Looking at the Cemu files, I only see one way to change the keys when they change. That file is keys.ini, so I assume that is the right way. So if you know, just say yes or no to my question. Thanks for looking and any help.

himeros:)

It looks like Cemu doesn't use the keys in key.ini or cemu.ini files, and have to be changed in Dish.ini file. Too much for my poor brain to learn. Back to the NagraEdit program again. Now all I have to do is find the latest keys.

Himeros

Looking at the Cemu files, I only see one way to change the keys when they change. That file is keys.ini, so I assume that is the right way. So if you know, just say yes or no to my question. Thanks for looking and any help.

himeros:)

You can open your dish.bin in a good hex editor, search for the key that you want to change. When you find it, change it to the proper key and save it. The ini files are not used at this time.

Look at line D863 of the eeprom for key information.

In My Cemu DISH.bin the Keys are in line D860: Using NagraEdit.
Here's what I did - Get the DISH.bin from your Cemu(put it where you will be able to locate it).
Open NagraEdit - Click file - Open Card Image(The Dish Bin)Choose Rom10
Click Eeprom and scroll down to line D860:.
It should look like this -
D860: 01 01 00 XX XX XX XX XX XX XX XX XX XX XX XX XX
D870: XX XX XX 00 00 00 00 00 00 00 00 00 00 00 00 00
Put the new Keys in the above line where the X's are.
After you change the Keys click File -
Save Card Image and name it whatever your Bin is named. You will need to go and Rename it, because it may add something like .dn10 to the Bin name.
To rename it just right click on the Bin and choose Rename. When done send it to the Cemu and you should be ask to overwrite. If not the the name is incorrect and you need to name it correctly for Cemu to use it.

in a hex editor ...
dish @ 01866hex bev @ 01863hex as stated above ... second key for bev @ 01873 ( basically right after the first one )
DON'T edit manualy in NagraEdit or the bin file will be no good ( when you load the bin [dish/bev] your loading it as a rom10 but it is NOT ... so the info shows up wrong .. like bev's first key is in public key 1 and remainder in public key 2 ) ... can use Nagraedit to run scripts on the bin file only ...
At this point cemu.ini is almost useless for anything other then getting the port, baud, and the names of the 2 bin files ...
Also when using a hex editor when replacing the keys ... some editors do not replace a highlighted string properly when you do a cut/paste unless you tell it to ... so be carefull ...

bOZZ

I will try what you have posted, and thanks. I am somewhat confused however about key0 and key1. I don't see key 0 shown in NagaEdit data editor, only key 1, which over runs into the key 2 area. I would think that if I had the key 0, they should show up there also. I will play some more with the keys, as that is my last thing to get right. It is really good see the Bear again, hope all has been well since days past. Thanks to all for the help again.

Himeros:)

himeros,
When using NagraEdit to edit the bin file, it looks at a specific location to find the "key." Because of reasons that we will not go into for sake of brevity, the key location has changed, so when Nagra looks for the key, it is not where it should be and is shifted to the right and overflows into the next key, so looking at bears post again:

D860: 01 01 00 XX XX XX XX XX XX XX XX XX XX XX XX XX
D870: XX XX XX 00 00 00 00 00 00 00 00 00 00 00 00 00
Put the new Keys in the above line where the X's are.

you see the key is shifted from where it used to be, just put your key in starting at the XX, continuing to the next line.

Hope I made this a little clearer for you. If not let me know.

Cheers.

Thanks again for the reply. I have put the parity key 1 there, and looked at some that I had patched before also, and key 1 is in the right place and does show up in the editor also. Are you saying that parity key 0 is not needed, or is some other location I have not seen? I am stumped, and now I'm not sure if my dish.bin is right and having problems with something else. To go back a few days, I flashed my two chip EMU with the right flash, modded my tsop and did the eeprom. I had picture sound, and everything was working just fine until the keys rolled. From that point on, I only get the menu, and blank screen except for 100. I have tried different tsop and eeprom files, but can't get it working. I have another 2800 that is very hard to Jtag and flash, so I want to get this one working before I play with the dog one. The IRD Id is right, the card Id is right, the box keys are right, and the software is at 834psca-n. Unless something happened to the 2313 flash, I am out of ideas. I have run Cenu in windows, and Dos, with the same results. I feel stupid since I have been around since the F, H, HU, N1, days, and still don't know what the heck I'm doing wrong. As a last resort, I could try a working dish.bin file, if anyone could pm me one. I may go back and reflash the 2313 just to be sure it is good.

Himeros:)

I will try what you have posted, and thanks. I am somewhat confused however about key0 and key1. I don't see key 0 shown in NagaEdit data editor, only key 1, which over runs into the key 2 area. I would think that if I had the key 0, they should show up there also. I will play some more with the keys, as that is my last thing to get right. It is really good see the Bear again, hope all has been well since days past. Thanks to all for the help again.

Himeros:)

NagraEdit is made to edit the rom3,10,11 ... you are emulating a rom101 or rom102 .. so NONE of the info is right ... hence the unexpected info in wierd places when loading a bev rom102 bin image and telling NagraEdit it's a rom10 ... as for key0 , key1 ... this is Nagra 1 keys ... Nagra 2 are IDEA Keys ... and right now bev is only using the one at address 01863hex ( $D863=F4BC3797682BB6907C74559D5AE32C19 if you are using a NagraEdit script )

So many people make the mistake of editing the keys manually with NagraEdit and destroying the BELL.bin file ...

Also ... the cemu.ini is basically 90% rem'ed out ( a '#' in front of the line cause cemu.exe to omit and not load the line ... cemu.exe sees it as a text file ) ... removing all the rem lines you are left with just this ....
port 1
baud 115200
rombin ROM10.bin
dishbin BELL.bin
nosave 1
debug NONE
protocol avr

and even debug NONE doesn't work .. cause you still get the debug screen ( unknown input/output commands ) ..

BELL.bin - add/change your IDEA key
ROM10.bin - info ( ird#,cam#,boxkey,timezone,zip) and tiers ... since everyone is using the same 'info' ... basically use a script file to change the tiers when they go down ...

It's not to hard to get emu running .... only a few steps ... so please don't read to much into it ... relax ... :)

bOZZ

Thanks again. I did come to understand that the keys for N2 are different that what I was used to in N1. There is so much misinformation out there, and it is hard for me to deside what is right. I am going to put everything away for a few days, take a deep breath, and think it over as what I am doing right and what is wrong. Take care and best wishes.

Himeros:)

Where do you change the timezone and zip in the bell.bin file, and what are the hex codes for each? "zip" is an alphanumeric postal code in canada, how is this handled?

blake_
I change the DOEO line using NagraEdit.
Here's what I did - Get the DISH bin from your Cemu(put it where you will be able to locate it).
Open NagraEdit - Click file - Open Card Image(The Dish Bin)Choose Rom10
Click Eeprom and scroll down to line DOEO.
It should look like this -
10 2A FF 90 00 00 00 01 ED 01 01 01 01 62 B3...
The ED in the above line is for the Time.
Change those to your Time.
Thes are just the Basic ones that I know
Pacific E0
Mountain E4
Atlantic F0
Central(I use E8 in Wisconsin)
Eastern EC
After you change the 2 digits click File
Save Card Image and name it whatever your Bin is named. You will need to go and Rename it, because it may add something like .dn10 to the Bin name.
To rename it just right click on the Bin and choose Rename. When done send it to the Cemu and you should be ask to overwrite. If not the the name is incorrect and you need to name it correctly for Cemu to use it.

This is for the bev 102torom10-8a.bn10 file used in Cemu-10x for windows. That's the only one I can confirm it's working in so far. It may work in the dos version as well but I can't confirm it.

This patch will correct the bin for inclusion of the two idea keys instead of just one. It also contains the two most current keys for bev as of 9:10 pm est 12-13-05.

Open the '102torom10-8a.bn10' or whatever you named it in nagraedit 4.1.

Click on the patch tab.

Copy and paste the below text into the patch window.
After the c&p save the patch as keychange.ep10 or something similar.


;----begin patch----

; Patch to existing code
$C940=BFB7BFAE3FE6809DE7885A2AF8CCCC30
$C950=0000000000000000CDCDB7AE07E688E7
; New code
$CC30=C60309A886AA0F9097AE0F90D6D863D7
$CC40=0200905A5A2AF4CCC958000000000000

; Idea Key 86: Inactive
$D863=10F26F9D76A803DFC771B1BDF2EAA1D1
; Idea Key 96: Active 12/11/05
$D873=DCB0E5194CA6DC75867011C9D69F16AB

;-----end of patch-----

Next run the patch. Save the bn10 file to your cemu folder replacing the old one. Although one says inactive both keys work for the current dual key use on bev at the moment. When new keys come out just change them at the $D863 and $D873 locations in the patch. I recommend a copy and paste for this to assure keys are correct.

t160hq

This Is Working In My BEV Cemu DOS setup --- I Used NagraEdit To Patch It To The DISH.bin. It Gets Wide Open BEV Includes Porn!


; Start of patch
; Allow 2 idea keys: 86 & 96
;DISASSEMBLY OF CODE:
;------------------------------
;CC30: C6 01 A5 lda $0309 ; Load in A
;CC33: A8 96 eor #$86 ; A= A xor ...
;CC35: AA 0F ora #$0F ; A= A or ...
;CC37: 90 97 tay ; A --> y
;CC39: AE 0F ldx #$0F ; Load in X
;CC3B: 90 D6 D8 63 lda $D863, y ; Load in A
;CC3F: D7 02 00 sta $0200, X ; Store A in...
;CC42: 90 5A decy ; y--
;CC43: 5A decx ; x--
;CC45: 2A F4 bpl $CC3B ; Branch if >0
;CC47: CC C9 58 jmp $C958 ; Jump

; Patch to existing code
$C940=BFB7BFAE3FE6809DE7885A2AF8CCCC30
$C950=0000000000000000CDCDB7AE07E688E7
; New code
$CC30=C60309A886AA0F9097AE0F90D6D863D7
$CC40=0200905A5A2AF4CCC958000000000000

I apologize if this is a dumb question, but does it matter if I use the 101rev7 or 102rev103 flash with 102torom10-8a.bn10 and a bev 2700 @ 509?

I apologize if this is a dumb question, but does it matter if I use the 101rev7 or 102rev103 flash with 102torom10-8a.bn10 and a bev 2700 @ 509?

The only dumb question is the one never asked IMHO.

Yes. 101 is for DN only. Since Bev never used the 101 cam. So the 102torom10-8a.bn10 is a requirement for the bev stuff. Should work on the 2700 no problem. As to the 509 revision may require a rewrite of the TSOP. I'm using 3100's at E535 not sure about the 2700 version.

t160hq

I got it working at last. Turned out to be a bad copy of Cemu. My EEprom and Tsop were fine. I thought I would just start the beginning, starting with a new issue of Cemu. Just booted up in dos, and watching TV now. Life is good and I want to thank all that helped me learn from their knowledge, I did learn a lot. Each time the testing changes, it is a learning experence again.

Himeros:)

Mine is doing the same exact thing,

Could you help me out on the CEMU you have?

I think I may be using the same one you were

Thanks

Jimyt

For BEV Cemu DOS ... I've compared t160hq's and BiggerBear's dual key patches (to 102torom10-8a.bn10 and DISH.bin respectively) - they are essentially identical, with the exception of the IDEA keys portion of t160hq's patch.

Further up in this thread, bOZZ refers to:
"BELL.bin - add/change your IDEA key
ROM10.bin - info ( ird#,cam#,boxkey,timezone,zip) and tiers ... since everyone is using the same 'info' ... basically use a script file to change the tiers when they go down ..."

The file CEMU.INI has lines referring to:
rombin rom10.bin
dishbin bell.bin

Is the dual key patch / IDEA key change patch all being made in what the CEMU.INI dishbin line points to as the 'bell.bin' file?

I am an old H / HU / BEV N1 (C)emu'er but am not quite ready to test yet (changing to multi-sat dish for 6000 - which is all apart for mods on my bench) and am just trying to do my emu file homework.