...and some questions about.
Since Aug-2015 in Swiss you can dump the 2Mbyte GameCube's IPL Mask ROM / bootrom to the decrypted IPL ROM file: ipl_clear.bin and the file: ipl.bin It is a really great feature of Swiss. Thanks a lot.
Checksum of my IPL backups [MD5, SHA1, CRC32]:
ipl_clear.bin , ca904bc72ad481a86669376b94cfa3df , 85348ba22af82b4bb78f0360cb1b149cdd675d4d , 730d5f76
ipl.bin , 0cdda509e2da83c85bfe423dd87346cc , f27c63e5394e2fd1606f70df004c4fc2d6027700 , 4f319f43
From the point of view of the educational purpose, I did open both (ipl_clear.bin and: ipl.bin) in the differencing and merging tool "WinMerge".
(a well known tool like: "WinDiff").
As you can see the first 0x100 bytes (0x00000000 - 0x000000FF) are identical.
So the first 0x100 bytes are not encrypted - a well known fact (YAGCD -- 10.3.1 Memory Map (Europe/PAL))
The next area from:
0x00000100 to 0x001AEEE8
there is the GameCube BIOS - it seems to be right regarding to the YAGCD -- 10.3.1 Memory Map (Europe/PAL).
Well, the confusing thing is the next part from:
0x001AEEE9 to 0x001AFEFF.
Inside the decrypted ipl_clear.bin there is data (encrypted/scrambled data?).
But inside the encrypted ipl.bin there are 4120 times (0x1018 times) the 0x00-Byte.
Strange thing : misc binary data (0x001AEEE9 to 0x001AFEFF) is encrypted to 4120 times (0x1018 times) the 0x00-Byte?
In other words: inside the area from 0x001AEEE9 to 0x001AFEFF there are 4120 times 0x00-Byte (in the encrypted ipl.bin) wich will be decrypted to misc binary data in ipl_clear.bin?
++side note++
The rest of the data from:
0x001AFF00 to 0x001FFFFF (end of IPL ROM dump / EOF)
is unencrypted and it is the same in decrypted ipl_clear.bin and in encrypted ipl.bin.
-->
This matches the information from YAGCD -- 10.3.1 Memory Map (Europe/PAL)
++side note**
What is the sense of the data from 0x001AEEE9 to 0x001AFEFF and why is it "0x00" in the encrypted ipl.bin file?
For educational purpose:
Is there a way or a tool (or online tool) to get the XOR cyphertext / cypher key code by ?un-XOR-ing? (is this the right word?
) the decrypted and encrypted part of the IPL ROM?Maybe is there a tool where I can first put in the encrypted part of ipl.bin file and then put in the decrypted part of the ipl_clear.bin file and then get the XOR cypher key from the tool?
