Line 3: |
Line 3: |
| DSiWare exported from 3DS use [[Nand/private/movable.sed|keyslots]] initialized by movable.sed. Each section is encrypted with AES-CBC. | | DSiWare exported from 3DS use [[Nand/private/movable.sed|keyslots]] initialized by movable.sed. Each section is encrypted with AES-CBC. |
| | | |
− | The content sections are ordered the same way as DSi: TMD, SRL from content0, <content1-7 for format v2>, savegame, and banner.sav.(ContentX here is the .app data from TWL-NAND /title) | + | The content sections are ordered the same way as DSi: TMD, SRL from content0, <content1-7 for format v2>, savegame, and banner.sav.(ContentX here is the .app data from TWL-NAND /title) The DSiWare export type is specified by [[AMPXI:ExportDSiWare]], this field is also used to specify the format version. For NATIVE_FIRM versions where this DSiWare type field is unused, format version v1 is used. When this field is used, format version v1 is used for DSiWare type value 13, otherwise v2 is used. |
| | | |
| =Block Metadata= | | =Block Metadata= |
Line 22: |
Line 22: |
| | | |
| Each section begins with the payload encrypted data, followed by this block metadata. The hash used for the MAC is calculated over the the cleartext payload, however it's unknown how this hash is calculated. This hash used for generating the MAC is also stored in the footer. | | Each section begins with the payload encrypted data, followed by this block metadata. The hash used for the MAC is calculated over the the cleartext payload, however it's unknown how this hash is calculated. This hash used for generating the MAC is also stored in the footer. |
| + | |
| + | =Footer= |
| + | {| class="wikitable" border="1" |
| + | |- |
| + | ! Offset |
| + | ! Size |
| + | ! Description |
| + | |- |
| + | | 0x0 |
| + | | X |
| + | | SHA-256 hashes over the banner, header, and content sections. |
| + | |- |
| + | | 0x0 + X |
| + | | 0x3C |
| + | | ECDSA signature over the previous data, signed by the AP cert? |
| + | |- |
| + | | 0x3C + X |
| + | | 0x180 |
| + | | ECDSA "APXXXXXXXXXXXXXXXX" cert signed by the [[CTCert]], where X is random lowercase ASCII hex data. |
| + | |- |
| + | | 0x1BC + X |
| + | | 0x180 |
| + | | ECDSA [[CTCert]] |
| + | |- |
| + | | 0x33C + X |
| + | | 0x4 |
| + | | Uninitialized padding. |
| + | |} |
| + | |
| + | These hashes are the same hashes used for generating each section's MAC stored in the metadata block. For format version v1, X is 0xC0. For format version v2, X is at least 0x1A0. |
| | | |
| =File Structure v1= | | =File Structure v1= |
Line 39: |
Line 69: |
| |- | | |- |
| | 0x40E0 | | | 0x40E0 |
− | | 0x420 | + | | 0x340 + X, where X is the total size of the hashes stored in the footer. |
| | Footer section | | | Footer section |
| |- | | |- |
− | | 0x4500 | + | | 0x40E0 + footer_size |
| | | | | |
| | Data for the 4 content sections are stored here. | | | Data for the 4 content sections are stored here. |
Line 98: |
Line 128: |
| | Padding? | | | Padding? |
| |} | | |} |
− |
| |
− | ==Footer==
| |
− | {| class="wikitable" border="1"
| |
− | |-
| |
− | ! Offset
| |
− | ! Size
| |
− | ! Description
| |
− | |-
| |
− | | 0x0
| |
− | | 0x20
| |
− | | SHA-256 hash over the banner.
| |
− | |-
| |
− | | 0x20
| |
− | | 0x20
| |
− | | SHA-256 hash over the header.
| |
− | |-
| |
− | | 0x40
| |
− | | 0x80
| |
− | | SHA-256 hashes over the 4 content sections, when a content section doesn't exist the corresponding hash is uninitialized.
| |
− | |-
| |
− | | 0xC0
| |
− | | 0x3C
| |
− | | ECDSA signature over the previous data, signed by the AP cert?
| |
− | |-
| |
− | | 0xFC
| |
− | | 0x180
| |
− | | ECDSA "APXXXXXXXXXXXXXXXX" cert signed by the [[CTCert]], where X is random lowercase ASCII hex data.
| |
− | |-
| |
− | | 0x27C
| |
− | | 0x180
| |
− | | ECDSA [[CTCert]]
| |
− | |-
| |
− | | 0x3FC
| |
− | | 0x4
| |
− | | Uninitialized padding.
| |
− | |}
| |
− |
| |
− | These hashes are the same hashes used for generating each section's MAC stored in the metadata block.
| |
| | | |
| =File Structure v2= | | =File Structure v2= |
Line 153: |
Line 145: |
| |- | | |- |
| | 0x4130 | | | 0x4130 |
− | | ? | + | | 0x340 + X, where X is the total size of the hashes stored in the footer. |
| | Footer section | | | Footer section |
| |- | | |- |
− | | | + | | 0x4130 + footer_size |
| | | | | |
| | Data for the 11 content sections are stored here. | | | Data for the 11 content sections are stored here. |
Line 211: |
Line 203: |
| | 0x0E | | | 0x0E |
| | Padding? | | | Padding? |
− | |}
| |
− |
| |
− | ==Footer==
| |
− | {| class="wikitable" border="1"
| |
− | |-
| |
− | ! Offset
| |
− | ! Size
| |
− | ! Description
| |
− | |-
| |
− | | 0x0
| |
− | | 0xD0
| |
− | | ?
| |
− | |-
| |
− | | 0xD0
| |
− | | 0xE0
| |
− | | Normally all-zero?
| |
− | |-
| |
− | | 0x1B0
| |
− | | 0x20
| |
− | | SHA256 hash?
| |
− | |-
| |
− | | 0x1D0
| |
− | | 0x20
| |
− | | Normally all-zero?
| |
− | |-
| |
− | | 0x1F0
| |
− | | 0x3C
| |
− | | ECDSA signature over the previous data, signed by the AP cert?
| |
− | |-
| |
− | | 0x22C
| |
− | | 0x180
| |
− | | ECDSA "APXXXXXXXXXXXXXXXX" cert signed by the [[CTCert]], where X is random lowercase ASCII hex data.
| |
− | |-
| |
− | | 0x3AC
| |
− | | 0x54
| |
− | | ECDSA certificate, the last 0x14-bytes here are all-zero.
| |
| |} | | |} |