Line 34: |
Line 34: |
| == NCCH Specs == | | == NCCH Specs == |
| | | |
− | The extended header, the [[ExeFS]] and the RomFS are encrypted using 128-bit AES CTR. | + | The extended header, the [[ExeFS]] and the [[RomFS]] are encrypted using 128-bit AES CTR. |
| | | |
| By default encrypted regions are compressed with an LZ77 variant, then encrypted. The spec allows for both unencrypted and uncompressed regions to exist. Retail SD card CXIs must have the [[ExeFS|ExeFS:/.code]] compressed. Development units use a fixed system key for system titles. On retail part of the input [[AES]] engine key is unique per NCCH, the AES engine internally generates the final-normal key. | | By default encrypted regions are compressed with an LZ77 variant, then encrypted. The spec allows for both unencrypted and uncompressed regions to exist. Retail SD card CXIs must have the [[ExeFS|ExeFS:/.code]] compressed. Development units use a fixed system key for system titles. On retail part of the input [[AES]] engine key is unique per NCCH, the AES engine internally generates the final-normal key. |
| | | |
− | Retail CFAs use NCCH product code "CTR-P-CTAP", while retail title/gamecard CXIs use NCCH product code "CTR-P-XXXX". This product code is the NCCH [[Serials|serial code]]. <del>This CXI product code is likely used for region-locking.</del> There is a value set in the banner used for region-locking. | + | Retail CFAs use NCCH product code "CTR-P-CTAP", while retail title/gamecard CXIs use NCCH product code "CTR-P-XXXX". This product code is the NCCH [[Serials|serial code]]. The region-locking info checked by home menu is stored in the [[SMDH#Flags|icon]]. |
| + | |
| + | All of the hashes stored in this NCCH header are over the cleartext data. The ExeFS/RomFS superblock starts at offset 0x0 in the ExeFS/RomFS, and the size is specified by the hash region fields. |
| | | |
| === NCCH Header === | | === NCCH Header === |
Line 93: |
Line 95: |
| | 0x160 | | | 0x160 |
| | 0x20 | | | 0x20 |
− | | Extended header hash. SHA256Managed() over first 0x400 bytes of UNENCRYPTED ExHeader. | + | | Extended header SHA-256 hash, over the 0x400-byte exheader |
| |- | | |- |
| | 0x180 | | | 0x180 |
Line 153: |
Line 155: |
| | 0x1C0 | | | 0x1C0 |
| | 0x20 | | | 0x20 |
− | | ExeFS superblock hash. SHA256Managed() over first 0x200 bytes of UNENCRYPTED ExeFS. | + | | ExeFS superblock SHA-256 hash |
| |- | | |- |
| | 0x1E0 | | | 0x1E0 |
| | 0x20 | | | 0x20 |
− | | RomFS superblock hash. SHA256Managed() over first 0x200 bytes of UNENCRYPTED RomFS. | + | | RomFS superblock SHA-256 hash |
| |} | | |} |
| | | |
Line 231: |
Line 233: |
| 0004ae0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | | 0004ae0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ |
| | | |
− | A tool for parsing this format is available [http://github.com/3dshax/ctr/tree/master/ctrtool here] | + | A tool for parsing this format is available [http://github.com/3dshax/ctr/tree/master/ctrtool here]. |
| | | |
| ==== Example dependency list from the extended header ==== | | ==== Example dependency list from the extended header ==== |
Line 258: |
Line 260: |
| | | |
| === Extended Header === | | === Extended Header === |
− | | + | See also: [https://github.com/3dshax/ctr/blob/master/ctrtool/exheader.h] |
− | '''NOTE: AFTER DECRYPTION'''
| |
| | | |
| {| class="wikitable" border="1" | | {| class="wikitable" border="1" |