Creport: Difference between revisions

No edit summary
AES-CTR, not AES-CBC. So it's a CTR, not an IV.
Line 43: Line 43:
This is probably because of privacy concerns (software keyboard + browser could contain passwords and personal info).
This is probably because of privacy concerns (software keyboard + browser could contain passwords and personal info).


For all other title-ids, it generates a random AES-128 key and iv using <code>csrng</code>.
For all other title-ids, it generates a random AES-128 key and CTR using <code>csrng</code>.


It encrypts the entire event buffer with this AES key and iv.
It encrypts the entire event buffer with this AES key and CTR.
Then it encrypts the key-iv-pair using RSA-PSS with a hardcoded pubkey and exponent <code>0x10001</code>.
Then it encrypts the key-iv-pair using RSA-PSS with a hardcoded pubkey and exponent <code>0x10001</code>.