|
|
|
|
|
|
|
Encrypted Valkyrie
Posted on 2011-07-24 13:00:09 |
|
Hi there,
I merged most of my MPEG-2 stuff in Play! last month with mixed success. It's much more resilient to input stream interruption and so it seems to be a lot more stable. But it's still not working very well. I think there's issues with my DMAC emulation, which makes it crash/hang prone. I fixed a bug related to source chain mode transfer interruption but I think there's other bugs like this one that I'll have to track down eventually. So I decided to leave it as is for now and move to something else... I've heard from many sources that Valkyrie Profile 2: Silmeria was using a very specific element from the PS2 behavior to decrypt its game data. So I thought it would be fun to check that out. After a few days of tidying things up in my emulator, I finally got to the point where the game was using its decryption scheme. Basically, it is using a VU micro-subroutine to generate a decryption key which is later used when reading executable data from the DVD. The micro-subroutine in itself is rather simple: 
What this does is, multiply each component of an input vector with a constant and add a constant to each component to form an output value that is used as a decryption key. This would easily run on a x86 CPU, but the problem comes from the fact that this piece of code relies on how the PS2 implemented the IEEE 754 standard to obtain a correct value for decrypting the game data. From what I've read, the PS2 doesn't use any round, guard or sticky bit in its floating point operations and also use the truncate rounding mode, which is contrary to what the x86 does. The result is only off by one when we execute this on a x86 CPU, but this one bit is crucial in making the game work properly. So, I had to implement a custom multiply routine which truncates the result of its operation and that seemed to fix the problem. But apparently, the PCSX2 team had to create a special addition routine to work around this problem... So I have no idea if my custom multiply was the appropriate thing to do. Anyways, the game seems to be able to get a bit further with that custom multiply routine :  
I can also get to what I think is the title screen, but it's pretty much gibberish for now. The game heavily uses VCALLMS which is used to call VU micro-subroutines on the VU0. It also uses a lot of VU stuff I haven't implemented yet. I think this game uses the capabilities of the PS2 to the extreme, so I think my emulator is going to break apart once it's going to try to display its main game stuff. We'll see when I get there... |