Jump to content

Photo

Jag Encryption - Round 2


103 replies to this topic

#76 justclaws OFFLINE  

justclaws

    Dragonstomper

  • 920 posts
  • Underground but not dead.
  • Location:England or Holland

Posted Tue Nov 16, 2004 2:59 AM

Hello,

Actually my CD I released was a BJL loader CD.  Basically it gives somebody a way to download code to their Jaguar without modifying their Jaguar with a BJL rom.  I believe my CD was the first publicly released user made encrypted CD.

Oh yes, oops. It was very useful!
Now it's nice to see you here again... any chance of more Jag code? :D
It must be somebody else then doing the encrypted bypass CD then. :ponder:

I guess you've had the same time problem lately everybody else has?
I've got another short window... we're expecting our 4th child in April. :D

Cheers,
JustClaws.

#77 LinkoVitch OFFLINE  

LinkoVitch

    River Patroller

  • 2,266 posts
  • Location:Manchester UK

Posted Tue Nov 16, 2004 5:13 AM

Well an ISO doesn't help with the Jaguar does it. You need a rather
different layout for a Jaguar CD! However, people are DOING it. :-)


By ISO I think he is meaning a disc image, not an ISO9660 disc.

#78 belboz OFFLINE  

belboz

    Moonsweeper

  • 411 posts
  • Location:Ohio

Posted Tue Nov 16, 2004 12:47 PM

Yep, little time. Congrats on the 4th child. I have a 13 and a 1 3/4 year old myself.

I have wanted to finish my 8-bit emulator for the jag, but haven't had time. It has no sound, and needs some optimization.


Hello,

Oh yes, oops. It was very useful!
Now it's nice to see you here again... any chance of more Jag code? :D
It must be somebody else then doing the encrypted bypass CD then.  :ponder:  

I guess you've had the same time problem lately everybody else has?
I've got another short window... we're expecting our 4th child in April. :D

Cheers,
JustClaws.



#79 TXG/MNX OFFLINE  

TXG/MNX

    River Patroller

  • 2,798 posts

Posted Wed Nov 17, 2004 4:57 AM

Hi,

I was already worried that you stopped developing for the jaguar. I really would love to beta-test it 8)

Will the final source code be public like painter ?

TXG/MNX

#80 justclaws OFFLINE  

justclaws

    Dragonstomper

  • 920 posts
  • Underground but not dead.
  • Location:England or Holland

Posted Thu Nov 18, 2004 7:07 AM

Hello,

Yep, little time.  Congrats on the 4th child.  I have a 13 and a 1 3/4 year old myself.

Nice to know that you're still around... mine are <7, =4, <2 and <0. :)

I have wanted to finish my 8-bit emulator for the jag, but haven't had time.  It has no sound, and needs some optimization.  

That would be a real joy - there is an Atari 8-bit emulator on the NUON
but it is far from complete, and still extremely slow unfortunately. It's
great to know that something can be done on the older slower Jaguar.

Didn't you used to have a page for your Jag stuff on your site?
I visited but could not find it. A page to link to would be nice...
just so people can know what you did already and hope to do!

Cheers,
JustClaws.

#81 Symmetry of TNG OFFLINE  

Symmetry of TNG

    Moonsweeper

  • 252 posts
  • Location:Sweden

Posted Fri Nov 19, 2004 10:29 AM

Hi!
Short comment:

JustClaws
>recent releases
..some of which never crossed my eyes.. due to the fact that they only appear on US jagfiests (or fiests in general) ..like Gorf... the only thing i ever seen from that is the old Very OLD thing that was in the BJL rom... so... (?)....


>Well an ISO doesn't help with the Jaguar does it.

Yes, as mentioned i ment and "clone CD".ISO.. so to speak.. ie you do the maketrk thing to create your bootable cd & then you "ripp it" .ISO style.. and give that Demo. image out to the public making it possible for most people with a PC & a cdburner to burn their own demo cd, almost free of charge & shipping cost...
If.. or should i say When! i finish a Jaguar Demo it will most sertanely be like that... (unless it contains something playable in which case it will be a smaller fee *hehe* ;)

Compo
>Why not? I'd like to win a Flash cart! Any sponsors out there? Anyone?

hehe.. you might get competition ;) so dont jump to victory just yet ;)

Sponsors?.. well a Cart would be enough... some kind of atari HW... I could think of 1000 things to like.. but to make people put some kkind of effort into their productions a better price might be nesessity...

ahh well.. I can ceep on dreaming ;)

cheers
/Sym

#82 pag3z3r0 OFFLINE  

pag3z3r0

    Combat Commando

  • 8 posts

Posted Sun Apr 26, 2009 11:19 PM

I'm not sure if this is the right place to ask this question or not but here goes:

A while back I was asked to write some firmware for a Jaguar device and when I finished my work I was paid and I moved on and didn't hear anything for months. I was contacted again to make a few changes to the software and hopefully this time it will be done.

One change I am told I must make is to speed up the bootup sequence. I have been using the cartridge encryption tool from the developer kit I received when I took the job. Apparently there is some way people have made this faster using some special binary code at the start of the ROM. I tried to track this down but I don't know what the right keywords are so I get pages of google spam. Can someone tell me if I am being led on a wild goose chase or if this mythical code exists?

Thank you.

Tom G.

#83 Zerosquare OFFLINE  

Zerosquare

    Stargunner

  • 1,576 posts
  • Location:France

Posted Mon Apr 27, 2009 9:43 AM

Yes, this is the universal "key", which passes the encryption test regardless of the contents of the ROM. It's also faster since it doesn't have to check anything, actually.

It is available here.

#84 Tursi OFFLINE  

Tursi

    River Patroller

  • 2,350 posts
  • Location:BUR

Posted Mon Apr 27, 2009 10:48 AM

KSkunk and I did that. You need to replace the encrypted boot with your own code. You also need to take into account the different ways that the Jaguar console and the JagCD boot.

I have two things that will help your investigation:

1) There's a "discussion" (more my rambling) over at JS2 in this thread: http://www.jaguarsec...showtopic=11703 (not sure if you need an active account). Included in that thread is a tool (with source) that will patch a ROM file with my own encrypted boot which is similar to the one on Skunkboard, boots in a bit under 1s, and (the last version) works with both JagCD and Jaguar console.

2) I have my commented disassembly of the GPU boot code, including the encrypted block and comments on the JagCD mechanism here: http://harmlesslion...._Boot_Diasm.htm

Do note that I disclaim that my commented disassembly is even remotely accurate. But it was a helpful reference for myself.

To put our new code into the cartridge encryption tool, we actually just used a hex editor and patched the binary, since it contains the code raw.

Be careful to test any new boot you make on both the console and the JagCD. They use a fairly different startup and you need to account for both. You'll understand if you read my notes above.

In case you can't see the JS2 thread, this is the code that my ROM patching tool uses (pre-encryption):

.gpu
 .org $00F035AC

 MOVEI #$00FFF000,R1	; AND mask for address
 MOVEI #$00000EEC,R2	; Offset to chip control register
 MOVEI #$03D0DEAD,R4	; magic value for proceeding

 MOVE PC,R0		; get the PC to determine DSP or GPU
 AND R1,R0		; Mask out the relevant bits
 STORE R4,(R0)		; write the code
 SUB R2,R0		; Get control register (G_CTRL or D_CTRL)
 MOVEQ #0,R3		; Clear R3 for code below

GAMEOVR:
 JR GAMEOVR 		; wait for it to take effect
 STORE R3,(R0)		; stop the GPU/DSP

; Need an offset of $48 - this data is overwritten by the encrypt tool
; with the MD5 sum.
 NOP
 NOP 
 MOVEI #$0,R0
 MOVEI #$0,R0
 MOVEI #$0,R0
 MOVEI #$0,R0
 MOVEI #$0,R0
 MOVEI #$0,R0

; JagCD entry point (same for now)

Main: 
; There is a relocation at $4A that we can't touch
 MOVEI #$0,R0		; dummy value

; real boot starts here 
 MOVEI #$00FFF000,R1	; AND mask for address

 MOVEI #$0,R0		; This movei is hacked by the encryption tool
 MOVEI #$0,R0		; This movei is hacked by the encryption tool

 MOVEI #$00000EEC,R2	; Offset to chip control register
 MOVEI #$03D0DEAD,R4	; magic value for proceeding

 MOVE PC,R0		; get the PC to determine DSP or GPU
 AND R1,R0		; Mask out the relevant bits
 STORE R4,(R0)		; write the code
 SUB R2,R0		; Get control register (G_CTRL or D_CTRL)
 MOVEQ #0,R3		; Clear R3 for code below

GAMEOVR2:
 JR GAMEOVR2		; wait for it to take effect
 STORE R3,(R0)		; stop the GPU/DSP
 
 END


#85 Tursi OFFLINE  

Tursi

    River Patroller

  • 2,350 posts
  • Location:BUR

Posted Mon Apr 27, 2009 10:50 AM

Yes, this is the universal "key", which passes the encryption test regardless of the contents of the ROM. It's also faster since it doesn't have to check anything, actually.

It is available here.


TypeAB isn't actually any faster. I decrypted and disassembled it as well - it still runs the decryption (it has to!), and it still runs the hash, it just ignores the comparison at the end. You can see that in the disassembly I posted, too.

#86 Zerosquare OFFLINE  

Zerosquare

    Stargunner

  • 1,576 posts
  • Location:France

Posted Mon Apr 27, 2009 10:56 AM

Very interesting. I didn't know someone had actually disassembled and decrypted this code. Impressive job ! :thumbsup:
Re: the universal header, what I said was based on several persons claiming it made the games boot faster. It must be placebo effect, then :)

Edited by Zerosquare, Mon Apr 27, 2009 10:58 AM.


#87 pag3z3r0 OFFLINE  

pag3z3r0

    Combat Commando

  • 8 posts

Posted Mon Apr 27, 2009 10:52 PM

Thank you guys for all the advice. I too was told that this special encryption code would make the Jaguar boot faster. I will look at the code Tursi has posted and see what is involved. I think it is a lot more work than expected so I will probably have to get the O.K. to proceed. I appreciate all the advice! The Atari community is so cool to me because people always help each other even if they are in the same small niche market!

I hope you don't mind answering any other stupid questions I come up with.

#88 Tursi OFFLINE  

Tursi

    River Patroller

  • 2,350 posts
  • Location:BUR

Posted Mon Apr 27, 2009 11:08 PM

Very interesting. I didn't know someone had actually disassembled and decrypted this code. Impressive job ! :thumbsup:
Re: the universal header, what I said was based on several persons claiming it made the games boot faster. It must be placebo effect, then :)


Hehe, yeah, I know, I don't hold it against you. (Though I posted the disassembly ages ago.. I guess I didn't advertise it loudly enough).

I know for a fact my comments on the RSA part are completely wrong, I couldn't follow that code. I found a commented original source for a large part of it, though, that I need to use to go back and improve mine. :)

#89 Tursi OFFLINE  

Tursi

    River Patroller

  • 2,350 posts
  • Location:BUR

Posted Mon Apr 27, 2009 11:20 PM

Very interesting. I didn't know someone had actually disassembled and decrypted this code. Impressive job ! :thumbsup:
Re: the universal header, what I said was based on several persons claiming it made the games boot faster. It must be placebo effect, then :)


(looks again) I guess it's slightly faster - it skips the MD5 hash altogether. But the decyption seems to be the slowest part and it still does all of that. :)

#90 rdemming OFFLINE  

rdemming

    Dragonstomper

  • 941 posts
  • Location:The Netherlands, Amstelveen

Posted Tue Apr 28, 2009 2:54 AM

A while back I was asked to write some firmware for a Jaguar device and when I finished my work I was paid and I moved on and didn't hear anything for months. I was contacted again to make a few changes to the software and hopefully this time it will be done.


A new device for the Jaguar? That makes me curious.
Can you tell more about it?

Robert

#91 pag3z3r0 OFFLINE  

pag3z3r0

    Combat Commando

  • 8 posts

Posted Wed Apr 29, 2009 12:09 AM

A while back I was asked to write some firmware for a Jaguar device and when I finished my work I was paid and I moved on and didn't hear anything for months. I was contacted again to make a few changes to the software and hopefully this time it will be done.


A new device for the Jaguar? That makes me curious.
Can you tell more about it?

Robert


I don't think I can give away any specifics because I'm just the coder for the guys who did the design. I probably won't get into trouble if I only tell generalizations of what I know. This product is a device many people have asked the producer to build for a long time. They market equivalent devices for several consoles, but since there were no tools to make software for the Jaguar until recently the platform was ignored. When software tools were found, the rest was almost a no-brainer. The hardware was adapted to the Jaguar and I ported the console BIOS in short order.

The console software currently uses the 68K but they want me to try and use the coprocessors to improve the speeds of different functions. Not that my 68K code was slow by any means they just wanted some additional speed for insurance against competitors.

It should not be long and all will be revealed!

Thanks for asking!

Tom G.

#92 BuddyBuddies OFFLINE  

BuddyBuddies

    River Patroller

  • 2,211 posts
  • Location:A Secret Place

Posted Wed Apr 29, 2009 1:40 AM

A while back I was asked to write some firmware for a Jaguar device and when I finished my work I was paid and I moved on and didn't hear anything for months. I was contacted again to make a few changes to the software and hopefully this time it will be done.


A new device for the Jaguar? That makes me curious.
Can you tell more about it?

Robert


I don't think I can give away any specifics because I'm just the coder for the guys who did the design. I probably won't get into trouble if I only tell generalizations of what I know. This product is a device many people have asked the producer to build for a long time. They market equivalent devices for several consoles, but since there were no tools to make software for the Jaguar until recently the platform was ignored. When software tools were found, the rest was almost a no-brainer. The hardware was adapted to the Jaguar and I ported the console BIOS in short order.

The console software currently uses the 68K but they want me to try and use the coprocessors to improve the speeds of different functions. Not that my 68K code was slow by any means they just wanted some additional speed for insurance against competitors.

It should not be long and all will be revealed!

Thanks for asking!

Tom G.

This sounds interesting :cool: JAGUAR RULES!

Edited by BuddyBuddies, Wed Apr 29, 2009 1:41 AM.


#93 pag3z3r0 OFFLINE  

pag3z3r0

    Combat Commando

  • 8 posts

Posted Wed Apr 29, 2009 10:48 PM

Thanks for the encouragement! This has been a fun project. I have some debugging left to do but in tests it's damn fast!

I tried to get them to let me talk about this thing but they want to make the announcement themselves. I wish I had better news! I'm sorry.

Tom G.

#94 BuddyBuddies OFFLINE  

BuddyBuddies

    River Patroller

  • 2,211 posts
  • Location:A Secret Place

Posted Wed Apr 29, 2009 11:07 PM

Thanks for the encouragement! This has been a fun project. I have some debugging left to do but in tests it's damn fast!

I tried to get them to let me talk about this thing but they want to make the announcement themselves. I wish I had better news! I'm sorry.

Tom G.

when can we expect announcement? Are you going to do more for the Jaguar once this project is done? JAGUAR RULES! :)

#95 ovalbugmann OFFLINE  

ovalbugmann

    River Patroller

  • 2,065 posts
  • Location:Phoenix, Arizona

Posted Thu Apr 30, 2009 5:15 AM

Hmmm? Very interesting! - I'll be watching for a Jag hardware announcement. :D

#96 rdemming OFFLINE  

rdemming

    Dragonstomper

  • 941 posts
  • Location:The Netherlands, Amstelveen

Posted Fri May 1, 2009 3:27 AM

They market equivalent devices for several consoles, but since there were no tools to make software for the Jaguar until recently the platform was ignored. When software tools were found, the rest was almost a no-brainer. The hardware was adapted to the Jaguar and I ported the console BIOS in short order.


A device made for other consoles, adapted for the Jaguar? Is it a GameGenie device to poke unlimited lives? Then can I finally finish some Jaguar games :P

Robert

#97 kskunk OFFLINE  

kskunk

    Moonsweeper

  • 433 posts
  • Location:Atari Mecca Sunnyvale, CA

Posted Fri May 1, 2009 12:00 PM

A device made for other consoles, adapted for the Jaguar? Is it a GameGenie device to poke unlimited lives? Then can I finally finish some Jaguar games :P


Oh, man, that sounds really plausible... you're getting me all excited now. :D

I wanted one of these so bad that I've even looked at trying to build one, but the Jaguar edge connector is a weird non-standard part. I sniffed around and couldn't find a way to buy less than 5000 at a time. :P If they solved this hurdle all kinds of exciting possibilities await!

- KS

#98 PeterG OFFLINE  

PeterG

    Dragonstomper

  • 552 posts
  • Location:Germany

Posted Fri May 1, 2009 1:50 PM

Most Jag games have cheatcodes, is there anything else a game genie would do? The only game without cheats which I really would have wished had some is cannon fodder since I am stuck in a level being so frustrated, that after a LOT of tries I did not touch it again. Other than that I can't remmeber a game in my possesion which could not be beaten or had no cheats.

#99 kskunk OFFLINE  

kskunk

    Moonsweeper

  • 433 posts
  • Location:Atari Mecca Sunnyvale, CA

Posted Fri May 1, 2009 2:39 PM

Most Jag games have cheatcodes, is there anything else a game genie would do? The only game without cheats which I really would have wished had some is cannon fodder since I am stuck in a level being so frustrated, that after a LOT of tries I did not touch it again. Other than that I can't remmeber a game in my possesion which could not be beaten or had no cheats.


The fun thing about cheat carts is that they let you do a lot more than cheat. You can hack the game to display disabled content like unfinished levels or power-ups they took out at the last minute. There's a lot of exploration possible.

In the Nintendo scene there's a whole community of game archeologists who figure out new codes to enjoy old games in new ways. I'd love to see that sort of thing happen here.

- KS

#100 Goochman OFFLINE  

Goochman

    Quadrunner

  • 6,191 posts
  • Moongates to the Past

Posted Sat May 2, 2009 9:18 AM

Internet cart?




0 user(s) are browsing this forum

0 members, 0 guests, 0 anonymous users