Welcome to Doom9's Forum, THE in-place to be for everyone interested in DVD conversion.

Before you start posting please read the forum rules. By posting to this forum you agree to abide by the rules.

 

Go Back   Doom9's Forum > General > Decrypting

Reply
 
Thread Tools Search this Thread Display Modes
Old 14th March 2007, 01:44   #41  |  Link
woodspire
Registered User
 
Join Date: Jan 2007
Posts: 20
compilation ps3

[HTML]Done under PS3 with Yellow Dog Linux 5. I have modified the ioctl.c file to match both send_cmd header. (I add unsigned to the linux header function). So now, I don't get the error between ioctl.c and aacskeys.h

But still get these errors. Seems that openssl can't get correctly installed. Don't know why. openssl ppc version (not ppc64). It seems it install itself in /usr/local/ssl/include instead of the default path.

If I run openssl, it says it's version 0.9.8a 11 october 2005
But I compiled 0.9.8e

Please someone with C compilation knowledge (I so much love perl, so such compilation problem) compile a binary for linux-ppc or linux-ppc64. Staticly linked would be better I think.

Here is the output from the gcc command:

gcc -o aacskeys -lcrypto -I/usr/local/ssl/include ioctl.c ecdsa.c mmc.c aes.c aacskeys.c
ecdsa.c: In function ‘aacs_set_cert’:
ecdsa.c:29: warning: initialization discards qualifiers from pointer target type
ecdsa.c: In function ‘aacs_sign’:
ecdsa.c:67: warning: comparison between pointer and integer
aes.c:62:2: warning: no newline at end of file
aacskeys.c: In function ‘main’:
aacskeys.c:555: warning: comparison is always false due to limited range of data type
/tmp/ccIwRoTT.o: In function `aacs_key':
ecdsa.c.text+0x14): undefined reference to `EC_KEY_new'
ecdsa.c.text+0x4c): undefined reference to `EC_KEY_set_group'
ecdsa.c.text+0x6c): undefined reference to `EC_KEY_free'
/tmp/ccIwRoTT.o: In function `aacs_set_cert':
ecdsa.c.text+0xd0): undefined reference to `EC_KEY_get0_group'
ecdsa.c.text+0x190): undefined reference to `EC_POINT_new'
ecdsa.c.text+0x1c8): undefined reference to `EC_POINT_set_affine_coordinates_GFp'
ecdsa.c.text+0x1fc): undefined reference to `EC_KEY_set_public_key'
/tmp/ccIwRoTT.o: In function `aacs_sign':
ecdsa.c.text+0x2cc): undefined reference to `EC_KEY_set_private_key'
ecdsa.c.text+0x2dc): undefined reference to `EVP_ecdsa'
ecdsa.c.text+0x34c): undefined reference to `ECDSA_do_sign'
ecdsa.c.text+0x3c4): undefined reference to `ECDSA_SIG_free'
ecdsa.c.text+0x3d8): undefined reference to `EC_KEY_free'
/tmp/ccIwRoTT.o: In function `aacs_verify':
ecdsa.c.text+0x458): undefined reference to `EVP_ecdsa'
ecdsa.c.text+0x4b4): undefined reference to `ECDSA_SIG_new'
ecdsa.c.text+0x534): undefined reference to `ECDSA_do_verify'
ecdsa.c.text+0x550): undefined reference to `ECDSA_SIG_free'
ecdsa.c.text+0x564): undefined reference to `EC_KEY_free'
/tmp/ccIwRoTT.o: In function `aacs_group':
ecdsa.c.text+0x828): undefined reference to `EC_GROUP_new_curve_GFp'
ecdsa.c.text+0x864): undefined reference to `EC_POINT_new'
ecdsa.c.text+0x918): undefined reference to `EC_POINT_set_affine_coordinates_GF2m'
ecdsa.c.text+0x9bc): undefined reference to `EC_GROUP_set_generator'
ecdsa.c.text+0xa04): undefined reference to `EC_GROUP_free'
ecdsa.c.text+0xa20): undefined reference to `EC_POINT_free'
collect2: ld returned 1 exit status[/HTML]
woodspire is offline   Reply With Quote
Old 14th March 2007, 02:15   #42  |  Link
00dwan
Registered User
 
Join Date: Mar 2007
Posts: 8
I couldn't get aacskeys working on ps3 linux. I had similar errors as the ones stated above.

I just tried running aacskeys from windows xp(qemu) on the ps3 and I get the "All AGIDs are in use, aborting." message. Same thing happened when I used a daemon-tools mounted iso on my normal windows xp computer.
00dwan is offline   Reply With Quote
Old 14th March 2007, 02:19   #43  |  Link
woodspire
Registered User
 
Join Date: Jan 2007
Posts: 20
iscsi-target

If someone could compile and correctly execute the iscsi-target on the ps3, we could access the blu-ray from windows with the iscsi-initiator:

iscsi-initiator: http://www.microsoft.com/downloads/d...DisplayLang=en

iscsi-target: http://iscsitarget.sourceforge.net/

Watch out, I think openssl needs to be compile in ppc64.

For my part, iscsi-target compiles correctly. It's when I run it that the're an error in /var/log/messages

For all the linux guru, please help us!
woodspire is offline   Reply With Quote
Old 14th March 2007, 02:55   #44  |  Link
lightshadow
Registered User
 
Join Date: Feb 2007
Posts: 123
Quote:
Originally Posted by woodspire View Post
[HTML]If I run openssl, it says it's version 0.9.8a 11 october 2005
But I compiled 0.9.8e
[/HTML]
This sounds like the openssl that ships with your distribution is located in /usr/ where your compiled is located in /usr/local

For the rpm installed openssl you can check that by
Code:
rpm -qa|grep -i openssl|xargs rpm -ql
For the openssl you compiled, try check the --PREFIX by
Code:
./configure --help
in your unpacked openssl directory, and see what the PREFIX variable is set to. Changing it to /usr will replace your rpm installed openssl.
lightshadow is offline   Reply With Quote
Old 14th March 2007, 04:55   #45  |  Link
woodspire
Registered User
 
Join Date: Jan 2007
Posts: 20
recompile openssl with --prefix=/usr

Now the default openssl is 0.9.8e

Remove the -I/usr/local/ssl/include part

But still same error. Check in the /usr/include/openssl/evp.h and the function EVP_ecdsa is well defined. Why can't the compiler find it ?
woodspire is offline   Reply With Quote
Old 14th March 2007, 07:18   #46  |  Link
arnezami
Registered User
 
Join Date: Sep 2006
Posts: 390
Ok. It looks like ebsi has managed to compile and run aacskeys on the PS3. It looks like his Dv/Dsig values are all zero. As far as I can see he has also added a mount point variable (to make a distinction between the device file where mmc commands are send to and the mountpoint to find the MKB/UnitKey files I guess). So my source probably requires some more tweaking for linux.

Can somebody else confirm this? I wonder if Dcert is returned by the drive (don't post it we just need to know if its not all 0's).

Last edited by arnezami; 14th March 2007 at 08:03.
arnezami is offline   Reply With Quote
Old 14th March 2007, 14:40   #47  |  Link
ebsi
Registered User
 
Join Date: Feb 2007
Posts: 2
http://www.sendspace.com/file/d3aava
In the archive you also find a PS3 linux binary.
It's compiled on Ubuntu Edgy for PPC.
For mounting the a BD disk this patch :
http://sourceforge.net/tracker/index...95&atid=300295
is needed.

To use it you must mount the BD disk. For example:
mount /dev/scd0 /media/cdrom
./aacskeys /dev/scd0 /media/cdrom s

Dv, Disg, HK and BK are empty.
ebsi is offline   Reply With Quote
Old 14th March 2007, 19:16   #48  |  Link
arnezami
Registered User
 
Join Date: Sep 2006
Posts: 390
Quote:
Originally Posted by ebsi View Post
http://www.sendspace.com/file/d3aava
In the archive you also find a PS3 linux binary.
It's compiled on Ubuntu Edgy for PPC.
For mounting the a BD disk this patch :
http://sourceforge.net/tracker/index...95&atid=300295
is needed.

To use it you must mount the BD disk. For example:
mount /dev/scd0 /media/cdrom
./aacskeys /dev/scd0 /media/cdrom s

Dv, Disg, HK and BK are empty.
Ok. I now understand that you do get the Dcert and Dn which means the mmc command are working on the PS3.

There are some things we can do to see what is the problem with retrieving the Dsig and Dv.

(1) There is an (small) error in the report key and send key command.

This is what report_key should look like:

Code:
int report_key(drive_handle h, unsigned char * buffer, char agid, char key_format, short length, unsigned char bluray) {
	unsigned char cmd[CDROM_PACKET_SIZE];
	memset(cmd, 0, CDROM_PACKET_SIZE);

	cmd[0] = REPORT_KEY;
	cmd[1] = 0;
	cmd[7] = 0x02;
	cmd[8] = (length>>8)&0xff;
	cmd[9] = (length)&0xff;
	cmd[10] = agid<<6|(key_format&0x3f);

	memset(buf, 0, length);

	if(send_cmd(h, cmd, buf, 0, length) >= 0)
		return 0;
	else
		return -1;
}

This is what send_key should look like:

Code:
int send_key(drive_handle h, unsigned char *buffer, char agid, char key_format, short length, unsigned char bluray) {
	unsigned char cmd[CDROM_PACKET_SIZE];
	memset(cmd, 0, CDROM_PACKET_SIZE);

	cmd[0] = SEND_KEY;
	cmd[1] = 0;
	cmd[7] = 0x02;
	cmd[8] = (length>>8)&0xff;
	cmd[9] = (length)&0xff;
	cmd[10] = agid<<6|(key_format&0x3f);

	if(send_cmd(h, cmd, buf, length, 0) >= 0)
		return 0;
	else
		return -1;
}
The read_vid should stay the same (with the bluray var).

(2) There could be a problem with timing or the agid being invalid (after the drive cert has been recieved).

This is unlikely but we could check if the agid is still in use after retrieving the drive cert. We do this by trying to obtain an agid just after we have done the report_drive_cert_chal. If its -1 then the agid is still in use (as it should be). But if its 0 then the agid has been dropped by the drive. Alternatively we could try to wait a little before asking the drive for the Dv/Dsig (or ask many times).

(3) We should try to compile and run this program on a PC linux system.

When using either a Bluray drive or a HD DVD drive on a linux PC (not the PS3) we can see what works. If this is working (on a PC) then the PS3 hypervisor is probably giving us trouble (or the distro/processor whatever). If it doesn't work for linux PC (or maybe only bluray) then we have to solve that first.

(4) We should make sure we get better error messages

When the report_drive_key is executed it gives back all 0's. But this can be due to several reasons. We could change this function to give us a little more info on what happened (by check the resulting value of course)

Code:
int report_drive_key(drive_handle h, char agid, unsigned char *point, unsigned char *signature, unsigned char bluray) {
	if(report_key(h, buf, agid, 2, 84, bluray))
		return -2;

	if(buf[0] != 0 || buf[1] != 0x52)
		return -1;

	memcpy(point, buf+4, 40);
	memcpy(signature, buf+44, 40);

	return 0;
}
A return value of -2 would mean that the report_key function failed (and therefore the send_cmd function). With a return value of -1 we know that the drive has actually returned something (but not something beginning with 00 52). Maybe there is also a way to get sense data from the commands send. I don't know how to do this for linux ioctl.

Of course somebody has to do some precise debugging to see where the problem lies.

(5) We should compile and try aacsauth

We have working source code (for linux) in aacsauth. We could use this for trying to see what works. When we add the following in the read_vid of jx6bpm's source it should work for bluray:

Code:
int read_vid(drive_handle h, char agid, char *vid, char *mac) {
	char cmd[CDROM_PACKET_SIZE];
	memset(cmd, 0, CDROM_PACKET_SIZE);

	cmd[0] = 0xad;
	cmd[1] = 1;
	cmd[7] = 0x80;
	cmd[8] = 0;
	cmd[9] = 36;
	cmd[10] = (agid<<6)&0xc0;

	if(send_cmd(h, cmd, buf, 0, 36) < 0)
		return -1;

	memcpy(vid, buf+4, 16);
	memcpy(mac, buf+20, 16);

	return 0;
}
(6) We may have to fill in vendor specific information

The report key command (aswell as the other commands) say that byte 11 is somewhat vendor specific:



Currently we set this entire byte to 0. I don't know if this is a problem (since the Dcert is working it wouldn't make sense this is the reason the Dv isn't retrieved). And what is NACA, flag and link?

There is also the question if this is correct:

Code:
	cmd[8] = (length>>8)&0xff;
	cmd[9] = (length)&0xff;
Maybe its better to use an unsigned char for length (and only use byte 9) to avoid potential problems regarding endian encoding? Since the (allocation) length is never going to exceed 255 anyway.

We could also do a GET CONFIGURATION command and see what comes out of that.

Hopefully we will find out soon what is going on here. The fact that the PS3 is actually returning the Dcert is very positive news because it means that the mmc commands are not blocked .

Regards,

arnezami

Last edited by arnezami; 14th March 2007 at 20:01.
arnezami is offline   Reply With Quote
Old 14th March 2007, 23:45   #49  |  Link
Electrox3d
Registered User
 
Join Date: Feb 2003
Posts: 41
boy am I lost now! I thought I was getting it, then whammo!

OK, so I hope this question falls into this thread:
If the program reveals all AACS Keys needed to decrypt, then how do I get the SHA1 hash? I believe that is needed to decrypt?

In the following example of the BD movie Click, I don't know how to get the 40 character string prior to the "=Click" name. I DO know how to get the 32 character string following the "|00/00/00|".

F40F9413E223031170483DEBD0495F5D64F41392=Click |00/00/00|C1F8540A04E9405FED346872CD125990
....^ I can not figure out how to get this string.................................^ I do know how to get this one. (Its just the CPS key)

So, does this program help in revealing that 40-character string?

Thanks!
__________________
___

Last edited by Electrox3d; 14th March 2007 at 23:48.
Electrox3d is offline   Reply With Quote
Old 15th March 2007, 00:05   #50  |  Link
woodspire
Registered User
 
Join Date: Jan 2007
Posts: 20
sha1 key of file

The hash is the sha1 hash of the AACS/CPUnit00001.cci file.

under linux, type: openssl sha1 CPUnit00001.cci

Under windows, down an utility to calculate sha1 hash of file

Maybe this could help: http://www.codeproject.com/cs/files/dt_file_hasher.asp

or try this: http://hashtab.beeblebrox-org.qarchive.org/

You could also have looked in the backupblurayv21.zip source. Under src/shared/utils.java, the hashFile function explain how it's done.

And the src/main/BackupBluRay.java show which file is hashed.

Last edited by woodspire; 15th March 2007 at 00:15.
woodspire is offline   Reply With Quote
Old 15th March 2007, 00:13   #51  |  Link
woodspire
Registered User
 
Join Date: Jan 2007
Posts: 20
Same problem has ebsi.

Can't compile right now the binary for aacskeys (openssl problem stated above) but the binary provided by ebsi is working.

Dv, Dsig, Hk and BK all zero.

Dcert not zero.

Actually, no other info are zero except the 4 above.

Get a volume Unique Key for talladega nights:

Code:
Processing key:               09F911029D74E35BD84156C5635688C0
Encrypted C-value:            CBB16165DDC196FC65D0E6A0333045F5
Corresponding uv:             00000001

Decrypted C-value:            31143BED2A2E4A23A546A708267DDC7C
Media key:                    31143BED2A2E4A23A546A708267DDC7D

Encrypted verification data:  B385A42078219980710627B27BF7C541
Decr verif data should be:    0123456789ABCDEF
Decrypted verification data:  0123456789ABCDEF682370557C3E243C

AGID:                         FF

Host certificate from:        Power DVD 7.1
Host certificate (Hcert):     0200005CFFFF0000000C00006E3DEB679B9A16AD
                              FAA8E30878767BA6EB2A9B415385AD1181B4446C
                              31E9A5DD2AB808B364FF15885BAC490964318C9B
                              F8029FCF76F688A54FBDA03F6D9332EF04E5A613
                              12DA85880A4D9CBB79D8602E
Host Private Key (Hpriv):     4737676058D7029452514F0AB186DC4CCA8C578F
Host Nonce (Hn):              2923BE84E16CD6AE529049F1F1BBE9EBB3A6DB3C

Drive certificate (Dcert):    ########################################
                              ########################################
                              ########################################
                              ########################################
                              ########################
Drive Nonce (Dn):             ########################################

Drive key point (Dv):         ########################################
                              ########################################
Drive key signature (Dsig):   ########################################
                              ########################################

Host key (Hk):                0000000000000000000000000000000000000000
Host key point (Hv):          8E9B0E3CF41FA7DA3A829F604122EA4ED5261AA4
                              7570CE0BB9061A66FAF92C4A7D98ACC171CBF19B
Host key signature (Hsig):    ########################################
                              ########################################

Drive signature wrong/error
Bus key (BK):                 ################################

Volume ID:                    8E9B0E3CF41FA7DA3A829F604122EA4E
Voluem ID MAC:                ################################

Volume Unique Key:            3104B2690FA032CD8849139B2D518D0F
Encrypted Unit Key 1:         819CCCE5F7FCF2C8F30FD559F0DDCA0E

Decrypted Unit Key 1:         23403F01F9FD3023ADDF2698C12E7C03
But not the correct one: 243302819492872FB60BF20BCCE28531

It's my way to check if the application is working.

Can't make the change to the source code because can't compile but can run any binary you provide, if you want to debug (woodspire@hotmail.com)

P.S. I have a strange copy of "The Prestige" that can't be decrypt with the key provided in this forum. Hopping to correct the problem and be able to provide it to everybody after testing it.
woodspire is offline   Reply With Quote
Old 15th March 2007, 00:31   #52  |  Link
Electrox3d
Registered User
 
Join Date: Feb 2003
Posts: 41
Quote:
Originally Posted by woodspire View Post
The hash is the sha1 hash of the AACS/CPUnit00001.cci file.

under linux, type: openssl sha1 CPUnit00001.cci

Under windows, down an utility to calculate sha1 hash of file

Maybe this could help: http://www.codeproject.com/cs/files/dt_file_hasher.asp

or try this: http://hashtab.beeblebrox-org.qarchive.org/

You could also have looked in the backupblurayv21.zip source. Under src/shared/utils.java, the hashFile function explain how it's done.

And the src/main/BackupBluRay.java show which file is hashed.

This is the first time it was clearly put to me what needed to be done to get this Hash... The software you linked wouldn't work based on some kind of .NET security, but a program called Pinpoint Hash by Pinpoint Laboratories pulled up that exact code! I was like then then

Thanks!
__________________
___
Electrox3d is offline   Reply With Quote
Old 15th March 2007, 05:58   #53  |  Link
arnezami
Registered User
 
Join Date: Sep 2006
Posts: 390
Quote:
Originally Posted by Electrox3d View Post
This is the first time it was clearly put to me what needed to be done to get this Hash... The software you linked wouldn't work based on some kind of .NET security, but a program called Pinpoint Hash by Pinpoint Laboratories pulled up that exact code! I was like then then

Thanks!
Yes. I this has been discussed. Firstly: the aacskeys program is in progress and it isn't finished. Earlier in this thread I said I would include the sha1 hash at some time. Secondly: KenD00 and I agreed the wrong file is currently hashed which is likely to give us duplicate values for different movies and we agreed to change it to the Unit Key file. We even discussed the file format and the possibility of the Unit Key files being the same for different movies. Its all in this thread.

Sorry for not being more clear about this. But there is a time for building and programming stuff and there is a time for explaining stuff. Usually in that order .

Regards,

arnezami
arnezami is offline   Reply With Quote
Old 15th March 2007, 06:21   #54  |  Link
arnezami
Registered User
 
Join Date: Sep 2006
Posts: 390
Quote:
Originally Posted by woodspire View Post
Same problem has ebsi.

Can't compile right now the binary for aacskeys (openssl problem stated above) but the binary provided by ebsi is working.

Dv, Dsig, Hk and BK all zero.

Dcert not zero.

Actually, no other info are zero except the 4 above.

Get a volume Unique Key for talladega nights:

...

It's my way to check if the application is working.

Can't make the change to the source code because can't compile but can run any binary you provide, if you want to debug (woodspire@hotmail.com)

P.S. I have a strange copy of "The Prestige" that can't be decrypt with the key provided in this forum. Hopping to correct the problem and be able to provide it to everybody after testing it.
Thanks for testing. This is interesting (and stange). It actually gives back a Volume ID (although its the wrong one).

In this post the Volume ID for Talladega Nights The Ballad of Ricky Bobby was posted:

Code:
7f 58 3c b4 6c 30 99 e5 c8 99 44 08 07 f7 41 4b
I'm assuming thats the same movie. But since it gives back something it may be an encrypted Volume ID (possibly some special PS3 encryption?).** Can somebody look at their Dcert and see if the drive as Bus Key capable. As I explained earlier how to see this: look for 01 00 00 5c in there. The red value is zero if the drive is not capable of bus encryption.

There is another thing we should try. I now suspect the Dv/Dsig is not empty at all its just not copied to the appropiate buffers (because it contains something strange).

In order to test this you could remove the following code from the report_drive_key function:

Code:
int report_drive_key(drive_handle h, char agid, unsigned char *point, unsigned char *signature, unsigned char bluray) {
	if(report_key(h, buf, agid, 2, 84, bluray))
		return -1;

	if(buf[0] != 0 || buf[1] != 0x52)
		return -1;

	memcpy(point, buf+4, 40);
	memcpy(signature, buf+44, 40);

	return 0;
}
so it would look like this:

Code:
int report_drive_key(drive_handle h, char agid, unsigned char *point, unsigned char *signature, unsigned char bluray) {
	if(report_key(h, buf, agid, 2, 84, bluray))
		return -1;

	memcpy(point, buf+4, 40);
	memcpy(signature, buf+44, 40);

	return 0;
}
If it then gives any data I would be very interested in what that data is. Would the first two values be close to 0x00 0x52? It wouldn't be working according to specs btw...


[edit] Ooh wait. The agid is wrong! Huh?! There is something wrong there. It should never be FF. Ah. Ok. The check has been removed by ebsi. This explains why its acting up. No agid means no go. Although it doesn't help us yet. Will try to figure out how to proceed.



arnezami

** It may be wise/healthy paranoia to remove everything from this "Volume ID" and all stuff below that (until we know what it is).

Last edited by arnezami; 15th March 2007 at 06:45.
arnezami is offline   Reply With Quote
Old 15th March 2007, 06:44   #55  |  Link
HyperHacker
Resident DRM Hater
 
HyperHacker's Avatar
 
Join Date: Oct 2006
Location: International waters
Posts: 242
FYI, "Voluem ID MAC" is spelled wrong.
__________________
Because Moogles pwn.
HyperHacker is offline   Reply With Quote
Old 15th March 2007, 08:35   #56  |  Link
arnezami
Registered User
 
Join Date: Sep 2006
Posts: 390
Ok. I've completely stripped aacskeys into aacstiny.

It now doesn't need openssl. So more people can compile and help us.

It doesn't do much. Its just a test program. It gives more information about what is going with the drive so please try this and report back to us (careful: it dumps buffers so I've sort of marked potential sensitive data but if you don't trust yourself just desribe what you see)

Here is part of what I see on my PC:

Code:
Sending report key command: A40000000000000200003F00
Invalidation AGID 0. Result: 0
Sending report key command: A40000000000000200007F00
Invalidation AGID 1. Result: 0
Sending report key command: A4000000000000020000BF00
Invalidation AGID 2. Result: 0
Sending report key command: A4000000000000020000FF00
Invalidation AGID 3. Result: 0
Sending report key command: A40000000000000200080000
Returning buffer from report agid command: 0006000000000000
AGID:                         00

Sending send key command: A30000000000000200740100
Host certificate from:        Power DVD 7.1
Host certificate (Hcert):     0200005CFFFF0000000C00006E3DEB679B9A16AD
                              FAA8E30878767BA6EB2A9B415385AD1181B4446C
                              31E9A5DD2AB808B364FF15885BAC490964318C9B
                              F8029FCF76F688A54FBDA03F6D9332EF04E5A613
                              12DA85880A4D9CBB79D8602E
Host Private Key (Hpriv):     4737676058D7029452514F0AB186DC4CCA8C578F
Host Nonce (Hn):              2923BE84E16CD6AE529049F1F1BBE9EBB3A6DB3C

Sending report key command: A40000000000000200740100
CAREFUL SENSITIVE: Returning buffer from report drive challenge command: 00720000xxxxxxx
http://rapidshare.com/files/21107374/aacstiny.rar.html

(sorry sendspace is down atm)

Instructions:

Code:
INSTALL

Compile with gcc -o aacstiny ioctl.c mmc.c aacstiny.c

There may be some warning. But hopefully it compiles for linux now (not tested yet).

USAGE

mount /dev/scd0 /media/cdrom    (this may not be needed but well doesn't hurt I guess)
./aacstiny /dev/scd0 s
/dev/scd0 is the device file of your drive
Good luck .

arnezami

PS. On a sidenote: since AACS auth is only implemented on "PC-based systems" its also possible the PS3 doesn't support it at all. If this is the case then I have no idea how the PS3 gets its volume ids. I highly doubt though this is the case.

Last edited by arnezami; 15th March 2007 at 08:59.
arnezami is offline   Reply With Quote
Old 15th March 2007, 11:37   #57  |  Link
woodspire
Registered User
 
Join Date: Jan 2007
Posts: 20
Dcert

Code:
Can somebody look at their Dcert and see if the drive as Bus Key capable. As I explained earlier how to see this: look for 01 00 00 5c in there. The red value is zero if the drive is not capable of bus encryption.

The only '5C' is at the start of my Dcert. Here how it starts:

0200005CFFFF00 ...

So, it seems that it's not capable of bus encryption.

And it doesn't begin with '01' but with '02'.

Also, if no bus encryption is supported, isn't that a nice thing to have... no encryption ???

Last edited by woodspire; 15th March 2007 at 14:02.
woodspire is offline   Reply With Quote
Old 15th March 2007, 12:13   #58  |  Link
lightshadow
Registered User
 
Join Date: Feb 2007
Posts: 123
I can't compile aacstiny Linux. The latter is a bit more verbose.
Code:
~/bdownload/aacstiny$ gcc -o aacstiny ioctl.c mmc.c aacstiny.c
aacstiny.c: In function ‘main’:
aacstiny.c:245: error: ‘EXIT_SUCCESS’ undeclared (first use in this function)
aacstiny.c:245: error: (Each undeclared identifier is reported only once
aacstiny.c:245: error: for each function it appears in.)
~/bdownload/aacstiny$ gcc -Wall -O2 -o aacstiny ioctl.c mmc.c aacstiny.c
ioctl.c: In function ‘close_drive’:
ioctl.c:167: warning: implicit declaration of function ‘close’
aacstiny.c:40: warning: return type defaults to ‘int’
aacstiny.c:83: warning: return type defaults to ‘int’
aacstiny.c: In function ‘main’:
aacstiny.c:193: warning: pointer targets in passing argument 1 of ‘output_key’ differ in signedness
aacstiny.c:245: error: ‘EXIT_SUCCESS’ undeclared (first use in this function)
aacstiny.c:245: error: (Each undeclared identifier is reported only once
aacstiny.c:245: error: for each function it appears in.)
aacstiny.c:239: warning: label ‘err’ defined but not used
~/bdownload/aacstiny$
lightshadow is offline   Reply With Quote
Old 15th March 2007, 17:18   #59  |  Link
honai
Guest
 
Posts: n/a
Quote:
The hash is the sha1 hash of the AACS/CPUnit00001.cci file.

under linux, type: openssl sha1 CPUnit00001.cci

Under windows, down an utility to calculate sha1 hash of file
Under Windows I'd recommend the HashTab shell extension:

http://www.beeblebrox.org/hashtab/

Might also come in handy for other uses, like comparing if two files are identical, or when you want to release some software on a public server.
  Reply With Quote
Old 15th March 2007, 19:47   #60  |  Link
arnezami
Registered User
 
Join Date: Sep 2006
Posts: 390
Quote:
Originally Posted by lightshadow View Post
I can't compile aacstiny Linux. The latter is a bit more verbose.
Code:
~/bdownload/aacstiny$ gcc -o aacstiny ioctl.c mmc.c aacstiny.c
aacstiny.c: In function ‘main’:
aacstiny.c:245: error: ‘EXIT_SUCCESS’ undeclared (first use in this function)
aacstiny.c:245: error: (Each undeclared identifier is reported only once
aacstiny.c:245: error: for each function it appears in.)
~/bdownload/aacstiny$ gcc -Wall -O2 -o aacstiny ioctl.c mmc.c aacstiny.c
ioctl.c: In function ‘close_drive’:
ioctl.c:167: warning: implicit declaration of function ‘close’
aacstiny.c:40: warning: return type defaults to ‘int’
aacstiny.c:83: warning: return type defaults to ‘int’
aacstiny.c: In function ‘main’:
aacstiny.c:193: warning: pointer targets in passing argument 1 of ‘output_key’ differ in signedness
aacstiny.c:245: error: ‘EXIT_SUCCESS’ undeclared (first use in this function)
aacstiny.c:245: error: (Each undeclared identifier is reported only once
aacstiny.c:245: error: for each function it appears in.)
aacstiny.c:239: warning: label ‘err’ defined but not used
~/bdownload/aacstiny$
Just change EXIT_SUCCESS into 0 (as in zero).

Or download this one: http://www.sendspace.com/file/tutjhl

Regards,

arnezami
arnezami is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 15:07.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.