NXFLASH Romfile.exe Reverse Engineering Success

[alexfree]

Before I attempt to reverse how romfile.exe works to generate a romfile.dat file from a .rom file, I was wondering if it would be possible to get the source for it? Right now Tonyhax International uses wine (gross!) in the build process to generate a romfile.dat file for the NXFlash CD that allows for flashing the tonyhax international rom file to a Cheat cartridge. If I have the source I could just recompile it for Linux and remove wine entirely from the equation.

[alexfree]

So from what I can tell:

0x2000 byte 'header' until the real .rom data.

Starting at offset 0x08 is a unique string of 3 bytes? depending on file (checksum? of what?)

Starting at offset 0x10 is the filename of the original .rom data (displayed in NXFlash).

Edit: Found http://www.psxdev.net/forum/viewtopic.php?t=1530 . Seems like this is relevant:

Code: Select all

int LoadROM (int nr)
{
  CdlFILE cdi;
  char result;
  u_long cs,i;

  CdIntToPos(pos + (romFileData[nr].offset/2048),&cdi.pos);
  CdControl(CdlSetloc,(u_char*)&cdi.pos,0);
  CdSync(0,&result);
  CdRead((romFileData[nr].length/2048)+1,(u_long*)DATA_BUFF,0);
  CdReadSync(0,&result);
  cs = 0;
  for (i=0;i<romFileData[nr].length;i++) cs += *(DATA_BUFF+i);
  if (cs!=romFileData[nr].checksum)
  {
    WaitScreen("Checksum error !");
    return 0;
  }
  return 1;
}

[alexfree]

YES! I reversed it. I am going to update https://alex-free.github.io/psexe2rom to support directly outputting a romfile.dat file. I may also come back to XFLASH and work on an exact clone of romfile.exe but that is open source. Stay tuned.

[masterg0r0]

The unique string that you just mentioned, the ROM file program looks for the "Sony" string in the file to check whether it is a cartridge ROM prior to compiling the DAT archive.

[alexfree]

The unique string that you just mentioned, the ROM file program looks for the "Sony" string in the file to check whether it is a cartridge ROM prior to compiling the DAT archive.

Your thinking of the wrong string. That is relevant to the actual romfile.exe program but it's not even really necessary for the PSX anyways (n00brom does not use it), kind of an artificial requirement/sanity check by the original romfile.exe.

PSEXE2ROM already handles outputting .ROM files fine, which is related to the string you mention. Romfile.dat is like an archive that can (but does not have to) contain multiple .rom files.

There is a checksum, it's a 32-bit addr type was quite easy to reverse since the XFLASH code is available which has to do the same calculation. It's actually 4 bytes but one of them is sometimes 00 hence why I thought it was 3 bytes long at first. The new psexe2rom source will make sense of this when I release it later.

[masterg0r0]

Okay. I get what you mean.

[alexfree]

Alright, I have completely reverse engineered how romfile.exe works. PSEXE2ROM v1.0.1 is now available and capable of making byte-identical romfile.dat files. This completely removes the need for wine to be involved in the build process of Tonyhax International, which was super gross and left alone for too long.

https://alex-free.github.io/psexe2rom

Source code is on github, this is an open source replacement for romfile.exe that works on both Linux and Windows for many work flows

It doesn't make sense to support multiple .rom files in PSEXE2ROM so I did not implement that functionality. It would make more sense to write a romfile.exe clone that just works exactly how the original did (but is open source and can be compiled on Linux and other operating systems to work natively).