Nah, dont have that info yet, all I know is the engine section and its checksum locations. I havent investigated any further than that!antus wrote:Yeah, I think you've nailed the CVN thing, and that shows it is a 16bit checksum. I dont think they'd go 32bit as its an embedded system and to calculate 32bits and throw half away would waste cpu time, which I dont think would be justified. I did have the LS1 checksum algo figured out so I just went and checked my notes (its just a regular sum). The catch there is that the OS checksum skips the saved checksum bytes, so its not a contiguous block. Perhaps the E38 checksum is skipping the CVN bytes, or something like that. Since were looking at sums i'll post that up in a new thread.
When your calculating CRC16, are you reading the file 16 bits at at time? Have you tryed swapping the 8 bit halves?Code: Select all
for ( UINT ui = pCalcInfo->dwRegionStartAddress; ui <= pCalcInfo->dwRegionEndAddress; ui+=2 ) { // implement os hack jumps, real start and end are configured in xdf, this just jumps unchecked parts if (os_hack && ui==0x500) { ui=0x502; OutputDebugString("Skip 0x500->0x501");} if (os_hack && ui==0x4000) { ui=0x20000; OutputDebugString("Skip 0x4000->0x1FFFF");} temp=pCalcInfo->pBaseData[ui]<<8; temp+=pCalcInfo->pBaseData[ui+1]; wChecksum -= temp; }
I think it would help to map out the E38 segments as they are on disk. Do you have that info to post up?
Im doing 8,16, and 32bit reads at a time. I can see the logic in it being a waste of time.. just depends on how secure they decided to make it!