Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Raspberry Pi Camera V2 DRM authentication example
import hmac, hashlib
# Data from I²C trace at https://hackaday.io/project/19480-raspberry-pi-camera-v21-reversed/log/52547-i2c-logic-analyzer-trace
# Secret key from VideoCore blob
# serial[8], serial[7:4], serial[3:0]
serial = bytes.fromhex("EE8C196D8301230B59")
# rPi -> camera random number
numIn = bytes.fromhex("5805F3C898C3133154498E082F2E703516F2DBD1")
# camera -> rPi random number
randOut = bytes.fromhex("B66B48272C80EA2D2E778162FD300728E2E7E8F04CB0C645BFD0206CC0E7E772")
# nonce calculation
TempKey = hashlib.sha256(randOut + numIn + bytes([0x16, 0x00, 0x00])).digest()
# secret key
key = bytes.fromhex("0d48bfb7fd81bb7fe9a24b1df9653a185f9d438aac819afe1672a77afca451a4")
# HMAC
hmacBody = bytes([0]*32) + TempKey + bytes([0x11,0x40, 0, 0]) + bytes([0] * 11) + serial
digest = hmac.new(key, msg=hmacBody, digestmod=hashlib.sha256).hexdigest()
print(digest)
assert digest == "283AE84222422456DEB86CA33D2DFB3A9443E59F2828ABFA71037E34AAA27B2D".lower()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment