Changes

634 bytes removed ,  12:26, 15 November 2017
→‎Overview: Move encryption stuff from Extdata to general SD file
Line 13: Line 13:     
=== Encryption ===
 
=== Encryption ===
 
+
The SD extdata are encrypted following [[SD Filesystem|the general SD filesystem encryption rule]]. The NAND extdata images are stored in cleartext.
These files are [[AES|encrypted]] with AES-CTR, the keyslot is initialized by [[nand/private/movable.sed|movable.sed]]. The same keyslot is used for the NAND/SD extdata MAC. The NAND extdata images are stored in cleartext. The WCHAR LowPath "/extdata/<ExtdataIDHigh>/<ExtdataIDLow>/<PathToImage>" text path is hashed with SHA-256, including the WCHAR null-terminator. A separate hash is used for Quota.dat. The base CTR seems to be then generated by XORing the calculated hash: CTRword[i] = Hashword[i] ^ Hashword[4+i].
  −
 
  −
The base CTR is fixed therefore the CTR never changes after each write. Thus it is possible to obtain some cleartext by XORing one file(like newly created extdata) with a newer file, where the newer file overwrote zeros in the original file with non-zero data.
      
=== Format ===
 
=== Format ===
242

edits