From 57afb4058710a978bd7b07a368125d04378c62f1 Mon Sep 17 00:00:00 2001 From: Kelly Rauchenberger Date: Tue, 11 Jul 2017 16:37:21 -0400 Subject: started tweaking with stuff --- gba/source/gamedata.c | 534 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 534 insertions(+) create mode 100644 gba/source/gamedata.c (limited to 'gba/source/gamedata.c') diff --git a/gba/source/gamedata.c b/gba/source/gamedata.c new file mode 100644 index 0000000..19d5100 --- /dev/null +++ b/gba/source/gamedata.c @@ -0,0 +1,534 @@ +/* + * Pokemon Gen III Data Extractor by hatkirby 2017. + * + * This software may be modified and distributed under the terms + * of the MIT license. See the LICENSE file for details. + * + */ +#include "gamedata.h" + +void decryptSaveStructures( + pSaveBlock1 SaveBlock1, + pSaveBlock2 SaveBlock2, + pSaveBlock3 SaveBlock3) +{ + if (GAME_RS) + { + // R/S doesn't have save crypto. + return; + } + + u8* sb1raw = (u8*)SaveBlock1; + u8* sb2raw = (u8*)SaveBlock2; + //u8* sb3raw = (u8*)SaveBlock3; // unused + + u32* xor_key_ptr = (u32*)(&sb2raw[( GAME_EM ? 0xA8 : 0xF20 )]); + + u32 xor_key = *xor_key_ptr; + u16 xor_key16 = (u16)xor_key; + if (!xor_key) + { + // xor key is zero, nothing needs to be done. + return; + } + + u32* ptr_to_xor; + u32 save_offset; + int i; + u32* bag_pocket_offsets; + u32* bag_pocket_counts; + if (GAME_FRLG) + { + // loop over and decrypt various things + save_offset = 0x3D38 + 4; + for (i = 3; i >= 0; i--) + { + ptr_to_xor = (u32*)(&sb1raw[save_offset]); + *ptr_to_xor ^= xor_key; + save_offset += 12; + } + + for (i = 0; i <= 0x3f; i++) + { + save_offset = 0x1200 + (i*sizeof(u32)); + ptr_to_xor = (u32*)(&sb1raw[save_offset]); + *ptr_to_xor ^= xor_key; + } + + // loop over each of the bag pockets and decrypt decrypt decrypt + bag_pocket_offsets = (u32[5]) { 0x310, 0x388, 0x430, 0x464, 0x54C }; + bag_pocket_counts = (u32[5]) { 42, 30, 13, 58, 43 }; + + for (i = 0; i < 5; i++) + { + for (int bag_i = 0; bag_i < bag_pocket_counts[i]; bag_i++) + { + save_offset = bag_pocket_offsets[i] + (sizeof(u32) * bag_i) + 2; + *(u16*)(&sb1raw[save_offset]) ^= xor_key16; + } + } + + // decrypt some more stuff + save_offset = 0xaf8; + ptr_to_xor = (u32*)(&sb1raw[save_offset]); + *ptr_to_xor ^= xor_key; + + save_offset = 0x290; + ptr_to_xor = (u32*)(&sb1raw[save_offset]); + *ptr_to_xor ^= xor_key; + + save_offset = 0x294; + *(u16*)(&sb1raw[save_offset]) ^= xor_key16; + } else { + // Emerald + + // loop over and decrypt various things + for (i = 0; i <= 0x3f; i++) + { + save_offset = 0x159c + (i*sizeof(u32)); + ptr_to_xor = (u32*)(&sb1raw[save_offset]); + *ptr_to_xor ^= xor_key; + } + + // loop over each of the bag pockets and decrypt decrypt decrypt + bag_pocket_offsets = (u32[5]) { 0x560, 0x5D8, 0x650, 0x690, 0x790 }; + bag_pocket_counts = (u32[5]) { 30, 30, 16, 64, 46 }; + + for (i = 0; i < 5; i++) + { + for (int bag_i = 0; bag_i < bag_pocket_counts[i]; bag_i++) + { + save_offset = bag_pocket_offsets[i] + (sizeof(u32) * bag_i) + 2; + *(u16*)(&sb1raw[save_offset]) ^= xor_key16; + } + } + + // decrypt some more stuff + save_offset = 0x1F4; + ptr_to_xor = (u32*)(&sb1raw[save_offset]); + *ptr_to_xor ^= xor_key; + + save_offset = 0x490; + ptr_to_xor = (u32*)(&sb1raw[save_offset]); + *ptr_to_xor ^= xor_key; + + save_offset = 0x494; + *(u16*)(&sb1raw[save_offset]) ^= xor_key16; + } + + *xor_key_ptr = 0; +} + +bool initSaveData( + pSaveBlock1* SaveBlock1, + pSaveBlock2* SaveBlock2, + pSaveBlock3* SaveBlock3) +{ + // check the ROM code, make sure this game is supported. + u8* ROM = (u8*) 0x8000000; + + u32 gamecode = (*(u32*)(&ROM[0xAC])); + + void(*loadsave)(char a1); + //void(*mainloop)(); + //void(*load_pokemon)(); + pSaveBlock1 gSaveBlock1; + pSaveBlock2 gSaveBlock2; + pSaveBlock3 gSaveBlock3; + //u32 titlemid = 0; + + // get the address of the save loading function. + switch (gamecode) + { + // --- R/S --- + case 'DVXA': // Ruby German + case 'DPXA': // Sapphire German + { + // TODO: detect debug ROM? + gSaveBlock1 = (pSaveBlock1) 0x2025734; + gSaveBlock2 = (pSaveBlock2) 0x2024EA4; + gSaveBlock3 = (pSaveBlock3) 0x20300A0; + loadsave = (void(*)(char)) 0x8126249; // same for v1.0 + v1.1 + //mainloop = (void(*)()) 0x80003D9; + //load_pokemon = (void(*)()) 0x8047da9; + + break; + } + + case 'FVXA': // Ruby French + case 'FPXA': // Sapphire French + { + gSaveBlock1 = (pSaveBlock1) 0x2025734; + gSaveBlock2 = (pSaveBlock2) 0x2024EA4; + gSaveBlock3 = (pSaveBlock3) 0x20300A0; + loadsave = (void(*)(char)) 0x8126351; // same for v1.0 + v1.1 + //mainloop = (void(*)()) 0x80003D9; + //load_pokemon = (void(*)()) 0x8047e95; + + break; + } + + case 'IVXA': // Ruby Italian + case 'IPXA': // Sapphire Italian + { + gSaveBlock1 = (pSaveBlock1) 0x2025734; + gSaveBlock2 = (pSaveBlock2) 0x2024EA4; + gSaveBlock3 = (pSaveBlock3) 0x20300A0; + loadsave = (void(*)(char)) 0x8126249; // same for v1.0 + v1.1 + //mainloop = (void(*)()) 0x80003D9; + //load_pokemon = (void(*)()) 0x8047dbd; + + break; + } + + case 'SVXA': // Ruby Spanish + case 'SPXA': // Sapphire Spanish + { + gSaveBlock1 = (pSaveBlock1) 0x2025734; + gSaveBlock2 = (pSaveBlock2) 0x2024EA4; + gSaveBlock3 = (pSaveBlock3) 0x20300A0; + loadsave = (void(*)(char)) 0x8126349; // same for v1.0 + v1.1 + //mainloop = (void(*)()) 0x80003D9; + //load_pokemon = (void(*)()) 0x8047ea5; + + break; + } + + case 'EVXA': // Ruby English + case 'EPXA': // Sapphire English + { + gSaveBlock1 = (pSaveBlock1) 0x2025734; + gSaveBlock2 = (pSaveBlock2) 0x2024EA4; + gSaveBlock3 = (pSaveBlock3) 0x20300A0; + //mainloop = (void(*)()) 0x80002A5; + + // version number + switch (ROM[0xBC]) + { + case 0: + { + loadsave = (void(*)(char)) 0x8125EC9; + //load_pokemon = (void(*)()) 0x8047a85; + + break; + } + + case 1: + case 2: + { + loadsave = (void(*)(char)) 0x8125EE9; + //load_pokemon = (void(*)()) 0x8047aa5; + + break; + } + + default: + { + return false; // unsupported version + } + } + + break; + } + + case 'JVXA': // Ruby Japanese + case 'JPXA': // Sapphire Japanese + { + gSaveBlock1 = (pSaveBlock1) 0x2025494; + gSaveBlock2 = (pSaveBlock2) 0x2024C04; + gSaveBlock3 = (pSaveBlock3) 0x202FDBC; + loadsave = (void(*)(char)) 0x8120d05; // same for v1.0 + v1.1 + //mainloop = (void(*)()) 0x80002A9; + //load_pokemon = (void(*)()) 0x8044d55; + + break; + } + + /// --- FR/LG --- + // In FR/LG, the function that initialises the save-block pointers to default does not set up saveblock3. + // Which will need to be set up before loading the save if we want boxed Pokémon to not disappear. + // Oh, and loadsave() offset is different between FR and LG... + + case 'DRPB': // FireRed German + case 'DGPB': // LeafGreen German + { + gSaveBlock1 = (pSaveBlock1) 0x202552C; + gSaveBlock2 = (pSaveBlock2) 0x2024588; + gSaveBlock3 = (pSaveBlock3) 0x2029314; + *(pSaveBlock3*)(0x3004f60) = gSaveBlock3; + loadsave = (void(*)(char)) ( GAME_FR ? 0x80da721 : 0x80da6f5 ); + //mainloop = (void(*)()) 0x8000425; + //titlemid = 0x80791df; + //load_pokemon = (void(*)()) 0x804c251; + + break; + } + + case 'FRPB': // FireRed French + case 'FGPB': // LeafGreen French + { + gSaveBlock1 = (pSaveBlock1) 0x202552C; + gSaveBlock2 = (pSaveBlock2) 0x2024588; + gSaveBlock3 = (pSaveBlock3) 0x2029314; + *(pSaveBlock3*)(0x3004f60) = gSaveBlock3; + loadsave = (void(*)(char)) ( GAME_FR ? 0x80da7e1 : 0x80da7b5 ); + //mainloop = (void(*)()) 0x8000417; + //titlemid = 0x807929f; + //load_pokemon = (void(*)()) 0x804c311; + + break; + } + + case 'IRPB': // FireRed Italian + case 'IGPB': // LeafGreen Italian + { + gSaveBlock1 = (pSaveBlock1) 0x202552C; + gSaveBlock2 = (pSaveBlock2) 0x2024588; + gSaveBlock3 = (pSaveBlock3) 0x2029314; + *(pSaveBlock3*)(0x3004f60) = gSaveBlock3; + loadsave = (void(*)(char)) ( GAME_FR ? 0x80da721 : 0x80da6f5 ); + //mainloop = (void(*)()) 0x8000425; + //titlemid = 0x80791cb; + //load_pokemon = (void(*)()) 0x804c23d; + + break; + } + + case 'SRPB': // FireRed Spanish + case 'SGPB': // LeafGreen Spanish + { + gSaveBlock1 = (pSaveBlock1) 0x202552C; + gSaveBlock2 = (pSaveBlock2) 0x2024588; + gSaveBlock3 = (pSaveBlock3) 0x2029314; + *(pSaveBlock3*)(0x3004f60) = gSaveBlock3; + loadsave = (void(*)(char)) ( GAME_FR ? 0x80da809 : 0x80da7dd ); + //mainloop = (void(*)()) 0x8000417; + //titlemid = 0x80792b3; + //load_pokemon = (void(*)()) 0x804c325; + + break; + } + + case 'ERPB': // FireRed English + case 'EGPB': // LeafGreen English + { + gSaveBlock1 = (pSaveBlock1) 0x202552C; + gSaveBlock2 = (pSaveBlock2) 0x2024588; + gSaveBlock3 = (pSaveBlock3) 0x2029314; + *(pSaveBlock3*)(0x3005010) = gSaveBlock3; + + // version number + switch (ROM[0xBC]) + { + case 0: + { + loadsave = (void(*)(char)) ( GAME_FR ? 0x80da4fd : 0x80da4d1 ); + //mainloop = (void(*)()) 0x800041b; + //titlemid = 0x807927b; + //load_pokemon = (void(*)()) 0x804c231; + + break; + } + + case 1: + { + loadsave = (void(*)(char)) ( GAME_FR ? 0x80da511 : 0x80da4e5 ); + //mainloop = (void(*)()) 0x8000429; + //titlemid = 0x807928f; + //load_pokemon = (void(*)()) 0x804c245; + + break; + } + + default: + { + return false; // unsupported version + } + } + + break; + } + + case 'JRPB': // FireRed Japanese + case 'JGPB': // LeafGreen Japanese + { + gSaveBlock1 = (pSaveBlock1) 0x202548C; + gSaveBlock2 = (pSaveBlock2) 0x20244E8; + gSaveBlock3 = (pSaveBlock3) 0x202924C; + *(pSaveBlock3*)(0x3005050) = gSaveBlock3; + + // version number + switch (ROM[0xBC]) + { + case 0: + { + loadsave = (void(*)(char)) ( GAME_FR ? 0x80db4e5 : 0x80db4b9 ); + //mainloop = (void(*)()) 0x800041b; + //titlemid = 0x8078a0f; + //load_pokemon = (void(*)()) 0x804b9e9; + + break; + } + + case 1: + { + if ((gamecode << 8) == 'GPB\x00') + { + // LeafGreen v1.1 Japanese is undumped. + // Therefore, it is unsupported. + // I will make guesses at the offsets in the comments, but I will not actually implement them until LeafGreen v1.1 is dumped. + + return false; + } + + loadsave = (void(*)(char)) 0x80db529; // potential LG1.1 address: 0x80db4fd + //mainloop = (void(*)()) 0x8000417; + //titlemid = 0x8078987; + //load_pokemon = (void(*)()) 0x804b9c5; + + break; + } + + default: + { + return false; // unsupported version + } + } + + break; + } + + /// --- Emerald --- + // In Emerald, the saveblock pointer that isn't set up is saveblock1 (in FR/LG it was saveblock3). + // The initial save loading code after the copyright screen is also updated, now it sets up ASLR/crypto here before loading the save. + + case 'DEPB': // Emerald German + { + gSaveBlock1 = (pSaveBlock1) 0x2025A00; + gSaveBlock2 = (pSaveBlock2) 0x2024A54; + gSaveBlock3 = (pSaveBlock3) 0x2029808; + *(pSaveBlock1*)(0x3005d8c) = gSaveBlock1; + loadsave = (void(*)(char)) 0x8153075; + //mainloop = (void(*)()) 0x800042b; + //titlemid = 0x816fdb5; + //load_pokemon = (void(*)()) 0x8076dd5; + + break; + } + + case 'FEPB': // Emerald French + { + gSaveBlock1 = (pSaveBlock1) 0x2025A00; + gSaveBlock2 = (pSaveBlock2) 0x2024A54; + gSaveBlock3 = (pSaveBlock3) 0x2029808; + *(pSaveBlock1*)(0x3005d8c) = gSaveBlock1; + loadsave = (void(*)(char)) 0x815319d; + //mainloop = (void(*)()) 0x800042b; + //titlemid = 0x816fedd; + //load_pokemon = (void(*)()) 0x8076dd1; + + break; + } + + case 'IEPB': // Emerald Italian + { + gSaveBlock1 = (pSaveBlock1) 0x2025A00; + gSaveBlock2 = (pSaveBlock2) 0x2024A54; + gSaveBlock3 = (pSaveBlock3) 0x2029808; + *(pSaveBlock1*)(0x3005d8c) = gSaveBlock1; + loadsave = (void(*)(char)) 0x8153065; + //mainloop = (void(*)()) 0x800042b; + //titlemid = 0x816fda5; + //load_pokemon = (void(*)()) 0x8076dd5; + + break; + } + + case 'SEPB': // Emerald Spanish + { + gSaveBlock1 = (pSaveBlock1) 0x2025A00; + gSaveBlock2 = (pSaveBlock2) 0x2024A54; + gSaveBlock3 = (pSaveBlock3) 0x2029808; + *(pSaveBlock1*)(0x3005d8c) = gSaveBlock1; + loadsave = (void(*)(char)) 0x8153175; + //mainloop = (void(*)()) 0x800042b; + //titlemid = 0x816feb5; + //load_pokemon = (void(*)()) 0x8076dd1; + + break; + } + + case 'EEPB': // Emerald English + { + gSaveBlock1 = (pSaveBlock1) 0x2025A00; + gSaveBlock2 = (pSaveBlock2) 0x2024A54; + gSaveBlock3 = (pSaveBlock3) 0x2029808; + *(pSaveBlock1*)(0x3005d8c) = gSaveBlock1; + loadsave = (void(*)(char)) 0x81534d1; + //mainloop = (void(*)()) 0x800042b; + //titlemid = 0x817014d; + //load_pokemon = (void(*)()) 0x8076dd5; + + break; + } + + case 'JEPB': // Emerald Japanese + { + gSaveBlock1 = (pSaveBlock1) 0x20256A4; + gSaveBlock2 = (pSaveBlock2) 0x20246F8; + gSaveBlock3 = (pSaveBlock3) 0x20294AC; + *(pSaveBlock1*)(0x3005aec) = gSaveBlock1; + loadsave = (void(*)(char)) 0x815340d; + //mainloop = (void(*)()) 0x800042b; + //titlemid = 0x816ff45; + //load_pokemon = (void(*)()) 0x80767dd; + + break; + } + + default: + { + return false; // this game isn't supported + } + } + + loadsave(0); + + // now the save is loaded, we can do what we want with the loaded blocks. + // first, we're going to want to decrypt the parts that are crypted, if applicable. + decryptSaveStructures(gSaveBlock1,gSaveBlock2,gSaveBlock3); + + *SaveBlock1 = gSaveBlock1; + *SaveBlock2 = gSaveBlock2; + *SaveBlock3 = gSaveBlock3; + + /* + // time to call the payload. + payload(gSaveBlock1,gSaveBlock2,gSaveBlock3); + // Now, we better call the function that sets the pokemon-related stuff from the structure elements of the loaded save again. + // Just in case the payload did something with that. + load_pokemon(); + // In FR/LG/Emerald, just returning to the game is unwise. + // The game reloads the savefile. + // In FR/LG, this is done at the title screen after setting ASLR/saveblock-crypto up. (probably because at initial save-load, SaveBlock3 ptr isn't set up lol) + // So, better bypass the title screen and get the game to return directly to the Continue/New Game screen. + // In Emerald, the save reload happens after the Continue option was chosen, so we have no choice but to bypass everything and get the game to go straight to the overworld. + // Easiest way to do this is to call into the middle of the function we want, using an ASM wrapper to set up the stack. + // Here goes... + if (titlemid) { + // Function reserves an extra 4 bytes of stack space in FireRed/LeafGreen, and none in Emerald. + call_into_middle_of_titlescreen_func(titlemid,(GAME_EM ? 0 : 4)); + } + // Now we've done what we want, time to return to the game. + // Can't just return, the game will reload the save. + // So let's just call the main-loop directly ;) + // turn the sound back on before we head back to the game + *(vu16 *)(REG_BASE + 0x84) = 0x8f; + // re-enable interrupts + REG_IME = 1; + mainloop(); + // Anything past here will not be executed. + return 0; + */ + return true; +} -- cgit 1.4.1