From 2190722ac1f0732cf35e7b63572afa698a47789d Mon Sep 17 00:00:00 2001 From: Kelly Rauchenberger Date: Thu, 13 Jul 2017 20:38:04 -0400 Subject: Organized code more Now the link-specific stuff is abstracted into its own file, and the code for negotiating the "different" multiboot protocol is in its own file. Also, removed support for compiling for GC because eventually we will be using Wii-only features. Also put the main extractor code into a thread so that we can monitor for the user pressing the start button to exit. --- source/main.c | 596 +++++++++++++--------------------------------------------- 1 file changed, 134 insertions(+), 462 deletions(-) (limited to 'source/main.c') diff --git a/source/main.c b/source/main.c index dd252b5..a3b7525 100644 --- a/source/main.c +++ b/source/main.c @@ -10,17 +10,9 @@ #include #include #include -#include -#include #include "link.h" #include "encoding.h" - -//from my tests 50us seems to be the lowest -//safe si transfer delay in between calls -#define SI_TRANS_DELAY 50 - -extern u8 gba_mb_gba[]; -extern u32 gba_mb_gba_size; +#include "multiboot.h" void printmain() { @@ -31,91 +23,27 @@ void printmain() printf("Based on GBA Link Cable Dumper v1.6 by FIX94\n"); } -u8 *resbuf,*cmdbuf; - -volatile u32 transval = 0; -void transcb(s32 chan, u32 ret) -{ - transval = 1; -} - -volatile u32 resval = 0; -void acb(s32 res, u32 val) -{ - resval = val; -} - -unsigned int docrc(u32 crc,u32 val) -{ - u32 result; - - result = val ^ crc; - for (int i = 0; i < 0x20; i++) - { - if (result & 1) - { - result >>= 1; - result ^= 0xA1C1; - } else { - result >>= 1; - } - } - - return result; -} - -void doreset() -{ - cmdbuf[0] = 0xFF; //reset - transval = 0; - SI_Transfer(1, cmdbuf, 1, resbuf, 3, transcb, SI_TRANS_DELAY); - - while (transval == 0); -} - -void getstatus() -{ - cmdbuf[0] = 0; //status - transval = 0; - SI_Transfer(1, cmdbuf, 1, resbuf, 3, transcb, SI_TRANS_DELAY); - - while (transval == 0); -} - void endproc() { - doreset(); printf("Start pressed, exit\n"); VIDEO_WaitVSync(); VIDEO_WaitVSync(); exit(0); } -u32 recv() -{ - memset(resbuf,0,32); - cmdbuf[0]=0x14; //read - transval = 0; - SI_Transfer(1, cmdbuf, 1, resbuf, 5, transcb, SI_TRANS_DELAY); - - while (transval == 0); - printf("%08lx\n", *(vu32*)resbuf); - return *(vu32*)resbuf; -} - -void send(u32 msg) +u32 waitForButtons(u32 mask) { - cmdbuf[0] = 0x15; - cmdbuf[1] = (msg >> 0) & 0xFF; - cmdbuf[2] = (msg >> 8) & 0xFF; - cmdbuf[3] = (msg >> 16) & 0xFF; - cmdbuf[4] = (msg >> 24) & 0xFF; - - transval = 0; - resbuf[0] = 0; - SI_Transfer(1, cmdbuf, 5, resbuf, 1, transcb, SI_TRANS_DELAY); + for (;;) + { + PAD_ScanPads(); + VIDEO_WaitVSync(); - while (transval == 0); + u32 btns = PAD_ButtonsDown(0); + if (btns & mask) + { + return btns; + } + } } void warnError(char *msg) @@ -135,132 +63,148 @@ void fatalError(char *msg) exit(0); } -u32 genKeyA() +void* extractor(void* userdata) { - u32 retries = 0; - for (;;) { - u32 key = 0; + printmain(); - if (retries > 32) - { - key = 0xDD654321; - } else { - key = (rand() & 0x00ffffff) | 0xDD000000; - } + printf("Press A when GBA is plugged in and turned off.\n"); + waitForButtons(PAD_BUTTON_A); + + printf("Turn on your GBA.\n"); + printf("Waiting for a GBA in port 2...\n"); + waitForGBA(); - u32 unk = (key % 2 != 0); - u32 v12 = key; - for (u32 v13 = 1; v13 < 32; v13++) + printf("GBA Found! Sending multiboot image...\n"); + if (!sendMultibootImage()) { - v12 >>= 1; - unk += (v12 % 2 != 0); + warnError("Failed sending multiboot image.\n"); + + continue; } - if ((unk >= 10 && unk <= 24)) + printf("Waiting for GBA...\n"); + waitForAck(); + + VIDEO_WaitVSync(); + + // Get game + // -1 - unsupported game + // 1 - Ruby + // 2 - Sapphire + // 3 - FireRed + // 4 - LeafGreen + // 5 - Emerald + u32 gameId = getMsg(); + if (gameId == -1) { - if (retries > 4) - { - printf("KeyA retries = %ld", retries); - } + warnError("ERROR: Unsupported GBA game inserted!\n"); - printf("KeyA = 0x%08lx\n", key); + continue; + } - return key; + printf("\nPokemon "); + switch (gameId) + { + case 1: printf("Ruby"); break; + case 2: printf("Sapphire"); break; + case 3: printf("FireRed"); break; + case 4: printf("LeafGreen"); break; + case 5: printf("Emerald"); break; } - retries++; - } -} + printf("\n"); + VIDEO_WaitVSync(); -u32 checkKeyB(u32 KeyBRaw) -{ - if ((KeyBRaw & 0xFF) != 0xEE) - { - printf("Invalid KeyB - lowest 8 bits should be 0xEE, actually 0x%02x\n", - ((u8)(KeyBRaw))); + u32 isValid = getMsg(); + if (isValid == -1) + { + warnError("ERROR: Unsupported game version inserted!\n"); - return 0; - } + continue; + } - u32 KeyB = KeyBRaw & 0xffffff00; - u32 val = KeyB; - u32 unk = (val < 0); - for (u32 i = 1; i < 24; i++) - { - val <<= 1; - unk += (val < 0); - } + // Get trainer name + u8 trainerName[8]; - if (unk > 14) - { - printf("Invalid KeyB - high 24 bits bad: 0x%08lx\n", KeyB); + u32 tnd = getMsg(); + trainerName[0] = (tnd & 0xFF000000) >> 24; + trainerName[1] = (tnd & 0x00FF0000) >> 16; + trainerName[2] = (tnd & 0x0000FF00) >> 8; + trainerName[3] = (tnd & 0x000000FF); - return 0; - } + tnd = getMsg(); + trainerName[4] = (tnd & 0xFF000000) >> 24; + trainerName[5] = (tnd & 0x00FF0000) >> 16; + trainerName[6] = (tnd & 0x0000FF00) >> 8; + trainerName[7] = (tnd & 0x000000FF); - printf("Valid KeyB: 0x%08lx\n", KeyB); + // Get trainer ID + u32 trainerId = getMsg(); - return KeyB; -} + printf("Trainer: "); -u32 deriveKeyC(u32 keyCderive, u32 kcrc) -{ - u32 keyc = 0; - u32 keyCi = 0; + for (int i = 0; i < 8; i++) + { + if (trainerName[i] == 0xFF) + { + break; + } else { + printf("%c", debugGen3Decode(trainerName[i])); + } + } - do - { - u32 v5 = 0x1000000 * keyCi - 1; - u32 keyCattempt = docrc(kcrc,v5); + printf(" (%ld)\n", trainerId); + + // Wait for confirmation. + printf("Press A to import the data from this game.\n"); + printf("Press B to cancel.\n"); + VIDEO_WaitVSync(); - if (keyCderive == keyCattempt) + if (waitForButtons(PAD_BUTTON_A | PAD_BUTTON_B) & PAD_BUTTON_B) { - keyc = v5; + printf("Cancelling...\n"); + VIDEO_WaitVSync(); - printf("Found keyC: %08lx\n",keyc); + sendMsg(0); - return keyc; + continue; } - keyCi++; - } while (keyCi < 256); + printf("Importing...\n"); + VIDEO_WaitVSync(); - return keyc; -} + sendMsg(1); -u32 getMsg() -{ - u32 val = 0; - while (val == 0) - { - val = __builtin_bswap32(recv()); - sleep(1); - } + // Get Pokédex data + u32 pokedexSeen[13]; + u32 pokedexCaught[13]; - send(0); - while (recv()!=0) {sleep(1);} - send(0); + getMsgArr(pokedexSeen, 13); + getMsgArr(pokedexCaught, 13); + int numCaught = 0; + int numSeen = 0; + for (int i=0; i<(13*32); i++) + { + if (pokedexCaught[i >> 5] >> (i & 31) & 1) + { + //printf("Caught #%d\n", i); + numCaught++; + numSeen++; + } else if (pokedexSeen[i >> 5] >> (i & 31) & 1) + { + //printf("Saw #%d\n", i); + numSeen++; + } + } - return val; -} + printf("Caught: %d\nSeen: %d\n", numCaught, numSeen); -void getMsgArr(u32* arr, int len) -{ - for (int i=0; i 4)); - - printf("BIOS handed over to game, waiting on game\n"); - - do - { - doreset(); - } while ((resbuf[0] != 0) || !(resbuf[2] & 0x10)); - - // receive the game-code from GBA side. - u32 gamecode = recv(); - - printf("Ready, sending multiboot ROM\n"); - - unsigned int sendsize = ((gba_mb_gba_size+7)&~7); - - // generate KeyA - unsigned int ourkey = genKeyA(); - - //printf("Our Key: %08x\n", ourkey); - printf("Sending game code that we got: 0x%08lx\n", - __builtin_bswap32(gamecode)); - - // send the game code back, then KeyA. - send(__builtin_bswap32(gamecode)); - send(ourkey); - - // get KeyB from GBA, check it to make sure its valid, then xor with KeyA - // to derive the initial CRC value and the sessionkey. - u32 sessionkeyraw = 0; - do - { - sessionkeyraw = recv(); - } while (sessionkeyraw == gamecode); - - sessionkeyraw = checkKeyB(__builtin_bswap32(sessionkeyraw)); - if (sessionkeyraw == 0) - { - warnError("Cannot continue.\n"); - - continue; - } - - u32 sessionkey = sessionkeyraw ^ ourkey; - u32 kcrc = sessionkey; - printf("start kCRC=%08lx\n",kcrc); - - sessionkey = (sessionkey*0x6177614b)+1; - - // send hacked up send-size in uint32s - u32 hackedupsize = (sendsize >> 3) - 1; - - printf("Sending hacked up size 0x%08lx\n",hackedupsize); - send(hackedupsize); - - //unsigned int fcrc = 0x00bb; - // send over multiboot binary header, in the clear until the end of the - // nintendo logo. GBA checks this, if nintendo logo does not match the - // one in currently inserted cart's ROM, it will not accept any more data. - for (int i = 0; i < 0xA0; i+=4) - { - vu32 rom_dword = *(vu32*)(gba_mb_gba+i); - send(__builtin_bswap32(rom_dword)); - } - - printf("\n"); - printf("Header done! Sending ROM...\n"); - - // Add each uint32 of the multiboot image to the checksum, encrypt the - // uint32 with the session key, increment the session key, send the - // encrypted uint32. - for (int i = 0xA0; i < sendsize; i+=4) - { - u32 dec = ( - (((gba_mb_gba[i+3]) << 24) & 0xff000000) | - (((gba_mb_gba[i+2]) << 16) & 0x00ff0000) | - (((gba_mb_gba[i+1]) << 8) & 0x0000ff00) | - (((gba_mb_gba[i]) << 0) & 0x000000ff) - ); - - u32 enc = (dec - kcrc) ^ sessionkey; - kcrc = docrc(kcrc,dec); - sessionkey = (sessionkey * 0x6177614B) + 1; - //enc^=((~(i+(0x20<<20)))+1); - //enc^=0x6f646573;//0x20796220; - - send(enc); - } - - //fcrc |= (sendsize<<16); - printf("ROM done! CRC: %08lx\n", kcrc); - //get crc back (unused) - - // Get KeyC derivation material from GBA (eventually) - u32 keyCderive = 0; - do - { - keyCderive = recv(); - } while (keyCderive <= 0xfeffffff); - - keyCderive = __builtin_bswap32(keyCderive); - keyCderive >>= 8; - - printf("KeyC derivation material: %08lx\n",keyCderive); - - // (try to) find the KeyC, using the checksum of the multiboot image, and - // the derivation material that GBA sent to us - u32 keyc = deriveKeyC(keyCderive,kcrc); - if (keyc == 0) - { - printf("Could not find keyC - kcrc=0x%08lx\n",kcrc); - warnError("Cannot continue.\n"); - - continue; - } - - // derive the boot key from the found KeyC, and send to GBA. if this is - // not correct, GBA will not jump to the multiboot image it was sent. - u32 bootkey = docrc(0xBB,keyc) | 0xbb000000; - printf("BootKey = 0x%08lx\n",bootkey); - - send(bootkey); - sleep(2); - - printf("Waiting for GBA...\n"); - while (recv() != 0) {sleep(1);}; - send(0); - - VIDEO_WaitVSync(); - - // Get game - // -1 - unsupported game - // 1 - Ruby - // 2 - Sapphire - // 3 - FireRed - // 4 - LeafGreen - // 5 - Emerald - u32 gameId = getMsg(); - if (gameId == -1) - { - warnError("ERROR: Unsupported GBA game inserted!\n"); - - continue; - } - - printf("\nPokemon "); - switch (gameId) - { - case 1: printf("Ruby"); break; - case 2: printf("Sapphire"); break; - case 3: printf("FireRed"); break; - case 4: printf("LeafGreen"); break; - case 5: printf("Emerald"); break; - } - - printf("\n"); - VIDEO_WaitVSync(); - - u32 isValid = getMsg(); - if (isValid == -1) - { - warnError("ERROR: Unsupported game version inserted!\n"); - - continue; - } - - // Get trainer name - u8 trainerName[8]; - - u32 tnd = getMsg(); - trainerName[0] = (tnd & 0xFF000000) >> 24; - trainerName[1] = (tnd & 0x00FF0000) >> 16; - trainerName[2] = (tnd & 0x0000FF00) >> 8; - trainerName[3] = (tnd & 0x000000FF); - - tnd = getMsg(); - trainerName[4] = (tnd & 0xFF000000) >> 24; - trainerName[5] = (tnd & 0x00FF0000) >> 16; - trainerName[6] = (tnd & 0x0000FF00) >> 8; - trainerName[7] = (tnd & 0x000000FF); - - // Get trainer ID - u32 trainerId = getMsg(); - - printf("Trainer: "); - - for (int i = 0; i < 8; i++) - { - if (trainerName[i] == 0xFF) - { - break; - } else { - printf("%c", debugGen3Decode(trainerName[i])); - } - } - - printf(" (%ld)\n", trainerId); - - // Wait for confirmation. - printf("Press A to import the data from this game.\n"); - printf("Press B to cancel.\n"); - VIDEO_WaitVSync(); - - if (waitForButtons(PAD_BUTTON_A | PAD_BUTTON_B) & PAD_BUTTON_B) - { - printf("Cancelling...\n"); - VIDEO_WaitVSync(); - - sendMsg(0); - - continue; - } - - printf("Importing...\n"); - VIDEO_WaitVSync(); - - sendMsg(1); - - // Get Pokédex data - u32 pokedexSeen[13]; - u32 pokedexCaught[13]; - - getMsgArr(pokedexSeen, 13); - getMsgArr(pokedexCaught, 13); - int numCaught = 0; - int numSeen = 0; - for (int i=0; i<(13*32); i++) - { - if (pokedexCaught[i >> 5] >> (i & 31) & 1) - { - //printf("Caught #%d\n", i); - numCaught++; - numSeen++; - } else if (pokedexSeen[i >> 5] >> (i & 31) & 1) - { - //printf("Saw #%d\n", i); - numSeen++; - } - } - - printf("Caught: %d\nSeen: %d\n", numCaught, numSeen); - - waitForButtons(PAD_BUTTON_START); + endproc(); } } -- cgit 1.4.1