Changes

Jump to navigation Jump to search
536 bytes added ,  20:56, 23 September 2014
Line 50: Line 50:  
All UDS local-WLAN communications have the CCMP key for data encryption generated via NWM module. The CCMP key passed to nwm::CEC commands(stored in a 0x44-byte input structure) for [[StreetPass]] is generated by the CECD module. The input data used with [[Process_Services|EncryptDecryptAes]] with [[PSPXI:EncryptDecryptAes|keytype1]] is a MD5 hash over an input passphrase. This input passphrase is fixed for [[Download Play]], it's unique per local-WLAN protocol. The CTR is a MD5 hash over the below 0x10-byte structure. The output from encrypting that data with AES-CTR is the final CCMP key.
 
All UDS local-WLAN communications have the CCMP key for data encryption generated via NWM module. The CCMP key passed to nwm::CEC commands(stored in a 0x44-byte input structure) for [[StreetPass]] is generated by the CECD module. The input data used with [[Process_Services|EncryptDecryptAes]] with [[PSPXI:EncryptDecryptAes|keytype1]] is a MD5 hash over an input passphrase. This input passphrase is fixed for [[Download Play]], it's unique per local-WLAN protocol. The CTR is a MD5 hash over the below 0x10-byte structure. The output from encrypting that data with AES-CTR is the final CCMP key.
   −
==Structure used for generating the CTR==
+
==Structure used for generating the CTR for CCMP key generation==
 
{| class="wikitable" border="1"
 
{| class="wikitable" border="1"
 
|-
 
|-
Line 59: Line 59:  
| 0x0
 
| 0x0
 
| 0x4
 
| 0x4
| Little-endian local-WLAN communication ID, normally this is: (user_process [[Title_list|uniqueID]] << 8) | val. Where val is 0x10 on retail([[Configuration_Memory|configmem]] UNITINFO bit0 set), 0x90 for devunit. For [[Download Play]], this is always 0x2810 on retail(0x2890 on devunit).
+
| Local-WLAN communication ID, normally this is: (user_process [[Title_list|uniqueID]] << 8) | val. Where val is 0x10 on retail([[Configuration_Memory|configmem]] UNITINFO bit0 set), 0x90 for devunit. For [[Download Play]], this is always 0x2810 on retail(0x2890 on devunit).
 
|-
 
|-
 
| 0x4
 
| 0x4
 
| 0x4
 
| 0x4
| Little-endian u32 networkID, randomly-generated when creating the network. The network SSID used when a client connects to the network is sprintf(out, "%08X", networkID).
+
| u32 networkID, randomly-generated when creating the network. The network SSID used when a client connects to the network is sprintf(out, "%08X", networkID).
 
|-
 
|-
 
| 0x8
 
| 0x8
Line 71: Line 71:  
| 0xE
 
| 0xE
 
| 0x2
 
| 0x2
| Little-endian ID, for [[Download Play]] this is 0x55.
+
| ID, for [[Download Play]] this is 0x55.
 
|}
 
|}
 +
 +
This data is stored as little-endian.
 +
 +
==CTR used for beacon tags crypto==
 +
{| class="wikitable" border="1"
 +
|-
 +
!  Offset
 +
!  Size
 +
!  Description
 +
|-
 +
| 0x0
 +
| 0x6
 +
| Host MAC address
 +
|-
 +
| 0x6
 +
| 0x4
 +
| wlancommID
 +
|-
 +
| 0xA
 +
| 0x1
 +
| This ID is also stored at offset 0xE in the CTR-generation structure.
 +
|-
 +
| 0xB
 +
| 0x1
 +
| Padding, value zero.
 +
|-
 +
| 0xC
 +
| 0x4
 +
| This is the u32 from offset 0x18 in the network-struct.
 +
|}
 +
 +
This data is stored as little-endian. All data here is all-zero except for the MAC address, when the u8 at offset 0x8 in the network-struct is 0.
    
==Network structure==
 
==Network structure==

Navigation menu