Changes

305 bytes added ,  12:23, 15 November 2017
→‎Overview: Move encryption stuff from Extdata to general SD file
Line 18: Line 18:       −
* Everything stored under sdmc/Nintendo 3DS/<ID0>/<ID1> is encrypted with console-unique [[AES|keyslots]], files stored under [[Flash Filesystem|nand/data/<ID0>]] only use these keyslots for MACs. All CTR files under these directories use the keyslots initialized by [[nand/private/movable.sed]].
+
* Everything stored under sdmc/Nintendo 3DS/<ID0>/<ID1> is encrypted by 128 bit AES-CTR with console-unique [[AES|keyslots]]. The keyslot is initialized by [[nand/private/movable.sed]].
 +
* The crypto IV/CTR for each file is generated as follows: take the UTF-16 path relative to sdmc/Nintendo 3DS/<ID0>/<ID1> (the path it self begins with "/") and hash it with SHA-256, including the null null-terminator. Then calculate CTR as CTRbyte[i] = Hashbyte[i] ^ Hashbyte[16+i] for i = 0 to 15.
 +
* Files stored under [[Flash Filesystem|nand/data/<ID0>]] also use the same keyslot, but it is only used for MACs.
 
* ID0 is the first 0x10-bytes from a SHA256 [[nand/private/movable.sed|hash]].  
 
* ID0 is the first 0x10-bytes from a SHA256 [[nand/private/movable.sed|hash]].  
 
* ID1 is the scrambled SD card CID from the SD card which this directory was originally created on. To generate this directory name from the original CID, first the CID is rotated 8-bits to the left. Then, each u16 is moved as described in the below table:
 
* ID1 is the scrambled SD card CID from the SD card which this directory was originally created on. To generate this directory name from the original CID, first the CID is rotated 8-bits to the left. Then, each u16 is moved as described in the below table:
242

edits