1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
|
; libaacs key database file, format 1.0
; -------------------------------------
;
; This config file format is an augmented form of DumpHD's config file
; format 1.4.
;
; This file is provided as documentation and as an example of the key database
; file used by libaacs, it contains no valid keys or entries.
;
; A config file has four main config entry items. The first items are device key
; entry items, the second is host certificate entry items, the third is
; processing key entry items, and the fourth are title entry items. Details on
; these items will be given later.
;
; The encoding of this file is UTF-8 without BOM (if the BOM is present the
; first line will not get recognized). A line delimiter may be either LF (\n) or
; CR (\r). A combination of CR+LF or LF+CR will be considered as a sequence of
; two line delimiters.
;
; Comments can be inserted into the config file. A comment begins with a ';'
; character. Anything after the ';' character, up to the next newline, is
; ignored.
;
; Whitespace in this file is referred to as a single space (' ') or
; a tab ('\t'). Whitespace can be present/ommitted except in the case of
; keywords. Keywords must be delimited by at least one whitespace.
;
; Newlines may be escaped. To escape a newline, prepend a '\' character before
; the newline. Escaped newlines are treated as whitespace.
;
; All hexstrings must begin with '0x'. Hexstrings may be broken up into many
; lines or with whitespace.
;
; NOTE: Users switching from the old keydb config format can use this command
; to convert all hexstrings to the proper format.
;
; $ sed -i 's/\([[:xdigit:]]\)\{5,\}/0x&/g' KEYDB.cfg
;
; Device Key entry
; ----------------
; | DK | DEVICE_KEY <HEXSTRING> \
; | DEVICE_NODE <HEXSTRING> \
; | KEY_UV <HEXSTRING> \
; | KEY_U_MASK_SHIFT <HEXSTRING>
;
; The device key entry begins with the entry ID "| DK |". Within a device key
; entry are four hexadecimal strings. The first hexadecimal string is preceded by
; the keyword "DEVICE_KEY" and is the hexadecimal string representing the device
; key. The second hexadecimal string is preceded by the keyword "DEVICE_NODE"
; and is the hexadecimal string representing the device node number. Each of
; four entries is delimited by a vertical bar '|'. Each device key entry must end
; with a newline.
;
; Note that each of these entries must end with at least one new line, as
; shown in the example above.
;
; Processing Key entry
; --------------------
; | PK | <HEXSTRING>
;
; A processing key entry begins with the entry ID "| PK |" followed by a
; hexstring representing the processing key. Each processing key entry must end
; with a newline.
;
; Host Certificate entry
; ----------------------
; | HC | HOST_PRIV_KEY <HEXSTRING> \
; | HOST_CERT <HEXSTRING>
;
; A Host Certificate entry begins with the entry ID "| HC |". Each host
; certificate entry must contain 2 hexadecimal strings preceded by a keyword that identifies the type of entry
; that the hexadecimal string corresponds to. The first hexstring is the host
; private key, the second is the host certificate. Each of these entry types for a host
; certificate entry must be delimited by vertical bar '|'. A host certificate
; entry must end with a newline.
;
; Title entry
; -----------
; <DISCID> = <TITLE> | <ENTRY ID> | <ENTRY DATA> [ | <ENTRY ID> | <ENTRY DATA> ... ]
;
; DISCID is the calculated identifier of the disc content type, a physical disc
; may have multiple DiscID's (e.g. the disc contains HD-DVD Standard Content and
; HD-DVD Advanced Content). The value is stored as a hexadecimal string and is
; 40 characters long. The DiscID is the SHA-1 hash calculated from the
; following file:
; - HD-DVD Standard Content Audio : AACS\ATKF.AACS
; - HD-DVD Standard Content Video : AACS\VTKF.AACS
; - HD-DVD Advanced Content Audio : AACS\ATKF000.AACS
; - HD-DVD Advanced Content Video : AACS\VTKF000.AACS
; - BD-ROM BDMV : AACS\Unit_Key_RO.inf
; - BD-Recordable BDMV : AACS_mv\Unit_Key_RW.inf
; - BD-Recordable BDAV : AACS\AACS_av\Unit_Key_RW.inf
;
; TITLE is the title of the content.
;
; ENTRY ID describes the type of the following ENTRY DATA, these IDs are valid:
; - D : Date of the DiscID file
; - M : Media Key
; - I : Volume ID
; - B : Binding Nonce
; - V : Volume Unique Key
; - P : Protected Area Key
; - T : Title Key
; - U : CPS Unit Key
;
; ENTRY DATA is specific for each ENTRY ID:
; - D : <YEAR> - <MONTH> - <DAY>
; YEAR must be 4 digits, MONTH and DAY 2 digits. An invalid / non present
; date has the special value 0000-00-00
; - M : <MEK>
; Hexadecimal string of the Media Key, 32 characters long
; - I : <VID>
; Hexadecimal string of the Volume ID, 32 characters long
; This entry applies to prerecorded media only
; - B : <BN NUMBER> - <BN> [ | <BN NUMBER> - <BN> ... ]
; BN NUMBER is the number of the Binding Nonce, it must be 1 to 5 decimal
; digits long and starts at 0
; BN is the hexadecimal string of the Binding Nonce, 32 characters long
; This entry applies to recordable media only, there may be multiple
; Binding Nonces
; For BD recordables BN NUMBER is 0
; - V : <VUK>
; Hexadecimal string of the Volume Unique Key, 32 characters long
; This entry applies to prerecorded media only
; - P : <PAK NUMBER> - <PAK> [ | <PAK NUMBER> - <PAK> ... ]
; PAK NUMBER is the number of the Protected Area Key, it must be 1 to 5
; decimal digits long and starts at 0
; PAK is the hexadecimal string of the Protected Area Key, 32 characters
; long
; This entry applies to recordable media only, there my be multiple
; Protected Area Keys
; For BD recordables PAK NUMBER is 0
; - T : <TK NUMBER> - <TK> [ | <TK NUMBER> - <TK> ... ]
; TK NUMBER is the number of the Title Key, it must be 1 to 5 decimal
; digits long and starts at 1
; TK is the hexadecimal string of the Title Key, 32 characters long
; This entry applies to HD-DVD only, there may be multiple Title Keys
; - U : <UK NUMBER> - <UK> [ | <UK NUMBER> - <UK> ... ]
; UK NUMBER is the number of the CPS Unit Key, it must be 1 to 5 decimal
; digits long and starts at 1
; UK is the hexadecimal string of the CPS Unit Key, 32 characters long
; This entry applies to BD only, there may be multiple CPS Unit Keys
;
; All entries are treated case insensitive, whitespace between the
; values / delimiters may be present / omitted.
; Each entry must be delimited by at least one newline, to include the last
; entry. An unlimited number of entries may be given for any type of entry. The
; ordering of any config entry type can be arbitrary. It is also possible to
; give no entries in the config file, though libaacs will not be able to
; decrypt any disc in such a case.
;
;
; Examples
; --------
;
; foo's device key
| DK | DEVICE_KEY 0x00000000000000000000000000000000 \
| DEVICE_NODE 0x0 \
| KEY_UV 0x00000000 \
| KEY_U_MASK 0x00
; bar's device key
| DK | DEVICE_KEY 0x00000000000000000000000000000000 \
| DEVICE_NODE 0x0
; foo's certificate
| HC | HOST_PRIV_KEY 0x0000000000000000000000000000000000000000 \
| HOST_CERT 0x0000000000000000000000000000000000000000 \
0x0000000000000000000000000000000000000000 \
0x0000000000000000000000000000000000000000 \
0x0000000000000000000000000000000000000000 \
0x000000000000000000000000 \
| HOST_NONCE 0x0000000000000000000000000000000000000000 \
| HOST_KEY_POINT 0x0000000000000000000000000000000000000000
; bar's certificate
| HC | HOST_PRIV_KEY 0x0000000000000000000000000000000000000000 \
| HOST_CERT 0x0000000000000000000000000000000000000000 \
0x0000000000000000000000000000000000000000 \
0x0000000000000000000000000000000000000000 \
0x0000000000000000000000000000000000000000 \
0x000000000000000000000000 \
| HOST_NONCE 0x0000000000000000000000000000000000000000 \
| HOST_KEY_POINT 0x0000000000000000000000000000000000000000
; foo processing key
| PK | 0x00000000000000000000000000000000
; single line entries
0x0000000000000000000000000000000000000000 = Movie Title | D | 0000-00-00 | V | 0x00000000000000000000000000000000 ; I am a comment
0x0000000000000000000000000000000000000000 = Movie Title ; I am NOT a comment | D | 1337-08-15 | T | 1-0x00000000000000000000000000000000 | 2-0x00000000000000000000000000000000 | 3-0x00000000000000000000000000000000
0x0000000000000000000000000000000000000000 = Movie Title | D | 2007-04-01 | V | 0x00000000000000000000000000000000 | T | 1-0x00000000000000000000000000000000
0x0000000000000000000000000000000000000000 = Movie Title | D | 1111-11-11 | U | 1-0x00000000000000000000000000000000 | 2-0x00000000000000000000000000000000 | I | 0x00000000000000000000000000000000
; bar processing key
| PK | 0x00000000000000000000000000000000
; multi line entries
0x0000000000000000000000000000000000000000 = \
Movie Title \
| D | 0000-00-00 \
| V | 0x00000000000000000000000000000000 ; I am a comment
0x0000000000000000000000000000000000000000 = \
Movie Title ; I am NOT a comment \
| D | 1337-08-15 \
| T | 1-0x00000000000000000000000000000000 \
| 2-0x00000000000000000000000000000000 \
| 3-0x00000000000000000000000000000000
0x0000000000000000000000000000000000000000 = \
Movie Title \
| D | 2007-04-01 \
| V | 0x00000000000000000000000000000000 \
| T | 1-0x00000000000000000000000000000000
0x0000000000000000000000000000000000000000 = \
Movie Title \
| D | 1111-11-11 \
| U | 1-0x00000000000000000000000000000000 \
| 2-0x00000000000000000000000000000000 \
| I | 0x00000000000000000000000000000000
|
