6,264
edits
Changes
no edit summary
::::Conclusion: I do think there is some access to the storation of such a ssl private key. but i don't know where it exactly exists (even i hope that is stored in that key-scrambler - would bring a possibility to discovery the key-scrambler). i can not tell that is nand or sd or somewhere inside soc or actually key-scrambler, so i use hardware to refer that instead.--[[User:Syphurith|Syphurith]] 09:58, 4 July 2013 (CEST)
::::Conclusion: I do think there is some access to the storation of such a ssl private key. but i don't know where it exactly exists (even i hope that is stored in that key-scrambler - would bring a possibility to discovery the key-scrambler). i can not tell that is nand or sd or somewhere inside soc or actually key-scrambler, so i use hardware to refer that instead.--[[User:Syphurith|Syphurith]] 09:58, 4 July 2013 (CEST)
::::Appendix:iirc, the resources in one title may be refered and used in another title. so if only a new cert and key should be provided they may not need to rewrite the modules to implement that replacement. if i make a key-updater, i do provide keys in daily updates, and a modules such as connector (so ssl?) to everytime check the keys on server before start the secure connection. If such a speculation is right, then the write access can be in another title not the keys package. BTW have you built a tool that can help you detect the internal actions done in memory (when and who write/read which section of memory. there is such pc tools already but not arm)? It may help your analysing. --[[User:Syphurith|Syphurith]] 10:11, 4 July 2013 (CEST)
::::Appendix:iirc, the resources in one title may be refered and used in another title. so if only a new cert and key should be provided they may not need to rewrite the modules to implement that replacement. if i make a key-updater, i do provide keys in daily updates, and a modules such as connector (so ssl?) to everytime check the keys on server before start the secure connection. If such a speculation is right, then the write access can be in another title not the keys package. BTW have you built a tool that can help you detect the internal actions done in memory (when and who write/read which section of memory. there is such pc tools already but not arm)? It may help your analysing. --[[User:Syphurith|Syphurith]] 10:11, 4 July 2013 (CEST)
:::::I don't think you understand what "SSL client certificate authentication" is, you should google it etc. A fake server would require the SSL server private-key from the real server, which you can't obtain of course. The AES engine has *nothing* to do with this besides being used to decrypt those two files in that CFA RomFS. This CFA is a system title so it's obviously stored in NAND, but of course you can't change any NCCH data due to RSA signing of course(modifying ClCertA is pointless anyway). There's not much point changing the SSL client cert/private-key, each 3DS prior to that update would be using the old ClCertA, and system updates require that SSL client auth for SOAP(besides SOAP that stuff isn't really interesting tbh). SSL module is the only process which uses ClCertA. "... write/read which section of memory" I have no use for that. --[[User:Yellows8|Yellows8]] 17:30, 4 July 2013 (CEST)
===Spam attack===
===Spam attack===