mirror of
https://github.com/rvtr/TwlIPL.git
synced 2025-10-31 06:01:12 -04:00
製品版Key Table2に書き換えたカードアプリでも動作するよう修正
git-svn-id: file:///Users/lillianskinner/Downloads/platinum/twl/TwlIPL/trunk@1655 b08762b0-b915-fc4b-9d8c-17b2551a87ff
This commit is contained in:
(no author)
parent
8878348416
commit
4a287d0f0a
@ -41,6 +41,8 @@ void DecryptByBlowfish(const BLOWFISH_CTX *ctx, u32 *xl, u32 *xr);
|
||||
// Key Table の生成
|
||||
void MakeBlowfishTableDS(CardBootData *cbd, s32 keyLen);
|
||||
|
||||
// Key Table2 の生成
|
||||
void MakeBlowfishTableTWL(CardBootData *cbd, s32 keyLen, u16 bondingOp);
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
|
||||
@ -305,6 +305,7 @@ typedef struct CardBootData{
|
||||
u32 *pSecure2SegBuf;
|
||||
|
||||
BLOWFISH_CTX keyTable;
|
||||
BLOWFISH_CTX keyTable2;
|
||||
} CardBootData;
|
||||
|
||||
// スレッド・メッセージ関係をまとめた構造体
|
||||
|
||||
@ -31,43 +31,67 @@ void MakeBlowfishTableDS(CardBootData *cbd, s32 keyLen)
|
||||
{
|
||||
const BLOWFISH_CTX *initTable = &HotSwBlowfishInitTableBufDS;
|
||||
|
||||
u32 blowfishedKey[2];
|
||||
|
||||
u8 *RomHeaderCtrlRsvB = cbd->pBootSegBuf->rh.s.ctrl_reserved_B;
|
||||
u32 *RomHeaderGameCode = (u32 *)cbd->pBootSegBuf->rh.s.game_code;
|
||||
u32 *keyBuf = cbd->keyBuf;
|
||||
BLOWFISH_CTX *ctx = &cbd->keyTable;
|
||||
|
||||
if(cbd->modeType == HOTSW_MODE1){
|
||||
MI_CpuCopyFast((void *)initTable, (void *)ctx, sizeof(BLOWFISH_CTX));
|
||||
}
|
||||
else{
|
||||
keyBuf = cbd->keyBuf2;
|
||||
|
||||
#define USE_LOCAL_KEYTABLE
|
||||
#ifdef USE_LOCAL_KEYTABLE
|
||||
MI_CpuCopyFast(&HotSwBlowfishInitTableTWL, (void *)ctx, sizeof(BLOWFISH_CTX));
|
||||
return;
|
||||
#else
|
||||
MI_CpuCopyFast((void *)((OSFromFirm7Buf *)HW_FIRM_FROM_FIRM_BUF)->twl_blowfish, (void *)ctx, sizeof(BLOWFISH_CTX));
|
||||
#endif
|
||||
}
|
||||
|
||||
MI_CpuCopyFast((void *)initTable, (void *)ctx, sizeof(BLOWFISH_CTX));
|
||||
|
||||
keyBuf[0] = *RomHeaderGameCode;
|
||||
keyBuf[1] = *RomHeaderGameCode >> 1;
|
||||
keyBuf[2] = *RomHeaderGameCode << 1;
|
||||
|
||||
InitBlowfishKeyAndTableDS(ctx, keyBuf, keyLen);
|
||||
|
||||
blowfishedKey[0] = (u32)RomHeaderCtrlRsvB[0];
|
||||
blowfishedKey[1] = *(u32 *)&RomHeaderCtrlRsvB[4];
|
||||
|
||||
DecryptByBlowfish(ctx, &(blowfishedKey)[1], &(blowfishedKey)[0]);
|
||||
|
||||
InitBlowfishKeyAndTableDS(ctx, keyBuf, keyLen);
|
||||
}
|
||||
|
||||
|
||||
/*---------------------------------------------------------------------------*
|
||||
Name: MakeBlowfishTableTWL
|
||||
|
||||
Description: KeyTable2の生成
|
||||
*---------------------------------------------------------------------------*/
|
||||
void MakeBlowfishTableTWL(CardBootData *cbd, s32 keyLen, u16 bondingOp)
|
||||
{
|
||||
u32 *RomHeaderGameCode = (u32 *)cbd->pBootSegBuf->rh.s.game_code;
|
||||
u32 *keyBuf = cbd->keyBuf2;
|
||||
BLOWFISH_CTX *ctx = &cbd->keyTable2;
|
||||
void *tempCTX;
|
||||
|
||||
|
||||
// 製品機の場合
|
||||
if(bondingOp == SCFG_OP_PRODUCT){
|
||||
MI_CpuCopyFast((void *)((OSFromFirm7Buf *)HW_FIRM_FROM_FIRM_BUF)->twl_blowfish, (void *)ctx, sizeof(BLOWFISH_CTX));
|
||||
}
|
||||
// 開発機の場合
|
||||
else{
|
||||
MI_CpuCopyFast(&HotSwBlowfishInitTableTWL, (void *)ctx, sizeof(BLOWFISH_CTX));
|
||||
|
||||
|
||||
// スタック領域がオーバーフローするから、ヒープ領域から領域を確保する。
|
||||
tempCTX = OS_AllocFromSubPrivWram( sizeof(BLOWFISH_CTX) );
|
||||
|
||||
if(tempCTX != NULL){
|
||||
ctx = tempCTX;
|
||||
}
|
||||
else{
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
keyBuf[0] = *RomHeaderGameCode;
|
||||
keyBuf[1] = *RomHeaderGameCode >> 1;
|
||||
keyBuf[2] = *RomHeaderGameCode << 1;
|
||||
|
||||
InitBlowfishKeyAndTableDS(ctx, keyBuf, keyLen);
|
||||
|
||||
// Heapの開放
|
||||
if(bondingOp != SCFG_OP_PRODUCT){
|
||||
OS_FreeToSubPrivWram( tempCTX );
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/*---------------------------------------------------------------------------*
|
||||
Name: InitBlowfishKeyAndTableDS
|
||||
|
||||
@ -75,9 +99,9 @@ void MakeBlowfishTableDS(CardBootData *cbd, s32 keyLen)
|
||||
*---------------------------------------------------------------------------*/
|
||||
void InitBlowfishKeyAndTableDS(BLOWFISH_CTX *ctx, u32 *keyBufp, s32 keyLen)
|
||||
{
|
||||
EncryptByBlowfish(ctx, &(keyBufp)[2], &(keyBufp)[1]);
|
||||
EncryptByBlowfish(ctx, &(keyBufp)[1], &(keyBufp)[0]);
|
||||
InitBlowfish(ctx, (u8 *)keyBufp, keyLen);
|
||||
EncryptByBlowfish(ctx, &(keyBufp)[2], &(keyBufp)[1]);
|
||||
EncryptByBlowfish(ctx, &(keyBufp)[1], &(keyBufp)[0]);
|
||||
InitBlowfish(ctx, (u8 *)keyBufp, keyLen);
|
||||
}
|
||||
|
||||
|
||||
@ -119,7 +143,6 @@ void InitBlowfish(BLOWFISH_CTX *ctx, const unsigned char *key, int keyLen)
|
||||
ctx->S[i][j + 1] = datar;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -432,8 +432,9 @@ HotSwState ReadRomEmulationInfo(SYSMRomEmuInfo *info)
|
||||
*---------------------------------------------------------------------------*/
|
||||
static void SetSecureCommand(SecureCommandType type, CardBootData *cbd)
|
||||
{
|
||||
GCDCmd64 cndLE;
|
||||
u64 data;
|
||||
GCDCmd64 cndLE;
|
||||
u64 data;
|
||||
BLOWFISH_CTX *ctx;
|
||||
|
||||
// comannd0部分
|
||||
switch(type){
|
||||
@ -460,8 +461,10 @@ static void SetSecureCommand(SecureCommandType type, CardBootData *cbd)
|
||||
cndLE.dw |= data << HSWOP_S_VA_SHIFT;
|
||||
|
||||
if(!HOTSWi_IsRomEmulation()){
|
||||
ctx = (cbd->modeType == HOTSW_MODE1) ? &cbd->keyTable : &cbd->keyTable2;
|
||||
|
||||
// コマンドの暗号化
|
||||
EncryptByBlowfish( &cbd->keyTable, (u32*)&cndLE.b[4], (u32*)cndLE.b );
|
||||
EncryptByBlowfish( ctx, (u32*)&cndLE.b[4], (u32*)cndLE.b );
|
||||
}
|
||||
|
||||
// MCCMD レジスタ設定
|
||||
@ -555,11 +558,12 @@ HotSwState ReadIDSecure(CardBootData *cbd)
|
||||
*---------------------------------------------------------------------------*/
|
||||
HotSwState ReadSegSecure(CardBootData *cbd)
|
||||
{
|
||||
u32 scrambleMask = HOTSWi_IsRomEmulation() ? 0 : (u32)(SECURE_COMMAND_SCRAMBLE_MASK & ~CS_MASK);
|
||||
u32 *buf = (cbd->modeType == HOTSW_MODE1) ? cbd->pSecureSegBuf : cbd->pSecure2SegBuf;
|
||||
u32 loop, pc, size, interval, i, j=0, k;
|
||||
u64 segNum = 4;
|
||||
GCDCmd64 cndLE;
|
||||
u32 scrambleMask = HOTSWi_IsRomEmulation() ? 0 : (u32)(SECURE_COMMAND_SCRAMBLE_MASK & ~CS_MASK);
|
||||
u32 *buf = (cbd->modeType == HOTSW_MODE1) ? cbd->pSecureSegBuf : cbd->pSecure2SegBuf;
|
||||
u32 loop, pc, size, interval, i, j=0, k;
|
||||
u64 segNum = 4;
|
||||
GCDCmd64 cndLE;
|
||||
BLOWFISH_CTX *ctx = (cbd->modeType == HOTSW_MODE1) ? &cbd->keyTable : &cbd->keyTable2;
|
||||
|
||||
if(cbd->cardType == DS_CARD_TYPE_1){
|
||||
loop = 0x1UL;
|
||||
@ -585,7 +589,7 @@ HotSwState ReadSegSecure(CardBootData *cbd)
|
||||
cndLE.dw |= segNum << HSWOP_S_VC_SHIFT;
|
||||
|
||||
// コマンドの暗号化
|
||||
EncryptByBlowfish( &cbd->keyTable, (u32*)&cndLE.b[4], (u32*)cndLE.b );
|
||||
EncryptByBlowfish( ctx, (u32*)&cndLE.b[4], (u32*)cndLE.b );
|
||||
|
||||
// MCCMD レジスタ設定
|
||||
HOTSWi_SetCommand(&cndLE);
|
||||
|
||||
@ -469,7 +469,7 @@ static HotSwState LoadCardData(void)
|
||||
retval = (retval == HOTSW_SUCCESS) ? state : retval;
|
||||
|
||||
// Key Table初期化
|
||||
MakeBlowfishTableDS(&s_cbData, 8);
|
||||
MakeBlowfishTableTWL(&s_cbData, 8, s_bondingOp);
|
||||
|
||||
// コマンド認証値・コマンドカウンタ初期値・PNジェネレータ初期値の生成
|
||||
GenVA_VB_VD();
|
||||
|
||||
Loading…
Reference in New Issue
Block a user