Difference between revisions of "Capture services"
(→Notes: mac) |
|||
Line 129: | Line 129: | ||
Screenshots are validated as follows: The JPEG's MAC is extracted from the EXIF maker note, and stored. A timestamp string is generated by calling snprintf(&str, 20, "%04d:%02d:%02d %02d:%02d:%02d", ...); with stored timestamp values. If this doesn't match the timestamp string stored in EXIF, then an error 0xA34CE is returned. Otherwise, the entire JPEG is loaded into memory, and the stored EXIF maker note is cleared to zeroes. Then, an HMAC-SHA256 is computed over the entire JPEG using a hardcoded secret key. if (memcmp(calculated_hmac, stored_hmac, 0x10) == 0), the screenshot is valid, else 0xA3ACE is returned. | Screenshots are validated as follows: The JPEG's MAC is extracted from the EXIF maker note, and stored. A timestamp string is generated by calling snprintf(&str, 20, "%04d:%02d:%02d %02d:%02d:%02d", ...); with stored timestamp values. If this doesn't match the timestamp string stored in EXIF, then an error 0xA34CE is returned. Otherwise, the entire JPEG is loaded into memory, and the stored EXIF maker note is cleared to zeroes. Then, an HMAC-SHA256 is computed over the entire JPEG using a hardcoded secret key. if (memcmp(calculated_hmac, stored_hmac, 0x10) == 0), the screenshot is valid, else 0xA3ACE is returned. | ||
+ | |||
+ | In [[3.0.0]], MAC calculation was changed: now, instead of calculating an HMAC, a plain SHA256 hash is calculated. capsrv basically does screenshot_kek = spl::GenerateAesKek(<hardcoded screenshot_kek_source>); spl::LoadAesKey(screenshot_kek, <hardcoded screenshot_key_source>); MAC = spl::ComputeCmac(hash); | ||
== Videos == | == Videos == | ||
− | [[4.0.0]] includes video playback etc support in Album via mp4. These include a JPEG thumbnail, which is presumably used for video "validation". The EXIF from this JPEG doesn't seem to contain the same HMAC data as the original Album JPEGs. The EXIF is also now much larger: the MakerNote is 0x498-bytes, with | + | [[4.0.0]] includes video playback etc support in Album via mp4. These include a JPEG thumbnail, which is presumably used for video "validation". The EXIF from this JPEG doesn't seem to contain the same HMAC data as the original Album JPEGs. The EXIF is also now much larger: the MakerNote is 0x498-bytes, with encrypted data starting at offset +0x8. This encryption uses AES-CTR with hardcoded key/ctr. MAC calculation works the same way as the [[3.0.0]]+ JPEG MAC calculation, except with a different movie_kek_source/movie_key_source. |
Note: the Album process itself uses libstagefright for video playback. | Note: the Album process itself uses libstagefright for video playback. | ||
[[Category:Services]] | [[Category:Services]] |
Revision as of 21:35, 21 May 2018
caps:a
This is "nn::capsrv::sf::IAlbumAccessorService".
Cmd | Name |
---|---|
0 | |
1 | |
2 | |
3 | |
4 | |
5 | |
6 | |
7 | |
8 | |
9 | |
10 | |
11 | |
12 | |
13 | |
14 | |
301 | |
401 | |
501 | |
1001 | |
1002 | |
8001 | |
8002 | |
8011 | |
8012 | |
8021 | |
10011 |
caps:c
This is "nn::capsrv::sf::IAlbumControlService".
Cmd | Name |
---|---|
2001 | |
2002 | |
2011 | |
2012 | |
2013 | |
2014 | |
2101 | |
2102 | |
2201 | |
2301 |
caps:u
This is "nn::capsrv::sf::IAlbumApplicationService".
Cmd | Name |
---|---|
102 | GetAlbumFileListByAruid |
103 | DeleteAlbumFileByAruid |
104 | GetAlbumFileSizeByAruid |
110 | LoadAlbumScreenShotImageByAruid |
120 | LoadAlbumScreenShotThumbnailImageByAruid |
60002 | OpenAccessorSessionForApplication |
IAlbumAccessorApplicationSession
This is "nn::capsrv::sf::IAlbumAccessorApplicationSession".
Cmd | Name |
---|---|
2001 | OpenAlbumMovieReadStream |
2002 | CloseAlbumMovieReadStream |
2003 | GetAlbumMovieReadStreamMovieDataSize |
2004 | ReadMovieDataFromAlbumMovieReadStream |
2005 | GetAlbumMovieReadStreamBrokenReason |
Notes
capsrv is responsible for validating the MACs for screenshots stored on the SD card, if the setting capsrv!enable_album_screenshot_filedata_verification is non-zero.
Screenshots are validated as follows: The JPEG's MAC is extracted from the EXIF maker note, and stored. A timestamp string is generated by calling snprintf(&str, 20, "%04d:%02d:%02d %02d:%02d:%02d", ...); with stored timestamp values. If this doesn't match the timestamp string stored in EXIF, then an error 0xA34CE is returned. Otherwise, the entire JPEG is loaded into memory, and the stored EXIF maker note is cleared to zeroes. Then, an HMAC-SHA256 is computed over the entire JPEG using a hardcoded secret key. if (memcmp(calculated_hmac, stored_hmac, 0x10) == 0), the screenshot is valid, else 0xA3ACE is returned.
In 3.0.0, MAC calculation was changed: now, instead of calculating an HMAC, a plain SHA256 hash is calculated. capsrv basically does screenshot_kek = spl::GenerateAesKek(<hardcoded screenshot_kek_source>); spl::LoadAesKey(screenshot_kek, <hardcoded screenshot_key_source>); MAC = spl::ComputeCmac(hash);
Videos
4.0.0 includes video playback etc support in Album via mp4. These include a JPEG thumbnail, which is presumably used for video "validation". The EXIF from this JPEG doesn't seem to contain the same HMAC data as the original Album JPEGs. The EXIF is also now much larger: the MakerNote is 0x498-bytes, with encrypted data starting at offset +0x8. This encryption uses AES-CTR with hardcoded key/ctr. MAC calculation works the same way as the 3.0.0+ JPEG MAC calculation, except with a different movie_kek_source/movie_key_source.
Note: the Album process itself uses libstagefright for video playback.