6,264
edits
Changes
Jump to navigation
Jump to search
Line 50:
Line 50: − + Line 59:
Line 59: − + − + Line 71:
Line 71: − + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
→Local-WLAN
All UDS local-WLAN communications have the CCMP key for data encryption generated via NWM module. The CCMP key passed to nwm::CEC commands(stored in a 0x44-byte input structure) for [[StreetPass]] is generated by the CECD module. The input data used with [[Process_Services|EncryptDecryptAes]] with [[PSPXI:EncryptDecryptAes|keytype1]] is a MD5 hash over an input passphrase. This input passphrase is fixed for [[Download Play]], it's unique per local-WLAN protocol. The CTR is a MD5 hash over the below 0x10-byte structure. The output from encrypting that data with AES-CTR is the final CCMP key.
All UDS local-WLAN communications have the CCMP key for data encryption generated via NWM module. The CCMP key passed to nwm::CEC commands(stored in a 0x44-byte input structure) for [[StreetPass]] is generated by the CECD module. The input data used with [[Process_Services|EncryptDecryptAes]] with [[PSPXI:EncryptDecryptAes|keytype1]] is a MD5 hash over an input passphrase. This input passphrase is fixed for [[Download Play]], it's unique per local-WLAN protocol. The CTR is a MD5 hash over the below 0x10-byte structure. The output from encrypting that data with AES-CTR is the final CCMP key.
==Structure used for generating the CTR==
==Structure used for generating the CTR for CCMP key generation==
{| class="wikitable" border="1"
{| class="wikitable" border="1"
|-
|-
| 0x0
| 0x0
| 0x4
| 0x4
| Little-endian local-WLAN communication ID, normally this is: (user_process [[Title_list|uniqueID]] << 8) | val. Where val is 0x10 on retail([[Configuration_Memory|configmem]] UNITINFO bit0 set), 0x90 for devunit. For [[Download Play]], this is always 0x2810 on retail(0x2890 on devunit).
| Local-WLAN communication ID, normally this is: (user_process [[Title_list|uniqueID]] << 8) | val. Where val is 0x10 on retail([[Configuration_Memory|configmem]] UNITINFO bit0 set), 0x90 for devunit. For [[Download Play]], this is always 0x2810 on retail(0x2890 on devunit).
|-
|-
| 0x4
| 0x4
| 0x4
| 0x4
| Little-endian u32 networkID, randomly-generated when creating the network. The network SSID used when a client connects to the network is sprintf(out, "%08X", networkID).
| u32 networkID, randomly-generated when creating the network. The network SSID used when a client connects to the network is sprintf(out, "%08X", networkID).
|-
|-
| 0x8
| 0x8
| 0xE
| 0xE
| 0x2
| 0x2
| Little-endian ID, for [[Download Play]] this is 0x55.
| ID, for [[Download Play]] this is 0x55.
|}
|}
This data is stored as little-endian.
==CTR used for beacon tags crypto==
{| class="wikitable" border="1"
|-
! Offset
! Size
! Description
|-
| 0x0
| 0x6
| Host MAC address
|-
| 0x6
| 0x4
| wlancommID
|-
| 0xA
| 0x1
| This ID is also stored at offset 0xE in the CTR-generation structure.
|-
| 0xB
| 0x1
| Padding, value zero.
|-
| 0xC
| 0x4
| This is the u32 from offset 0x18 in the network-struct.
|}
This data is stored as little-endian. All data here is all-zero except for the MAC address, when the u8 at offset 0x8 in the network-struct is 0.
==Network structure==
==Network structure==