hrydgard / ppsspp

A PSP emulator for Android, Windows, Mac and Linux, written in C++. Want to contribute? Join us on Discord at https://discord.gg/5NJB6dD or just send pull requests / issues. For discussion use the forums at forums.ppsspp.org.
https://www.ppsspp.org
Other
11.3k stars 2.18k forks source link

Load decrypted game updates to avoid patching game backups #12344

Open LunaMoo opened 5 years ago

LunaMoo commented 5 years ago

Currently we have no means of updating games without patching the iso and this might be:

SamRohod commented 3 years ago

Even if we would have such system for loading decrypted updates, not many people even know we can't decrypt updates outside of real PSP, so it could also print some error on the screen when failing to decrypt update and no decrypted version of it was found.

Can't PSN PKG Decryptor & Extractor decrypt .pkg update files without real hardware?

LunaMoo commented 3 years ago

It can't. Decrypting update eboot is not possible without real hardware due to key for it not being public. Edit: also you seems to be confusing pkg decryption and update eboot decryption. The latter requires real PSP, if you use encrypted update eboot, PPSSPP will not work.

ghost commented 3 years ago

Could JPCSP decrypt them? seeing as it got emulates a lot of low level stuff that PPSSPP does not even comes close to. How you even patch the ISO anyway with the updates?

LunaMoo commented 3 years ago

Probably not, unless it has all the decryption keys, in which case we could get them too. We have most of them, but sadly not the one used for updates.

To patch an iso with the update all you have to do is to decrypt updated eboot and replace the original one with the patched one. Nothing else is required to just run the update, throgh replacing param.SFO can also be done to bump version info. There are some decrypting homebrew needed like PRXdecrypter which requires to extract the updated eboot from pkg first with other software(like PKG extractor and decryptor, maybe something else, it was a long time since I had to do it). I wouldn't recommend using the very popular homebrew called ISO tool for testing if an emulator is able to decrypt the update since that homebrew will return success, but break your game filesystem if it fails to decrypt the eboot while dedicated decrypting software like prxdecrypter will just tell you it failed.

Patching iso's isn't that great due to being able to only keep 1 backup in many countries and cases like linked here with the Bleach game which when patched I recall get's a menu on boot to run either update or original eboot which no longer exists after patching the iso while containing more options(like a story mode).

ghost commented 3 years ago

BTW to add to all of this , the infrastructure build ANR2ME made here https://github.com/hrydgard/ppsspp/issues/14256 did manage to download an update for SOCOM FireTeam Bravo 2 (using a revived server) but I guess that without the decryption keys it couldn't proceed after downloading it. Now I clearly know why it couldn't proceed. I think i still have it somewhere.

Linblow commented 2 years ago

See my post here related to this issue.

1jtp8sobiu commented 10 months ago

http://cmd0725.blog.fc2.com/blog-entry-3065.html

https://egg.5ch.net/test/read.cgi/software/1567678253/457

static const u8 key_2E5E10F0_xor[] = {0x69, 0xBA, 0x55, 0x34, 0xF0, 0xC0, 0xD6, 0x71, 0xE3, 0x1F, 0xDB, 0x97, 0xE0, 0x7C, 0xD2, 0x2A};

hrydgard commented 10 months ago

@1jtp8sobiu Can't open the 2nd link.

The first one doesn't offer much clue about what that key is. It matches the name of one of the keys in PrxDecrypter, but with an added xor suffix and the bytes are not the same.

LunaMoo commented 10 months ago

I asked tpunix about this like 10 years ago, his reply:

look the source of pspcipher: { 0x2e5e10f0, key_2e5e10f0, xor_2e5e10f0, 0x48, 5 } for 2e5e10f0, the code is 0x48, which is the key index used by kirk cmd 7.

we miss this key now Sad

all support code can be found at kirk_engine.c

/edit: cut portion of the post, because I'm dumb and didn't saw the code above what I posted

~Trying to understand it again, I think we're missing code 0x48 in the keyvault in kirk_engine.c to be able to decrypt updates.~ being dumb again, we missed this key early on, but have it from some time, tpunix's comment seems to be outdated then

Trying adding this xor key posted as seed analogically as pauth keys are used: { 0x2E5E10F0, key_2E5E10F0, 0x48, 5, key_2E5E10F0_xor },

Edit: sadly that did nothing(size seems correct compared to without that change that's an improvement, but that's it, file's still messed up), but at least I have an easy test now with game update I decrypted on PSP and an encrypted one I extracted, plus homebrew that should be able to decrypt it if everything works.

Guess those keys are from psvita and there game updates doesn't work either..

SamRohod commented 10 months ago

Hi @hrydgard & @LunaMoo

Based on what you know, can you provide some information on what type of key/keys we are missing for this functionality to work. Is it actually a Kirk key? its location? or any other descriptions that might help if someone is trying to take a stab at this.

LunaMoo commented 10 months ago

Seems like we already have the required keys, it probably needs new method, I messed around it in https://github.com/hrydgard/ppsspp/pull/18562, but unfortunately while that resulted in correct file size which might be considered slight improvement, it was still gibberish.

Edit: also Linblow in https://github.com/hrydgard/ppsspp/issues/12343#issuecomment-1264677363 provided a lot of information, he also seems to know how to make it work, but planned to do it for Killzone first and maybe just didn't had time yet.

Linblow commented 10 months ago

Good news KIRK rom has been dumped thanks to a bunch of boys. It's not released yet, but it will probably be released along with the IDA plugin to RE it, or an already RE version will be released. Either way, it's just a matter of time before KIRK 2/3 exact algorithm and static keys are known. They already figured out KIRK 5/8 and 6/9. I'm waiting for it, and then I take the time to properly implement the game patch in PPSSPP

SamRohod commented 2 months ago

Do these links have what's needed? (Link 1) (Link 2) (Link 3)

Linblow commented 2 months ago

@SamRohod WIP