| Line 35: |
Line 35: |
| | | | |
| | ==== FIRM ==== | | ==== FIRM ==== |
| − | For New3DS firmwares (NATIVE_FIRM, TWL_FIRM, ..), the ARM9 binary has an additional layer of crypto. At the end of each ARM9 binary, there's a plaintext loader.
| + | New3DS FIRM uses an additional crypto layer on the ARM9 FIRM section via a loader at the end of the ARM9 binary, see [[FIRM|here]]. |
| − | | |
| − | If (u8*)0x10000000 bit 1 is clear (which means that this happens only on hard reboots), it does the following things:
| |
| − | * Hashes data from the region 0x10012000-0x10012090 using SHA2.
| |
| − | * Initializes AES keyslot 0x11 keyX, keyY to the lower and higher portion of that hash, respectively.
| |
| − | * Decrypts arm9_bin_buf+0 using keyslot 0x11, and initialises keyX for keyslot 0x15 with it.
| |
| − | * Initialises KeyX for keyslots 0x18-0x20 with the output of encrypting a certain binary sequence using keyslot 0x11. These are presumably New3DS-specific keys.
| |
| − | | |
| − | It sets KeyY for keyslot 0x15 to arm9_bin_buf+16, the IV to arm9_bin_buf+32. It then proceeds to decrypt the binary. When done, it decrypts arm9_bit_buf+64 using a fixed key and makes sure it's all zeroes. It it is, it jumps to the decrypted addr. Otherwise it will just loop forever.
| |
| − | | |
| − | Thus, the ARM9 binary has the following header:
| |
| − | {| class="wikitable" border="1"
| |
| − | |-
| |
| − | ! OFFSET
| |
| − | ! SIZE
| |
| − | ! DESCRIPTION
| |
| − | |-
| |
| − | | 0x000
| |
| − | | 16
| |
| − | | Encrypted KeyX (same for all FIRM's)
| |
| − | |- | |
| − | | 0x010
| |
| − | | 16
| |
| − | | KeyY
| |
| − | |-
| |
| − | | 0x020
| |
| − | | 16
| |
| − | | IV
| |
| − | |-
| |
| − | | 0x030
| |
| − | | 16
| |
| − | | ?
| |
| − | |-
| |
| − | | 0x040
| |
| − | | 16
| |
| − | | Control block
| |
| − | |}
| |
| | | | |
| | =See Also= | | =See Also= |