KEYDB.cfg 9.92 KB
Newer Older
1
; libaacs key database file, format 1.0
2
; -------------------------------------
3
;
4
; This config file format is an augmented form of DumpHD's config file
5 6
; format 1.4.
;
7 8
; This file is provided as documentation and as an example of the key database
; file used by libaacs, it contains no valid keys or entries.
9
;
10 11 12
; A config file has four main config entry items. The first items are device key
; entry items, the second is host certificate entry items, the third is
; processing key entry items, and the fourth are title entry items. Details on
gates's avatar
gates committed
13
; these items will be given later.
14
;
15
; The encoding of this file is UTF-8 without BOM (if the BOM is present the
16 17 18
; first line will not get recognized). A line delimiter may be either LF (\n) or
; CR (\r). A combination of CR+LF or LF+CR will be considered as a sequence of
; two line delimiters.
19
;
20 21 22
; Comments can be inserted into the config file. A comment begins with a ';'
; character. Anything after the ';' character, up to the next newline, is
; ignored.
23
;
24 25 26 27
; Whitespace in this file is referred to as a single space (' ') or
; a tab ('\t'). Whitespace can be present/ommitted except in the case of
; keywords. Keywords must be delimited by at least one whitespace.
;
28 29 30
; Newlines may be escaped. To escape a newline, prepend a '\' character before
; the newline. Escaped newlines are treated as whitespace.
;
31 32 33
; All hexstrings must begin with '0x'. Hexstrings may be broken up into many
; lines or with whitespace.
;
34 35 36 37 38
; NOTE: Users switching from the old keydb config format can use this command
; to convert all hexstrings to the proper format.
;
; $ sed -i 's/\([[:xdigit:]]\)\{5,\}/0x&/g' KEYDB.cfg
;
39 40
; Device Key entry
; ----------------
41 42 43 44
; | DK | DEVICE_KEY <HEXSTRING> \
;      | DEVICE_NODE <HEXSTRING> \
;      | KEY_UV <HEXSTRING> \
;      | KEY_U_MASK_SHIFT <HEXSTRING>
45 46
;
; The device key entry begins with the entry ID "| DK |". Within a device key
47
; entry are four hexadecimal strings. The first hexadecimal string is preceded by
48 49 50
; the keyword "DEVICE_KEY" and is the hexadecimal string representing the device
; key. The second hexadecimal string is preceded by the keyword "DEVICE_NODE"
; and is the hexadecimal string representing the device node number. Each of
51
; four entries is delimited by a vertical bar '|'. Each device key entry must end
52
; with a newline.
gates's avatar
gates committed
53 54 55 56
;
; Note that each of these entries must end with at least one new line, as
; shown in the example above.
;
57 58
; Processing Key entry
; --------------------
59
; | PK | <HEXSTRING>
60
;
61
; A processing key entry begins with the entry ID "| PK |" followed by a
62 63 64 65 66
; hexstring representing the processing key. Each processing key entry must end
; with a newline.
;
; Host Certificate entry
; ----------------------
67
; | HC | HOST_PRIV_KEY <HEXSTRING> \
npzacs's avatar
npzacs committed
68
;      | HOST_CERT <HEXSTRING>
69 70
;
; A Host Certificate entry begins with the entry ID "| HC |". Each host
npzacs's avatar
npzacs committed
71
; certificate entry must contain 2 hexadecimal strings preceded by a keyword that identifies the type of entry
72
; that the hexadecimal string corresponds to. The first hexstring is the host
npzacs's avatar
npzacs committed
73
; private key, the second is the host certificate. Each of these entry types for a host
74 75
; certificate entry must be delimited by vertical bar '|'. A host certificate
; entry must end with a newline.
76 77 78
;
; Title entry
; -----------
79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145
; <DISCID> = <TITLE> | <ENTRY ID> | <ENTRY DATA> [ | <ENTRY ID> | <ENTRY DATA> ... ]
;
; DISCID is the calculated identifier of the disc content type, a physical disc
; may have multiple DiscID's (e.g. the disc contains HD-DVD Standard Content and
; HD-DVD Advanced Content). The value is stored as a hexadecimal string and is
; 40 characters long. The DiscID is the SHA-1 hash calculated from the
; following file:
; - HD-DVD Standard Content Audio : AACS\ATKF.AACS
; - HD-DVD Standard Content Video : AACS\VTKF.AACS
; - HD-DVD Advanced Content Audio : AACS\ATKF000.AACS
; - HD-DVD Advanced Content Video : AACS\VTKF000.AACS
; - BD-ROM BDMV                   : AACS\Unit_Key_RO.inf
; - BD-Recordable BDMV            : AACS_mv\Unit_Key_RW.inf
; - BD-Recordable BDAV            : AACS\AACS_av\Unit_Key_RW.inf
;
; TITLE is the title of the content.
;
; ENTRY ID describes the type of the following ENTRY DATA, these IDs are valid:
; - D : Date of the DiscID file
; - M : Media Key
; - I : Volume ID
; - B : Binding Nonce
; - V : Volume Unique Key
; - P : Protected Area Key
; - T : Title Key
; - U : CPS Unit Key
;
; ENTRY DATA is specific for each ENTRY ID:
; - D : <YEAR> - <MONTH> - <DAY>
;       YEAR must be 4 digits, MONTH and DAY 2 digits. An invalid / non present
;       date has the special value 0000-00-00
; - M : <MEK>
;       Hexadecimal string of the Media Key, 32 characters long
; - I : <VID>
;       Hexadecimal string of the Volume ID, 32 characters long
;       This entry applies to prerecorded media only
; - B : <BN NUMBER> - <BN> [ | <BN NUMBER> - <BN> ... ]
;       BN NUMBER is the number of the Binding Nonce, it must be 1 to 5 decimal
;       digits long and starts at 0
;       BN is the hexadecimal string of the Binding Nonce, 32 characters long
;       This entry applies to recordable media only, there may be multiple
;       Binding Nonces
;       For BD recordables BN NUMBER is 0
; - V : <VUK>
;       Hexadecimal string of the Volume Unique Key, 32 characters long
;       This entry applies to prerecorded media only
; - P : <PAK NUMBER> - <PAK> [ | <PAK NUMBER> - <PAK> ... ]
;       PAK NUMBER is the number of the Protected Area Key, it must be 1 to 5
;       decimal digits long and starts at 0
;       PAK is the hexadecimal string of the Protected Area Key, 32 characters
;       long
;       This entry applies to recordable media only, there my be multiple
;       Protected Area Keys
;       For BD recordables PAK NUMBER is 0
; - T : <TK NUMBER> - <TK> [ | <TK NUMBER> - <TK> ... ]
;       TK NUMBER is the number of the Title Key, it must be 1 to 5 decimal
;       digits long and starts at 1
;       TK is the hexadecimal string of the Title Key, 32 characters long
;       This entry applies to HD-DVD only, there may be multiple Title Keys
; - U : <UK NUMBER> - <UK> [ | <UK NUMBER> - <UK> ... ]
;       UK NUMBER is the number of the CPS Unit Key, it must be 1 to 5 decimal
;       digits long and starts at 1
;       UK is the hexadecimal string of the CPS Unit Key, 32 characters long
;       This entry applies to BD only, there may be multiple CPS Unit Keys
;
; All entries are treated case insensitive, whitespace between the
; values / delimiters may be present / omitted.
146
; Each entry must be delimited by at least one newline, to include the last
147
; entry. An unlimited number of entries may be given for any type of entry. The
148 149 150
; ordering of any config entry type can be arbitrary. It is also possible to
; give no entries in the config file, though libaacs will not be able to
; decrypt any disc in such a case.
151 152 153 154 155
;
;
; Examples
; --------
;
gates's avatar
gates committed
156

157
; foo's device key
158
| DK | DEVICE_KEY 0x00000000000000000000000000000000 \
159 160 161
     | DEVICE_NODE 0x0 \
     | KEY_UV 0x00000000 \
     | KEY_U_MASK 0x00
162

163
; bar's device key
164 165
| DK | DEVICE_KEY 0x00000000000000000000000000000000 \
     | DEVICE_NODE 0x0
166 167

; foo's certificate
168 169 170 171 172 173 174 175
| HC | HOST_PRIV_KEY 0x0000000000000000000000000000000000000000 \
     | HOST_CERT 0x0000000000000000000000000000000000000000 \
                 0x0000000000000000000000000000000000000000 \
                 0x0000000000000000000000000000000000000000 \
                 0x0000000000000000000000000000000000000000 \
                 0x000000000000000000000000 \
     | HOST_NONCE 0x0000000000000000000000000000000000000000 \
     | HOST_KEY_POINT 0x0000000000000000000000000000000000000000
176 177

; bar's certificate
178 179 180 181 182 183 184 185
| HC | HOST_PRIV_KEY 0x0000000000000000000000000000000000000000 \
     | HOST_CERT 0x0000000000000000000000000000000000000000 \
                 0x0000000000000000000000000000000000000000 \
                 0x0000000000000000000000000000000000000000 \
                 0x0000000000000000000000000000000000000000 \
                 0x000000000000000000000000 \
     | HOST_NONCE 0x0000000000000000000000000000000000000000 \
     | HOST_KEY_POINT 0x0000000000000000000000000000000000000000
186

187
; foo processing key
188
| PK | 0x00000000000000000000000000000000
189

190
; single line entries
191 192 193 194
0x0000000000000000000000000000000000000000 = Movie Title                                      | D | 0000-00-00 | V | 0x00000000000000000000000000000000 ; I am a comment
0x0000000000000000000000000000000000000000 = Movie Title ; I am NOT a comment                 | D | 1337-08-15 | T | 1-0x00000000000000000000000000000000 | 2-0x00000000000000000000000000000000 | 3-0x00000000000000000000000000000000
0x0000000000000000000000000000000000000000 = Movie Title                                      | D | 2007-04-01 | V | 0x00000000000000000000000000000000 | T | 1-0x00000000000000000000000000000000
0x0000000000000000000000000000000000000000 = Movie Title                                      | D | 1111-11-11 | U | 1-0x00000000000000000000000000000000 | 2-0x00000000000000000000000000000000 | I | 0x00000000000000000000000000000000
195

196
; bar processing key
197
| PK | 0x00000000000000000000000000000000
198

199
; multi line entries
200
0x0000000000000000000000000000000000000000 = \
201
  Movie Title \
gates's avatar
gates committed
202
  | D | 0000-00-00 \
203 204
  | V | 0x00000000000000000000000000000000 ; I am a comment
0x0000000000000000000000000000000000000000 = \
205 206
  Movie Title ; I am NOT a comment \
  | D | 1337-08-15 \
207 208 209 210
  | T | 1-0x00000000000000000000000000000000 \
      | 2-0x00000000000000000000000000000000 \
      | 3-0x00000000000000000000000000000000
0x0000000000000000000000000000000000000000 = \
211 212
  Movie Title \
  | D | 2007-04-01 \
213 214 215
  | V | 0x00000000000000000000000000000000 \
  | T | 1-0x00000000000000000000000000000000
0x0000000000000000000000000000000000000000 = \
216 217
  Movie Title \
  | D | 1111-11-11 \
218 219 220
  | U | 1-0x00000000000000000000000000000000 \
      | 2-0x00000000000000000000000000000000 \
  | I | 0x00000000000000000000000000000000