[JuanNadie]

@EXE.trim.ALL The mode for uncompressed 0x20 bytes metadata section is not tested as I do not have retail files supporting it. The only files I have with that flag on are debug... which disables hash checks (see my code). If you have one retail with that flag please send me info on it so I can adapt the code.

I'll change the flag on compression as soon as I confirm it (I have not seen that flag with value 0).

The hashes on NPD element use devklic. The ones on EDAT header use rifkey(paid) or devklic(free). Check my code routines for checking NPD and EDAT header.

There is always a SELF for any EDAT (even a SELF for a SELF if NPD type is 0x20). If your version 0/1 is an EDAT for PSX or PSP you should check their emulators (located at dev_flash). In fact for PSX I can tell you that two of the 3 SELFs produce a match.

[EXE.trim.ALL]

@JuanNadie Check out this archive for 0x3c file with metadata 0x20 bytes (also all files of 3c type have 0x20 metadata).

To confirm compression flag try to make debug edat/sdat using rar archive (or some other archive).

About hash keys: we can decrypt, recrypt and encrypt version 2 and 3 edats/sdats using your algo (except 3c edats for now). And we can decrypt edats version 0&1. But we can't recrypt or encrypt this edat because of headerHash from original files doesn't math to cmac computed with usual algo.

And about devklic in version 0&1. There are a lot of trial games using "license pkg" to unlock full functionality - a package file contains of only one edat file. This edat is version 1 and type 0x00 and placed into exdata folder (near rif files).
I have game using this type of activation and contains some more edats. And I can bruteforce devklic for others edats but not for this "license" edat.

UPD: Yep you're right, I'm used wrong devklic for this "license" edat, devklic for it is in vsh. And keys for ps1 games and minis.

[EXE.trim.ALL]

I've tried only one minis and one psx game for now - minis game work fine, psx games crashes with error 80028F17.
And some more about license edat. I've tried repack it with key bruteforced from, but it seems games doesn't accept those edats - it's still trial games. But this edats type is 0x01 instead of all previous edat type 0x00.

UPD: Okay, I found another bug connected with key encription for version < 2 in my program. So now "license" edats works fine.

[TizzyT]

Originally Posted by EXE.trim.ALL I've tried only one minis and one psx game for now - minis game work fine, psx games crashes with error 80028F17. And some more about license edat. I've tried repack it with key bruteforced from, but it seems games doesn't accept those edats - it's still trial games. But this edats type is 0x01 instead of all previous edat type 0x00

Is it practical to brute force anything related to PS3??? I'm not implying anything, I just don't know and asking.

[EXE.trim.ALL]

Originally Posted by TizzyT Is it practical to brute force anything related to PS3??? I'm not implying anything, I just don't know and asking.

If you now hash and how to get it - practically yes.

[TizzyT]

Ah ok...but how would one know when the right combo was used???
PS: sorry for another noob question.

[EXE.trim.ALL]

Originally Posted by TizzyT Ah ok...but how would one know when the right combo was used??? PS: sorry for another noob question.

The hash you get and the hash from original file must match.

[Octopus]

@TizzyT This thing only related to PSN (NPD) stuff...

[advocatusdiaboli]

Originally Posted by TizzyT Is it practical to brute force anything related to PS3??? I'm not implying anything, I just don't know and asking.

Well, if you have anything you want to test, I have access to CPU power, please prepare command line utility in source form.

[Luzifer42]

Originally Posted by JuanNadie @EXE.trim.ALL The mode for uncompressed 0x20 bytes metadata section is not tested as I do not have retail files supporting it. The only files I have with that flag on are debug... which disables hash checks (see my code). If you have one retail with that flag please send me info on it so I can adapt the code. I'll change the flag on compression as soon as I confirm it (I have not seen that flag with value 0).

I have a NPD with uncompressed 0x20 bytes metadata section. It is trunkcated (9MB total), but it should be enough to understand.

I dont really known how to calculate the hash over this metadata, if it is present at all. The total length of the metadata seems rather short (0x00 to 0x20 bytes for 578 blocks), because the decryption works already at the offset 0x120.