Difference between revisions of "CTCert"

From 3dbrew
Jump to navigation Jump to search
(Found while digging the Process9 binary executable, function generating a CTCert can be found using OTP registers.)
(Saying 01 is incorrect, its not always 1 that's loaded off dev OTP)
 
(3 intermediate revisions by one other user not shown)
Line 16: Line 16:
 
| 0x04
 
| 0x04
 
| 0x3C
 
| 0x3C
| ECDSA Signature
+
| ECDSA Signature using Nintendo's private key, in big-endian.  The first 0x1E bytes are "r"; the second 0x1E bytes are "s".  The hash is SHA-256 computed over this certificate, starting at byte 0x80 ("Cert Issue ID") to the end.
 
|-
 
|-
 
| 0x40
 
| 0x40
Line 32: Line 32:
 
| 0xC4
 
| 0xC4
 
| 0x40
 
| 0x40
| Key ID: "CT<DeviceId>-<ConsoleType>", where DeviceId is the hex [[PSPXI:GetDeviceId|DeviceId]], and ConsoleType is 00 for retail, 01 for dev
+
| Key ID: "CT<DeviceId>-<ConsoleType>", where DeviceId is the hex [[PSPXI:GetDeviceId|DeviceId]], and ConsoleType is 00 for retail, any other single byte hex value for dev
 
|-
 
|-
 
| 0x104
 
| 0x104
Line 40: Line 40:
 
| 0x108
 
| 0x108
 
| 0x3C
 
| 0x3C
| ECDSA Public Key. This is two consecutive u8 arrays (each one of length 0x1E), where the first one corresponds to the ECDSA R coordinate, and the second to ECDSA S coordinate. These are in '''big''' endian.
+
| ECDSA Public Key of this console as a curve point in big-endian. The first 0x1E bytes are "x" of this point; the second 0x1E bytes are "y".
 
|-
 
|-
 
| 0x144
 
| 0x144
Line 47: Line 47:
 
|}
 
|}
  
The ECDSA public key for this cert is converted from the ECDSA private key initialized by bootrom.
+
Boot ROM decrypts [[OTP Registers]] and writes the private key and Nintendo's signature of CTCert to [[Memory_layout#ARM9_ITCM|ARM9 ITCM]]; the public key is computed from the private key.
 +
 
 
The curve used for ECDSA is sect233r1.
 
The curve used for ECDSA is sect233r1.

Latest revision as of 23:44, 27 April 2022

Summary[edit]

The console-unique CTCert is used for signing CTX files, the DeviceCert used by eShop, and for DSiWare exports. This ECDSA signature, the ECDSA private key for this cert, and the IssuerID is loaded from memory initialized by bootrom instead of NAND. This is the 3DS equivalent of the DSi TWCert.

The CTCert is signed with ECDSA by Nintendo. CTCerts can be verified via a DER stored in NATIVE_FIRM, separate DERs are used for retail and dev/debug.

Structure[edit]

Offset Size Description
0x00 0x04 Signature Type, 0x010005.
0x04 0x3C ECDSA Signature using Nintendo's private key, in big-endian. The first 0x1E bytes are "r"; the second 0x1E bytes are "s". The hash is SHA-256 computed over this certificate, starting at byte 0x80 ("Cert Issue ID") to the end.
0x40 0x40 Padding
0x80 0x40 Cert Issuer ID, for retail this is "Nintendo CA - G3_NintendoCTR2prod", for dev "Nintendo CA - G3_NintendoCTR2dev"
0xC0 0x04 Key Type
0xC4 0x40 Key ID: "CT<DeviceId>-<ConsoleType>", where DeviceId is the hex DeviceId, and ConsoleType is 00 for retail, any other single byte hex value for dev
0x104 0x04 Expiration time as UNIX Timestamp in big endian.
0x108 0x3C ECDSA Public Key of this console as a curve point in big-endian. The first 0x1E bytes are "x" of this point; the second 0x1E bytes are "y".
0x144 0x3C Padding

Boot ROM decrypts OTP Registers and writes the private key and Nintendo's signature of CTCert to ARM9 ITCM; the public key is computed from the private key.

The curve used for ECDSA is sect233r1.