From c408eff8d0068e8df0b26eddf0cc3f75b61727e9 Mon Sep 17 00:00:00 2001 From: Bottersnike Date: Fri, 17 Feb 2023 09:22:27 +0000 Subject: [PATCH] PCP and Alpha --- images/pcp-railroad.png | Bin 0 -> 9740 bytes templates/pages/sega/software/alphadvd.html | 232 +++++++++++++++++++ templates/pages/sega/software/pcp/index.html | 104 ++++++--- 3 files changed, 299 insertions(+), 37 deletions(-) create mode 100644 images/pcp-railroad.png create mode 100644 templates/pages/sega/software/alphadvd.html diff --git a/images/pcp-railroad.png b/images/pcp-railroad.png new file mode 100644 index 0000000000000000000000000000000000000000..5b96dab5eb2ed6588394e0c6963feb8434fbe09a GIT binary patch literal 9740 zcma)?cQ{<@+Qvs0qLb)ibfQZ}m*_-^-lBJ-_gPYrV7PdGF_be)md#sG~+k!bk!Ffygw}mGwa&oIc?H zequu4w{gr#An@m!x4M}h2t?j>^@G#rRqg=1$l$MH>TlrXj(-83KDYlg!+hIR)Pc!KsQ5q_dLfhopF& zp7|M5hu~?ZN~^Zs_Uok^a?wGGs(l{HPxkQ_S@$tbCi)srCHC}YmWC6zrXux<6ZL%p zo{l69CQt6UmX@lpmkO1XE==WaffH3i#Utizag{SWJ0^|>x?63ii|67Ir~d2t@Ic&e zBVemB&6wQrGq=@w{~#Im35f`pDrl-7A4L6?76{p+1jE;}$#Nfx&YVtnMi* zyQx~nU9H_PFytqeOB-9zB4FHyYAE<^(mtuo-!f-D`><9K45qGVCRX#sGGDHEkmXF- zZ}K4m#ZSm)U-U2kG;GaFN>Y9!-zl2aCcZzuFF3)UYx(I-{v#_iFId0qG(yrGI{VoF zFx&a<^Db0f?5!f1E_0c7Hx=OHxB>6t(p;pm+=o9oEszekv4d}wvukzOrK*d#x(-9FGwpAr189utbPFVTX)%8|nm*L#usH7m- zvCPr4vjzS=C`4`kMN-muQs|W5?FZq*eaV&=?2p?Lzg+y_YCXzeKY>gx7QQXIM@7Xa zxz#z!5^@8CMY1?V)sR01$=+PF>Mlx7QilO=iJlD!v+vMc{&ti&zesy})GvP_{!44= zx(oi%$1n|L<QPs}w1lm(()P8gu(2k5(lv&LSxH z)#nfK9UqBH^_ZW%ty_QcWz9yo1~0gu-k|MC4VOe_BJfRIJHG8r6fewaMcS%@&V5gt z_7>?&csHw1hV+?_7)AKYV?h(@v#B#5YEf_I-H7wX!|d;o93tg~WXj7QMF{B$WIbT> z*JR0MJyO@w8wB}`O3^N`Heyr4R+2f~4|jXB1MVZ>fvjBHa?-HXdv)FuYFHDC{%Vx! zUJTQ2)hFWUIST8?hVKgZMwsk>=G4a|70Q2rlkc+s@cf|z-MVf+1f^=^;!3*B{N(eo ztVkby{U^pdv5+98AVNkO&Yeq%CbkR4%Lx>^-I@3vdM_OvOB|Tp{GA`{8{R{4CX6d= z4z0#BHiee)-GW+k*6XGu>gVe9*x(bB`)3xnt zU69b{)pH>(7|sDki}l{d#WI>Y!30nIpDJ@y%Jq%lRvU}cQw(0Z3CvF_JQn{%KrQ;% z@{Bas52%kkQKwA!q1z8toBQJzUoa{G^PMamT~rf(1D_yP~6#~ z*Us-08Q(h$@5b=igaOs7erX)OV?p$YIY8JqTrY0P`xQqw#tJiIUPRd^kPK;`Ah>JT zQk66w-^kl~Q!_0E%uIxP*2y?TUq1?{!+h<;nVer=T6A2{H~Rh1iIfy|x#`#&lohUe zarSsm$pgCMj?~ZJ2}mok?Bg%iSO4OqdT9*{1?vatXV*688d^tusAG8|w+P6_9(Nin zn9plZvNgFxCb=oY_#gXJsB@G)3y>5!sUYKAnNanf^-m>(=rAstFxYp_pV3ie zzRKJonkHm5^Cz_6aO zGUs&?H7cr1R@!th7%a!jtfH(O`cN_@De3nsZ(1sRN_?S^1l?e3Lrjvu& zH`^t*t^gKecHdkuqijb>9x5VYk9^LtJUyP*rr_MZyjRm zO-~W$;(l_IwQyA$i&VV5@ZLsa<^^)(jc18_k2h`R_rm|xE>!3By%u}e=Jpfe-Ojo# zlTbFlTzFu!sFP85+gf2slDb^&gIp^n|F==kiqD3o*TQa0xQVcKp_;RP%RPDVegDQw zrJ$cuE&gk8y`xg#ZdB0xt8Ls}v7TWJkZ~NWo>g2=_mar$S8#>3NeozB-N=9r^I3KN z7FoZ`XWW-x=k*%DJ7XK>OA&i*-1^fi$eD!l)2n+t9$To;7ZqZm6gBs6okMv-i58uQ z`;2Owj;ew#?Vd?Fhf`gUQ*mfJ*SIK0_8(0I`;nyYq9gwwhs4IT*^)WIJV?i;BSlZ% z8DgKa;IGXwAZIXo;~8M)ARG>Gxd2#SKo!@Pds;clUX5}w_|9k4I2w)oX}2WJWkliKpJx%Ik}8Uz3YJ~xo>P#?J)U6eWRPLz`H9|{dk}fx zhT*Y<$kya(dMo@PmQ5oLx2vYgzsQuv7;u8HB?Zmyi1 z$q#uzEZt?zwQaap`AO~a+N)9edQQSe#B-$QW$?poD?+*HiwI0c#~^YhzBiAoOwzb? zPrwSNx(2WKya3vNj-bQufu^1}V#il~+OCx(ef^X@ml4UL`4UVm2i-d8F#TbncZiM% zmhC^Q!WrTErAf27kO6s3w{v0trTRor#}99TXo2)zjlHl0w>RP4CCh~bnMm4vgat`- z7+QVqh@1oAwBO<;nU>69&#cLE#;#yo8~faGbwcm;@li)u%q5;0(l~(coWcUX)dO}x zUGuyAzHVTYS*qwP3?77wYD8j#?1#M0#B>BDTkkcA@7+%7Be8uxz#MW_QXdj6jT9jNZKmBlpvhxT){Fr}hqt$0c!fS$j)f@7 zs@5D)ZWC}MkMMqYx~%QN;d9parFvfLX+NE!@4VCb*I5k2D`VX?`3qkSQW`l!VF8T- zh36}ZsGc5ZSy>1ScQ}E>E|09QHIISt&!qd$x5he)?YvS(saqpnZ5qfesG)Q>m)JND zF%*lI#_%=nzOMq%tsLZxcJ$kt#*?ZIrHmsOvtZB5c-nTq4dtUt7(DRKuJlf8xZ}x9 z67~~1=$7;kg=hu3s5c^Sg_)XY%rVwy7ov?lUQN%=A6WEbzYBwQQBx|5hlmcT_whiR ztQVgDIV|#RSbrZ+orKQ?#qMYM_)p<52c$DG#bzF14Ax##1 zcY=1(@J{oyWRmgQClP~EWuMrd4d(vFj_v*ue42zV4kCB(bHHLy1D-+{1^L6_mlv18 z8UmFuc)yw6?u3#-pau2hSB((wd2 zvk^^)oN{6}YUD-eCmKFIDsj)T5ObKT2BN^TgavT!<@j zY30+B8dYl()6ru;A7SZ?ZN&L$OGE#~?v?o$8cI7xnPfFb+(*+s)Y~lC>4QS$_KxYQ zDbLv}#qD<_J*^n*i-~%3#n}6Z?&3}2?A+-+_sjSpGksy?m}-W9ey3*0+@hk3mdkI} zy#GiNMf^16$60svnXp9o#=b=4kq#s4>1|2!+KkqW`N5?`5U1Ss-w=#;3#=Q z-l6C;%LUb?##Ks$t=mMg8mtZYES=`F%C;23A8f7%wDLOMIG33&i`4XfMY;p{0bq8S zBUO85eZW?OI6C+yPH`Cxm}NkvI9G=s=N%1400ZMLb|Wq*a&CXP0%@?O-5+9fz5iNI zpQn%~DeWP%HPQ7x1naWHkyfF!+Z+%lkE$D2Cp})Dy-4&PW(2kC)~r&3 zu)V0Pu3gEHz;jlV z)Ex<40Yp#x3&YQg|%1$x4zVgR)`<2I^*i4~O z>ONGUXuzZQYuuGZUr>eRbw0+0pK-I|_py2k2Gmzc7_NPD6Lz}{pp$BniMDVHZv91o z^SLTQFNo@eLI3+M_K@S9i;KZ@Yfyp(G*M+C>iI== zUU{nUdGGay*aa2h(*VgES&@R?KI3iUG;LM-L_#>oxL|(XO-yIQJVU6H|NCvjB=K+? zk|YPZ>`0b$6)&8w63;i}YXLb}cgb&M8?P%RtfsCk{n8aev^{ltBD;~!gmZ1@mFT;3Bcjf7HkHw*Z_DQ@ zY0AXgs>WX40oe|_kcPDa1**0PvGmzn@jOjF-V~4qh=H0Bg7wOp+SRJH9*SD337bq? zhh+7kwVCHNh9V>?|FE?I9sg$R$G3jx%Y+j5hgGkYvPb5Ka@Vy50LE6mNTl}zVByDh zk3B3GxR%~{mbou1`*5Xc4q9i-;w*Y6Q(;J@w;cBoQXH_ zF9c(=^V%uOK9Oy621V~s$91t3K#lnz{(H#NtCM$9$ox^>^o=V7v!;7fN%sKKDg{AA zT8u|z_dwYqj!|C*Tx2qr_^>j;l)>N3!(KyH9tTn+;3#o;Zq-yj!G^)8?xU2h#!lzXVX!1yLVD+T@Pa)`*zx`0)-fPatKf%jW#1|a6N~7B6zmCmkVTxIHw%_-AFI;jpJyRw z9w-Ul0+$iQml&q~zkEl(kv3glPAV$>a<3slb5ry%+qxzHJi+6ugRdXIm6q~)dZ%7` zSwUy$GjzYh&XDXu_=9r$;(LMU6er)1_@%W9s$VJ1*VYiU>AtdO#25>y4{(qB(o6%( z1^Oozfxvj@Yzpl&ft8P^eC}8%FL;W5fadM1r=e$948Ed2Mwf3)qYM%$v_1q{CeNvp zAiBU2Z@jaY%DeVx6ek#`P@wlsh9Z;D~fM5{DZHTC%NjDjZ+(dw||A_#mZ5 zDADD$faQhbduan7n|l)*n%P2l4NUg@5H9oeV&gBFG$G8Nn1V&uRZDOEpB{Z8BQkO8 z32kJM%BfaZx-VE4ZwUr}ncPgp_oX^Ges1yR7r{szppf>UcMW=BMw-|ULCphPlSE-maGc6hzqXx+f?+bQ2X>p$wy;PDWjfSk? z7S<1UplZ^loaL`qJvc{ZP;N>odrq(O7BBGe5iWIgtX#NbLMrZ)s7bK{#0F@%9b(X} zi4LU>e*0AG{^nX;ZEpFEI;$Ph<}v@Mb1wn2_Maghuw#oLW|~wTgJ;WKFS#xUC;NpS z#mok>_7i!P0^Nc5khQbTh7-e(`|P63`p1x?vmGnPR;5=f87sS zJ^heeJ;`k8=ZYeSgVn-WGr)J5#ZTxUs@I-$>S@}guDzp7CH(+bilM;ekla%Z5KCJbCk@=@h^lEhlDViGd2&bp^f6&< zv|a}nZSm}tQKXCIfBj){MWhjyv-w>??&sZ|t|h?KqO}>%hCQ%53*5&`pF3Zors5H3 z?L~+-$3YVTz84#B>cPV6rvuNKQWL`{JYFZUzKGVvTLneE@iyzVpp{SB!fC)A!4-Bj zt~7kysW)KUI<%y=;%*NsQez0y07e(dp{~k*@VNUJ@A*XDA>;+UNEiLSxs-jjsWYo1 z0Q2w|eJnPc0s3_eDO_|~m z=8im5(}-#kK@51v6}%E)=`je&wG)x27!vKho!-nQ6~PBw^Q0O}4sb)2c|uTco(j^O zS4-1PnAI*lbrz}F-glxJJ%oqi!St+kzq5W!K+jxB@@!}RW1^O@^o1s2Z6 zWfjKuFrI~%8SIw@kS|wEb5I=9n*lzWBdkN2nO*P@m_iG9H%0mBxqL~~GO20t_T197 zG*h$=3q}q?!y@NzG*^cZuYSP!akjG=a>f*;yWK>#BP;Yv^ZP|bHOut&&4ORpiOE;& ztOr^X0CnW2e|y7)3Y0k}cYTg3fQE+_A3sX=Vc-`6%eC@YDw680E+$roo zEOHjXJ9=zWdHO!#o0gbW=nDWsEm$4w0n>p$30<nQoYwHx>r@0W8fouT!s*2Q5d9SW8)` zepns-r`t%Bbx)D6a^v6`2aWgkJO=|c@!~J%;bqJR*o9ykwIFIgHdwGIRfP=j2^sCR zQWB1TFVC4-ZvSGZd%u*FHhk8PNULAkO|Rx-Z9BeECr%M; z;v*Bon^f<>{82}&0Mz4Imp`?094AXMOzG5fQxu&$g?1d|i#l}#TG*Vd9?yOhwIrw_i zhR)d0Z8x0}i*WM!{MF5|x0A-Nj53?cfc4@0J2ea)SX!C%U=Qeny!f*G61b&|ici30 zbnzwX-5=m-rFDZ>`PCk3j%DW4zeB@sgg2zf01Nu&`Tpv$uoslrKBKnmeCF#i#2w0= zRX}t4100}*=G8CuyfxQW10-%k1|yAe(m(Y8f+CSMI2kH=7uWL7@-CGgdP{YJgeG4hN&-sv&jbj0)o#q>$tY`q9g0FT|>Gj?`OWH&4&Su#+ z05z=sE3azRLHz?KLX1q7Xl*-~VG7F7=`88u!JyAr9bbj8w7Ibf zO2hLn?pzU>olt&#allUKx0l6WkTWBO@bwOEI}`24&s84}O8}rqBYfMw+gZE9jmfqS zX+@Dr&`uX13|2FcOv&!2|4udp`e^~Jes7L$D=PK0zPJ9a?<$CDqN@h|Xn-5T;zj6U zF}5}dH#Bn1OS&q-5jLqIU(IF6fRLq)F__rYF%=_VBo2T-_i4T32SZ(QK_VdR&#fGO zhUUfPfXAOGs-Avk4$$MZ61#g1co1CDXe#6k{2ozF;#k$Jz*$~-&~$vaS6+%t zpd!pF;MX9>DpgCr-A zCr|;44^K{C>9IKGOe}XnAF7?GjGZcg2ORJqEFFBI z1)zqd>n!SbbGR<|nDiPs^mBnTUT7V`FDU~^!2!C7Mt^1p${V-7l1*#g^!Xzq(wwBK zxCwL>7muKXVlxc%q7aQ|aPQJg@E)h#)yr**aJY1i&|;cbKnz(<6^Fhsa9S#{UU&az z7@eTa-INLMzha*rfSEG@8)ck&fdf-e_3OjFtd(cRgK$&l`kxp81r?7XLlu;e!VFQt1Kuab4W+r?>=nmDX_4LEzr|$s^bQ z81d-G7^|!oKhL14VE?}rxy@7JKPmG1!%B4&AG3;^7KSwX-*hoBQfu|UiFN+2x&O$4zL7{d)**F3GcoM<79}YLK`k-4 zX`%&{69q|0aY|@YT&M?!R1|ssX3^&brLWjta)l{4LiCG6m?iOyMtA-2H}Mt#oIh%D z@j+Wm*>6uifjR*pcA9}?aoqpPYM$4bwI0WYVQZcrZ@M0ZZrN`GSBCU{sC4N9gMA15 zhcWn9qDpAF_Of(U-Y@X9SmiC@lIS^1Mgvt}E+yxMk@9ygt_SiQ3*creb1IYcE!7}( zt^v;jd=Cn*=erz38n6l@JV`5L+DDbSFH7NvW0dB!RGB1tl7|3b`deJ{I&H&iR{K-{ z1qJ6=dcr)2J#46`uH|&rLjD{CMGoo11_10F+121A)+F_sLI@0gU7qN@N!U40I{4Qd z$ja5?ts>sk3Y62O3x4w(PsPeI)=nQb5#A4<|Cj@3%laX2_Zl~Esjm*#Ak(W&fy;ci zvGE$$RzDaAs0qGmg5<)VaZTGEB;dHC8`w>m4^vBbtvJe(Ly7zDbT~jgOh+8!5cXa@ zJcG2*LW?zNu&)~sO^aMJWeO11m%ET>P7`h64Sz$rv6pnCd91DK&$Q+t1~{_vk6Ey@ zpjqfnwUzOgKSsgY7b-t7EEua(Tl$is(SM%ES2-l9aGAr`; zcK@aF@`33L3&Z^w;*~1wV+If4er09N*VKY}Zq3Fp#SnB5L$}Od;Y}&IPV(hMXpOgQ zDlS5_dH~rxC#}x1)ZeQZ;X}>{=UC_}E8fZLgpa{!o!(+`g0CMp9MbDr2hgSO4znW( zI&h&|4}ZjV5T~ExN#^(ZLVE%84d{1%UzFDN8FXO!V{Lb_a;fhj$Rfr$CRakh=oNVv z#-(RaHqvnTE^;O$yXoi`Vvn17vp4Dj=6e?}c!6HLdM*u!SnJm96m^#CLe96sfXPHJ z2nc1_%Qxiu+>#^q>Bkr8&he;z=UdEj|Bir z2q)=dO%-J-a%la|BGYPjXU>P?7McZ!|Ey|()r>il^eu4yLE=WuD$q-RM(q_C73Jk| zUgj_$kNz`cCyQ|TSIC|q{|Q*5B6^DS-wZLZ)&6dXH4^XE0EcO!gPD8tj5u2@7+Ddp z!4`)(zKm6ER<*raix%}@2$TJQdC?{6@>E0*^CX3D0vNn7ucADVx7}^Rd5YG@^oIXJ>BmOK~j53PLY? zYlEC=YAc;>MXG-ahk79#@b&?`M#`m84<(=Xn}@Lj4>{o_u&&y+L>G00T2`@x$1eXA h$~fkKW$5QolA~DD1)C@f;7Kl!hKi1Im7>k#{{fm}D%k)4 literal 0 HcmV?d00001 diff --git a/templates/pages/sega/software/alphadvd.html b/templates/pages/sega/software/alphadvd.html new file mode 100644 index 0000000..ee38919 --- /dev/null +++ b/templates/pages/sega/software/alphadvd.html @@ -0,0 +1,232 @@ +{% extends "sega.html" %} {% block title %}AlphADVD{% endblock %} {% block body %} +

AlphaDVD (aka αDVD)

+

+ αDVD is the custom copy-protection SEGA employ for update DVDs. It is handled by + mxAuthDisc.exe on Ring systems. Is is present on DVR-* discs, typically the first in a multi-DVD + install process. +

+

+ In order to understand αDVD, it's important to first have a basic understanding of how data is stored on a + DVD. Rather than like random access storage, where the data stream can be moddeled as a large addressable series of + bytes, DVDs are more akin to HDDs in their division into sectors. Unlike HDDs, however, there is no prescribed order + for the sectors! Each sector of data on disc is prefixed by a header identifying that sector, and notably including + its sector number. When a DVD reader is asked to read a specific sector, it spins the disc until it reads the + appropriate header, then returns the data following that header. There is importantly nothing here that would stop a + disc from containing multiple sectors with the same sector number in their prefix! +

+

+ DVD readers will return the first sector that matches the requested sector number, so if we know where the different + duplicates are on disc we can seek to a known sector a short distance before the instance of the duplicate we wish + to aquire, then ask the DVD reader to read the duplicated sector. Depending on where we first seek, we will receive + different data back. +

+

+ αDVD utilises this, with 6 duplicated sectors, each with three distinct copies. When authenticating a disc, + only one of these 6 duplicates will be checked, however which is checked is random, so in practice all 6 should be + present lest the disc sporadically fails the authentication. This is similar to a copy-protection scheme called + TAGES, however more advanced. All three instances must be present, so it is impossible to create a single + flat image that passes authentication! +

+ +

+ As well as this more hardware based authentication, there is a level of encryption applied to the disc headers too. + This is however much easeier to work with. Each disc has a header in sector 16, sector 1, or sector 17 (checked in + that order). There is no indication which sector contains the header, so in turn each sector is read and decryption + is attempted. We can then validate the header magic number. +

+ +

αDVD Encryption

+

+ αDVD encryption is a basic XOR cipher, where the text is XORed with a key, repeating the key as needed. The + key is always 32768 (8000h) bytes, and is unmodified during this process. +

+

+ Keys are derrived based on a key expansion algorithm that takes as input an unsigned short (16 bit) seed. I'm not + totally sure what expansion algorithm this is, or if it's something totally custom, but for now here's a snippet of + python code that implements the expansion: +

+ +
+{%highlight "python"%}
+def amAuthDiskInitKey(seed):
+    key = bytearray(0x8000)
+
+    for i in range(0x8000):
+        uVar1 = (seed * 2 >> 4 ^ seed * 2) >> 10 & 2 | seed << 2
+
+        uVar2 = uVar1 * 2
+        uVar3 = ((seed << 2) >> 4 ^ uVar1) >> 10 & 2 | uVar2
+        uVar1 = uVar3 * 2
+        uVar3 = (uVar2 >> 4 ^ uVar3) >> 10 & 2 | uVar1
+
+        uVar2 = uVar3 * 2
+        uVar3 = (uVar1 >> 4 ^ uVar3) >> 10 & 2 | uVar2
+        uVar1 = uVar3 * 2
+        uVar3 = (uVar2 >> 4 ^ uVar3) >> 10 & 2 | uVar1
+
+        uVar2 = uVar3 * 2
+        uVar3 = (uVar1 >> 4 ^ uVar3) >> 10 & 2 | uVar2
+        uVar1 = uVar3 * 2
+        uVar2 = (uVar2 >> 4 ^ uVar3) >> 10 & 2 | uVar1
+
+        seed = uVar2 | (uVar1 >> 4 ^ uVar2) >> 11 & 1
+        key[i] = seed & 0xff
+
+    return key
+{% endhighlight %}
+ +

αDVD Headers

+

+ Now that we know how to decrypt data on αDVDs we can search for the header. The header will always be + encrypted with a fixed key with seed 5369. The header is a sequence of 53 bytes, located at offset 318 + if it is in sector 16, and offset 508 if it is in sector 1 or 17. +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Header Offset
0123456789ABCDEF
0Magic = F1FFFF1FhAuth sector 1Auth sector 2Auth sector 3
1Data Offset??DVD Name
2Key seedDummy number
+ +

+ To validate the decryption of a header, both the magic number and the DVD name are checked. The DVD name must start + with SEGA_DVD. +

+ +

+ The key seed present is the header is used to generate a new key that will be used to decrypt the authentication + sectors. +

+ +

The Authentication Sectors

+

+ The three sector addresses in the header are now used to perform a series of seeks and reads. We seek the drive by + requesting a read of 16 sectors, but disregarding the returned data. The first step is to choose the authentication + sector we wish to read. The six duplicates are present using the following offsets: +

+
    +
  • 140h
  • +
  • 150h
  • +
  • 160h
  • +
  • 170h
  • +
  • 180h
  • +
  • 190h
  • +
+

We will refer to our chosen offset, from this list, as n.

+ +
    +
  • Seek to [Auth sector 1] - 16
  • +
  • Read(16) ([Auth sector 1] + (n - 1)) & 0xFFFFFFF0
  • +
  • Seek to [Auth sector 1] - 16
  • +
  • Seek to [Auth sector 1] + [Auth sector 2] - 8
  • +
  • Read(16) ([Auth sector 1] + (n - 1)) & 0xFFFFFFF0
  • +
  • Seek to [Auth sector 1] + [Auth sector 3] + 8
  • +
  • Read(16) ([Auth sector 1] + (n - 1)) & 0xFFFFFFF0
  • +
+ +

+ Each of the three reads are decrypted using the key we generated earlier, and are authentication block 1, 2, and 3 + respectively. The actual data is at offset 31228 in these 16-sector blocks, and follows the following structure: +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Header Offset
0123456789ABCDEF
0Magic = F1FFFF1FhNum magicn
+

+ Num magic will be F1FFFF1Fh in the first sector, F2FFFF2Fh in the second, and F3FFFF3Fh + in the third. +

+

+ There is, however, one extra curveball. One of these three sectors is a dummy sector that contains nonsensiacal data + (in practice this appears to just be nulls). This is the sector indicated by the lower byte of the + Dummy number field in the alpha header. It is essential that this header is not valid. +

+ +

+ Assuming we pass these checks, αDVD authentication succeeded. The disc will now be be read as usual, applying + the data offset from the alpha header before any operations. Coindidentally if an ISO image has been made of an + alphaDVD (which will be unable to pass authentication anyway), all sectors preceeding this offset can be stripped, + and the ISO now matches that of a non-alpha disc. +

+ +{% endblock %} diff --git a/templates/pages/sega/software/pcp/index.html b/templates/pages/sega/software/pcp/index.html index f851e36..fc22f77 100644 --- a/templates/pages/sega/software/pcp/index.html +++ b/templates/pages/sega/software/pcp/index.html @@ -1,48 +1,71 @@ -{% extends "sega.html" %} -{% block title %}PCP{% endblock %} -{% block body %} +{% extends "sega.html" %} {% block title %}PCP{% endblock %} {% block body %}

PCP

What is PCP?

-

PCP is the protocol used for inter-process communication between services running on Ring* systems. I have no idea - what it stands for; head-canon it as Process Command Protocol or whatever you want really. The official - implementation is libpcp, which is statically linked in to binaries that make use of the protocll (and - is itself dependent on amLib).

-

On paper, there are many things the format would at first appear to - support, but is unable to due to the reference implementation in libpcp. Specification of this nature - will be marked. Custom implementations should be liberal in what they receive, and - conservative in what they transmit; marked specification are key areas of focus for this.

+

+ PCP is the protocol used for inter-process communication between services running on Ring* systems. I have no idea + what it stands for; head-canon it as Process Communication Protocol or whatever you want really. The official + implementation is libpcp, which is statically linked in to binaries that make use of the protocol (and + is itself dependent on amLib). +

+

+ On paper, there are many things the format would at first appear to support, but is unable to due to the reference + implementation in libpcp. Specification of this nature will be marked. Custom + implementations should be liberal in what they receive, and conservative in what they transmit; marked specification + are key areas of focus for this. +

Protocol Specification

-

We consider two processes communicating: a server, and a consumer. A server need only be capable of processing at - least one consumer concurrently, though implementations may desire the ability to do so.

-

When a server is ready to process a command, it transmits a single > byte to its connected consumer. +

+ We consider two processes communicating: a server, and a consumer. A server need only be capable of processing at + least one consumer concurrently, though implementations may desire the ability to process multiple consumers. +

+

+ When a server is ready to process a command, it transmits a single > byte to its connected consumer.

The consumer responds with a CRLF-terminated payload packet, containing the command.

-

The server then responds syncronously with a CRLF-terminated payload packet. If a data transfer is being a performed, - this packet will contain port and size as paramaters.

-

In a server->consumer data transfer operation, the consumer connects to the provided port, and expects to receive +

+ The server then responds syncronously with a CRLF-terminated payload packet. If a data transfer is being a + performed, this packet will contain port and size as paramaters. +

+

+ In a server->consumer data transfer operation, the consumer connects to the provided port, and expects to receive size bytes of data. It then closes the connection to the data port and transmits a $ byte to the server to ackgnowledge receipt. The server will only process this ackgnowledgement after it has succesfully transmitted its data to a consumer.

The characteristics of a consumer->server transfer as as yet undocumented. I'll get round to it!

-

If the server is unable to process a request for any reason, it may respond with a single ?. This may be - due to a non existant command being requested, or it may be due to an invalid packet.

+

+ If the server is unable to process a request for any reason, it may respond with a single ?. This may + be due to a non existant command being requested, or it may be due to an invalid packet. +

Payload format

-

Payloads are a non-zero number of & delimited = seperated key-value pairs. i.e. - key1=value2&key2=value2. Both the key and the value can contain any alphanumeric character, and any of - the symbols ._-:@%/\{}. The value may alternatively be a single ?. Leading and trailing - ampersands are illegal, as is more than one ampersand consecuitevely. Empty strings for either the key or value is - likewise illegal. + +

+ Outside of special packets such as > and $, all communication in both directions + strictly follows the following structure:

-

Spaces (ascii 20h) and tabs (ascii 09h) are allowable whitespace. They may be present anywhere + + + +

+ Text is defined as a series of one or more bytes matching [a-zA-Z0-9._:@%/\{}-]. +

+ +

+ Spaces (ascii 20h) and tabs (ascii 09h) are allowable whitespace. They may be present anywhere in the packet surrounding keys, values, any delimiter, or seperator, and will be ignored. They are not valid within - a key or a value.

-

Comments begin and end with the # symbol. They may appear at any point in a packet, and the packet - should be processed as if the comment is not there. The content of comments observe the same restrictions as keys - and values. This notably includes no whitespace.

+ a key or a value. +

+

+ Comments begin and end with the # symbol. They may appear at any point in a packet, and the packet + should be processed as if the comment is not there. + The content of comments must match Text. This notably includes no whitespace. +

Format restrictions

    @@ -65,25 +88,32 @@
    libpcp bugs -

    When parsing requests, libpcp null-terminates ? values with an off-by-one error. This means if you +

    + When parsing requests, libpcp null-terminates ? values with an off-by-one error. This means if you transmit test=12345 followed by test=?, it will be parsed as if you had transmitted test=?2. This could actually be an issue with how I am inspecting the internal state; I will update/remove this spoilier once I've had a chance to dig deeper.

    -

    libpcp does not enforce ampersand placement, causing strange memory artifacts. Consumers MUST conform to - the ampersand specification.

    -

    libpcp allows empty keys and values. The case of an empty key causes the pair to be keyed with an empty string, +

    + libpcp does not enforce ampersand placement, causing strange memory artifacts. Consumers MUST conform to + the ampersand specification. +

    +

    + libpcp allows empty keys and values. The case of an empty key causes the pair to be keyed with an empty string, however an empty value causes it to contain a random value, reading from memory where the previous packet was decoded. In fact, the presence of a = is not validated either, likewise causing it to read - undefined regions of memory. Consumers MUST always provide both the key and the value.

    + undefined regions of memory. Consumers MUST always provide both the key and the value. +

    Using libpcp -

    I have reproduced a locally functioning standalone distribution of libpcp, warts and all. Eventually I will +

    + I have reproduced a locally functioning standalone distribution of libpcp, warts and all. Eventually I will produce some basic docs for making use of the exported functions, and will hopefully be able to provide a download for a precompiled library. I'm still unsure if the source code will ever be made available however - because it's a very true to the original reproduction, potentially problematically so!

    + because it's a very true to the original reproduction, potentially problematically so! +

    If rather than implementing your own pcp you wish to use the libpcp, watch this space.

    -{% endblock %} \ No newline at end of file +{% endblock %}