Added support for 9.5 New 3DS FIRM to the arm9loader

2016-05-05 04:43:44 +02:00 · 2016-05-05 04:43:44 +02:00 · 9d68c980e6
commit 9d68c980e6
parent 17d3c6491a
3 changed files with 19 additions and 8 deletions
--- a/source/crypto.c
+++ b/source/crypto.c
@ -364,11 +364,11 @@ void arm9Loader(u8 *arm9Section, u32 mode)

    if(mode)
    {
-        const u8 key2[0x10] = {0x42, 0x3F, 0x81, 0x7A, 0x23, 0x52, 0x58, 0x31, 0x6E, 0x75, 0x8E, 0x3A, 0x39, 0x43, 0x2E, 0xD0};
+        const u8 key1[0x10] = {0x07, 0x29, 0x44, 0x38, 0xF8, 0xC9, 0x75, 0x93, 0xAA, 0x0E, 0x4A, 0xB4, 0xAE, 0x84, 0xC1, 0xD8},
+                 key2[0x10] = {0x42, 0x3F, 0x81, 0x7A, 0x23, 0x52, 0x58, 0x31, 0x6E, 0x75, 0x8E, 0x3A, 0x39, 0x43, 0x2E, 0xD0};
        u8 keyX[0x10];

-        //Set 0x11 to key2 for the arm9bin and misc keys
-        aes_setkey(0x11, key2, AES_KEYNORMAL, AES_INPUT_BE | AES_INPUT_NORMAL);
+        aes_setkey(0x11, mode == 1 ? key1 : key2, AES_KEYNORMAL, AES_INPUT_BE | AES_INPUT_NORMAL);
        aes_use_keyslot(0x11);
        aes(keyX, arm9Section + 0x60, 1, NULL, AES_ECB_DECRYPT_MODE, 0);
        aes_setkey(arm9BinSlot, keyX, AES_KEYX, AES_INPUT_BE | AES_INPUT_NORMAL);
@ -382,7 +382,7 @@ void arm9Loader(u8 *arm9Section, u32 mode)
    aes(arm9Section + 0x800, arm9Section + 0x800, arm9BinSize / AES_BLOCK_SIZE, arm9BinCTR, AES_CTR_MODE, AES_INPUT_BE | AES_INPUT_NORMAL);

    //Set >=9.6 KeyXs
-    if(mode)
+    if(mode == 2)
    {
        u8 keyData[0x10] = {0xDD, 0xDA, 0xA4, 0xC6, 0x2C, 0xC4, 0x50, 0xE9, 0xDA, 0xB6, 0x9B, 0x0D, 0x9D, 0x2A, 0x21, 0x98},
           decKey[0x10];
--- a/source/emunand.c
+++ b/source/emunand.c
@ -43,9 +43,9 @@ u32 getSDMMC(u8 *pos, u32 size)
 {
    //Look for struct code
    const u8 pattern[] = {0x21, 0x20, 0x18, 0x20};
-    const u8 *off = memsearch(pos, pattern, size, 4) - 1;
+    const u8 *off = memsearch(pos, pattern, size, 4);

-    return *(u32 *)(off + 0x0A) + *(u32 *)(off + 0x0E);
+    return *(u32 *)(off + 9) + *(u32 *)(off + 0xD);
 }

 void getEmuRW(u8 *pos, u32 size, u32 *readOff, u32 *writeOff)
--- a/source/firm.c
+++ b/source/firm.c
@ -234,8 +234,19 @@ static inline void patchNativeFirm(u32 nandType, u32 emuHeader, u32 a9lhMode)

    if(console)
    {
-        //Determine if we're booting the 9.0 FIRM
-        nativeFirmType = arm9Section[0x51] != 0xFF;
+        //Determine the NATIVE_FIRM version
+        switch(arm9Section[0x53])
+        {
+            case 0xFF:
+                nativeFirmType = 0;
+                break;
+            case '1':
+                nativeFirmType = 1;
+                break;
+            default:
+                nativeFirmType = 2;
+                break;
+        }

        //Decrypt ARM9Bin and patch ARM9 entrypoint to skip arm9loader
        arm9Loader(arm9Section, nativeFirmType);