(adsbygoogle = window.adsbygoogle || []).push({}); Seeing that everyone has a serious need for FTP, I see it's time for my first post.

Edit: those of you helping, here you are...

You must login or register to view this content.

Before Anything, this thread is for the sole purpose of discussing the sign and encryption process (or algorithm) used on retail .pkg files and attempting to reverse the decryption process made by Mathieulh to sign HOMEBREW for use on KaKaRoToKs CFW v1.1 (or higher), namely OFW 3.55 functionality!

RESOURCES AT BOTTOM

There are definitely those of you interested in learning some sort of cryptography to sign ourselves some homebrew! With that, you might want to read up:

... just kidding, I'll give you guys a quick run-down! Since the PS3 uses asymmetric encryption under the Advanced Encryption Standard (AES), we needed both public keys and private keys used in specific algorithms to actually encrypt and decrypt files.

See You must login or register to view this content. For some extensive details!

Since we have the keys and algorithms for decryption, as provided by Mathieulh, it is possible to obtain an encryption algorithm (or better yet, an automated program to package, encrypt, and sign .pkg sets for us).

Those of you familiar with Visual C/C## will know what to do with Mathieulh's source included below.

For those who are new to it, just follow this quick guide:

1. Download the PSP_PS3_PKG_Decrypter
2. Head into the extractred directory.
3. Continue down the directories until you see this file: FormMain.cs
4. Open With Notepad...
5. And you're on your way! Check out the code, look at some of his comments, do whatever you think can help us get further!

Anyway, I don't fully understand the process used for encryption (or the entire decryption method, for that matter) and this thread should be a great basis for dev talk. Should we come across a functional algorithm, I'll do my best to create some sort of script that could at least make a proof-of-concept HelloWorld.pkg


As for what I know currently:

Decryption Process
-Concerning the case 0x01 (PS3 Decryption, not PSP):

1. Checks file length from address 0x1c of entire pkg for verification.
2. Checks file length from address 0x2c of encrypted file.
3. At address 0x70, the individual pkg key (encrypted) is stored (for later use in decryption, presumably).
4. A series of offsets and processing using public decryption keys stored in the Array are the resulting decrypted pkg (not yet unpacked). How this is done, I'm not entirely sure. The process is, as of yet, beyond me.
5. I haven't analyzed much farther... unpacking, I'm sure. I'll edit in or change according to findings. Outside info welcome! After all, what are forums for?

No way to have encryption without understanding all other aspects! Math concepts, really... single variable solving.

Other info: Both AES 256-bit and 128-bit keys are used (the erk and riv) when it comes down to the encryption process. The problem is how. Should you guys find anything, post away!

PS - I can be wrong, too. Correct me if you have reason. I only just started this little side project. Check out the Wiki below for some serious dev info. For that matter, hit up Lan.st!
Otherwise, I believe I have some decent information.




RESOURCES:
Mods don't want me to post Mathieulh's tool, so go find it yourself! -Google "ps3 pkg decrypter mathieulh"
You must login or register to view this content.

Mhm.. I know the risks and all, it being worse than bricked literally being forever useless with modding the kernel you only have 1 chance etc.. I've got kakaroto on AIM he answers some stuff but is definitely against piracy (or atleast says so so he can't break any laws )....

p.s. the ps3 i use for it is buggy and slow as crap anyways xD

Signing packages isn't illegal. Illegal hacking is when it circumvents or interferes with the Digital Rights Management, and usually obtaining the keyfiles does not.

Haha okay so I got linux now I just need to work on the stuff, I have another final tomorrow so for sure after school u can bet I am going straight home and working on this stuff, as for C#, u can bet I will be working my a$$ off learning atleast the basics especially since this is what I will be majoring in college, it's my senior year right now haha whoo class of 2011!!! Dylan_owns is on my skype, do u hav a skype as well? perhaps we can probably worktogether and try different methods and chat through there tomorrow to maybe help each other get this done haha

I'm sure its illegal to an extent... depends what you plan/ do use it for really. Never read the DRM, link me? Thanks in advance.

Ah thats good, KaKoRaTo is probably the nicest dude out there
He deserves more recognition for his work lol
( hes the dude that made PL3, best JB payload incase others didnt no ) xD

Also usbfirmloader is a good homebrew to mount your firmware
no need to wait 4 hours for your ps3 to flash, simply mount test
your firmware, then your done. : D

You must login or register to view this content.

Article about DRM in general

. .

Mathieulh said the pkgs aren't even signed, just encrypted.

id keep an eye out for hermes and crew as well as waninkoko and the other overly blackhat piracy loving developers on You must login or register to view this content. and the other spanish devs sites they were first to get the job done for pirates last time and for homebrewers :pirate: