Line 155: |
Line 155: |
| | v1 | | | v1 |
| | 10 | | | 10 |
− | | | + | | Introduced a new scheme using HMAC-SHA-256. The HMAC key is loaded from mset .rodata, and differs between regions. |
| + | |
| + | The inquiry number was bumped from 8 digits to 10 digits, but the same function is used to generate the digits as in v0 (derived from MAC address). |
| + | |
| + | All digits of the inquiry number are now actually used in the master key derivation function, as the string format is now "%02u%02u%010u" (month, day, inquiry number). This buffer is hashed (as above), and a little-endian word is read from the start of the output hash. The low 5 decimal digits of this word are used as the master key. |
| |- | | |- |
| | [[7.2.0-17|7.2.0-X]] - current | | | [[7.2.0-17|7.2.0-X]] - current |
| | v2 | | | v2 |
| | 10 | | | 10 |
− | | The master key is indirectly a function of the current date, and of the [[CVer#masterkey.bin|system version and region]]. | + | | Extension of v1 featuring a number of changes which serve to obscure the HMAC key used. |
| + | |
| + | The HMAC key is now stored in a separate file stored in the CVer RomFS, called [[CVer#masterkey.bin|masterkey.bin]]. This is used to update the key independently of the mset title. In order to make this possible, a scheme was devised to encode the required key within the inquiry number - the first digit denotes region, and the next two digits represent the key version. These values match up with values stored in the masterkey.bin header. For compatibility with v1 (as inquiry number length did not change), the version values begin at 10 - when parsing an inquiry number, a "version" of less than 10 should be handled as algorithm v1. |
| + | |
| + | The HMAC key is now also encrypted in masterkey.bin. This uses AES-128-CTR using a (normal) key in mset .rodata (which differs between regions), with the initial counter value also stored in masterkey.bin. |
| + | |
| + | At some point, Nintendo chose to "abandon" the original JPN region ID (0), and moved to region ID 9 instead (which usually doesn't exist). It is unknown why they made this change, as the AES key used for both of these IDs is the same. |
| |} | | |} |
| | | |