Open LunaMoo opened 5 years ago
Even if we would have such system for loading decrypted updates, not many people even know we can't decrypt updates outside of real PSP, so it could also print some error on the screen when failing to decrypt update and no decrypted version of it was found.
Can't PSN PKG Decryptor & Extractor decrypt .pkg update files without real hardware?
It can't. Decrypting update eboot is not possible without real hardware due to key for it not being public. Edit: also you seems to be confusing pkg decryption and update eboot decryption. The latter requires real PSP, if you use encrypted update eboot, PPSSPP will not work.
Could JPCSP decrypt them? seeing as it got emulates a lot of low level stuff that PPSSPP does not even comes close to. How you even patch the ISO anyway with the updates?
Probably not, unless it has all the decryption keys, in which case we could get them too. We have most of them, but sadly not the one used for updates.
To patch an iso with the update all you have to do is to decrypt updated eboot and replace the original one with the patched one. Nothing else is required to just run the update, throgh replacing param.SFO can also be done to bump version info. There are some decrypting homebrew needed like PRXdecrypter which requires to extract the updated eboot from pkg first with other software(like PKG extractor and decryptor, maybe something else, it was a long time since I had to do it). I wouldn't recommend using the very popular homebrew called ISO tool for testing if an emulator is able to decrypt the update since that homebrew will return success, but break your game filesystem if it fails to decrypt the eboot while dedicated decrypting software like prxdecrypter will just tell you it failed.
Patching iso's isn't that great due to being able to only keep 1 backup in many countries and cases like linked here with the Bleach game which when patched I recall get's a menu on boot to run either update or original eboot which no longer exists after patching the iso while containing more options(like a story mode).
BTW to add to all of this , the infrastructure build ANR2ME made here https://github.com/hrydgard/ppsspp/issues/14256 did manage to download an update for SOCOM FireTeam Bravo 2 (using a revived server) but I guess that without the decryption keys it couldn't proceed after downloading it. Now I clearly know why it couldn't proceed. I think i still have it somewhere.
http://cmd0725.blog.fc2.com/blog-entry-3065.html
https://egg.5ch.net/test/read.cgi/software/1567678253/457
static const u8 key_2E5E10F0_xor[] = {0x69, 0xBA, 0x55, 0x34, 0xF0, 0xC0, 0xD6, 0x71, 0xE3, 0x1F, 0xDB, 0x97, 0xE0, 0x7C, 0xD2, 0x2A};
@1jtp8sobiu Can't open the 2nd link.
The first one doesn't offer much clue about what that key is. It matches the name of one of the keys in PrxDecrypter, but with an added xor suffix and the bytes are not the same.
I asked tpunix about this like 10 years ago, his reply:
look the source of pspcipher: { 0x2e5e10f0, key_2e5e10f0, xor_2e5e10f0, 0x48, 5 } for 2e5e10f0, the code is 0x48, which is the key index used by kirk cmd 7.
we miss this key now Sad
all support code can be found at kirk_engine.c
/edit: cut portion of the post, because I'm dumb and didn't saw the code above what I posted
~Trying to understand it again, I think we're missing code 0x48 in the keyvault in kirk_engine.c to be able to decrypt updates.~ being dumb again, we missed this key early on, but have it from some time, tpunix's comment seems to be outdated then
Trying adding this xor key posted as seed analogically as pauth keys are used: { 0x2E5E10F0, key_2E5E10F0, 0x48, 5, key_2E5E10F0_xor },
Edit: sadly that did nothing(size seems correct compared to without that change that's an improvement, but that's it, file's still messed up), but at least I have an easy test now with game update I decrypted on PSP and an encrypted one I extracted, plus homebrew that should be able to decrypt it if everything works.
Guess those keys are from psvita and there game updates doesn't work either..
Hi @hrydgard & @LunaMoo
Based on what you know, can you provide some information on what type of key/keys we are missing for this functionality to work. Is it actually a Kirk key? its location? or any other descriptions that might help if someone is trying to take a stab at this.
Seems like we already have the required keys, it probably needs new method, I messed around it in https://github.com/hrydgard/ppsspp/pull/18562, but unfortunately while that resulted in correct file size which might be considered slight improvement, it was still gibberish.
Edit: also Linblow in https://github.com/hrydgard/ppsspp/issues/12343#issuecomment-1264677363 provided a lot of information, he also seems to know how to make it work, but planned to do it for Killzone first and maybe just didn't had time yet.
Good news KIRK rom has been dumped thanks to a bunch of boys. It's not released yet, but it will probably be released along with the IDA plugin to RE it, or an already RE version will be released. Either way, it's just a matter of time before KIRK 2/3 exact algorithm and static keys are known. They already figured out KIRK 5/8 and 6/9. I'm waiting for it, and then I take the time to properly implement the game patch in PPSSPP
@SamRohod WIP
Currently we have no means of updating games without patching the iso and this might be:
I guess it's also bad for "game preservation" as you can't keep more than 1 backup in most countries, so requiring to modify that backup is bad, it's also additional hassle in addition to having to decrypt the update using real hardware.
Outside of potentially improving/solving the problems above, it could help or be useful in some way also to that Killzone DLC ~ #12343.
Even if we would have such system for loading decrypted updates, not many people even know we can't decrypt updates outside of real PSP, so it could also print some error on the screen when failing to decrypt update and no decrypted version of it was found.