Difference between revisions of "CommonETicket"

From 3dbrew
Jump to navigation Jump to search
m (Add link to TMD)
Line 1: Line 1:
 
[[Category:File formats]]
 
[[Category:File formats]]
'''CommonETicket''' (for short, '''cetk''') is a format as a ticket used to store an encrypted titlekey (using 128-Bit AES-CBC).
+
'''CommonETicket''' (for short, '''cetk''') is a format as a ticket used to store an encrypted titlekey (using 128-Bit AES-CBC). This format seems to be identical to DSi/Wii tickets.
 
 
== Notice ==
 
 
 
'''There is some part that not analysed''', marked "Unknown Mark" or "(?)". There may also be mistakes. You can improve it freely if you can. When you finished the whole analysis of this, you can remove this Notice segment.
 
  
 
== Structure ==
 
== Structure ==
  
All the data in the file represented in Big Endian.
+
All of the data in the file is represented in Big Endian.
  
 
=== Content ===
 
=== Content ===
Line 16: Line 12:
 
| align="center" style="background:#f0f0f0;"|'''Description'''
 
| align="center" style="background:#f0f0f0;"|'''Description'''
 
|-
 
|-
| 0x000||4||Signature Type
+
| 0x000||0x4||Signature Type
|-
 
| 0x004||256||Signature
 
|-
 
| 0x104||60||Padding modulo 64
 
|-
 
| 0x140||64||Issuer
 
|-
 
| 0x180||60||Padding
 
|-
 
| 0x1BC||1||Index, Always 01
 
|-
 
| 0X1BD||2||Unknown Mark, Padding (?)
 
|-
 
| 0x1BF||16||Encrypted TitleKey
 
|-
 
| 0x1CF||1||Unknown Mark, Padding (?)
 
|-
 
| 0x1D0||2||Unknown Mark, 00 04
 
|-
 
| 0x1D2||6||Unknown Mark
 
|-
 
| 0x1D8||4||Unknown Mark, Padding (?)
 
|-
 
| 0x1DC||8||TitleID
 
|-
 
| 0x1E4||4||Version
 
|-
 
| 0x1E8||188||Padding
 
|-
 
| 0x2A4||4||Unknown Mark, 00 01 00 14
 
|-
 
| 0x2A8||4||Unknown Mark, 00 00 00 AC
 
|-
 
| 0x2AC||4||Unknown Mark, 00 00 00 14
 
|-
 
| 0x2B0||4||Unknown Mark, 00 01 00 14
 
|-
 
| 0x2B4||4||Unknown Mark, Padding (?)
 
|-
 
| 0x2B8||4||Unknown Mark, 00 00 00 28
 
|-
 
| 0x2BC||4||Unknown Mark, 00 00 00 01
 
|-
 
| 0x2C0||4||Unknown Mark, 00 00 00 84
 
|-
 
| 0x2C4||4||Unknown Mark, 00 00 00 84
 
|-
 
| 0x2C8||4||Unknown Mark, 00 03 00 00
 
|-
 
| 0x2CC||4||Unknown Mark, 00 00 00 00
 
|-
 
| 0x2D0||4||Unknown Mark, 01 00 00 00
 
|-
 
| 0x2D4||124||Padding (?)
 
|-
 
| 0x350||4||Signature Type
 
|-
 
| 0x354||256||Signature
 
 
|-
 
|-
| 0x454||60||Padding
+
| 0x004||0x100||Signature
 
|-
 
|-
| 0x490||64||IssuerCA
+
| 0x104||0x3C||Padding modulo 64
 
|-
 
|-
| 0x4D0||4||Unknown Mark, 00 00 00 01
+
| 0x140||0x40||Issuer
 
|-
 
|-
| 0x4D4||64||IssuerXS
+
| 0x180||0x3C||ECDH data for console-unique eShop tickets.
 
|-
 
|-
| 0x514||260||Product of Odds in Signature
+
| 0x1BC||0x3||Unknown, first u8 is 0x01.
 
|-
 
|-
| 0x618||4||Unknown Mark, 00 01 00 01
+
| 0x1BF||0x10||Encrypted TitleKey
 
|-
 
|-
| 0x61C||52||Padding (?)
+
| 0x1CF||0x1||Unknown
 
|-
 
|-
| 0x650||4||Signature Type
+
| 0x1D0||0x8||TicketID
 
|-
 
|-
| 0x654||512||Signature
+
| 0x1D8||0x4||Ticket consoleID
 
|-
 
|-
| 0x854||60||Padding
+
| 0x1DC||0x8||TitleID
 
|-
 
|-
| 0x890||64||IssuerCALevel
+
| 0x1E4||0x2||Unknown
 
|-
 
|-
| 0x8D0||4||Unknown Mark, 00 00 00 01
+
| 0x1E6||0x2||Ticket version
 
|-
 
|-
| 0x8D4||64||IssuerCAName
+
| 0x1E8||0x8||Unused
 
|-
 
|-
| 0x914||260||Product of Odds in Signature
+
| 0x1F0||0x1||Unused
 
|-
 
|-
| 0xA18||4||Unknown Mark, 00 01 00 01
+
| 0x1F1||0x1||Ticket common [[AES|keyY]] index, usually 0x1 for retail system titles.
 
|-
 
|-
| 0xA1C||52||Padding
+
| 0x1F2||0xB2||Unused
 
|}
 
|}
The Signature Type is the same const as that in [[TMD]].
+
 
 +
The Signature Type is the same const as that in [[TMD]]. The certificate chain is located at offset 0x2A4 for tickets from CDN/SOAP, however this cert-chain is removed once the ticket is installed to NAND.
  
 
== Some facts==
 
== Some facts==
* '''CETK''' can be fetched through HTTP using the link to default update server, with only one word different from those of [[TMD]]s, while the 3ds use  ''GetCommonETicket'' function (with SOAP).
+
* '''CETK''' can be fetched through HTTP using the link to default update server, using the title's [[TMD]] URL where "cetk" is used instead of "tmd" for the URL. The 3DS NIM module retrieves system tickets via SOAP request ''GetCommonETicket''.
* However only 3 cetk files has been discovered (those of Firmware Titles). Diff those files you will see there is only a few differences. The files seem to be '''just the same''' except those segments : 0x04-0x104,0x1BF-0x1CF,0x1D2-0x1D8,0x1DC-0x1E4,0x1E4-0x1E8.
 

Revision as of 21:57, 26 March 2013

CommonETicket (for short, cetk) is a format as a ticket used to store an encrypted titlekey (using 128-Bit AES-CBC). This format seems to be identical to DSi/Wii tickets.

Structure

All of the data in the file is represented in Big Endian.

Content

Offset Size Description
0x000 0x4 Signature Type
0x004 0x100 Signature
0x104 0x3C Padding modulo 64
0x140 0x40 Issuer
0x180 0x3C ECDH data for console-unique eShop tickets.
0x1BC 0x3 Unknown, first u8 is 0x01.
0x1BF 0x10 Encrypted TitleKey
0x1CF 0x1 Unknown
0x1D0 0x8 TicketID
0x1D8 0x4 Ticket consoleID
0x1DC 0x8 TitleID
0x1E4 0x2 Unknown
0x1E6 0x2 Ticket version
0x1E8 0x8 Unused
0x1F0 0x1 Unused
0x1F1 0x1 Ticket common keyY index, usually 0x1 for retail system titles.
0x1F2 0xB2 Unused

The Signature Type is the same const as that in TMD. The certificate chain is located at offset 0x2A4 for tickets from CDN/SOAP, however this cert-chain is removed once the ticket is installed to NAND.

Some facts

  • CETK can be fetched through HTTP using the link to default update server, using the title's TMD URL where "cetk" is used instead of "tmd" for the URL. The 3DS NIM module retrieves system tickets via SOAP request GetCommonETicket.
Retrieved from "https://www.3dbrew.org/w/index.php?title=CommonETicket&oldid=5177"