I've read the whole bootrom code and i have to admit, that big N has done a good job on hiding where and how it calls the AES code. Finding the AES implementation is easy, it's just before the ancast header check function and after the most useless function. Finding how the AES implementation is called, is a little bit hard, for two reasons: There are no cross references in the text segment; This means you will not see something like: 'bl AES_Decrypt'. There are no addresses saved in the data segment: 'AES_offset: .long AES_Decrypt'. So how to find it? You have to read the code, because the value is hardcoded and saved into a memory on an unknown address (like 0xE0000000); then a function will load that addresses to the count (CTR) register and jumps there.
Welcome to the DCEmu Homebrew and Gaming Network. This Network of sites is owned and ran by fans of all games consoles, we post news on all the consoles we cover about hardware aspects, gaming and Homebrew. Homebrew and Emulation are software thats made using free and legal tools to play on games consoles. This Network is the only worldwide network of sites where coders can upload and post comments they deserve for all their hardwork. We have a Network that currently supports PSVita, WiiU, Nintendo Wii, Xbox360, PS3, PS2,PS1, Snes, N64, Gameboy, Nes, Xbox, Gamecube, Nintendo DS, PSP, GBA, Dreamcast, Sega Saturn,3DS, DSi, Switch, PS4, Pandora, xboxone, GP2X, iPhone, Windows Phone, iPad, Android and also Mobile Phone Emulation. When new consoles appear we will expand to cover those consoles. We also cover Theme Park News and news and reviews of Beer, cider, lager, wines and spirits.
news of their own releases and get the credit and
Please help DCEmu become stronger by posting on the forums every day and make our community larger.