clue to those other fields:-

1. Decrypt the data using the Session key and IV value contained in the file (its possible this is encrypted with another key in ROM)
2. Hash the decrypted data with SHA1.
3. Decrypt the digital signature in the header with the Public key in ROM
4. Compare the output from 2 and 3 to ensure the file hasn't been tampered with and was created by Sony
5. Expand the file if its compressed.
6. Maybe write it to a temporary area unencrypted or just place it directly in memory.
Here is the source code to decrypt data2.bin for those that are interested. It takes two parameters. Parameter 1 is the input filename and path and parameter 2 is the output filename and path. Eg. data2reader data2.bin datadecoded.bin

Code: Select all

package data2reader;

import java.io.FileInputStream; 
import java.io.FileOutputStream;
import java.io.File; 
import java.io.InputStream; 
import java.io.OutputStream;
import net.scee.drm.mypsp.download.hash.SHA1CipherStream;

public class Data2Reader 
{ 

    private static final char HEX[] = 
    { 
        '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 
        'A', 'B', 'C', 'D', 'E', 'F' 
    }; 

    public static void main (String[] args) 
    { 
        boolean bWrite=false;
        File data2File=new File(args[0]); 
        if(args.length==2) {
            bWrite=true;
        }
        long fileLength = data2File.length(); 
        if(fileLength % 276L != 0L) 
        { 
            System.out.println("Error: File length not multiple of 276"); 
            System.exit(1); 
        } 
        else 
        { 
            try 
            { 
               InputStream dis = new FileInputStream(data2File); 
                int nIdent = (int) (fileLength / 276L); 
                for&#40;int i = 0; &#40;long&#41;i < nIdent; i++&#41; 
                &#123; 
                    byte&#91;&#93; version     = new byte&#91;4&#93;; 
                    byte&#91;&#93; hardwareId  = new byte&#91;20&#93;; 
                    byte&#91;&#93; timeStamp   = new byte&#91;4&#93;; 
                    byte&#91;&#93; nickName    = new byte&#91;208&#93;; 
                    byte&#91;&#93; fingerprint = new byte&#91;20&#93;; 
                    byte&#91;&#93; key         = new byte&#91;20&#93;; 
                    dis.read&#40;version&#41;; 
                    dis.read&#40;hardwareId&#41;; 
                    dis.read&#40;timeStamp&#41;; 
                    dis.read&#40;nickName&#41;; 
                    dis.read&#40;fingerprint&#41;; 
                    dis.read&#40;key&#41;; 
                    SHA1CipherStream cipher = new SHA1CipherStream&#40;key&#41;; 
                    cipher.xor&#40;version&#41;; 
                    cipher.xor&#40;hardwareId&#41;; 
                    cipher.xor&#40;timeStamp&#41;; 
                    cipher.xor&#40;nickName&#41;; 
                    cipher.xor&#40;fingerprint&#41;; 
                    System.out.println&#40;"Found identity&#58; "+convertToString&#40;nickName&#41;&#41;; 
                    System.out.println&#40;"HardwareID&#58; "+dump&#40;hardwareId&#41;&#41;; 
                    System.out.println&#40;"Version&#58; "+dump&#40;version&#41;&#41;; 
                    System.out.println&#40;"TimeStamp&#58; "+dump&#40;timeStamp&#41;&#41;; 
                    System.out.println&#40;&#41;; 
                    if&#40;bWrite==true&#41; &#123;
                        // Now output the file if required
                        OutputStream out = new FileOutputStream&#40;args&#91;1&#93;&#41;;
                        out.write&#40;version&#41;;
                        out.write&#40;hardwareId&#41;;
                        out.write&#40;timeStamp&#41;;
                        out.write&#40;nickName&#41;;
                        out.write&#40;fingerprint&#41;;                   
                    &#125;
                &#125; 
            &#125; 
            catch &#40;Exception e&#41; 
            &#123; 
                System.out.println&#40;"Error&#58; "+e&#41;; 
            &#125; 
        &#125; 
    &#125; 

    public static final String convertToString&#40;byte&#91;&#93; input&#41; 
    &#123; 
        try 
        &#123; 
            int n=0; 
            while &#40;input&#91;n&#93;!=0&#41; n++; 
            return new String&#40;input, 0, n, "UTF8"&#41;; 
        &#125; 
        catch&#40;Exception e&#41; 
        &#123; 
            return null; 
        &#125; 
    &#125; 

    public static final String dump&#40;byte a&#91;&#93;&#41; 
    &#123; 
        StringBuffer buf = new StringBuffer&#40;&#41;; 
        for&#40;int i = 0; i < a.length; i++&#41; 
        &#123; 
            buf.append&#40;HEX&#91;a&#91;i&#93; >> 4 & 0xf&#93;&#41;; 
            buf.append&#40;HEX&#91;a&#91;i&#93; & 0xf&#93;&#41;; 
        &#125; 
        return buf.toString&#40;&#41;; 
    &#125; 

&#125;
As you can see its a modification of the code presented by piercer in the PSP Download Agent thread. It requires the jar file libraries provided in the following download from Sony:

https://www.yourpsp.com/download/static ... ppletS.jar


Steddy
User avatar
Shazz
Posts: 244
Joined: Tue Aug 31, 2004 11:42 pm
Location: Somewhere over the rainbow
Contact:

Post by Shazz »

Eh eh that's really nice to exchange my primary thoughts to your discoveries to finaly have a relevant security architecture with an good level of confidence :D

Really great... I'll update it tomorrow
eh eh and funny I downloaded yesterday Wipeout packs and so I decompiled the applet too :D Need to go in depth into :D

By the way, I think sony did a good job... implementing a true PKI in a portable console is really something I never saw before...(but I did not see a lot of things :D, MagicGate is far away...)
- TiTAN Art Division -
http://www.titandemo.org
djhuevo
Posts: 47
Joined: Thu Mar 10, 2005 3:50 pm

Post by djhuevo »

very nice slides Shazz
sobreviviendo en la tierra de los trolldev
User avatar
Shazz
Posts: 244
Joined: Tue Aug 31, 2004 11:42 pm
Location: Somewhere over the rainbow
Contact:

Post by Shazz »

Thanx DJ Huevo :D Did you find something to use the base64 bug ?

By the way, I have updated the slides based on the discussion... Considering the number of certificates in the firmware, probably some steps stil missing...
- TiTAN Art Division -
http://www.titandemo.org
User avatar
Shazz
Posts: 244
Joined: Tue Aug 31, 2004 11:42 pm
Location: Somewhere over the rainbow
Contact:

Post by Shazz »

Mr Brown said:
~PSP files are not signed by certificates. The rest of this thread is lacking any useful content. Locked.


Do we miss something ????
- TiTAN Art Division -
http://www.titandemo.org
steddy
Posts: 139
Joined: Mon Apr 04, 2005 3:53 am

Post by steddy »

No MrBrown did.

~PSP files must be signed by certificates or Sony would have no way of preventing us running malicious code.

Steddy
mrbrown
Site Admin
Posts: 1537
Joined: Sat Jan 17, 2004 11:24 am

Post by mrbrown »

steddy wrote:No MrBrown did.

~PSP files must be signed by certificates or Sony would have no way of preventing us running malicious code.

Steddy
Checksums do a pretty good job of preventing folks from tampering as well :P.

But here it is again: the certificates found in flash have nothing to do with ~PSP files.
User avatar
Shazz
Posts: 244
Joined: Tue Aug 31, 2004 11:42 pm
Location: Somewhere over the rainbow
Contact:

Post by Shazz »

mrbrown wrote:
Checksums do a pretty good job of preventing folks from tampering as well :P.

But here it is again: the certificates found in flash have nothing to do with ~PSP files.
Ah ah Mr Brown !!! You cannot stop like that !!! Tell us what you discovered !!! Did you dump the load*.prx ?

Tell us our I'll plug the SIO in your nose ! ;-)

www.0xd6.org is back ! :D
ah ah ! I was sure $ony threatened you :D after you forced the poor ps1drv coder to harakiri himself :D

Nice to see you on board :D
Last edited by Shazz on Mon May 30, 2005 9:25 pm, edited 1 time in total.
- TiTAN Art Division -
http://www.titandemo.org
pedroleite
Posts: 39
Joined: Sun Apr 10, 2005 8:31 am

Post by pedroleite »

mrbrown wrote:
steddy wrote:No MrBrown did.

~PSP files must be signed by certificates or Sony would have no way of preventing us running malicious code.

Steddy
Checksums do a pretty good job of preventing folks from tampering as well :P.

But here it is again: the certificates found in flash have nothing to do with ~PSP files.
My impression also. These are certificates for Sony websites, DNAS. Used your online connect disk lately ?
steddy
Posts: 139
Joined: Mon Apr 04, 2005 3:53 am

Post by steddy »

Checksums do a pretty good job of preventing folks from tampering as well :P.
Not really, since they contain nothing that cannot be recreated by the hacker. The signature does because its signed by the PRIVATE key which is NOT on the device (only the PUBLIC one).

They don't have to be in the certs directory. The public key could be in some other part of the ROM (like the BOOTSTRAP area which contains the decryption functions).

The only way you could be 100% sure about this is if you have decoded the encoded files already. Come on, do share.

Steddy
laichung
Posts: 123
Joined: Fri May 06, 2005 2:02 pm

Post by laichung »

I dont know anyone notice this before :
At 3C-3F :
Data.psp : 40 00 40 00
EBoot.psp : 40 00 40 00
Compressed prx : 10 00 10 00
no compress prx : 10 00 40 00

and for those prx I had checked, they have same value at 36-37 : 00 80

another common thing:
49 - 4B and 55-57 always has same value , but 48 and 54 may different
if two of them are same , 58 - 59 will be zero
if 48 and 54 has different value , then 58 - 59 may have value

and 7C should be a flag , 01 for prx and 09 for bin , 0C for Update
MelGibson
Posts: 58
Joined: Sun Apr 10, 2005 10:19 pm

Post by MelGibson »

laichung wrote:I dont know anyone notice this before :
At 3C-3F :
Data.psp : 40 00 40 00
EBoot.psp : 40 00 40 00
Compressed prx : 10 00 10 00
no compress prx : 10 00 40 00
This is not true for every PRX File:
for example \flash0\kd\audio.prx has a "file type" flag: 06 10 01 00
so it it commpressed but has 10 00 40 00 at 3c-3f
same for flash0\kd\blkdev.prx which ist compressed, too but also has
10 00 40 00 at 3c-3f
and for those prx I had checked, they have same value at 36-37 : 00 80
For Library Modulesit might be most of the time, but not for updates and Game executables... there 34-37 seems to be the section length inside the ELF header for the first section in the ELF header. (c.f. : http://forums.ps2dev.org/viewtopic.php?t=1463&start=30 )
and 7C should be a flag , 01 for prx and 09 for bin , 0C for Update
Seems to be like this.. nice findings.
Post Reply