Difference between revisions of "DSiWare Exports"
(→Footer) |
|||
| Line 21: | Line 21: | ||
|} | |} | ||
| − | Each section begins with the payload encrypted data, followed by this block metadata. The hash used for the MAC is calculated over the the cleartext payload, this hash is calculated the | + | Each section begins with the payload encrypted data, followed by this block metadata. The hash used for the MAC is calculated over the the cleartext payload, however it's unknown how this hash is calculated. This hash used for generating the MAC is also stored in the footer. |
=File Structure v1= | =File Structure v1= | ||
| Line 135: | Line 135: | ||
|} | |} | ||
| − | + | These hashes are the same hashes used for generating each section's MAC stored in the metadata block. | |
=File Structure v2= | =File Structure v2= | ||
Revision as of 03:48, 24 April 2013
The DSiWare exported from a 3DS is located at "sdmc:/Nintendo 3DS/<ID0>/<ID1>/Nintendo DSiWare". Filenames are same format as DSi: "<TitleID-Low>.bin". The below sizes include the 0x20-byte block metadata.
DSiWare exported from 3DS use keyslots initialized by movable.sed. Each section is encrypted with AES-CBC.
The content sections are ordered the same way as DSi: TMD, SRL from content0, <content1-7 for format v2>, savegame, and banner.sav.(ContentX here is the .app data from TWL-NAND /title)
Block Metadata
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x10 | AES MAC over a SHA-256 hash |
| 0x10 | 0x10 | IV, generated by the RNG. |
Each section begins with the payload encrypted data, followed by this block metadata. The hash used for the MAC is calculated over the the cleartext payload, however it's unknown how this hash is calculated. This hash used for generating the MAC is also stored in the footer.
File Structure v1
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x4020 | Banner section |
| 0x4020 | 0xC0 | Header section |
| 0x40E0 | 0x420 | Footer section |
| 0x4500 | Data for the 4 content sections are stored here. |
Header
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x4 | Magic number 0x54444633, "3FDT". |
| 0x4 | 0x2 | Byte-swapped groupID from the TWL TMD. |
| 0x6 | 0x2 | Byte-swapped title version from the TWL TMD. |
| 0x8 | 0x20 | SHA-256 hash calculated over the encrypted movable.sed. |
| 0x28 | 0x10 | Encrypted AES block from encrypting an all-zero 0x10-byte block with AES-CBC, where the IV is all-zero. |
| 0x38 | 0x8 | Byte-swapped titleID from the TWL TMD. |
| 0x40 | 0x8 | ? |
| 0x48 | 0x10 | u32 payload sizes for the 4 content sections. |
| 0x58 | 0x4 | ? |
| 0x5C | 0x3E | Data from the TWL TMD reserved section. Only the first 0x20-bytes from the TWL TMD is written here, the rest is uninitialized. |
| 0x9A | 0x6 | Padding? |
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x20 | SHA-256 hash over the banner. |
| 0x20 | 0x20 | SHA-256 hash over the header. |
| 0x40 | 0x80 | SHA-256 hashes over the 4 content sections, when a content section doesn't exist the corresponding hash is uninitialized. |
| 0xC0 | 0x3C | ECDSA signature over the previous data, signed by the AP cert? |
| 0xFC | 0x180 | ECDSA "APXXXXXXXXXXXXXXXX" cert signed by the CTCert, where X is random lowercase ASCII hex data. |
| 0x27C | 0x180 | ECDSA CTCert |
| 0x3FC | 0x4 | Uninitialized padding. |
These hashes are the same hashes used for generating each section's MAC stored in the metadata block.
File Structure v2
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x4020 | Banner section |
| 0x4020 | 0x110 | Header section |
| 0x4130 | ? | Footer section |
| Data for the 11 content sections are stored here. |
Header
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x4 | Magic number 0x54444633, "3FDT". |
| 0x4 | 0x2 | Byte-swapped groupID from the TWL TMD. |
| 0x6 | 0x2 | Byte-swapped title version from the TWL TMD. |
| 0x8 | 0x20 | SHA-256 hash calculated over the encrypted movable.sed. |
| 0x28 | 0x10 | Encrypted AES block from encrypting an all-zero 0x10-byte block with AES-CBC, where the IV is all-zero. |
| 0x38 | 0x8 | Byte-swapped titleID from the TWL TMD. |
| 0x40 | 0x8 | ? |
| 0x48 | 0x2C | u32 payload sizes for the 11 content sections. |
| 0x74 | 0x30 | ? |
| 0xA4 | 0x3E | Data from the TWL TMD reserved section. Only the first 0x20-bytes from the TWL TMD is written here, the rest is uninitialized. |
| 0xE2 | 0x0E | Padding? |
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0xD0 | ? |
| 0xD0 | 0xE0 | Normally all-zero? |
| 0x1B0 | 0x20 | SHA256 hash? |
| 0x1D0 | 0x20 | Normally all-zero? |
| 0x1F0 | 0x3C | ECDSA signature over the previous data, signed by the AP cert? |
| 0x22C | 0x180 | ECDSA "APXXXXXXXXXXXXXXXX" cert signed by the CTCert, where X is random lowercase ASCII hex data. |
| 0x3AC | 0x54 | ECDSA certificate, the last 0x14-bytes here are all-zero. |