PS Vita CMAC Key Verification Script

python script to verify if the cmac key sony uses is the same as the ps3 gpkg key. So far it has been verified on the beta pkg (Uncharted) and on a Retail one (Resogun)
I’ll verify on a couple more. You can do it too 🙂
OK if hashes match. NG if they don’t

from CryptoPlus.Cipher import python_AES, AES
import hashlib
import sys, os, struct
def aes_cmac(erk, input):
    crypter =, AES.MODE_CMAC)
    return crypter.encrypt(input)
def get_file_contents(file_path):
    with open(file_path, 'rb') as in_file:
def indent(message='', level=1, char='t'):
    return char * level + message
def dump(data, title='', stride=16, indent_level=0):
    data_length = len(data)
    stride = min(stride, data_length)
    num_rows = int(data_length / stride)
    dump_data = ''
    if len(title) > 0:
        dump_data += title + 'n'
    for i in xrange(num_rows):
        row = data[i * stride🙁i + 1) * stride]
        dump_data += indent(level=indent_level)
        for j in xrange(stride):
            dump_data += '%02X ' % ord(row[j])
        dump_data += 'n'
    return dump_data.rstrip('n')
key = '2E7B71D7C9C9A14EA3221F188828B8F8'.decode('hex')
with open(sys.argv[1], 'rb') as f:
    data_with_hash =
    data,hash = data_with_hash[:0x80], data_with_hash[0x80:0x90]
    result = aes_cmac(key, data)
    cmac_data_size = len(data)
    cmac_data = data[:cmac_data_size]
    print dump(data, 'Data:', indent_level=0)
    print 'key:', key.encode('hex')
    print 'cmac calculated hash:', result.encode('hex')
    print 'cmac verification hash:', hash.encode('hex')
    if result==hash:
        print 'OK'
        print 'NG'

Visit PlayStationHaX Forum To Discuss This Story, The Code Looks Better There :: Cmac key verification script