Changes

Jump to navigation Jump to search
278 bytes added ,  12:24, 15 November 2017
no edit summary
Line 20: Line 20:  
* Everything stored under sdmc/Nintendo 3DS/<ID0>/<ID1> is encrypted by 128 bit AES-CTR with console-unique [[AES|keyslots]]. The keyslot is initialized by [[nand/private/movable.sed]].  
 
* Everything stored under sdmc/Nintendo 3DS/<ID0>/<ID1> is encrypted by 128 bit AES-CTR with console-unique [[AES|keyslots]]. The keyslot is initialized by [[nand/private/movable.sed]].  
 
* The crypto IV/CTR for each file is generated as follows: take the UTF-16 path relative to sdmc/Nintendo 3DS/<ID0>/<ID1> (the path it self begins with "/") and hash it with SHA-256, including the null null-terminator. Then calculate CTR as CTRbyte[i] = Hashbyte[i] ^ Hashbyte[16+i] for i = 0 to 15.
 
* The crypto IV/CTR for each file is generated as follows: take the UTF-16 path relative to sdmc/Nintendo 3DS/<ID0>/<ID1> (the path it self begins with "/") and hash it with SHA-256, including the null null-terminator. Then calculate CTR as CTRbyte[i] = Hashbyte[i] ^ Hashbyte[16+i] for i = 0 to 15.
 +
* The base CTR is fixed for each file, therefore the CTR never changes after each write. Thus it is possible to obtain some cleartext by XORing one file(like newly created extdata) with a newer file, where the newer file overwrote zeros in the original file with non-zero data.
 
* Files stored under [[Flash Filesystem|nand/data/<ID0>]] also use the same keyslot, but it is only used for MACs.
 
* Files stored under [[Flash Filesystem|nand/data/<ID0>]] also use the same keyslot, but it is only used for MACs.
 
* ID0 is the first 0x10-bytes from a SHA256 [[nand/private/movable.sed|hash]].  
 
* ID0 is the first 0x10-bytes from a SHA256 [[nand/private/movable.sed|hash]].  
242

edits

Navigation menu