KEYDB.cfg 9.92 KB
Newer Older
1
; libaacs key database file, format 1.0
2
; -------------------------------------
3
;
4
; This config file format is an augmented form of DumpHD's config file
5
6
; format 1.4.
;
7
8
; This file is provided as documentation and as an example of the key database
; file used by libaacs, it contains no valid keys or entries.
9
;
10
11
12
; A config file has four main config entry items. The first items are device key
; entry items, the second is host certificate entry items, the third is
; processing key entry items, and the fourth are title entry items. Details on
gates's avatar
gates committed
13
; these items will be given later.
14
;
15
; The encoding of this file is UTF-8 without BOM (if the BOM is present the
16
17
18
; first line will not get recognized). A line delimiter may be either LF (\n) or
; CR (\r). A combination of CR+LF or LF+CR will be considered as a sequence of
; two line delimiters.
19
;
gates's avatar
gates committed
20
21
22
; Comments can be inserted into the config file. A comment begins with a ';'
; character. Anything after the ';' character, up to the next newline, is
; ignored.
23
;
24
; Whitespace in this file is referred to as a single space (' ') or
25
; a tab ('\t'). Whitespace can be present/omitted except in the case of
26
27
; keywords. Keywords must be delimited by at least one whitespace.
;
28
29
30
; Newlines may be escaped. To escape a newline, prepend a '\' character before
; the newline. Escaped newlines are treated as whitespace.
;
31
32
33
; All hexstrings must begin with '0x'. Hexstrings may be broken up into many
; lines or with whitespace.
;
34
35
36
37
38
; NOTE: Users switching from the old keydb config format can use this command
; to convert all hexstrings to the proper format.
;
; $ sed -i 's/\([[:xdigit:]]\)\{5,\}/0x&/g' KEYDB.cfg
;
39
40
; Device Key entry
; ----------------
41
42
43
44
; | DK | DEVICE_KEY <HEXSTRING> \
;      | DEVICE_NODE <HEXSTRING> \
;      | KEY_UV <HEXSTRING> \
;      | KEY_U_MASK_SHIFT <HEXSTRING>
45
46
;
; The device key entry begins with the entry ID "| DK |". Within a device key
47
; entry are four hexadecimal strings. The first hexadecimal string is preceded by
48
49
50
; the keyword "DEVICE_KEY" and is the hexadecimal string representing the device
; key. The second hexadecimal string is preceded by the keyword "DEVICE_NODE"
; and is the hexadecimal string representing the device node number. Each of
51
; four entries is delimited by a vertical bar '|'. Each device key entry must end
52
; with a newline.
gates's avatar
gates committed
53
54
55
56
;
; Note that each of these entries must end with at least one new line, as
; shown in the example above.
;
57
58
; Processing Key entry
; --------------------
59
; | PK | <HEXSTRING>
60
;
61
; A processing key entry begins with the entry ID "| PK |" followed by a
62
63
64
65
66
; hexstring representing the processing key. Each processing key entry must end
; with a newline.
;
; Host Certificate entry
; ----------------------
67
; | HC | HOST_PRIV_KEY <HEXSTRING> \
npzacs's avatar
npzacs committed
68
;      | HOST_CERT <HEXSTRING>
69
70
;
; A Host Certificate entry begins with the entry ID "| HC |". Each host
npzacs's avatar
npzacs committed
71
; certificate entry must contain 2 hexadecimal strings preceded by a keyword that identifies the type of entry
72
; that the hexadecimal string corresponds to. The first hexstring is the host
npzacs's avatar
npzacs committed
73
; private key, the second is the host certificate. Each of these entry types for a host
74
75
; certificate entry must be delimited by vertical bar '|'. A host certificate
; entry must end with a newline.
76
77
78
;
; Title entry
; -----------
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
; <DISCID> = <TITLE> | <ENTRY ID> | <ENTRY DATA> [ | <ENTRY ID> | <ENTRY DATA> ... ]
;
; DISCID is the calculated identifier of the disc content type, a physical disc
; may have multiple DiscID's (e.g. the disc contains HD-DVD Standard Content and
; HD-DVD Advanced Content). The value is stored as a hexadecimal string and is
; 40 characters long. The DiscID is the SHA-1 hash calculated from the
; following file:
; - HD-DVD Standard Content Audio : AACS\ATKF.AACS
; - HD-DVD Standard Content Video : AACS\VTKF.AACS
; - HD-DVD Advanced Content Audio : AACS\ATKF000.AACS
; - HD-DVD Advanced Content Video : AACS\VTKF000.AACS
; - BD-ROM BDMV                   : AACS\Unit_Key_RO.inf
; - BD-Recordable BDMV            : AACS_mv\Unit_Key_RW.inf
; - BD-Recordable BDAV            : AACS\AACS_av\Unit_Key_RW.inf
;
; TITLE is the title of the content.
;
; ENTRY ID describes the type of the following ENTRY DATA, these IDs are valid:
; - D : Date of the DiscID file
; - M : Media Key
; - I : Volume ID
; - B : Binding Nonce
; - V : Volume Unique Key
; - P : Protected Area Key
; - T : Title Key
; - U : CPS Unit Key
;
; ENTRY DATA is specific for each ENTRY ID:
; - D : <YEAR> - <MONTH> - <DAY>
;       YEAR must be 4 digits, MONTH and DAY 2 digits. An invalid / non present
;       date has the special value 0000-00-00
; - M : <MEK>
;       Hexadecimal string of the Media Key, 32 characters long
; - I : <VID>
;       Hexadecimal string of the Volume ID, 32 characters long
;       This entry applies to prerecorded media only
; - B : <BN NUMBER> - <BN> [ | <BN NUMBER> - <BN> ... ]
;       BN NUMBER is the number of the Binding Nonce, it must be 1 to 5 decimal
;       digits long and starts at 0
;       BN is the hexadecimal string of the Binding Nonce, 32 characters long
;       This entry applies to recordable media only, there may be multiple
;       Binding Nonces
;       For BD recordables BN NUMBER is 0
; - V : <VUK>
;       Hexadecimal string of the Volume Unique Key, 32 characters long
;       This entry applies to prerecorded media only
; - P : <PAK NUMBER> - <PAK> [ | <PAK NUMBER> - <PAK> ... ]
;       PAK NUMBER is the number of the Protected Area Key, it must be 1 to 5
;       decimal digits long and starts at 0
;       PAK is the hexadecimal string of the Protected Area Key, 32 characters
;       long
;       This entry applies to recordable media only, there my be multiple
;       Protected Area Keys
;       For BD recordables PAK NUMBER is 0
; - T : <TK NUMBER> - <TK> [ | <TK NUMBER> - <TK> ... ]
;       TK NUMBER is the number of the Title Key, it must be 1 to 5 decimal
;       digits long and starts at 1
;       TK is the hexadecimal string of the Title Key, 32 characters long
;       This entry applies to HD-DVD only, there may be multiple Title Keys
; - U : <UK NUMBER> - <UK> [ | <UK NUMBER> - <UK> ... ]
;       UK NUMBER is the number of the CPS Unit Key, it must be 1 to 5 decimal
;       digits long and starts at 1
;       UK is the hexadecimal string of the CPS Unit Key, 32 characters long
;       This entry applies to BD only, there may be multiple CPS Unit Keys
;
; All entries are treated case insensitive, whitespace between the
; values / delimiters may be present / omitted.
146
; Each entry must be delimited by at least one newline, to include the last
147
; entry. An unlimited number of entries may be given for any type of entry. The
gates's avatar
gates committed
148
149
150
; ordering of any config entry type can be arbitrary. It is also possible to
; give no entries in the config file, though libaacs will not be able to
; decrypt any disc in such a case.
151
152
153
154
155
;
;
; Examples
; --------
;
gates's avatar
gates committed
156

157
; foo's device key
158
| DK | DEVICE_KEY 0x00000000000000000000000000000000 \
159
160
161
     | DEVICE_NODE 0x0 \
     | KEY_UV 0x00000000 \
     | KEY_U_MASK 0x00
162

163
; bar's device key
164
165
| DK | DEVICE_KEY 0x00000000000000000000000000000000 \
     | DEVICE_NODE 0x0
166
167

; foo's certificate
168
169
170
171
172
173
174
175
| HC | HOST_PRIV_KEY 0x0000000000000000000000000000000000000000 \
     | HOST_CERT 0x0000000000000000000000000000000000000000 \
                 0x0000000000000000000000000000000000000000 \
                 0x0000000000000000000000000000000000000000 \
                 0x0000000000000000000000000000000000000000 \
                 0x000000000000000000000000 \
     | HOST_NONCE 0x0000000000000000000000000000000000000000 \
     | HOST_KEY_POINT 0x0000000000000000000000000000000000000000
176
177

; bar's certificate
178
179
180
181
182
183
184
185
| HC | HOST_PRIV_KEY 0x0000000000000000000000000000000000000000 \
     | HOST_CERT 0x0000000000000000000000000000000000000000 \
                 0x0000000000000000000000000000000000000000 \
                 0x0000000000000000000000000000000000000000 \
                 0x0000000000000000000000000000000000000000 \
                 0x000000000000000000000000 \
     | HOST_NONCE 0x0000000000000000000000000000000000000000 \
     | HOST_KEY_POINT 0x0000000000000000000000000000000000000000
186

187
; foo processing key
188
| PK | 0x00000000000000000000000000000000
189

190
; single line entries
191
192
193
194
0x0000000000000000000000000000000000000000 = Movie Title                                      | D | 0000-00-00 | V | 0x00000000000000000000000000000000 ; I am a comment
0x0000000000000000000000000000000000000000 = Movie Title ; I am NOT a comment                 | D | 1337-08-15 | T | 1-0x00000000000000000000000000000000 | 2-0x00000000000000000000000000000000 | 3-0x00000000000000000000000000000000
0x0000000000000000000000000000000000000000 = Movie Title                                      | D | 2007-04-01 | V | 0x00000000000000000000000000000000 | T | 1-0x00000000000000000000000000000000
0x0000000000000000000000000000000000000000 = Movie Title                                      | D | 1111-11-11 | U | 1-0x00000000000000000000000000000000 | 2-0x00000000000000000000000000000000 | I | 0x00000000000000000000000000000000
195

196
; bar processing key
197
| PK | 0x00000000000000000000000000000000
198

199
; multi line entries
200
0x0000000000000000000000000000000000000000 = \
201
  Movie Title \
gates's avatar
gates committed
202
  | D | 0000-00-00 \
203
204
  | V | 0x00000000000000000000000000000000 ; I am a comment
0x0000000000000000000000000000000000000000 = \
205
206
  Movie Title ; I am NOT a comment \
  | D | 1337-08-15 \
207
208
209
210
  | T | 1-0x00000000000000000000000000000000 \
      | 2-0x00000000000000000000000000000000 \
      | 3-0x00000000000000000000000000000000
0x0000000000000000000000000000000000000000 = \
211
212
  Movie Title \
  | D | 2007-04-01 \
213
214
215
  | V | 0x00000000000000000000000000000000 \
  | T | 1-0x00000000000000000000000000000000
0x0000000000000000000000000000000000000000 = \
216
217
  Movie Title \
  | D | 1111-11-11 \
218
219
220
  | U | 1-0x00000000000000000000000000000000 \
      | 2-0x00000000000000000000000000000000 \
  | I | 0x00000000000000000000000000000000