Gaia Signing!?

**Mbb** · 01-06-2011,02:10 PM

Originally Posted by jumper2009

Wrong.
Ive watched the #ps3dev channel over the few days and only geohot created a working self. And he will not release his method or code.

btw Link is not working, dont wanne register either..

He said this today

[19:05] <+Sa1nt> geohot_: hows progress on makeself?
[19:05] <+ValeV>

[19:05] <@geohot_> make_self works 100%
[19:05] == CrUmp [1867186e@rrcs-24-103-24-110.nyc.biz.rr.com] has joined #ps3dev
[19:05] == schiggimi [5fdf635d@ip-95-223-99-93.unitymediagroup.de] has joined #ps3dev
[19:06] <+DJam> but you won't release :P
[19:06] <@geohot_> not yet
[19:06] == mns_voice has changed nick to mns|voice
[19:06] <@geohot_> npdrm stuff is still broken

**Ben Jeremy** · 01-06-2011,02:15 PM

Originally Posted by sg86-

Yes, this is correct

No, there is a tutorial on signing a few places, seem legit as the issue is running them off the HDD, and that issue is digital rights management npdrm

How to sign a self

I can't see that link, but I doubt it actually works.

Look in the thread about repacking the lv2diag.self. The makeself tool simply does not work.

I can't figure out why they even bother updating it without testing it. Geohot created a self, but it wasn't made using makeself... so he has different tools, and he hasn't released them; and so far, he's the only person who has made any homebrew that works on "retail" consoles.

We've got all the keys to the palace, but nobody can figure out how to lower the drawbridge.

**defxor** · 01-06-2011,03:07 PM

Originally Posted by Ben Jeremy

I can't figure out why they even bother updating it without testing it.

It's called open source development with the philosophy of "release early, release often". There's a reason why they write "no, not working yet" in the check-in comments, that's for others to understand that while they can poke around in the code, branch off and maybe learn (or even help out with) something, don't expect something to use just yet.

It's a good thing. It's how a lot of code gets written today.

**moose123** · 01-06-2011,07:49 PM

Originally Posted by Ben Jeremy

I can't see that link, but I doubt it actually works.

Look in the thread about repacking the lv2diag.self. The makeself tool simply does not work.

I can't figure out why they even bother updating it without testing it. Geohot created a self, but it wasn't made using makeself... so he has different tools, and he hasn't released them; and so far, he's the only person who has made any homebrew that works on "retail" consoles.

We've got all the keys to the palace, but nobody can figure out how to lower the drawbridge.

If no one can figure out how to lower the bridge then they need to go through the underground passage. That's all I'm sayin'.

EIDT; Guess I won't need the secret underground passage after all. Come on PKG packer ;p.

**mjgdroid** · 01-06-2011,11:08 PM

Originally Posted by moose123

If no one can figure out how to lower the bridge then they need to go through the underground passage. That's all I'm sayin'.

EIDT; Guess I won't need the secret underground passage after all. Come on PKG packer ;p.

I used the makesefl command, but there is a few things I dont understand

this is output of command:

ps3tools>makeself
usage: makeself [type] [version suffix] [version] [vendor id] [auth id] [sdk typ
e] [elf] [self]
perror: No error

so what is it asking for type= app version suffix = 355 i thinkversion = 355 i think vendor id= IDK auth id= probably a key sdk type wich sdk you want elf = file to change= self is file

What do you need:
- Your *.ELF
- Fail0verflow PS3tools (precompiled) i don't have time to explain you how to compiled them.
- Linux
- Time!
- Xtse PS3Tools Key Pack
Tutorial:

1) Extract PS3tools somewhere and open a shell. make a directory called .ps3 in /home/(user)/ and extract all KEYS, inside Xtse PS3Tools Key Pack, here
2) Write in the shell cd and drag the PS3tool folder in the shell, then press ENTER
3) put your elf in the PS3tools folder
4) write in the shell ./makeself app 355 your.elf output.self (change the name of the elf if the name is different) and press enter
5) now just wait.. (it take's 15min)
6) when done look inside your folder (PS3tool folder), voilà! you sign a self

ops sorry i forget a thing....KEYS

**Ben Jeremy** · 01-06-2011,11:18 PM

Originally Posted by mjgdroid

I used the makesefl command, but there is a few things I dont understand

this is output of command:

ps3tools>makeself
usage: makeself [type] [version suffix] [version] [vendor id] [auth id] [sdk typ
e] [elf] [self]
perror: No error

so what is it asking for type= app version suffix = 355 i thinkversion = 355 i think vendor id= IDK auth id= probably a key sdk type wich sdk you want elf = file to change= self is file

What do you need:
- Your *.ELF
- Fail0verflow PS3tools (precompiled) i don't have time to explain you how to compiled them.
- Linux
- Time!
- Xtse PS3Tools Key Pack
Tutorial:

1) Extract PS3tools somewhere and open a shell. make a directory called .ps3 in /home/(user)/ and extract all KEYS, inside Xtse PS3Tools Key Pack, here
2) Write in the shell cd and drag the PS3tool folder in the shell, then press ENTER
3) put your elf in the PS3tools folder
4) write in the shell ./makeself app 355 your.elf output.self (change the name of the elf if the name is different) and press enter
5) now just wait.. (it take's 15min)
6) when done look inside your folder (PS3tool folder), voilà! you sign a self

ops sorry i forget a thing....KEYS

None of it matters. As I have said MANY TIMES. makeself doesn't work.

The self files do not run on the PS3.

encrypting/signing executables will have to wait until geohot's make_self is compiled.

**[C*]** · 01-07-2011,01:45 AM

Originally Posted by Ben Jeremy

None of it matters. As I have said MANY TIMES. makeself doesn't work.

The self files do not run on the PS3.

encrypting/signing executables will have to wait until geohot's make_self is compiled.

EXACTLY! Well I've been terming it signing the EBOOT.BIN. What good would signing a .pkg be if the contents are unsigned

**moha99sa** · 01-09-2011,11:26 AM

Hello,

Today I have taken the latest makeself version and I tried to run it after preparing the keys folder (with latest keys).
Then I compiled the code and I ran the makeself.

However, I miss the following information about Gaia:

[version] [vendor id] [auth id] [sdk type]

I tried to guess random inputs but I got the following error:
unable to read random numbers
perror: Invalid argument

Any Idea?

**Slynk** · 01-09-2011,11:37 AM

Code:

./makeself app 315 2.43.0 01000002 10700003ff000001 1 Lv2diag.elf Lv2diag.self

Here's mine. You can change which keys you use (315) and the version (2.43.0) if you want.

**moha99sa** · 01-10-2011,05:06 AM

I got the missing information! It was there all the time

(This is my first time)

Using readself tool with the eboot.bin reveals the missing information.

Now the makeself tool is working!

I could encrypt Gaia's eboot as following:

First: I ran the readself before the signing:

./readself eboot.bin

ELF header
elf #1 offset: 00000000_00000090
header len: 00000000_00000a80
meta offset: 00000000_000004a0
phdr offset: 00000000_00000040
shdr offset: 00000000_0008d8d0
file size: 00000000_0008d6a0
auth id: 10100000_01000003 (Unknown)
vendor id: 01000002
info offset: 00000000_00000070
sinfo offset: 00000000_00000290
version offset: 00000000_00000390
control info: 00000000_000003c0 (00000000_00000100 bytes)
app version: 1.0.0
SDK type: Devkit
app type: NP-DRM application

ontrol info
control flags:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
file digest:
62 7c b1 80 8a b9 38 e3 2c 8c 09 17 08 72 6a 57 9e 25 86 e4
b3 94 27 24 7b e1 44 97 11 d3 7c 1d 21 08 42 c8 0b 16 b4 43
NPDRM info:
magic: 4e504400
unk0 : 00000001
unk1 : 00000003
unk2 : 00000001
content_id: UP0001-GAIA01985_00-7679866932773369
digest: 21 b4 f5 49 08 70 14 6e d1 60 f9 b5 5c 6a a3 c1
invdigest: de 4b 0a b6 f7 8f eb 91 2e 9f 06 4a a3 95 5c 3e
xordigest: 74 e1 a0 1c 5d 25 41 3b 84 35 ac e0 09 3f f6 95

Section header
offset size compressed unk1 unk2 encrypted
00000000_00000a80 00000000_0004afa8 [NO ] 00000000 00000000 [NO ]
00000000_00050a80 00000000_00002d9c [NO ] 00000000 00000000 [NO ]
00000000_00060a80 00000000_00002f20 [NO ] 00000000 00000000 [NO ]
00000000_00070a80 00000000_0001a400 [NO ] 00000000 00000000 [NO ]
00000000_0008ae80 00000000_00000000 [NO ] 00000000 00000000 [NO ]
00000000_00053818 00000000_00000004 [NO ] 00000000 00000000 [N/A]
00000000_0004b9e0 00000000_00000020 [NO ] 00000000 00000000 [N/A]
00000000_0004ba00 00000000_00000028 [NO ] 00000000 00000000 [N/A]

Encrypted Metadata
no encrypted metadata in fselfs.

Then I extracted the eboot.bin using unself and I got eboot_elf.bin

After that I used makeself to encrypt (sign) the file

./makeself app 341 1.0.0 01000002 10100000_01000003 Devkit eboot_elf.bin eboot_out.bin

Then I ran the readself and I got the following:

./readself eboot_out.bin

SELF header
elf #1 offset: 00000000_00000090
header len: 00000000_00000a80
meta offset: 00000000_00000440
phdr offset: 00000000_00000040
shdr offset: 00000000_0008e090
file size: 00000000_0008de80
auth id: 00000000_10100000 (Unknown)
vendor id: 01000002
info offset: 00000000_00000070
sinfo offset: 00000000_000002a0
version offset: 00000000_000003a0
control info: 00000000_000003c0 (00000000_00000070 bytes)
app version: 1.0.0
SDK type: Retail (Type 0)
app type: application

Control info
control flags:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
file digest:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Section header
offset size compressed unk1 unk2 encrypted
00000000_00000a80 00000000_0004afa8 [NO ] 00000000 00000000 [YES]
00000000_00050a80 00000000_00002d9c [NO ] 00000000 00000000 [YES]
00000000_00060a80 00000000_00002f20 [NO ] 00000000 00000000 [YES]
00000000_00070a80 00000000_0001a400 [NO ] 00000000 00000000 [YES]
00000000_0008ae80 00000000_00000000 [NO ] 00000000 00000000 [YES]
00000000_00053818 00000000_00000004 [NO ] 00000000 00000000 [N/A]
00000000_0004b9e0 00000000_00000020 [NO ] 00000000 00000000 [N/A]
00000000_0004ba00 00000000_00000028 [NO ] 00000000 00000000 [N/A]

Encrypted Metadata
Key: b5 68 7e 87 c0 39 5d 98 86 64 59 d7 e4 27 5b 58
IV : 01 4d 4e 4b b8 f4 d4 c6 e9 97 b8 45 0f 56 38 74
Signature end 00000a40
Sections 8
Keys 64

Now if we compare the output before & after we can note the following:

In the section header there are many sections that become encrypted
In Encrypted Metadata section the key is appeared and the signature too
The file digest becomes zeros
There is no NPDRM info for the output file

I need some advices for the following issues:

Does that means the file is signed as expected (I am using the latest ps3tools)?
What should I signed to make the Gaia signed? is there any additional executable?
Should I sign the pkg too?

Additional information is appreciated.

User Tag List

Thread: Gaia Signing!?

Tweet

LinkBack

Thread Tools

Display


	Would you like to get all the new info from PSX-Scene in your email each day? Subscribe to our Daily Digest! Want to learn more about the team keeping you up to date with the latest scene news? Read about them now! Check out our Developer bios, too!