-
Notifications
You must be signed in to change notification settings - Fork 8
Gamestats2 encryption
sepalani edited this page Aug 1, 2017
·
4 revisions
struct data_info
{
uint32_le pid;
uint32_le data_size;
};
DWCi_EncSessionEncrypt(char* dest, struct data_info* info, uint32_t info_size, char* data, uint32_t data_size);This function is used to encrypt Gamestats2 data payload.
| PowerPC assembly code | C++ pseudo code |
|---|---|
; 0x80354b04 DWCi_EncSessionEncrypt
stwu sp, -0x0030 (sp)
mflr r0
stw r0, 0x0034 (sp)
addi r11, sp, 48
bl -> _savegpr_23 (0x803F1310)
add r30, r7, r5
mr r23, r3
addi r31, r30, 4
mr r24, r4
mr r25, r5
mr r26, r6
mr r27, r7
mr r4, r31
li r28, 0
li r3, 8
bl -> DWC_Alloc (0x80335390)
cmpwi r3, 0
mr r29, r3
bne- ->0x80354B58
li r3, 2
b ->0x803550D8
cmpwi cr1, r25, 0
li r4, 0
ble- cr1 ->0x80354C24
cmpwi r25, 8
subi r6, r25, 8
ble- ->0x80354BF8
li r7, 0
blt- cr1 ->0x80354B8C
lis r5, 0x8000
subi r0, r5, 2
cmpw r25, r0
bgt- ->0x80354B8C
li r7, 1
cmpwi r7, 0
beq- ->0x80354BF8
addi r0, r6, 7
rlwinm r0, r0, 29, 3, 31 (fffffff8)
mtctr r0
cmpwi r6, 0
ble- ->0x80354BF8
lbzx r5, r24, r4
add r6, r24, r4
add r7, r3, r4
lbz r0, 0x0001 (r6)
stb r5, 0x0004 (r7)
addi r4, r4, 8
lbz r5, 0x0002 (r6)
stb r0, 0x0005 (r7)
lbz r0, 0x0003 (r6)
stb r5, 0x0006 (r7)
lbz r5, 0x0004 (r6)
stb r0, 0x0007 (r7)
lbz r0, 0x0005 (r6)
stb r5, 0x0008 (r7)
lbz r5, 0x0006 (r6)
stb r0, 0x0009 (r7)
lbz r0, 0x0007 (r6)
stb r5, 0x000A (r7)
stb r0, 0x000B (r7)
bdnz+ ->0x80354BA8
sub r0, r25, r4
add r5, r24, r4
mtctr r0
cmpw r4, r25
bge- ->0x80354C24
lbz r0, 0 (r5)
add r6, r3, r4
addi r4, r4, 1
addi r5, r5, 1
stb r0, 0x0004 (r6)
bdnz+ ->0x80354C0C
cmpwi cr1, r27, 0
li r4, 0
ble- cr1 ->0x80354CF8
cmpwi r27, 8
subi r6, r27, 8
ble- ->0x80354CC8
li r7, 0
blt- cr1 ->0x80354C58
lis r5, 0x8000
subi r0, r5, 2
cmpw r27, r0
bgt- ->0x80354C58
li r7, 1
cmpwi r7, 0
beq- ->0x80354CC8
addi r0, r6, 7
add r7, r3, r25
rlwinm r0, r0, 29, 3, 31 (fffffff8)
mtctr r0
cmpwi r6, 0
ble- ->0x80354CC8
lbzx r5, r26, r4
add r8, r26, r4
add r6, r7, r4
lbz r0, 0x0001 (r8)
stb r5, 0x0004 (r6)
addi r4, r4, 8
lbz r5, 0x0002 (r8)
stb r0, 0x0005 (r6)
lbz r0, 0x0003 (r8)
stb r5, 0x0006 (r6)
lbz r5, 0x0004 (r8)
stb r0, 0x0007 (r6)
lbz r0, 0x0005 (r8)
stb r5, 0x0008 (r6)
lbz r5, 0x0006 (r8)
stb r0, 0x0009 (r6)
lbz r0, 0x0007 (r8)
stb r5, 0x000A (r6)
stb r0, 0x000B (r6)
bdnz+ ->0x80354C78
sub r0, r27, r4
add r7, r3, r25
add r5, r26, r4
mtctr r0
cmpw r4, r27
bge- ->0x80354CF8
lbz r0, 0 (r5)
add r6, r7, r4
addi r4, r4, 1
addi r5, r5, 1
stb r0, 0x0004 (r6)
bdnz+ ->0x80354CE0
cmpwi cr1, r30, 0
li r7, 0
ble- cr1 ->0x80354DB8
cmpwi r30, 8
subi r5, r30, 8
ble- ->0x80354D94
li r6, 0
blt- cr1 ->0x80354D2C
lis r4, 0x8000
subi r0, r4, 2
cmpw r30, r0
bgt- ->0x80354D2C
li r6, 1
cmpwi r6, 0
beq- ->0x80354D94
addi r0, r5, 7
rlwinm r0, r0, 29, 3, 31 (fffffff8)
mtctr r0
cmpwi r5, 0
ble- ->0x80354D94
add r5, r3, r7
addi r7, r7, 8
lbz r4, 0x0004 (r5)
lbz r0, 0x0005 (r5)
add r28, r28, r4
lbz r4, 0x0006 (r5)
add r28, r28, r0
lbz r0, 0x0007 (r5)
add r28, r28, r4
lbz r4, 0x0008 (r5)
add r28, r28, r0
lbz r0, 0x0009 (r5)
add r28, r28, r4
lbz r4, 0x000A (r5)
add r28, r28, r0
lbz r0, 0x000B (r5)
add r28, r28, r4
add r28, r28, r0
bdnz+ ->0x80354D48
sub r0, r30, r7
mtctr r0
cmpw r7, r30
bge- ->0x80354DB8
add r4, r3, r7
addi r7, r7, 1
lbz r0, 0x0004 (r4)
add r28, r28, r0
bdnz+ ->0x80354DA4
rlwinm r0, r28, 16, 0, 15 (0000ffff)
cmpwi cr1, r30, 0
or r0, r28, r0
li r6, 0
stw r0, -0x343C (r13)
ble- cr1 ->0x80355044
cmpwi r30, 8
subi r5, r30, 8
ble- ->0x80354FE8
li r7, 0
blt- cr1 ->0x80354DF8
lis r4, 0x8000
subi r0, r4, 2
cmpw r30, r0
bgt- ->0x80354DF8
li r7, 1
cmpwi r7, 0
beq- ->0x80354FE8
addi r0, r5, 7
lis r4, 0x8049
rlwinm r0, r0, 29, 3, 31 (fffffff8)
subi r4, r4, 9208
mtctr r0
cmpwi r5, 0
ble- ->0x80354FE8
; Load key constant X
lwz r7, 0x0044 (r4)
add r5, r3, r6
; Load seed
lwz r0, -0x343C (r13)
; Load key constant Y
lwz r8, 0x0048 (r4)
mullw r0, r7, r0
; Load key constant Z
lwz r7, 0x004C (r4)
add r8, r8, r0
divwu r0, r8, r7
mullw r0, r0, r7
sub r0, r8, r0
; Store seed
stw r0, -0x343C (r13)
rlwinm r7, r0, 16, 24, 31 (00ff0000)
; XOR data
lbz r0, 0x0004 (r5)
xor r0, r0, r7
stb r0, 0x0004 (r5)
; Keep going (x2) - Load key constant X
lwz r7, 0x0044 (r4)
lwz r0, -0x343C (r13)
lwz r8, 0x0048 (r4)
mullw r0, r7, r0
lwz r7, 0x004C (r4)
add r8, r8, r0
divwu r0, r8, r7
mullw r0, r0, r7
sub r0, r8, r0
stw r0, -0x343C (r13)
rlwinm r7, r0, 16, 24, 31 (00ff0000)
lbz r0, 0x0005 (r5)
xor r0, r0, r7
stb r0, 0x0005 (r5)
; Keep going (x3) - Load key constant X
lwz r7, 0x0044 (r4)
lwz r0, -0x343C (r13)
lwz r8, 0x0048 (r4)
mullw r0, r7, r0
lwz r7, 0x004C (r4)
add r8, r8, r0
divwu r0, r8, r7
mullw r0, r0, r7
sub r0, r8, r0
stw r0, -0x343C (r13)
rlwinm r7, r0, 16, 24, 31 (00ff0000)
lbz r0, 0x0006 (r5)
xor r0, r0, r7
stb r0, 0x0006 (r5)
; Keep going (x4) - Load key constant X
lwz r7, 0x0044 (r4)
lwz r0, -0x343C (r13)
lwz r8, 0x0048 (r4)
mullw r0, r7, r0
lwz r7, 0x004C (r4)
add r8, r8, r0
divwu r0, r8, r7
mullw r0, r0, r7
sub r0, r8, r0
stw r0, -0x343C (r13)
rlwinm r7, r0, 16, 24, 31 (00ff0000)
lbz r0, 0x0007 (r5)
xor r0, r0, r7
stb r0, 0x0007 (r5)
; Keep going (x5) - Load key constant X
lwz r7, 0x0044 (r4)
lwz r0, -0x343C (r13)
lwz r8, 0x0048 (r4)
mullw r0, r7, r0
lwz r7, 0x004C (r4)
add r8, r8, r0
divwu r0, r8, r7
mullw r0, r0, r7
sub r7, r8, r0
stw r7, -0x343C (r13)
lbz r0, 0x0008 (r5)
rlwinm r7, r7, 16, 24, 31 (00ff0000)
addi r6, r6, 8
xor r0, r0, r7
stb r0, 0x0008 (r5)
; Keep going (x6) - Load key constant X
lwz r7, 0x0044 (r4)
lwz r0, -0x343C (r13)
lwz r8, 0x0048 (r4)
mullw r0, r7, r0
lwz r7, 0x004C (r4)
add r8, r8, r0
divwu r0, r8, r7
mullw r0, r0, r7
sub r0, r8, r0
stw r0, -0x343C (r13)
rlwinm r7, r0, 16, 24, 31 (00ff0000)
lbz r0, 0x0009 (r5)
xor r0, r0, r7
stb r0, 0x0009 (r5)
; Keep going (x7) - Load key constant X
lwz r7, 0x0044 (r4)
lwz r0, -0x343C (r13)
lwz r8, 0x0048 (r4)
mullw r0, r7, r0
lwz r7, 0x004C (r4)
add r8, r8, r0
divwu r0, r8, r7
mullw r0, r0, r7
sub r0, r8, r0
stw r0, -0x343C (r13)
rlwinm r7, r0, 16, 24, 31 (00ff0000)
lbz r0, 0x000A (r5)
xor r0, r0, r7
stb r0, 0x000A (r5)
; Keep going (x8) - Load key constant X
lwz r7, 0x0044 (r4)
lwz r0, -0x343C (r13)
lwz r8, 0x0048 (r4)
mullw r0, r7, r0
lwz r7, 0x004C (r4)
add r8, r8, r0
divwu r0, r8, r7
mullw r0, r0, r7
sub r0, r8, r0
stw r0, -0x343C (r13)
rlwinm r0, r0, 16, 24, 31 (00ff0000)
lbz r7, 0x000B (r5)
xor r0, r7, r0
stb r0, 0x000B (r5)
bdnz+ ->0x80354E1C
lis r8, 0x8049
sub r0, r30, r6
subi r8, r8, 9208
mtctr r0
cmpw r6, r30
bge- ->0x80355044
; Keep going (last ones) - Load key constant X
lwz r4, 0x0044 (r8)
add r5, r3, r6
lwz r0, -0x343C (r13)
addi r6, r6, 1
lwz r7, 0x0048 (r8)
mullw r0, r4, r0
lwz r4, 0x004C (r8)
add r7, r7, r0
divwu r0, r7, r4
mullw r0, r0, r4
sub r0, r7, r0
stw r0, -0x343C (r13)
rlwinm r0, r0, 16, 24, 31 (00ff0000)
lbz r4, 0x0004 (r5)
xor r0, r4, r0
stb r0, 0x0004 (r5)
bdnz+ ->0x80355000
lis r5, 0x8049
addi r24, r30, 4
subi r5, r5, 9208
mr r4, r23
lwz r0, 0x0050 (r5)
mr r5, r24
li r6, 2
xor r28, r28, r0
rlwinm r0, r28, 8, 24, 31 (ff000000)
; Store encoded checksum
stb r0, 0 (r3)
rlwinm r7, r28, 16, 24, 31 (00ff0000)
rlwinm r0, r28, 24, 24, 31 (0000ff00)
stb r7, 0x0001 (r3)
stb r0, 0x0002 (r3)
stb r28, 0x0003 (r3)
mr r3, r29
bl -> B64Encode (0x8035DAA4)
mr r4, r29
li r3, 8
li r5, 0
bl -> DWC_Free (0x80335450)
lis r3, 0xAAAB
li r6, 0
subi r4, r3, 21845
mulhwu r0, r4, r24
li r3, 0
mulhwu r4, r4, r31
rlwinm r0, r0, 31, 1, 31 (fffffffe)
mulli r0, r0, 3
rlwinm r5, r4, 31, 1, 31 (fffffffe)
sub r4, r24, r0
neg r0, r4
or r0, r0, r4
rlwinm r0, r0, 1, 31, 31 (80000000)
add r0, r5, r0
rlwinm r4, r0, 2, 0, 29 (3fffffff)
stbx r6, r4, r23
addi r11, sp, 48
bl -> _restgpr_23 (0x803F135C)
lwz r0, 0x0034 (sp)
mtlr r0
addi sp, sp, 48
blr
|
int DWCi_EncSessionEncrypt(
char* dest,
struct data_info* info,
uint32_t info_size,
char* data,
uint32_t data_size
)
{
_savegpr_23(...);
uint32_t total_size = 4 + info_size + data_size;
void* ptr = DWC_Alloc(8, total_size);
if (ptr == nullptr)
goto label_exit;
// TODO
label_exit:
DWC_Free(8, ptr, 0);
_restgpr_23(...);
}
|