Difference between revisions of "DSiWare Exports"
(→Header) |
|||
(21 intermediate revisions by one other user not shown) | |||
Line 1: | Line 1: | ||
The DSiWare exported from a 3DS is located at "[[SD_Filesystem|sdmc]]:/Nintendo 3DS/<ID0>/<ID1>/Nintendo DSiWare". Filenames are same format as [http://dsibrew.org/wiki/Tad DSi]: "<TitleID-Low>.bin". The below sizes include the 0x20-byte block metadata. | The DSiWare exported from a 3DS is located at "[[SD_Filesystem|sdmc]]:/Nintendo 3DS/<ID0>/<ID1>/Nintendo DSiWare". Filenames are same format as [http://dsibrew.org/wiki/Tad DSi]: "<TitleID-Low>.bin". The below sizes include the 0x20-byte block metadata. | ||
− | DSiWare exported from 3DS use [[Nand/private/movable.sed|keyslots]] initialized by movable.sed. Each section is encrypted with AES-CBC. | + | DSiWare exported from 3DS use console-unique [[Nand/private/movable.sed|keyslots]] initialized by movable.sed. Each section is encrypted with AES-CBC. |
+ | |||
+ | The content sections are ordered the same way as DSi: TMD, SRL from content0, <content1-7 for format v2>, public.sav, and banner.sav when banner.sav exists. When the DSiWare export type is 7-11, the 12th content section is the private.sav, if it exists.(ContentX here is the .app data from TWL-NAND /title) | ||
+ | |||
+ | =DSiWare Export Types= | ||
+ | {| class="wikitable" border="1" | ||
+ | |- | ||
+ | ! Value | ||
+ | ! Format version | ||
+ | ! Description | ||
+ | |- | ||
+ | | 0-6 | ||
+ | | | ||
+ | | Same as value 14. | ||
+ | |- | ||
+ | | 7-11 | ||
+ | | v2 | ||
+ | | 12 content sections | ||
+ | |- | ||
+ | | 12 | ||
+ | | v2 | ||
+ | | 4 content sections | ||
+ | |- | ||
+ | | 13 | ||
+ | | v1 | ||
+ | | 4 content sections | ||
+ | |- | ||
+ | | 14 | ||
+ | | v2 | ||
+ | | 11 content sections | ||
+ | |} | ||
+ | |||
+ | For NATIVE_FIRM versions where this DSiWare export [[AM:ExportDSiWare|type]] field is unused, format version v1 is used with 4 content sections. Otherwise when this field is used, see the above table. [[System Settings]] uses type 1 for [[AM:ExportDSiWare|exporting]] DSiWare, regardless of the System Settings title-version. | ||
=Block Metadata= | =Block Metadata= | ||
Line 16: | Line 48: | ||
| 0x10 | | 0x10 | ||
| 0x10 | | 0x10 | ||
− | | IV, generated by the RNG. | + | | IV, generated by the [[PSPXI:GenerateRandomBytes|RNG]]. |
|} | |} | ||
− | Each section begins with the payload encrypted data, followed by this block metadata. The hash used for the MAC is calculated over | + | Each section begins with the payload encrypted data, followed by this block metadata. The SHA-256 hash used for the MAC is calculated over the cleartext payload. This hash used for generating the MAC is also stored in the footer. |
+ | |||
+ | =Footer= | ||
+ | {| class="wikitable" border="1" | ||
+ | |- | ||
+ | ! Offset | ||
+ | ! Size | ||
+ | ! Description | ||
+ | |- | ||
+ | | 0x0 | ||
+ | | X | ||
+ | | SHA-256 hashes over the banner, header, and content sections. When a content section doesn't exist, the corresponding hash here is uninitialized. | ||
+ | |- | ||
+ | | 0x0 + X | ||
+ | | 0x3C | ||
+ | | ECDSA signature using SHA-256 over the previous hashes, signed by the APCert. | ||
+ | |- | ||
+ | | 0x3C + X | ||
+ | | 0x180 | ||
+ | | ECDSA "APXXXXXXXXXXXXXXXX" cert signed by the below [[CTCert]], where X is [[PSPXI:GenerateRandomBytes|random]] lowercase ASCII hex data. | ||
+ | |- | ||
+ | | 0x1BC + X | ||
+ | | 0x180 | ||
+ | | ECDSA [[CTCert]] | ||
+ | |- | ||
+ | | 0x33C + X | ||
+ | | 0x4 | ||
+ | | Uninitialized padding. | ||
+ | |} | ||
+ | |||
+ | These hashes are the same hashes used for generating each section's MAC stored in the metadata block. X = 0x40 + totalcontentsections*0x20. | ||
+ | |||
+ | The curve sect233r1 is used for all related ECDSA signing operations | ||
=File Structure v1= | =File Structure v1= | ||
Line 37: | Line 101: | ||
|- | |- | ||
| 0x40E0 | | 0x40E0 | ||
− | | | + | | 0x340 + 0x20 + X, where X is the total size of the hashes stored in the footer. |
| Footer section | | Footer section | ||
|- | |- | ||
− | | | + | | 0x40E0 + footer_size |
| | | | ||
− | | | + | | Content sections |
|} | |} | ||
Line 74: | Line 138: | ||
| 0x38 | | 0x38 | ||
| 0x8 | | 0x8 | ||
− | | TWL | + | | Byte-swapped titleID from the TWL [[TMD]]. |
|- | |- | ||
| 0x40 | | 0x40 | ||
Line 82: | Line 146: | ||
| 0x48 | | 0x48 | ||
| 0x10 | | 0x10 | ||
− | | u32 payload sizes for | + | | u32 payload sizes for the 4 content sections. |
|- | |- | ||
| 0x58 | | 0x58 | ||
Line 90: | Line 154: | ||
| 0x5C | | 0x5C | ||
| 0x3E | | 0x3E | ||
− | | Data from the TWL [[TMD]] | + | | Data from the TWL [[TMD]] reserved section. Only the first 0x20-bytes from the TWL TMD is written here, the rest is uninitialized. |
|- | |- | ||
| 0x9A | | 0x9A | ||
| 0x6 | | 0x6 | ||
| Padding? | | Padding? | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
|} | |} | ||
Line 137: | Line 173: | ||
|- | |- | ||
| 0x4020 | | 0x4020 | ||
− | | | + | | 0x110 |
| Header section | | Header section | ||
|- | |- | ||
− | | | + | | 0x4130 |
− | | | + | | 0x340 + 0x20 + X, where X is the total size of the hashes stored in the footer. |
| Footer section | | Footer section | ||
|- | |- | ||
+ | | 0x4130 + footer_size | ||
| | | | ||
− | | | + | | Content sections |
− | |||
|} | |} | ||
Line 158: | Line 194: | ||
| 0x0 | | 0x0 | ||
| 0x4 | | 0x4 | ||
− | | Magic number | + | | Magic number 0x54444633, "3FDT". |
|- | |- | ||
| 0x4 | | 0x4 | ||
− | | | + | | 0x2 |
− | | | + | | Byte-swapped groupID from the TWL [[TMD]]. |
+ | |- | ||
+ | | 0x6 | ||
+ | | 0x2 | ||
+ | | Byte-swapped title version from the TWL [[TMD]]. | ||
|- | |- | ||
| 0x8 | | 0x8 | ||
− | | | + | | 0x20 |
− | | | + | | SHA-256 hash [[AMPXI:ValidateDSiWareMovableSedHash|calculated]] over the encrypted movable.sed. |
+ | |- | ||
+ | | 0x28 | ||
+ | | 0x10 | ||
+ | | Encrypted AES block from [[AES|encrypting]] an all-zero 0x10-byte block with AES-CBC, where the IV is all-zero. | ||
|- | |- | ||
| 0x38 | | 0x38 | ||
| 0x8 | | 0x8 | ||
− | | TWL | + | | Byte-swapped titleID from the TWL [[TMD]]. |
|- | |- | ||
| 0x40 | | 0x40 | ||
− | | | + | | 0x8 |
| ? | | ? | ||
− | |||
− | |||
− | |||
− | |||
|- | |- | ||
− | + | | 0x48 | |
− | + | | 0x2C | |
− | + | | u32 payload sizes for the 11 content sections. | |
|- | |- | ||
− | | | + | | 0x74 |
− | | | + | | 0x30 |
| ? | | ? | ||
|- | |- | ||
− | | | + | | 0xA4 |
− | | | + | | 0x3E |
− | | | + | | Data from the TWL [[TMD]] reserved section. Only the first 0x20-bytes from the TWL TMD is written here, the rest is uninitialized. |
|- | |- | ||
− | | | + | | 0xE2 |
− | | | + | | 0x0E |
− | | | + | | Padding? |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
|} | |} |
Latest revision as of 19:56, 8 September 2018
The DSiWare exported from a 3DS is located at "sdmc:/Nintendo 3DS/<ID0>/<ID1>/Nintendo DSiWare". Filenames are same format as DSi: "<TitleID-Low>.bin". The below sizes include the 0x20-byte block metadata.
DSiWare exported from 3DS use console-unique keyslots initialized by movable.sed. Each section is encrypted with AES-CBC.
The content sections are ordered the same way as DSi: TMD, SRL from content0, <content1-7 for format v2>, public.sav, and banner.sav when banner.sav exists. When the DSiWare export type is 7-11, the 12th content section is the private.sav, if it exists.(ContentX here is the .app data from TWL-NAND /title)
DSiWare Export Types[edit]
Value | Format version | Description |
---|---|---|
0-6 | Same as value 14. | |
7-11 | v2 | 12 content sections |
12 | v2 | 4 content sections |
13 | v1 | 4 content sections |
14 | v2 | 11 content sections |
For NATIVE_FIRM versions where this DSiWare export type field is unused, format version v1 is used with 4 content sections. Otherwise when this field is used, see the above table. System Settings uses type 1 for exporting DSiWare, regardless of the System Settings title-version.
Block Metadata[edit]
Offset | Size | Description |
---|---|---|
0x0 | 0x10 | AES MAC over a SHA-256 hash |
0x10 | 0x10 | IV, generated by the RNG. |
Each section begins with the payload encrypted data, followed by this block metadata. The SHA-256 hash used for the MAC is calculated over the cleartext payload. This hash used for generating the MAC is also stored in the footer.
[edit]
Offset | Size | Description |
---|---|---|
0x0 | X | SHA-256 hashes over the banner, header, and content sections. When a content section doesn't exist, the corresponding hash here is uninitialized. |
0x0 + X | 0x3C | ECDSA signature using SHA-256 over the previous hashes, signed by the APCert. |
0x3C + X | 0x180 | ECDSA "APXXXXXXXXXXXXXXXX" cert signed by the below CTCert, where X is random lowercase ASCII hex data. |
0x1BC + X | 0x180 | ECDSA CTCert |
0x33C + X | 0x4 | Uninitialized padding. |
These hashes are the same hashes used for generating each section's MAC stored in the metadata block. X = 0x40 + totalcontentsections*0x20.
The curve sect233r1 is used for all related ECDSA signing operations
File Structure v1[edit]
Offset | Size | Description |
---|---|---|
0x0 | 0x4020 | Banner section |
0x4020 | 0xC0 | Header section |
0x40E0 | 0x340 + 0x20 + X, where X is the total size of the hashes stored in the footer. | Footer section |
0x40E0 + footer_size | Content sections |
Header[edit]
Offset | Size | Description |
---|---|---|
0x0 | 0x4 | Magic number 0x54444633, "3FDT". |
0x4 | 0x2 | Byte-swapped groupID from the TWL TMD. |
0x6 | 0x2 | Byte-swapped title version from the TWL TMD. |
0x8 | 0x20 | SHA-256 hash calculated over the encrypted movable.sed. |
0x28 | 0x10 | Encrypted AES block from encrypting an all-zero 0x10-byte block with AES-CBC, where the IV is all-zero. |
0x38 | 0x8 | Byte-swapped titleID from the TWL TMD. |
0x40 | 0x8 | ? |
0x48 | 0x10 | u32 payload sizes for the 4 content sections. |
0x58 | 0x4 | ? |
0x5C | 0x3E | Data from the TWL TMD reserved section. Only the first 0x20-bytes from the TWL TMD is written here, the rest is uninitialized. |
0x9A | 0x6 | Padding? |
File Structure v2[edit]
Offset | Size | Description |
---|---|---|
0x0 | 0x4020 | Banner section |
0x4020 | 0x110 | Header section |
0x4130 | 0x340 + 0x20 + X, where X is the total size of the hashes stored in the footer. | Footer section |
0x4130 + footer_size | Content sections |
Header[edit]
Offset | Size | Description |
---|---|---|
0x0 | 0x4 | Magic number 0x54444633, "3FDT". |
0x4 | 0x2 | Byte-swapped groupID from the TWL TMD. |
0x6 | 0x2 | Byte-swapped title version from the TWL TMD. |
0x8 | 0x20 | SHA-256 hash calculated over the encrypted movable.sed. |
0x28 | 0x10 | Encrypted AES block from encrypting an all-zero 0x10-byte block with AES-CBC, where the IV is all-zero. |
0x38 | 0x8 | Byte-swapped titleID from the TWL TMD. |
0x40 | 0x8 | ? |
0x48 | 0x2C | u32 payload sizes for the 11 content sections. |
0x74 | 0x30 | ? |
0xA4 | 0x3E | Data from the TWL TMD reserved section. Only the first 0x20-bytes from the TWL TMD is written here, the rest is uninitialized. |
0xE2 | 0x0E | Padding? |