Jump to content

Homebrew without DS modding?


dougskullery

Recommended Posts

I'm afraid I'm new on the DS homebrew scene, so if this question has an obvious answer I apologise.

 

All the current methods of getting homebrew applications to the DS (especially with the new firmware) involve the use of extra equipment, such as GBA Flash Carts or PassMe.

 

However, there is an option on the DS main menu to use DS download play, and download and run code to the DS from WiFi. With the drivers that were released for network adaptors with the RT2500 chipset, it's possible to send code to the DS from the PC. As far as I can tell, the only problem in getting it to run is that the code sent needs to be Nintendo Authenticated.

 

 

Now, a lot of work seems to be spent on workarounds for this Authentication problem. I believe FlashMe replaces the original firmware with one which doesn't look for authentication. However, this is not addressing the root of the problem.

 

Is there any reason why, so far, nobody has modified the code being sent to seem Nintendo Authenticated? It seems that that would make homebrew DS use a far more painfree experience, and one that would reach more people. Bigger community means more development, so it's something that would benefit the whole homebrew scene (together with making the homebrew application execution procress a whole lot easier).

 

 

I'm assuming if everything I've said is accurate, then someone would have done this already, so point out the obvious mistakes I've made.

Link to comment
Share on other sites

its encrypted and the public key is not know plus this is not the forum for this question since this has nothing to do with dswifi lib

 

Sorry if I've got the wrong forum. This place just seemed to be the development hotspot, so I posed the question here.

 

I assumed it'd be encrypted. If it wasn't, it'd be pretty pointless. The question is, how difficult would it be to decrypt?

Link to comment
Share on other sites

Well, this is the best forum on this site for a question like this. The big problem is that downloaded binaries are RSA signed, and we don't have the private key used to sign with (not to mention the key is basicly impossible to get)

 

If you want a "more appropriate" place to discuss things, see the DS forums on gbadev.org

 

-Stephen

Link to comment
Share on other sites

Once you flash the ds firmware, then you can send homebrew demos through wifi. Right now there is no method to run unsigned code on the ds without some sort of mod. While I agree it would be easier without it, this is nothing new. Almost every game system (except maybe the Dreamcast) required some additional hardware in order to play homebrew games. We are actually very fortunate that the ds only requires a simple firmware flash and not an internal mod-chip that has to be professionally installed. You can get all the required hardware for less than $100, or even have a friend flash your ds for free. Its really not that difficult.

 

El Hobito: Actually this question has everything to do with the ds wifi and sgstair is obviously the person most qualified to answer this question.

 

// cybereality

Link to comment
Share on other sites

Not that I posess the tools to do so (Or a DS for that matter) but has nobody even attempted to tap the bus between the CPU and the Wifi chipset on the daughterboard?

If decryption is done somewhere in the Wifi chipset and then data sent to the CPU, it's very possible to steal the key simply by sniffing the bus on either end while checks are in progress.

 

sgstair would probably have the best knowledge here, and as I stated I don't even own a DS, let alone one I'd be willing to rip apart to play with. The idea alone excites me though.

 

0x5F60          ?               Used for something, not included in the rx circular buffer. (ssid maybe?)

 

The 4 following registers are for WEPKEY, maybe it's possible this register (Or another unknown for that matter) is used for RSA Hash? Correct me if I'm way off the mark here. Are the WEPKEY registers 32Bit? That unused one would be the most probable one for security reasons to be using for an RSA hash, rather than a 16 bit register. Also being that it's not inside the Rx circular buffer would make sense, as the location of any given byte in a circular buffer depends entirely on previous traffic, the RSA hash CANNOT be handled out of order, or it's null and void.

Link to comment
Share on other sites

cyberreality: actually, the question has absolutely nothing to do with the wifi lib, which is the focus of this forum.

 

IJTF_Cinter: I'm still trying to figure out where you came up with that idea.... it doesn't make any sense, and it couldn't possibly work. (it's impractical besides the fact that there's only 32 bytes of space there, while the RSA hash is 128 bytes)

 

-Stephen

Link to comment
Share on other sites

I was never aware the hash was 128bit, after reading the RSA Technologies website I was only under the assumption that the hash can be any given length and not necessarily the same length as the key, which is obviously a fixed length.

From reading some stuff I was under the impression the key is shared between DS units when communicating with eachother in a secure mode, and that 2 DS units can play a game where only 1 of them has a copy of it, hence the need for RSA encryption to protect copyrighted content. Correct?

 

That RSA hash has to pass through somewhere right? I was thinking maybe one of those registers might be used for storing the hash, if it was only used when the DS entered a secure mode.

Isn't the signal itself RSA encrypted, or is it just the data being passed? The things I read weren't very informative.

 

Like I already said, I don't own a DS......don't really know much about it all. Merely speculating based on what I'd found to read. Your response has sure made me feel dumb and obviously I'm WAY off the mark here.

Link to comment
Share on other sites

IJTF_Cinder: Again, you're incorrect for the most part. The only time an RSA hash is used is in the transmission of an executable binary for download play, and it's processed entirely in software - Please note that there really is no good documentation to go off of for understanding how this stuff works at present, the only way to know for sure is to do some capturing of data and figure it out on your own :D

 

-Stephen

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...