Certified File

Certified Files are the most common encrypted files on SCE PlayStation devices since PSP.

Decryption
SELF, SPRX, SRVK and Update Packages are all encrypted using the exact same algorithm, while SELF are hashed and signed (signature is RSA based at the very least since firmware 0.940). This section only focuses on the encryption layer itself.


 * Step 1

The first step uses a static key and IV contained within a relevant Secure Module; for example Update Package keys are located in update_service_sm.self while kernel PRX keys are located in kprx_auth_sm.self (or, for secure module (SM) themselves as well as kernel_boot_loader.self, inside secure_kernel.enp).

The initial step decrypts the first 0x40 bytes of the self metadata using AES256CBC, this results into the key and IV used in step 2


 * Step 2

The second step uses the key and iv decrypted from the first 0x40 bytes of the metadata to decrypt the rest of the metadata using AES128-CBC.


 * Step 3

The SELF metadata is typically stored in this format (below is the metadata example for a 4 sections self): Update packages metadata follows the same principles but is slightly different (different MAGIC/Header).

Following the same principles, an update package metadata would look like this:


 * Step 4

The last step uses the keys and ivs extracted from the metadata to decrypt their respective sections using AES128-CTR.