6,264
edits
Changes
Jump to navigation
Jump to search
Line 67:
Line 67: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
no edit summary
| 0x020
| 0x020
| SHA-256 Hash of Firmware Section
| SHA-256 Hash of Firmware Section
|}
== [[New_3DS]] FIRM ==
For New3DS firmwares (NATIVE_FIRM, TWL_FIRM, ..), the ARM9 FIRM binary has an additional layer of crypto. At the end of each ARM9 binary, there's a plaintext loader. The format of the FIRM header is identical to regular 3DS FIRM(the RSA modulo is the same as regular 3DS too).
If (u8*)0x10000000 bit 1 is clear (which means that this happens only on hard reboots), it does the following things:
* Hashes data from the region 0x10012000-0x10012090 using SHA2.
* Initializes AES keyslot 0x11 keyX, keyY to the lower and higher portion of that hash, respectively.
* Decrypts arm9_bin_buf+0 using keyslot 0x11, and initialises keyX for keyslot 0x15 with it.
* Initialises KeyX for keyslots 0x18-0x20 with the output of encrypting a certain binary sequence using keyslot 0x11. These are presumably New3DS-specific keys.
It sets KeyY for keyslot 0x15 to arm9_bin_buf+16, the IV to arm9_bin_buf+32. It then proceeds to decrypt the binary. When done, it decrypts arm9_bit_buf+64 using a fixed key and makes sure it's all zeroes. It it is, it jumps to the decrypted addr. Otherwise it will just loop forever.
Thus, the ARM9 binary has the following header:
{| class="wikitable" border="1"
|-
! OFFSET
! SIZE
! DESCRIPTION
|-
| 0x000
| 16
| Encrypted KeyX (same for all FIRM's)
|-
| 0x010
| 16
| KeyY
|-
| 0x020
| 16
| IV
|-
| 0x030
| 16
| ?
|-
| 0x040
| 16
| Control block
|}
|}