more validation added

* already modified dsiware.bin * wrong injection region * unsupported dsiware game
2025-06-18 18:55:41 -04:00 · 2018-05-24 12:59:44 +02:00 · 2018-05-24 12:59:44 +02:00 · 4a2a3ad663
commit 4a2a3ad663
parent 0b6b31330e cda93011b3
5 changed files with 206 additions and 13 deletions
--- a/index.html
+++ b/index.html
@ -129,8 +129,8 @@
        </div>
        <button class="btn btn-primary btn-startInjection" type="submit">Start!</button>
        <br/>
-        <p id="p-error"></p>
      </form>
+      <p id="p-error"></p>
    </div>
    <div class="col-lg-1"></div>
  </div>
--- a/public/js/custom/constants.js
+++ b/public/js/custom/constants.js
@ -1,6 +1,12 @@
 var constants = {
  hashes: {
-    all: ['7E5EA8C7', '378AAF3A', 'C42B9288', '3DA4FC37', '4899E282', '0CBC2C50'],
+    srl: ['7E5EA8C7', '378AAF3A', 'C42B9288'],
+    save: ['3DA4FC37', '4899E282', '0CBC2C50'],
+    regions: {
+      us: ['7E5EA8C7', '3DA4FC37'],
+      eu: ['378AAF3A', '4899E282'],
+      jp: ['C42B9288', '0CBC2C50'],
+    },
  },
  keys: {
    keyX: '6FBB01F872CAF9C01834EEC04065EE53',
@ -27,4 +33,138 @@ var constants = {
    'tmd', 'srl.nds', '2.bin', '3.bin', '4.bin', '5.bin',
    '6.bin', '7.bin', '8.bin', 'public.sav', 'banner.sav',
  ],
+  signatureTypes: {
+    '00010000': 0x200 + 0x3C,
+    '00010001': 0x100 + 0x3C,
+    '00010002': 0x3C + 0x40,
+    '00010003': 0x200 + 0x3C,
+    '00010004': 0x100 + 0x3C,
+    '00010005': 0x3C + 0x40,
+  },
+  compatibleGames: {
+    us: [
+      '4B464445', '4B4C4545', '4B475245', '4B513945',
+      '4B344445', '4B355545', '4B354F45', '4B354745', '4B553945', '4B443745', '4B565145',
+      '4B354D45', '4B323545', '4B334F45', '4B354645', '4B444145', '4B564545', '4B5A4A45',
+      '4B323745', '4B354A45', '4B354545', '4B354E45', '4B455245', '4B354445', '4B393645',
+      '4B414245', '4B325A45', '4B574C45', '4B535645', '4B525745', '4B333245', '4B585545',
+      '4B584645', '4B553345', '4B584B45', '4B4E5945', '4B354845', '4B395745', '4B424945',
+      '4B424E45', '4B583545', '4B583645', '4B563345', '4B594E45', '4B5A5945', '4B584445',
+      '4B595745', '4B583445', '4B325545', '4B525245', '4B4B5A45', '4B515645', '4B585345',
+      '4B584745', '4B4C5645', '4B514B45', '4B395945', '4B4E5745', '4B4B5245', '4B584545',
+      '4B4E3245', '4B565845', '4B585445', '4B555345', '4B555245', '4B355045', '4B585045',
+      '4B565345', '4B334A45', '4B4B4745', '4B554D45', '4B514F45', '4B4E4845', '4B494F45',
+      '4B4B5145', '4B484545', '4B574D45', '4B4C3345', '4B4B3245', '4B4C3445', '4B543945',
+      '4B423745', '4B584845', '4B413545', '4B444245', '4B435145', '4B334345', '4B4B4945',
+      '4B563245', '4B464145', '4B493745', '4B473545', '4B564945', '4B344C45', '4B464D45',
+      '4B544145', '4B524A45', '4B424D45', '4B534445', '4B414F45', '4B4A4A45', '4B414645',
+      '4B474B45', '4B525145', '4B464F45', '4B495445', '4B424A45', '4B564745', '4B504A45',
+      '4B414345', '4B494345', '4B543345', '4B4F4745', '4B344A45', '4B4D5645', '4B383845',
+      '4B413845', '4B4D5245', '4B435A45', '4B555045', '4B365145', '4B504645', '4B524845',
+      '4B4D4C45', '4B333445', '4B584C45', '4B334D45', '4B534F45', '4B4D4845', '4B465A45',
+      '4B535245', '4B455845', '4B354945', '4B415445', '4B455345', '4B4D5945', '4B374445',
+      '4B374745', '4B374845', '4B374245', '4B323945', '4B374145', '4B373345', '4B394A45',
+      '4B593645', '4B593745', '4B563445', '4B563945', '4B375A45', '4B364245', '4B374645',
+      '4B365445', '4B365345', '4B595945', '4B374B45', '4B594A45', '4B553545', '4B354C45',
+      '4B324545', '4B394145', '4B584345', '4B555145', '4B555645', '4B324645', '4B324E45',
+      '4B584F45', '4B554F45', '4B364B45', '4B585245', '4B564845', '4B554A45', '4B554945',
+      '4B543545', '4B554B45', '4B564345', '4B344E45', '4B565645', '4B554145', '4B595045',
+      '4B514245', '4B4B4E45', '4B494945', '4B335945', '4B324A45', '4B4B4245', '4B565745',
+      '4B573845', '4B4F5545', '4B4C4D45', '4B354B45', '4B4C4E45', '4B433545', '4B4B5445',
+      '4B393545', '4B345145', '4B514E45', '4B345245', '4B515145', '4B455945', '4B425145',
+      '4B333545', '4B394645', '4B504C45', '4B4C4A45', '4B5A5345', '4B4B4645', '4B4F3945',
+      '4B4A4845', '4B5A3645', '4B4B4545', '4B524C45', '4B464B45', '4B4A4245', '4B594C45',
+      '4B4C4F45', '4B485145', '4B465645', '4B544C45', '4B473745', '4B394545', '4B565045',
+      '4B393945', '4B394745', '4B573645', '4B494245', '4B495745', '4B355145', '4B453945',
+      '4B465945', '4B433445', '4B4C4245', '4B4A5945', '4B4C5445', '4B514145', '4B515245',
+      '4B433345', '4B4F5945', '4B324F45', '4B534A45', '4B345A45', '4B514445', '4B584945',
+      '4B424845', '4B4C4C45', '4B485745', '4B575245', '4B444A45', '4B534645', '4B435845',
+      '4B503945', '4B4A4D45', '4B525A45', '4B475845', '4B503845', '4B475145', '4B595345',
+      '4B524445', '4B443845', '4B415A45', '4B434E45', '4B434945', '4B583245', '4B354145',
+      '4B484945', '4B434F45', '4B4C5245', '4B594245', '4B484845', '4B345945', '4B534B45',
+      '4B535745', '4B443245', '4B424445', '4B4D5545', '4B414545', '4B345745', '4B4C4645',
+      '4B513645', '4B574B45', '4B504145', '4B585145', '4B344B45', '4B353945', '4B574F45',
+      '4B464745', '4B524745', '4B435445', '4B455745', '4B424C45', '4B4F4B45', '4B5A4545',
+      '4B5A4745', '4B444645', '4B4C3245', '4B535945', '4B374345', '4B474E45', '4B445245',
+      '4B5A4645', '4B494445', '4B475345', '4B465045', '4B464945', '4B505445', '4B445445',
+      '4B4D4F45', '4B535545', '4B395445', '4B445645', '4B445945', '4B394245', '4B575345',
+      '4B445A45', '4B504345', '4B424545', '4B505045', '4B424B45', '4B534345', '4B434D45',
+      '4B415645', '4B424245', '4B453345', '4B5A5045', '4B445145', '4B544454', '4B544354',
+      '4B504E45', '4B415345', '4B414445', '4B414845', '4B415045', '4B414B45', '4B545254',
+      '4B443945', '4B4D4D45', '4B414145', '4B565545', '4B395545', '4B553745', '4B354245',
+      '4B343345', '4B333645', '4B594845', '4B325745', '4B475445', '4B473845', '4B433745',
+      '4B375745', '4B5A5445', '4B343545', '4B525645', '4B595245', '4B585745', '4B343245',
+      '4B494A45', '4B465845', '4B493445', '4B5A4845', '4B493345', '4B494845', '4B423645',
+      '4B465145', '4B4F5845', '4B423545', '4B475A45', '4B505A45', '4B575945', '4B514545',
+      '4B5A4C45', '4B415845', '4B503545', '4B4C5945', '4B5A4245', '4B413645', '4B463345',
+      '4B4E5045', '4B525545', '4B5A4145', '4B524B45', '4B503245', '4B503345', '4B504B45',
+      '4B544645', '4B363445', '4B4C4445', '4B344845', '4B445845', '4B524345', '4B444445',
+      '4B465245', '4B335645', '4B415245', '4B445345', '4B494645', '4B384745', '4B434A45',
+      '4B454D45', '4B545345', '4B504845', '4B4F3445', '4B373245', '4B4D3845', '4B444C45',
+      '4B484345', '4B4D4545', '4B524D45', '4B345445', '4B424145', '4B564B45', '4B413245',
+      '4B4F5445', '4B414945', '4B4E4445', '4B4E5245', '4B424345', '4B444D45', '4B4D4745',
+      '4B504F45', '4B593445', '4B545745', '4B533345'
+    ],
+    eu: [
+      '4B464456', '4B4C4556', '4B475256', '4B513956',
+      '4B344456', '4B535650', '4B594856', '4B525750', '4B333250', '4B554D50', '4B4C5650',
+      '4B395750', '4B584650', '4B585550', '4B354850', '4B584B50', '4B583550', '4B5A5950',
+      '4B543950', '4B584450', '4B4C4250', '4B4B5A50', '4B594E50', '4B583650', '4B484550',
+      '4B574D50', '4B583450', '4B525250', '4B584750', '4B515656', '4B334A50', '4B585350',
+      '4B585050', '4B514B56', '4B4E5750', '4B395950', '4B4B5250', '4B585450', '4B584550',
+      '4B565850', '4B555250', '4B484950', '4B565350', '4B494F50', '4B435150', '4B4B4750',
+      '4B514F56', '4B4E4856', '4B4B3250', '4B424A50', '4B4B5150', '4B584856', '4B563250',
+      '4B583250', '4B564950', '4B4C3350', '4B4C3450', '4B414656', '4B465956', '4B444256',
+      '4B464156', '4B493750', '4B495350', '4B4B4950', '4B335550', '4B473556', '4B524A50',
+      '4B464D50', '4B474B50', '4B424D56', '4B464550', '4B564756', '4B424950', '4B464F50',
+      '4B415556', '4B525456', '4B4D5A56', '4B4A4A50', '4B494350', '4B543356', '4B555050',
+      '4B535256', '4B383850', '4B4D5656', '4B4D5256', '4B325250', '4B504650', '4B354950',
+      '4B455856', '4B584C50', '4B333450', '4B414356', '4B334D50', '4B4D4856', '4B465A56',
+      '4B415456', '4B344A50', '4B454856', '4B454A56', '4B454556', '4B454756', '4B454356',
+      '4B454456', '4B454156', '4B454656', '4B454256', '4B454956', '4B534F50', '4B4D4950',
+      '4B4D4E50', '4B4D4450', '4B4D5956', '4B374850', '4B395250', '4B323950', '4B593550',
+      '4B553750', '4B354250', '4B323250', '4B553550', '4B425150', '4B585250', '4B354C50',
+      '4B555650', '4B324550', '4B584356', '4B324E50', '4B584F56', '4B564850', '4B554A56',
+      '4B494950', '4B554950', '4B543550', '4B4C4A56', '4B394150', '4B4E3256', '4B564350',
+      '4B495750', '4B515150', '4B4C4D50', '4B595050', '4B4B5850', '4B335956', '4B514250',
+      '4B4B5750', '4B5A5056', '4B4F5550', '4B4B5650', '4B4B4250', '4B594C50', '4B4B5550',
+      '4B4A4850', '4B4B4E50', '4B433556', '4B324A50', '4B4C4E50', '4B514E56', '4B493850',
+      '4B345250', '4B345150', '4B4B5456', '4B393556', '4B394650', '4B4F3950', '4B485150',
+      '4B4C4F56', '4B395A50', '4B485A50', '4B4A4750', '4B5A3650', '4B393950', '4B4A4250',
+      '4B485950', '4B355650', '4B485650', '4B485550', '4B4C5456', '4B504C50', '4B453750',
+      '4B453650', '4B515256', '4B494256', '4B455A50', '4B5A5356', '4B565056', '4B455550',
+      '4B423750', '4B494E50', '4B434E50', '4B514150', '4B384250', '4B433456', '4B423350',
+      '4B4C4C50', '4B433356', '4B424556', '4B503850', '4B425850', '4B384D50', '4B345A50',
+      '4B424850', '4B473756', '4B414550', '4B425950', '4B354156', '4B345950', '4B4F5950',
+      '4B503756', '4B345750', '4B435850', '4B513656', '4B514456', '4B415A56', '4B584950',
+      '4B4F4B50', '4B444A56', '4B525A56', '4B424B56', '4B475156', '4B474C56', '4B595350',
+      '4B443850', '4B575350', '4B344B56', '4B394256', '4B484850', '4B435456', '4B504356',
+      '4B505456', '4B434F56', '4B4C5250', '4B574B50', '4B434956', '4B574F50', '4B534B56',
+      '4B325050', '4B535756', '4B5A4756', '4B424F50', '4B4C4650', '4B4D3656', '4B564F56',
+      '4B534750', '4B594256', '4B4C3250', '4B524756', '4B424C50', '4B585150', '4B424450',
+      '4B395450', '4B415256', '4B534350', '4B353956', '4B5A4550', '4B375456', '4B565456',
+      '4B465050', '4B535950', '4B574E50', '4B325856', '4B534256', '4B474E56', '4B505050',
+      '4B445656', '4B475350', '4B494456', '4B445456', '4B464956', '4B504450', '4B344E50',
+      '4B545856', '4B434D56', '4B445956', '4B453356', '4B445A56', '4B544250', '4B554E56',
+      '4B424256', '4B545050', '4B545250', '4B4B3456', '4B445156', '4B415656', '4B595556',
+      '4B434456', '4B535556', '4B504E56', '4B414856', '4B414B56', '4B415356', '4B415056',
+      '4B443956', '4B414456', '4B414156', '4B4D4D56', '4B374756', '4B374256', '4B374156',
+      '4B505A56', '4B395156', '4B333656', '4B343350', '4B325750', '4B475456', '4B473856',
+      '4B525550', '4B5A5456', '4B415750', '4B343550', '4B433750', '4B343250', '4B585750',
+      '4B595256', '4B5A4850', '4B4F5856', '4B4C5956', '4B575950', '4B5A4C56', '4B525656',
+      '4B415850', '4B413656', '4B5A4156', '4B4E5056', '4B4C4456', '4B525156', '4B545750',
+      '4B503256', '4B503556', '4B503356', '4B504B56', '4B325950', '4B494656', '4B445856',
+      '4B544650', '4B504856', '4B524356', '4B363456', '4B344856', '4B465256', '4B524B56',
+      '4B335656', '4B324756', '4B434756', '4B4F3456', '4B345056', '4B434A50', '4B4C5750',
+      '4B454D50', '4B545350', '4B5A4656', '4B413256', '4B444C56', '4B4D4556', '4B414956',
+      '4B4D3856', '4B524D56', '4B345456', '4B4D4756', '4B373256', '4B5A4250', '4B4E4456',
+      '4B424156', '4B564B56', '4B4F5450', '4B444D56', '4B424356', '4B4E5256', '4B504F56',
+      '4B593456', '4B533350'
+    ],
+    jp: [
+      '4B46444A', '4B4C454A', '4B47524A', '4B51394A',
+      '4B394C4A', '4B4A384A', '4B4F534A', '4B454B4A', '4B45544A', '4B49524A', '4B4C444A',
+      '4B33474A', '4B44584A'
+    ],
+  },
 };
--- a/public/js/custom/main.js
+++ b/public/js/custom/main.js
@ -13,9 +13,9 @@ function start() {
    if (ctcert.length !== 0x19E) throw new Error('ctcert.bin not valid');

    let crcGame = getCrc(game);
-    if (!constants.hashes.all.includes(crcGame)) throw new Error('game_XXX.app is not valid');
+    if (!constants.hashes.srl.includes(crcGame)) throw new Error('game_XXX.app is not valid');
    let crcSave = getCrc(save);
-    if (!constants.hashes.all.includes(crcSave)) throw new Error('public_XXX.sav is not valid');
+    if (!constants.hashes.save.includes(crcSave)) throw new Error('public_XXX.sav is not valid');

    /* Data Extraction */
    let locC = constants.dataLocations.ctcert;
@ -29,6 +29,9 @@ function start() {
    let dsiwareData = extractDsiware(dsiware, normalKey);
    if (!dsiwareData) throw new Error('DSiWare.bin can not be decrypted with the provided movable.sed');

+    /* Game & Region checks */
+    validateDsiwareRegion(dsiwareData, game, crcGame, crcSave);
+
    /* msed_data extraction */
    let msedDataHex = extractMsedData(movable);
    let movableCrc = getCrc(movable);
--- a/public/js/custom/util.js
+++ b/public/js/custom/util.js
@ -58,7 +58,7 @@ function checkBrowserVersion() {
    // some bugged browsers have 3+ version digits so anything >100 should be fine to filter
    if (reqVersion > 100) throw new Error('Browser version unsupported!');

-    $('.p-browser-version').css('color', 'green');
+    $('.p-browser-version').css('color', `${browser.good[reqBrowser] ? 'green' : 'orange'}`);
  } catch (e) {
    $('.p-browser-error').text(e.message || 'Unknown Error');
    $('.p-browser-error').css('color', 'red');
@ -82,3 +82,16 @@ function getBrowserVersion() {
  if ((tem = ua.match(/version\/(\d+)/i)) != null) M.splice(1, 1, tem[1]);
  return M;
 }
+
+function compareArr(arr1, arr2) {
+  if (!arr1 || !arr2) return false;
+  // Uint8Array conversion
+  arr1 = Array.from(arr1);
+  arr2 = Array.from(arr2);
+  if (!Array.isArray(arr1) || !Array.isArray(arr2)) return false;
+  if (arr1.length !== arr2.length) return false;
+  for (let i = 0; i < arr1.length; i++) {
+    if (arr1[i] !== arr2[i]) return false;
+  }
+  return true;
+}
--- a/public/js/custom/validation.js
+++ b/public/js/custom/validation.js
@ -1,10 +1,47 @@
 function validateDsiwareComponents(banner, header, footer) {
-    let hashBanner = sha256.array(banner);
-    let hashHeader = sha256.array(header);
-    let correctHashBanner = sliceArr(footer, 0, 0x20);
-    let correctHashHeader = sliceArr(footer, 0x20, 0x20);
-    if (byteArrToHexStr(hashBanner) !== byteArrToHexStr(correctHashBanner)
-        || byteArrToHexStr(hashHeader) !== byteArrToHexStr(correctHashHeader))
-        return false;
-    return true;
+  let hashBanner = sha256.array(banner);
+  let hashHeader = sha256.array(header);
+  let correctHashBanner = sliceArr(footer, 0, 0x20);
+  let correctHashHeader = sliceArr(footer, 0x20, 0x20);
+  if (byteArrToHexStr(hashBanner) !== byteArrToHexStr(correctHashBanner)
+    || byteArrToHexStr(hashHeader) !== byteArrToHexStr(correctHashHeader))
+    return false;
+  return true;
+}
+
+function validateDsiwareSrl(srl, app) {
+  srl = Array.from(srl);
+  app = Array.from(app);
+  if (srl.length > app.length) srl.length = app.length;
+  return compareArr(srl, app);
+}
+
+function validateDsiwareRegion(dsiwareData, game, crcGame, crcSave) {
+  let sig = byteArrToHexStr(sliceArr(dsiwareData.other['tmd'], 0x0, 0x4));
+  let sigOffset = constants.signatureTypes[sig];
+  let titleId = sliceArr(dsiwareData.other['tmd'], 0x4 + sigOffset + 0x4C, 0x8);
+  let titleIdLow = sliceArr(titleId, 0x4, 0x4);
+  let tIdLowStr = byteArrToHexStr(titleIdLow);
+  console.log(tIdLowStr);
+
+  // jpn 4swords filter
+  if (tIdLowStr !== '4B51394A' && validateDsiwareSrl(dsiwareData.other['srl.nds'], game))
+    throw new Error('This dsiware.bin is already modified and cannot be used');
+
+  let injectionRegion;
+  let regions = constants.hashes.regions;
+  if (regions.us.includes(crcGame) && regions.us.includes(crcSave)) injectionRegion = 'us';
+  else if (regions.eu.includes(crcGame) && regions.eu.includes(crcSave)) injectionRegion = 'eu';
+  else if (regions.jp.includes(crcGame) && regions.jp.includes(crcSave)) injectionRegion = 'jp';
+  if (!injectionRegion) throw new Error('The game_XXX.app and public_XXX.sav don\'t have the same region');
+
+  let dsiwareRegion;
+  if (constants.compatibleGames.us.includes(tIdLowStr)) dsiwareRegion = 'us';
+  else if (constants.compatibleGames.eu.includes(tIdLowStr)) dsiwareRegion = 'eu';
+  else if (constants.compatibleGames.jp.includes(tIdLowStr)) dsiwareRegion = 'jp';
+  if (!dsiwareRegion) throw new Error('The used dsiware game is not supported. '
+    + 'If you think your game is supported, please contact us on the Nintendo Homebrew Discord.<br>'
+    + `Used game: ${tIdLowStr}`);
+
+  if (injectionRegion !== dsiwareRegion) throw new Error('dsiware and game_XXX.app+public_XXX.sav region don\'t match');
 }