Editing NPDRM
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
{{Wikify}} | [[Category:Software]]{{Wikify}} | ||
'''The info on this page is an extract (and simplify) of talk page, conversations and forum posts, please digest the info and move it | '''The info on this page is an extract (and simplify) of talk page, conversations and forum posts, please digest the info and move it this page''' | ||
Once the user is trying to start a [[SELF File Format and Decryption|SELF]], the [[VSH|vsh]] looks for the [[SELF_File_Format_and_Decryption#App_Info|appinfo header type]]. If the [[SELF_Types|type is 8]], then the [[SELF_File_Format_and_Decryption#Control_Information|control digest element type 3]] (NPD element) is located. From this NPD header the vsh gets the [[License Types]] (network license, local or free). | |||
*'''Network License''' (type 1): if a remote paid content is to be loaded, the vsh loads the act.dat and the rif associated to the content (will download to vsh process memory). | |||
*'''Local''' (type 2): For this paid content too, the vsh locate a file with the same title id on NPD element (CONTENT_ID), then the signature is checked (last 0x28 bytes of both RIF and act.dat). | |||
*'''Free''' (type 3): if a free content (no license check) is detected then a [[Keys#klic_free_key|generic klicense]] will be use for further steps (go to LV2). | |||
Using the RIF_KEY it will obtain the actdatIndex, and finally having the actDat key index the execution pass to [[LV2_Functions_and_Syscalls#LV2_Syscalls|LV2 Syscalls 471.]] | |||
This function has different parameters depending if the content is debug, paid (type 1 & 2) or free (type 3): | |||
This function has different parameters depending | |||
PAID: syscall471(npd.type, &npd.titleID, NULL, &actdat.keyTable[rif.actDatIndex], &rif.key, npd.license, &npd); | |||
FREE: syscall471(npd.type, &npd.titleID, freeklicensee, NULL, NULL, npd.license, &npd); | |||
:<small>*PAID can also include free games/apps too but require this licensing check</small> | |||
The lv2 keeps a memory table with contentID and the associated key: | |||
*Paid content: the rif.key is converted to the klicensee (by using a constant value on lv2, [[IDPS|IDPS]] and the act.dat) and once transformed it is stored on memory table. | |||
*free content: copies the titleID and the klicensee to the table. | |||
From there, the lv1 hypervisor by loading [[Hypervisor_Reverse_Engineering#appldr|Appldr]], will transform (again) this key by using the [[Keys#klic_dec_key|klic_dec_key]] and finally remove the NPDRM layer for start the [[SELF File Format and Decryption|SELF]] decryption. | |||
= | ==act.dat header(encrypted) structure== | ||
{| class="wikitable sortable" | |||
|- | |||
| style="background-color:#123EDA; color:#FFFFFF;" |'''Name''' | |||
| style="background-color:#123EDA; color:#FFFFFF;" |'''Offset''' | |||
| style="background-color:#123EDA; color:#FFFFFF;" |'''Size''' | |||
| style="background-color:#123EDA; color:#FFFFFF;" |'''Example''' | |||
| style="background-color:#123EDA; color:#FFFFFF;" |'''Remark''' | |||
|- | |||
| Version Number || 0x0 || 0x4 || 00000001 || | |||
|- | |||
| License Type || 0x4 || 0x4 || 00000001 || | |||
|- | |||
| User Number || 0x8 || 0x8 || N.A || | |||
|- | |||
| KeyTable Retail || 0x10 || 0x800 || N.A || | |||
|- | |||
| KeyTable Debug? || 0x810 || 0x800 || N.A || | |||
|- | |||
| Signature || 0x1010 || 0x28 || N.A || | |||
|- | |||
|} | |||
==rif file(encrypted) structure== | |||
The rif holds the klicensee for both SELF and paid [[EDAT_files|EDAT]]. | |||
{| class="wikitable sortable" | {| class="wikitable sortable" | ||
|- | |- | ||
| style="background-color:#123EDA; color:#FFFFFF;" |'''Name''' | |||
| style="background-color:#123EDA; color:#FFFFFF;" |'''Offset''' | |||
| style="background-color:#123EDA; color:#FFFFFF;" |'''Size''' | |||
| style="background-color:#123EDA; color:#FFFFFF;" |'''Example''' | |||
| style="background-color:#123EDA; color:#FFFFFF;" |'''Remark''' | |||
|- | |- | ||
| | | Version Number || 0x0 || 0x4 || 00 00 00 01 || | ||
|- | |- | ||
| | | License Type || 0x4 || 0x4 || 00 01 00 02 || | ||
|- | |- | ||
| | | User Number || 0x8 || 0x8 || 00 00 00 00 00 00 00 02 || Used on Rap2Rif header | ||
|- | |- | ||
| | | [[PARAM.SFO#CONTENT_ID|CONTENT ID]] || 0x10 || 0x30 || N.A || Content ID | ||
|- | |- | ||
| | | Random Padding || 0x40 || 0xC || N.A || | ||
|- | |- | ||
| | | act.dat index key || 0x4C || 0x4 || N.A || | ||
|- | |- | ||
| | | encrypted klic || 0x50 || 0x10 || N.A || | ||
|- | |- | ||
| | | bought on/ start || 0x60 || 0x8 || 00 00 01 2F 41 5C 00 00 || For human readable, convert to decimal and use one [http://www.epochconverter.com/ Epoch-Unix converter] time format online. | ||
|- | |- | ||
| | | expires in || 0x68 || 0x8 || 00 00 00 00 00 00 00 00 || If zeroed,-, there is no time limit. Used on PS+ for example. | ||
|- | |||
| Signature || 0x70 || 0x28 || 11 || Patched on some cfw. See Rif_Junk on Rap2Rif by '''Flatz''' | |||
|- | |||
|} | |} | ||
*[http://pastie.org/private/yltlfwubsz8w5pyhmojyfg '''Rap2Rif''' source code by '''Flatz''' ] | |||
* | |||
*[http://pastie.org/private/pmnmsnqg6zbfnk9xactbw#1 '''Rap2Rif Key''' souce code by '''Flatz'''] | |||
*[[Dev_Tools#ReactPSN_.rap_-.3E_.rif_converter|Link download & usage]] |