Notice that the second hexdump contains an ELF header, as if the file was properly decrypted. However, the second hexdump is of cdecrypt's array of verification hashes, not file content. I also noticed that JNUSLib works fine, and decrypts both games without issue.
The problem turned out to be in how cdecrypt decides whether the file contains hashes throughout or not. cdecrypt previously checked fe[i].Flags & 0x440 for each entry, but apparently in the case of these two games, those bits don't correspond to whether the file is hashed or not. Apparently, JNUSLib decides based on the TMD file entry, which is still accurate in these cases. So, this PR changes cdecrypt to use the same method as JNUSLib for determining whether the file contains hashes or not.
I haven't tested this on a huge sample, but the games I have tested it on still work, and since JNUSLib uses it (apparently) successfully, it seems safe enough to me.
This change is known to fix decryption of "Assassin's Creed III" and "Darts Up". This is a port of another PR: https://github.com/Xpl0itU/WiiUDownloader/pull/44
Previously, when attempting to decrypt either of these games with
cdecrypt
, decryption would fail and you'd get a message like this:Notice that the second hexdump contains an ELF header, as if the file was properly decrypted. However, the second hexdump is of
cdecrypt
's array of verification hashes, not file content. I also noticed that JNUSLib works fine, and decrypts both games without issue.The problem turned out to be in how
cdecrypt
decides whether the file contains hashes throughout or not.cdecrypt
previously checkedfe[i].Flags & 0x440
for each entry, but apparently in the case of these two games, those bits don't correspond to whether the file is hashed or not. Apparently, JNUSLib decides based on the TMD file entry, which is still accurate in these cases. So, this PR changescdecrypt
to use the same method as JNUSLib for determining whether the file contains hashes or not.I haven't tested this on a huge sample, but the games I have tested it on still work, and since JNUSLib uses it (apparently) successfully, it seems safe enough to me.