IPL Decrypt Sample (direct HW access)
October 9th, 2007 silverspringSince this place is pretty bare right now here’s a quick sample I wrote up demonstrating how to access the KIRK crypto engine directly to do your decryption. Doing raw hardware access means you dont need to access any of the SCE crypto API’s such as the semaphore lib (memlmd.prx).This is useful for the future since no matter how much SCE change the libs, nids, etc. The HW remains the same so it will work in all future firmwares (until new PSP motherboards are developed). Might be useful to add to PSARDUMPER since PSARDUMPER still rely on the SCE crypto libs and SCE may change the nids in the future and other stupid stuff like that.
To use just place an encrypted IPL as enc_ipl.bin in the MS root. It’ll decrypt it and save as it dec_ipl.bin.
NOTE: the same decryption routine can also decrypt prx’s, though they need to be setup first before being passed to the crypto engine (ie. the prx header needs to be descrambled with its decryption key first). I might write up a quick sample to do that later.
Anyway, enjoy and I hope you’ll find this useful…
EDIT: this is for 1.50 Kernel
Download link: IPL Decrypt Sample (direct HW access)
Admin note: The issue with the captcha not working has been fixed. Sorry for any inconvenience caused. -EvilSeph