/* this function checks the cache to see if the current state is cached, if it is then it copies the cached data to the user region where code is executed from, if its not cached then it gets decrypted to the current cache position using the functions in s24_fd1094.c */ static void s24_fd1094_setstate_and_decrypt(running_machine *machine, int state) { int i; UINT32 addr; switch (state & 0x300) { case 0x000: case FD1094_STATE_RESET: fd1094_selected_state = state & 0xff; break; } fd1094_state = state; cpu_set_reg(machine->device("sub"), M68K_PREF_ADDR, 0x0010); // force a flush of the prefetch cache /* set the s24_fd1094 state ready to decrypt.. */ state = fd1094_set_state(s24_fd1094_key,state) & 0xff; /* first check the cache, if its cached we don't need to decrypt it, just copy */ for (i = 0; i < S16_NUMCACHE; i++) { if (fd1094_cached_states[i] == state) { /* copy cached state */ s24_fd1094_userregion = s24_fd1094_cacheregion[i]; machine->device<cpu_device>("sub")->space(AS_PROGRAM)->set_decrypted_region(0, s24_fd1094_cpuregionsize - 1, s24_fd1094_userregion); m68k_set_encrypted_opcode_range(machine->device("sub"), 0, s24_fd1094_cpuregionsize); return; } } // mame_printf_debug("new state %04x\n",state); /* mark it as cached (because it will be once we decrypt it) */ fd1094_cached_states[fd1094_current_cacheposition] = state; for (addr = 0; addr < s24_fd1094_cpuregionsize / 2; addr++) { UINT16 dat; dat = fd1094_decode(addr, s24_fd1094_cpuregion[addr], s24_fd1094_key, 0); s24_fd1094_cacheregion[fd1094_current_cacheposition][addr] = dat; } /* copy newly decrypted data to user region */ s24_fd1094_userregion = s24_fd1094_cacheregion[fd1094_current_cacheposition]; machine->device<cpu_device>("sub")->space(AS_PROGRAM)->set_decrypted_region(0, s24_fd1094_cpuregionsize - 1, s24_fd1094_userregion); m68k_set_encrypted_opcode_range(machine->device("sub"), 0, s24_fd1094_cpuregionsize); fd1094_current_cacheposition++; if (fd1094_current_cacheposition >= S16_NUMCACHE) { mame_printf_debug("out of cache, performance may suffer, incrase S16_NUMCACHE!\n"); fd1094_current_cacheposition = 0; } }
/* this function checks the cache to see if the current state is cached, if it is then it copies the cached data to the user region where code is executed from, if its not cached then it gets decrypted to the current cache position using the functions in fd1094.c */ static void fd1094_setstate_and_decrypt(running_machine &machine, int state) { int i; UINT32 addr; switch (state & 0x300) { case 0x000: case FD1094_STATE_RESET: fd1094_selected_state = state & 0xff; break; } fd1094_state = state; cpu_set_reg(machine.device(fd1094_cputag), M68K_PREF_ADDR, 0x0010); // force a flush of the prefetch cache /* set the FD1094 state ready to decrypt.. */ state = fd1094_set_state(fd1094_key, state) & 0xff; /* first check the cache, if its cached we don't need to decrypt it, just copy */ for (i = 0; i < CACHE_ENTRIES; i++) { if (fd1094_cached_states[i] == state) { /* copy cached state */ fd1094_userregion = fd1094_cacheregion[i]; set_decrypted_region(machine); m68k_set_encrypted_opcode_range(machine.device(fd1094_cputag), 0, fd1094_cpuregionsize); return; } } /* mark it as cached (because it will be once we decrypt it) */ fd1094_cached_states[fd1094_current_cacheposition] = state; for (addr = 0; addr < fd1094_cpuregionsize / 2; addr++) { UINT16 dat; dat = fd1094_decode(addr,fd1094_cpuregion[addr],fd1094_key,0); fd1094_cacheregion[fd1094_current_cacheposition][addr]=dat; } /* copy newly decrypted data to user region */ fd1094_userregion = fd1094_cacheregion[fd1094_current_cacheposition]; set_decrypted_region(machine); m68k_set_encrypted_opcode_range(machine.device(fd1094_cputag), 0, fd1094_cpuregionsize); fd1094_current_cacheposition++; if (fd1094_current_cacheposition >= CACHE_ENTRIES) { mame_printf_debug("out of cache, performance may suffer, incrase CACHE_ENTRIES!\n"); fd1094_current_cacheposition = 0; } }
/* this function checks the cache to see if the current state is cached, if it is then it copies the cached data to the user region where code is executed from, if its not cached then it gets decrypted to the current cache position using the functions in s24_fd1094.c */ static void s24_fd1094_setstate_and_decrypt(int state) { int i; UINT32 addr; cpunum_set_info_int(1, CPUINFO_INT_REGISTER + M68K_PREF_ADDR, 0x0010); // force a flush of the prefetch cache /* set the s24_fd1094 state ready to decrypt.. */ state = fd1094_set_state(s24_fd1094_key,state) & 0xff; /* first check the cache, if its cached we don't need to decrypt it, just copy */ for (i=0;i<S16_NUMCACHE;i++) { if (fd1094_cached_states[i] == state) { /* copy cached state */ s24_fd1094_userregion=s24_fd1094_cacheregion[i]; memory_set_decrypted_region(1, 0, s24_fd1094_cpuregionsize - 1, s24_fd1094_userregion); m68k_set_encrypted_opcode_range(1,0,s24_fd1094_cpuregionsize); return; } } // mame_printf_debug("new state %04x\n",state); /* mark it as cached (because it will be once we decrypt it) */ fd1094_cached_states[fd1094_current_cacheposition]=state; for (addr=0;addr<s24_fd1094_cpuregionsize/2;addr++) { UINT16 dat; dat = fd1094_decode(addr,s24_fd1094_cpuregion[addr],s24_fd1094_key,0); s24_fd1094_cacheregion[fd1094_current_cacheposition][addr]=dat; } /* copy newly decrypted data to user region */ s24_fd1094_userregion=s24_fd1094_cacheregion[fd1094_current_cacheposition]; memory_set_decrypted_region(1, 0, s24_fd1094_cpuregionsize - 1, s24_fd1094_userregion); m68k_set_encrypted_opcode_range(1,0,s24_fd1094_cpuregionsize); fd1094_current_cacheposition++; if (fd1094_current_cacheposition>=S16_NUMCACHE) { mame_printf_debug("out of cache, performance may suffer, incrase S16_NUMCACHE!\n"); fd1094_current_cacheposition=0; } }
static void cps2_decrypt(const UINT32 *master_key, unsigned int upper_limit) { UINT16 *rom = (UINT16 *)memory_region(REGION_CPU1); int length = memory_region_length(REGION_CPU1); UINT16 *dec = auto_malloc(length); int i; UINT32 key1[4]; // expand master key to 1st FN 96-bit key expand_1st_key(key1, master_key); // add extra bits for s-boxes with less than 6 inputs key1[0] ^= BIT(key1[0], 1) << 4; key1[0] ^= BIT(key1[0], 2) << 5; key1[0] ^= BIT(key1[0], 8) << 11; key1[1] ^= BIT(key1[1], 0) << 5; key1[1] ^= BIT(key1[1], 8) << 11; key1[2] ^= BIT(key1[2], 1) << 5; key1[2] ^= BIT(key1[2], 8) << 11; for (i = 0; i < 0x10000; ++i) { int a; UINT16 seed; UINT32 subkey[2]; UINT32 key2[4]; if ((i & 0xff) == 0) { char loadingMessage[256]; // for displaying with UI sprintf(loadingMessage, "Decrypting %d%%", i*100/0x10000); ui_set_startup_text(loadingMessage,FALSE); } // pass the address through FN1 seed = feistel(i, fn1_groupA, fn1_groupB, fn1_r1_boxes, fn1_r2_boxes, fn1_r3_boxes, fn1_r4_boxes, key1[0], key1[1], key1[2], key1[3]); // expand the result to 64-bit expand_subkey(subkey, seed); // XOR with the master key subkey[0] ^= master_key[0]; subkey[1] ^= master_key[1]; // expand key to 2nd FN 96-bit key expand_2nd_key(key2, subkey); // add extra bits for s-boxes with less than 6 inputs key2[0] ^= BIT(key2[0], 0) << 5; key2[0] ^= BIT(key2[0], 6) << 11; key2[1] ^= BIT(key2[1], 0) << 5; key2[1] ^= BIT(key2[1], 1) << 4; key2[2] ^= BIT(key2[2], 2) << 5; key2[2] ^= BIT(key2[2], 3) << 4; key2[2] ^= BIT(key2[2], 7) << 11; key2[3] ^= BIT(key2[3], 1) << 5; // decrypt the opcodes for (a = i; a < length/2 && a < upper_limit/2; a += 0x10000) { dec[a] = feistel(rom[a], fn2_groupA, fn2_groupB, fn2_r1_boxes, fn2_r2_boxes, fn2_r3_boxes, fn2_r4_boxes, key2[0], key2[1], key2[2], key2[3]); } // copy the unencrypted part (not really needed) while (a < length/2) { dec[a] = rom[a]; a += 0x10000; } } memory_set_decrypted_region(0, 0x000000, length - 1, dec); m68k_set_encrypted_opcode_range(0,0,length); #if 0 { FILE *f; f = fopen("d:/s.rom","wb"); fwrite(rom,1,0x100000,f); fclose(f); f = fopen("d:/s.dec","wb"); fwrite(dec,1,0x100000,f); fclose(f); } #endif }