Found some "different" keys with the help of Catfish. Dont know if they are though, audio of font. Testing should reveal this
Had no time to include them though.
Spent more time on the HD key and locking thing. Found some code which was more or less ripped from the xbox-linux project that contained the HD key generation algorithm. Made a few changes to fit the use on a PC and voila! It loads the eeprom and generates the correct key. Look at my other thread for news on xboxhdm.
This is more or less the code from Speedbump, Franz, Ed,... Thanks guys!
Incredible enough, Catfish pointed me to a mailing list where some guy was trying to get some code from CVS at xbox-linux to generate HD keys (thanks Catfish). Said he found and solved some bugs. I was not able to get this to run though...
However the locking/unlocking is another story. From the above mentioned code and reading the ATA specs you pointed me to it seems very simple the issue the SECURITY UNLOCK command. I did this but no success. Then program hangs for 5 secs or so, then fails. I think it's the builtin counter of the ATA specs that kicks in. No further attempts can be made and I have to reboot. Debugging gets rather tiresome this way
I could really use someone with knowledge on this. From the ATA_IDENTIFY command I get that the security level of the drive is set to maximum. From the ATA specs I understand that even issueing an UNLOCK command with the MASTER passwd will fail at this level - or maybe I'm getting something wrong here!
I'm also not quite sure how many bytes I should pass to the controller. The ata specs say that the UNLOCK command will transfer 256 words (512 bytes) to the controller. First word contains a control word and some passwd identifyers (user/master), next 16 the passwd (32 bytes). Question is what this 1'st word should be? Is the UNLOCK command (0xF2) the control word itself or is this not incluede in the 512 bytes, and from my findings on the security levels, should I use user or master passwd. I thought user initially...
Most be able to find the answers somewhere though. Another possibility was to embed the asm-code of hdunlock now that we have the hd key. Would be cleaner to send the commands though.