CIA: Difference between revisions

(39 intermediate revisions by 12 users not shown)

Line 1:

[[Category:File formats]]

=== Overview ===

== Overview ==

CIA stands for '''C'''TR '''I'''mportable '''A'''rchive. This format allows the installation titles to the 3DS. CIA files ~~can compile~~ [[~~NCCH~~]] ~~files for installation to either the SDMC or CTR NAND~~. CIA files can also ~~compile .SRL~~ files ~~(format for DS(i) executable images) for installation to the TWL NAND of the 3DS~~.

CIA stands for '''C'''TR '''I'''mportable '''A'''rchive. This format allows the installation of titles to the 3DS. CIA files and titles on [[Title list|Nintendo's CDN]] contain identical data. As a consequence, valid CIA files can be generated from CDN content. This also means CIA files can contain anything that titles on Nintendo's CDN can contain.

~~An example~~ .~~CIA can be downloaded~~ [~~http://depositfiles~~.~~com/files/t93cpkb2g here] Credit:~~ [[~~User:Jl12~~|~~Jl12~~]]~~. It includes a .cia~~ file~~, the result of installation, some screenshots~~. ~~Also I've decrypted/extracted everything, for those people who can't be bothered using ctrtool ;)~~

Under normal circumstances CIA files are used where downloading a title is impractical or not possible. Such as distributing a [[Download Play]] child, or installing forced Gamecard updates. Those CIA(s) are stored by the titles in question, in an auxiliary [[NCCH#CFA|CFA]] file.

[[~~Download Play~~]] ~~utilises the CIA format when transferring titles~~.~~(This is also the only known retail implementation of the CIA format)~~

Development Units, are capable of manually installing CIA files via the [[3DS Development Unit Software#Dev Menu|Dev Menu]].

~~Development Units~~, ~~are capable~~ of ~~manually installing~~ CIA ~~files via~~ the [[~~3DS Development Unit Software#Dev Menu~~|~~Dev Menu~~]]

== Format ==

This is the current version of the CIA format, it was finalised in late 2010. (Older versions of the CIA format can be viewed on the [[Talk:CIA|Talk]] page)

~~=== Format ===~~

The CIA format has a similar structure to the [http://wiibrew.org/wiki/Wad WAD format].

Line 16:

Line 17:

The data is aligned in 64 byte blocks (if a content ends at the middle of the block, the next content will begin from a new block).

The CIA format is capable of containing more then one NCCH in the APP data, the TMD specifies the size of each NCCH contained in the APP data. Generally it will only contain additional NCCH files (.[[NCCH#CFA|CFA]] format, such as the Manual and DLP Child) related to the main executable NCCH (.[[NCCH#CXI|CXI]] format). The CIA format could be interpreted as an installable variant of the [[NCSD|CCI]] format.

=== CIA Header ===

== CIA Header ==

~~This is a 32 bytes long header (8 x uint32).~~

{| class="wikitable" border="1"

Line 30:

Line 27:

| 0x00

| 0x04

| Archive Header Size (=0x2020 bytes~~) (Starts with 0x80 @ offset 0x0020~~)

| Archive Header Size (Usually = 0x2020 bytes)

|-

| 0x04

Line 46:

Line 43:

| 0x0C

| 0x04

| Ticket size

| [[Ticket]] size

|-

| 0x10

| 0x04

| [[TMD]] file size

| [[TMD]] (Title Metadata) file size

|-

| 0x14

Line 57:

Line 54:

|-

| 0x18

| ~~0x04~~

| 0x08

| ~~APP file~~ size

| Content size

|-

| ~~0x1C~~

| 0x20

| ~~0x04~~

| 0x2000

| ~~0x80000000~~

| Content Index

|}

Line 69:

Line 66:

* Ticket

* TMD file data

* ~~APP~~ file data

* Content file data

* Meta file data

* Meta file data (Not a necessary component)

The contents (NCCH/SRL) are encrypted using 128-bit AES-CBC. The encryption uses the decrypted titlekey from the [[Ticket#Structure|ticket]], and the content index from the TMD padded with zeros as the IV.

The APP data (NCCH/SRL) is encrypted, using 128-bit AES-CBC. The encryption uses the decrypted titlekey of the ticket, and the titleid padded with zeros as the IV. To get the decrypted titlekey, the titlekey stored in the ticket must be decrypted using 128-bit AES-CBC with the 3DS common key, and the same IV as mentioned previously.

=== Certificate Chain ===

== Meta ==

There are three [[Certificates|certificates]] in this chain:

{| class="wikitable" border="1"

|-

! CERTIFICATE

! SIGNATURE TYPE

! RETAIL CERT NAME

! DEBUG CERT NAME

! DESCRIPTION

|-

| CA

| RSA-4096

| CA00000003

| CA00000004

| Used to verify the Ticket/TMD Certificates

|-

| Ticket

| RSA-2048

| XS0000000c

| XS00000009

| Used to verify the Ticket signature

|-

| TMD

| RSA-2048

| CP0000000b

| CP0000000a

| Used to verify the TMD signature

|}

The CA certificate is issued by 'Root', the public key for which is stored in NATIVE_FIRM.

=== Meta ===

The structure of this data is as follows:

Line 86:

Line 116:

| 0x00

| 0x180

| Title ID dependency list - ~~From~~ the application's ExHeader

| Title ID dependency list - Taken from the application's [[NCCH/Extended Header|ExHeader]]

|-

| 0x180

| ~~0x280~~

| 0x180

| Reserved~~/Unused~~

| Reserved

|-

| 0x300

| 0x4

| Core Version

|-

| 0x304

| 0xFC

| Reserved

|-

| 0x400

| 0x36C0

| [[SMDH|Icon Data]](.ICN) - ~~From~~ the application's [[ExeFS]]

| [[SMDH|Icon Data]](.ICN) - Taken from the application's [[ExeFS]]

|}

Obviously this section is not present in TWL CIA files.

Obviously this section is not present in TWL CIA files, or any other CIA file which does not contain a [[NCCH#CXI|CXI]].

== Tools ==

* [https://github.com/3dshax/ctr/tree/master/ctrtool ctrtool] - Reading/Extraction of CIA files. This can only decrypt the title-key for development CIAs, since retail CIAs use the [[AES]] hardware key-scrambler for the common-key keyslot.

* [https://github.com/Tiger21820/ctr_toolkit/tree/master/make_cia make_cia] - Generating CIA files. Requires CommonKey and ticket/TMD RSA-2048 private exponents.

* [https://github.com/Tiger21820/ctr_toolkit/tree/master/make_cdn_cia make_cdn_cia] - (CMD)(Windows/Linux) Generates CIA files from CDN Content

* [[makerom]] - Tool which can be used to create NCCH, CCI, and CIA files.

== Title Key Encryption ==

Line 111:

Line 158:

* (and of course the unencrypted title key you want to encrypt) (as byte array)

The title ID encryption process starts by converting the ulong (Title ID) into a byte array using by retrieving the bytes of the Title ID using BitConverter.GetBytes().

The title key encryption process starts by converting the ulong (Title ID) into a byte array using by retrieving the bytes of the Title ID using BitConverter.GetBytes().

If the converted bytes (title ID) are in Little Endian, reverse those bytes. (in C# it would be Array.Reverse(byte_array_from_bitconverter))

This process makes the Title Key encryption IV.

Line 139:

Line 186:

public static byte[] EncryptMyTitleKey(byte[] commonKey, byte[] titleKey, ulong titleId)

{

// Make encryption IV

byte[] titleidasbytes = new byte[0x10];

for (int i = 0; i < 0x10; i++)

Line 150:

Line 198:

}

bitBytes.CopyTo(titleidasbytes, 0);

// Encrypt

ICryptoTransform transform = new AesManaged { Key = commonKey, IV = titleidasbytes, Mode = CipherMode.CBC }.CreateEncryptor(commonKey, titleidasbytes);

MemoryStream memstream = new MemoryStream();

@@ Line 1: / Line 1: @@
 [[Category:File formats]]
-=== Overview ===
+== Overview ==
-CIA stands for '''C'''TR '''I'''mportable '''A'''rchive. This format allows the installation titles to the 3DS. CIA files can compile [[NCCH]] files for installation to either the SDMC or CTR NAND. CIA files can also compile .SRL files (format for DS(i) executable images) for installation to the TWL NAND of the 3DS.
+CIA stands for '''C'''TR '''I'''mportable '''A'''rchive. This format allows the installation of titles to the 3DS. CIA files and titles on [[Title list|Nintendo's CDN]] contain identical data. As a consequence, valid CIA files can be generated from CDN content. This also means CIA files can contain anything that titles on Nintendo's CDN can contain.
-An example .CIA can be downloaded [http://depositfiles.com/files/t93cpkb2g here] Credit: [[User:Jl12|Jl12]]. It includes a .cia file, the result of installation, some screenshots. Also I've decrypted/extracted everything, for those people who can't be bothered using ctrtool ;)
+Under normal circumstances CIA files are used where downloading a title is impractical or not possible. Such as distributing a [[Download Play]] child, or installing forced Gamecard updates. Those CIA(s) are stored by the titles in question, in an auxiliary [[NCCH#CFA|CFA]] file.
-[[Download Play]] utilises the CIA format when transferring titles.(This is also the only known retail implementation of the CIA format)
+Development Units, are capable of manually installing CIA files via the [[3DS Development Unit Software#Dev Menu|Dev Menu]].
-Development Units, are capable of manually installing CIA files via the [[3DS Development Unit Software#Dev Menu|Dev Menu]]
+== Format ==
+This is the current version of the CIA format, it was finalised in late 2010. (Older versions of the CIA format can be viewed on the [[Talk:CIA|Talk]] page)
-=== Format ===
 The CIA format has a similar structure to the [http://wiibrew.org/wiki/Wad WAD format].
@@ Line 16: / Line 17: @@
 The data is aligned in 64 byte blocks (if a content ends at the middle of the block, the next content will begin from a new block).
-The CIA format is capable of containing more then one NCCH in the APP data, the TMD specifies the size of each NCCH contained in the APP data. Generally it will only contain additional NCCH files (.[[NCCH#CFA|CFA]] format, such as the Manual and DLP Child) related to the main executable NCCH (.[[NCCH#CXI|CXI]] format). The CIA format could be interpreted as an installable variant of the [[NCSD|CCI]] format.
+=== CIA Header ===
-== CIA Header ==
-This is a 32 bytes long header (8 x uint32).
 {| class="wikitable" border="1"
@@ Line 30: / Line 27: @@
 |  0x00
 |  0x04
-|  Archive Header Size (=0x2020 bytes) (Starts with 0x80 @ offset 0x0020)
+|  Archive Header Size (Usually = 0x2020 bytes)
 |-
 |  0x04
@@ Line 46: / Line 43: @@
 |  0x0C
 |  0x04
-|  Ticket size
+|  [[Ticket]] size
 |-
 |  0x10
 |  0x04
-|  [[TMD]] file size
+|  [[TMD]] (Title Metadata) file size
 |-
 |  0x14
@@ Line 57: / Line 54: @@
 |-
 |  0x18
-|  0x04
+|  0x08
-|  APP file size
+|  Content size
 |-
-|  0x1C
+|  0x20
-|  0x04
+|  0x2000
-|  0x80000000
+|  Content Index
 |}
@@ Line 69: / Line 66: @@
 * Ticket
 * TMD file data
-* APP file data
+* Content file data
-* Meta file data
+* Meta file data (Not a necessary component)
+The contents (NCCH/SRL) are encrypted using 128-bit AES-CBC. The encryption uses the decrypted titlekey from the [[Ticket#Structure|ticket]], and the content index from the TMD padded with zeros as the IV.
-The APP data (NCCH/SRL) is encrypted, using 128-bit AES-CBC. The encryption uses the decrypted titlekey of the ticket, and the titleid padded with zeros as the IV. To get the decrypted titlekey, the titlekey stored in the ticket must be decrypted using 128-bit AES-CBC with the 3DS common key, and the same IV as mentioned previously.
+=== Certificate Chain ===
-== Meta ==
+There are three [[Certificates|certificates]] in this chain:
+{| class="wikitable" border="1"
+|-
+!  CERTIFICATE
+!  SIGNATURE TYPE
+!  RETAIL CERT NAME
+!  DEBUG CERT NAME
+!  DESCRIPTION
+|-
+|  CA
+|  RSA-4096
+|  CA00000003
+|  CA00000004
+|  Used to verify the Ticket/TMD Certificates
+|-
+|  Ticket
+|  RSA-2048
+|  XS0000000c
+|  XS00000009
+|  Used to verify the Ticket signature
+|-
+|  TMD
+|  RSA-2048
+|  CP0000000b
+|  CP0000000a
+|  Used to verify the TMD signature
+|}
+The CA certificate is issued by 'Root', the public key for which is stored in NATIVE_FIRM.
+=== Meta ===
 The structure of this data is as follows:
@@ Line 86: / Line 116: @@
 |  0x00
 |  0x180
-|  Title ID dependency list - From the application's ExHeader
+|  Title ID dependency list - Taken from the application's [[NCCH/Extended Header|ExHeader]]
 |-
 |  0x180
-|  0x280
+|  0x180
-|  Reserved/Unused
+|  Reserved
+|-
+|  0x300
+|  0x4
+|  Core Version
+|-
+|  0x304
+|  0xFC
+|  Reserved
 |-
 |  0x400
 |  0x36C0
-|  [[SMDH|Icon Data]](.ICN) - From the application's [[ExeFS]]
+|  [[SMDH|Icon Data]](.ICN) - Taken from the application's [[ExeFS]]
 |}
-Obviously this section is not present in TWL CIA files.
+Obviously this section is not present in TWL CIA files, or any other CIA file which does not contain a [[NCCH#CXI|CXI]].
+== Tools ==
+* [https://github.com/3dshax/ctr/tree/master/ctrtool ctrtool] - Reading/Extraction of CIA files. This can only decrypt the title-key for development CIAs, since retail CIAs use the [[AES]] hardware key-scrambler for the common-key keyslot.
+* [https://github.com/Tiger21820/ctr_toolkit/tree/master/make_cia make_cia] - Generating CIA files. Requires CommonKey and ticket/TMD RSA-2048 private exponents.
+* [https://github.com/Tiger21820/ctr_toolkit/tree/master/make_cdn_cia make_cdn_cia] - (CMD)(Windows/Linux) Generates CIA files from CDN Content
+* [[makerom]] - Tool which can be used to create NCCH, CCI, and CIA files.
 == Title Key Encryption ==
@@ Line 111: / Line 158: @@
 * (and of course the unencrypted title key you want to encrypt) (as byte array)
-The title ID encryption process starts by converting the ulong (Title ID) into a byte array using by retrieving the bytes of the Title ID using BitConverter.GetBytes().
+The title key encryption process starts by converting the ulong (Title ID) into a byte array using by retrieving the bytes of the Title ID using BitConverter.GetBytes().
 If the converted bytes (title ID) are in Little Endian, reverse those bytes. (in C# it would be Array.Reverse(byte_array_from_bitconverter))
 This process makes the Title Key encryption IV.
@@ Line 139: / Line 186: @@
          public static byte[] EncryptMyTitleKey(byte[] commonKey, byte[] titleKey, ulong titleId)
          {
+            // Make encryption IV
              byte[] titleidasbytes = new byte[0x10];
              for (int i = 0; i < 0x10; i++)
@@ Line 150: / Line 198: @@
              }
              bitBytes.CopyTo(titleidasbytes, 0);
+            // Encrypt
              ICryptoTransform transform = new AesManaged { Key = commonKey, IV = titleidasbytes, Mode = CipherMode.CBC }.CreateEncryptor(commonKey, titleidasbytes);
              MemoryStream memstream = new MemoryStream();