Difference between revisions of "NWM Services"
| Line 85: | Line 85: | ||
| This is the MAC address of the host. This is all-zero on the host, like with [[NWMUDS:BeginHostingNetwork]]. | | This is the MAC address of the host. This is all-zero on the host, like with [[NWMUDS:BeginHostingNetwork]]. | ||
|- | |- | ||
| − | | | + | | 0xC |
| 0x3 | | 0x3 | ||
| This is the OUI value for use with the beacon tags. Normally this is 001F32. | | This is the OUI value for use with the beacon tags. Normally this is 001F32. | ||
Revision as of 05:01, 23 September 2014
These NWM services are used for local-WLAN communications, NWM module handles regular wifi APs as well. These services are used for creating/connecting to networks, and for sending/receiving data over the network etc. NWM module uses the wifi SDIO hardware via the IO registers for this.
NWM local-WLAN service "nwm::UDS"
| Command Header | Description |
|---|---|
| 0x000F0404 | RecvBeaconBroadcastData |
| 0x001400C0 | RecvBroadcastDataFrame |
| 0x001B0302 | Initialize |
| 0x001D0044 | BeginHostingNetwork |
| 0x001E0084 | ConnectToNetwork |
NWM infrastructure service "nwm::INF"
| Command Header | Description |
|---|---|
| 0x00070742 | ConnectToAP |
NWM socket service "nwm::SOC"
NWM service "nwm::SAP"
NWM local-WLAN StreetPass service "nwm::CEC"
NWM service "nwm::EXT"
NWM service "nwm::TST"
Local-WLAN
UDS is used for 3DS<>3DS local-WLAN communications, and for 3DS<>Wii U communications. The latter is mainly only used for multi-player in games.
All UDS local-WLAN communications have the CCMP key for data encryption generated via NWM module. The CCMP key passed to nwm::CEC commands(stored in a 0x44-byte input structure) for StreetPass is generated by the CECD module. The input data used with EncryptDecryptAes with keytype1 is a MD5 hash over an input passphrase. This input passphrase is fixed for Download Play, it's unique per local-WLAN protocol. The CTR is a MD5 hash over the below 0x10-byte structure. The output from encrypting that data with AES-CTR is the final CCMP key.
Structure used for generating the CTR
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x4 | Little-endian local-WLAN communication ID, normally this is: (user_process uniqueID << 8) | val. Where val is 0x10 on retail(configmem UNITINFO bit0 set), 0x90 for devunit. For Download Play, this is always 0x2810 on retail(0x2890 on devunit). |
| 0x4 | 0x4 | Little-endian u32 networkID, randomly-generated when creating the network. The network SSID used when a client connects to the network is sprintf(out, "%08X", networkID). |
| 0x8 | 0x6 | Host MAC address. |
| 0xE | 0x2 | Little-endian ID, for Download Play this is 0x55. |
Network structure
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x6 | This is the MAC address of the host. This is all-zero on the host, like with NWMUDS:BeginHostingNetwork. |
| 0xC | 0x3 | This is the OUI value for use with the beacon tags. Normally this is 001F32. |
| 0x10 | 0x4 | wlancommID |
| 0x14 | 0x1 | This ID is also stored at offset 0xE in the CTR-generation structure. |
| 0x1C | 0x4 | ? |
This 0x108-byte structure is used for NWMUDS:BeginHostingNetwork, NWMUDS:ConnectToNetwork, etc. This data is stored as big-endian.
UDS Beacons
The UDS host broadcasts a beacon containing at least two Nintendo-vendor tags(tag number 0xDD, see above for the OUI), normally the data stored in these tags are static. The second tag contains the big-endian u32 networkID, used by the clients when connecting to the host and for the above CCMP key generation. The Nintendo-vendor tag(s) following the first two are unique to the process using UDS, these tags are used for broadcasting metadata regarding the host.
UDS Beacon Tags
The following is the structure of each tag, starting at the OUI. The order of the tags is the same as listed below.
OUI Type 20
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x3 | OUI, see above. |
| 0x3 | 0x1 | OUI type (20/0x14) |
| 0x4 | 0x3 | Sample data: 0a 00 00 |
Normally the size of this tag(from the tag size field) is 0x07.
OUI Type 21
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x3 | OUI, see above. |
| 0x3 | 0x1 | OUI type (21/0x15) |
| 0x4 | 0x4 | wlancommID |
| 0x8 | 0x1 | u8 ID, also used at offset 0xE in the CTR-generation structure. |
| 0x1F | 0x14 | SHA1 hash. When doing the hashing, this hash is cleared to zero. The hash data starts at offset 0x0(OUI), and the size is 0x34 + <value of the u8 at offset 0x33>. |
| 0x33 | 0x1 | Size of additional data. Normally zero. When non-zero this additional data is located at offset 0x34. |
Normally the size of this tag(from the tag size field) is 0x34.