Nand/private/movable.sed

Revision as of 07:31, 31 December 2013 by Yellows8 (talk | contribs)
Offset Size Description
0x0 0x4 Magic "SEED"
0x4 0x4 This u8 must be zero
0x8 0x100 RSA-2048 signature over the 0x10-byte data at 0x108
0x108 0x8 Usually zero
0x110 0x10 AES engine keyY for 3 keyslots (High u64 is unsigned)
0x120 0x20 Unknown, this data is written to the file when doing a System Format. The original movable.sed from the factory is only 0x120-bytes, only the first 0x120-bytes of movable.sed are read when loading the keyY/etc.

This keyY is the console-unique portion of the 3 keyslots used for everything stored under sdmc/Nintendo 3DS/<ID0>/<ID1> and nand/data/<ID0>. For SD this is used for encryption and AES MACs, however for NAND this is only used for AES MACs. This file is transferred to the destination 3DS during a System Transfer. The movable.sed keyY high u64 is updated on the source 3DS during a System Transfer, and when doing a system format with System Settings.

Movable.sed always exists on retail and development units(written to NAND at the factory), however if reading this file fails(svcBreak would be executed if the file-read code-path return value is 0xC8804464) the system will fall-back to using a console-unique keyY already in memory, with the last 8-bytes being loaded from the 8-bytes following that u64. On development units the code-path handling movable.sed would execute svcBreak if file-reading(regardless of error-code) or verifying the RSA signature fails(this would brick the 3DS), RSA verification failure on a retail unit here would also cause a brick.

The keyY is hashed with SHA256, the first 0x10-bytes from the hash is used with the below snprintf for ID0 in sdmc/Nintendo 3DS/<ID0>/<ID1> and nand/data/<ID0>. ID0 is generated by: snprintf(outdirname, maxlen, "%08x%08x%08x%08x", hashword[0], hashword[1], hashword[2], hashword[3]).