i find something in the hexa code of makemkvcon
i don't have competence to have more information (like mkb key v11->v14)
if somebody can help me to find other information :) for use hostkey and proccess key on aacskeys :p

see the screenshot

At first i want to say its somehow bad sports to reverse engineer a program of someone who gives it away for free and participates in this forum too. But i couldn't resist and check this one out and it's indeed a Host Certificate followed by its Private Key and it works for at least MKBv12 (its the highest MKB i have here)!!

Quite interesting is the stuff that follows the known processing keys. They are not processing keys as written there but the frist line looks like some sort of verification data like used in the MKB decryption process. Maybe this line is used two somehow decrypt the next two lines which are maybe processing keys? Well, it's not a simple XOR, i checked that already ;). I'm not a crypto expert but maybe someone else can't resist to investigte.

:rolleyes:

At first i want to say its somehow bad sports to reverse engineer a program of someone who gives it away for free

yes , but i want play blue ray without rip on my hard drive , and i have mkbv12 bluray :p and libaacskey dumphd don't decrypt them :)

it's indeed a Host Certificate followed by its Private Key
thanks , now i don't have need to patch my drive to have VUD :)

it works for at least MKBv12 (its the highest MKB i have here)!!
for me it's work with mkbv1->v10 :(
i don't find the Processing key v11 and v12

maybe for the futur , we have a projet to make a player for linux (project with my school , only if my school are ok :s ) , and maybe mike or you ken can help us

Great find!

I looked at those interesting decimal numbers that follow (900812...) and it turns out they are just "ECC parameters" according to aacs_crypto.cpp .

Guys, what do you want to achieve? I'm here, just ask.

We decided to put host cert as a plain string for following reasons:
- anyone, including AACS LA, can observe drive handshake and figure out cert used
- since everyone knows "our cert" we might as well put its private key in clear so it could be used by OSS.
- this fact was privately communicated to some forum members.
Bringing attention to this matter will make no good in a long run.

As for processing key, it is heavily protected. Please take my word that it is protected much better then keys are protected in any of 3 software players - reverse engineering these players would be a better direction to apply your reverse-engineering skills. :)

I'm here, just ask.

Well, IIRC you have been asked and said no, which is perfectly OK, Slysoft doesn't give away its goodies for free too. But obviously people are very curious so they have taken a look ;).


- since everyone knows "our cert" we might as well put its private key in clear so it could be used by OSS.
- this fact was privately communicated to some forum members.

Oh well, thats very nice from you, thank you. Too bad i wasn't one of that members, but thanks to pynux OSS can use your cert now too :).

:rolleyes: