Difference between revisions of "CTCert"
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
=Summary= | =Summary= | ||
| − | The console-unique CTCert is used for signing CTX files, the DeviceCert used by [[eShop]], and presumably for DSiWare exports. This ECDSA signature, the ECDSA private key, and the IssuerID is loaded from memory instead of NAND. This is the 3DS equivalent of DSi TWCert. | + | The console-unique CTCert is used for signing [[Title Data Structure|CTX]] files, the DeviceCert used by [[eShop]], and presumably for DSiWare exports. This ECDSA signature, the ECDSA private key for this cert, and the IssuerID is loaded from memory initialized by bootrom instead of NAND. This is the 3DS equivalent of the DSi TWCert. |
| + | |||
| + | The CTCert is signed with ECDSA by Nintendo. | ||
=Structure= | =Structure= | ||
| Line 33: | Line 35: | ||
|- | |- | ||
| 0x104 | | 0x104 | ||
| + | | 0x04 | ||
| + | | ? | ||
| + | |- | ||
| + | | 0x108 | ||
| 0x3C | | 0x3C | ||
| ECDSA Public Key | | ECDSA Public Key | ||
|- | |- | ||
| − | | | + | | 0x144 |
| − | | | + | | 0x3C |
| Padding | | Padding | ||
|} | |} | ||
| − | The ECDSA private key is located 0x3C bytes before this cert in internal memory, the 0x1E-bytes following this private key is padding. | + | The ECDSA private key for this cert is located 0x3C-bytes before this cert in internal memory, the 0x1E-bytes following this private key is padding. The ECDSA public key for this cert is converted from the ECDSA private key initialized by bootrom. |
Revision as of 01:02, 26 August 2012
Summary
The console-unique CTCert is used for signing CTX files, the DeviceCert used by eShop, and presumably for DSiWare exports. This ECDSA signature, the ECDSA private key for this cert, and the IssuerID is loaded from memory initialized by bootrom instead of NAND. This is the 3DS equivalent of the DSi TWCert.
The CTCert is signed with ECDSA by Nintendo.
Structure
| Offset | Size | Description |
|---|---|---|
| 0x00 | 0x04 | Type |
| 0x04 | 0x3C | ECDSA Signature |
| 0x40 | 0x40 | Padding |
| 0x80 | 0x40 | Cert Issuer ID, for retail this is "Nintendo CA - G3_NintendoCTR2prod", for dev "Nintendo CA - G3_NintendoCTR2dev" |
| 0xC0 | 0x04 | Key Type |
| 0xC4 | 0x40 | Key ID: "CT<DeviceId>-<ConsoleType>", where DeviceId is the hex DeviceId, and ConsoleType is 00 for retail, 01 for dev |
| 0x104 | 0x04 | ? |
| 0x108 | 0x3C | ECDSA Public Key |
| 0x144 | 0x3C | Padding |
The ECDSA private key for this cert is located 0x3C-bytes before this cert in internal memory, the 0x1E-bytes following this private key is padding. The ECDSA public key for this cert is converted from the ECDSA private key initialized by bootrom.