From PS3 Developer wiki
Jump to navigation Jump to search

Description[edit | edit source]

An activation file for a Sony Playstation console, based on an account email and password, the devices IDPS, the platform and activation type.

It is used to decrypt NPDRM content license files (.rif) and EDAT files, which themselves lead to content decryption (PFS layer, SELF layer).

Location[edit | edit source]

PSP[edit | edit source]


PS3[edit | edit source]


PSVita[edit | edit source]

tm0:/psmdrm/act.dat (only if PSM Is activated)

Structure[edit | edit source]

Name Offset Size Example Notes
Activation Type 0x0 0x2 0001 1 = local
Version Flag 0x0 0x2 0000, 0001 0 for v.1, 1 for v.2.
Version 0x4 0x4 00000001, 00000002 1 (PSP and PS3 parser) or 2 (PSVita parser)
Account ID 0x8 0x8 AB CD EF 01 02 34 78 91 PSN Account ID (in little endian)
Primary Key Table 0x10 0x800 N.A Encrypted RIF keys table
Unknown 1 0x810 0x40 N.A
OpenPsId 0x850 0x10 N.A
Unknown 2 0x860 0x10 N.A Encrypted data for v.1 / Unknown (8 bytes) + Padding (8 bytes) for v.2
Unknown 4 0x870 0x10 N.A Encrypted data for v.1 / Start Time (8 bytes) + Expiration Time (8 bytes) for v.2
Secondary Table 0x880 0x650 N.A
RSA Signature 0xED0 0x100 N.A RSA Public Key for RIF type 0 and 1
Unknown Signature 0xFD0 0x40 N.A Maybe AES CMAC (0x20 key + 0x20 hash) or AES HMAC.
ECDSA Signature 0x1010 0x28 N.A pub=vsh_pub, ctype=0x02(vsh_curves)

The Primary Key table is unique per PSN account. It is encrypted using AES ECB with the ConsoleId (IDPS, PSID) of the console activated with this PSN account.

Downloading[edit | edit source]


A PHP script is released to obtain the act.dat. See []


 $data = array(
         "loginid" => "", /* email */
         "password" => "", /*pass */
         "consoleid" => "", /* 000000000000000000000 */
         "platform" => "psp2", /* for vita, don't modify, possible parameters psp,ps3,psp2.ps4 is unknown */
         "acttype" => "4", /* for vita, don't modify */
 $custom_headers = array(
         "X-I-5-DRM-Version: 1.0",
 $ch = curl_init();
 curl_setopt($ch, CURLOPT_URL, "");
 curl_setopt($ch, CURLOPT_USERAGENT, "8888888");
 curl_setopt($ch, CURLOPT_HTTPHEADER, $custom_headers);
 curl_setopt($ch, CURLOPT_POST, 1);
 curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
 //curl_setopt($ch, CURLOPT_HEADER, 1);
 //curl_setopt($ch, CURLOPT_CERTINFO, 1);
 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 curl_setopt($ch, CURLOPT_VERBOSE, 1);
 $response = curl_exec($ch);
 $fp = fopen("act.dat", "wb");
 fwrite($fp, $response);

Related[edit | edit source]