CommonETicket: Difference between revisions
m →Content |
mNo edit summary |
||
Line 51: | Line 51: | ||
|} | |} | ||
The Signature Type is the same const as that in [[TMD]] | The Signature Type is the same const as that in [[TMD]]. | ||
The titlekey is decrypted by using the [[AES]] engine with the ticket common-key keyslot where the keyY is one of 6 keyYs loaded via the keyY index stored in the ticket. AES-CBC mode is used where the IV is the big-endian titleID. Note that on a retail unit index0 is a retail keyY, while on a dev-unit index0 is the dev common-key which is a normal-key.(On retail for these keyYs, the hardware key-scrambler is used) | The titlekey is decrypted by using the [[AES]] engine with the ticket common-key keyslot where the keyY is one of 6 keyYs loaded via the keyY index stored in the ticket. AES-CBC mode is used where the IV is the big-endian titleID. Note that on a retail unit index0 is a retail keyY, while on a dev-unit index0 is the dev common-key which is a normal-key.(On retail for these keyYs, the hardware key-scrambler is used) | ||
== Certificate Chain == | |||
Tickets retrieved from CDN/SOAP have a Certificate chain appended at the end, outside of the ticket structure(offset 0x350/0x450 depending on the size of the ticket signature). There are two certificates in this chain: | |||
{| class="wikitable" border="1" | |||
|- | |||
! CERTIFICATE | |||
! SIGNATURE TYPE | |||
! RETAIL CERT NAME | |||
! DEBUG CERT NAME | |||
! DESCRIPTION | |||
|- | |||
| Ticket | |||
| RSA-2048 | |||
| XS0000000c | |||
| XS00000009 | |||
| Used to verify the Ticket signature | |||
|- | |||
| CA | |||
| RSA-4096 | |||
| CA00000003 | |||
| CA00000004 | |||
| Used to verify the Ticket Certificate | |||
|} | |||
The CA certificate is issued by 'Root', the public key for which is stored in NATIVE_FIRM. | |||
== Some facts== | == Some facts== | ||
* '''CETK''' can be fetched through HTTP using the link to default update server, using the title's [[TMD]] URL where "cetk" is used instead of "tmd" for the URL. The 3DS NIM module retrieves system tickets via SOAP request ''GetCommonETicket''. | * '''CETK''' can be fetched through HTTP using the link to default update server, using the title's [[TMD]] URL where "cetk" is used instead of "tmd" for the URL. The 3DS NIM module retrieves system tickets via SOAP request ''GetCommonETicket''. |