Originally Posted by JuanNadie
Well, a year passed since I opened this thread so lets celebrate with an update
I have been able to resolve the EDAT v4 version. Basically S**Y add a new key/hash.
When creating the hv99 call, field38 contains the key index. For version 0 to 3 key index zero is used (older key). For version 4, index 1 (the new key) is used.
In addition to that I reversed more fields of the edat header:
0x40 - 0x4F: Before I said that is was a unknown hash. The value actually is the first 0x10 bytes of the SHA1 of the file before is packed (after using make_edata_npdrm)
0x70 - 0x77 and 0x78 to 0x7F: While normally zero on some betas has a value. This is actually dates (since and upto) of validity. When used in combination of a riff the most restrictive is used
0xD8 - 0xFF: Here are the bad news. This is an ECDSA signature. The pub/curve used is the same that the one used on rifs or act.dats. I haven't found a collision so priv can not be obtained. Fortunately the check is not active (I don't know why... perhaps older version have this not properly implemented)
Finally an update version of the code. I have to break compatibility with
release in order to integrate the additional key. Also I added the ecdsa check as a warning (won't stop decryption) as well as minor fixes.
On the .ENC files (AKA PS2 remastered games on PSN):
I started reversing those. At the moment I know that the OMAC checks are still there (the klicensee is the default). The ECDSA check is ENABLED for PS2 games and on lv2 an ENC is required to be a paid content (so patching vsh.self and lv2 will be required to use a fake ISO.BIN.ENC). I can not gave more information of the encryption although I suspect that an encryption similar to BDEMU is used
I too would like to know how to compile this so I can try it out.