Difference between revisions of "DSiWare Exports"
Jump to navigation
Jump to search
| Line 2: | Line 2: | ||
DSiWare exported from 3DS use [[Nand/private/movable.sed|keyslots]] initialized by movable.sed. Each section is encrypted with AES-CBC. | DSiWare exported from 3DS use [[Nand/private/movable.sed|keyslots]] initialized by movable.sed. Each section is encrypted with AES-CBC. | ||
| + | |||
| + | The content sections are ordered the same way as DSi: TMD, SRL from content0, <content1-7 for format v2>, savegame, and banner.sav.(ContentX here is the .app data from TWL-NAND /title) | ||
=Block Metadata= | =Block Metadata= | ||
| Line 82: | Line 84: | ||
| 0x48 | | 0x48 | ||
| 0x10 | | 0x10 | ||
| − | | u32 payload sizes for | + | | u32 payload sizes for the 4 content sections. |
|- | |- | ||
| 0x58 | | 0x58 | ||
| Line 146: | Line 148: | ||
| | | | ||
| | | | ||
| − | | Data for the | + | | Data for the 11 content sections are stored here. |
|} | |} | ||
| Line 181: | Line 183: | ||
|- | |- | ||
| 0x40 | | 0x40 | ||
| − | | | + | | 0x8 |
| + | | ? | ||
| + | |- | ||
| + | | 0x48 | ||
| + | | 0x2C | ||
| + | | u32 payload sizes for the 11 content sections. | ||
| + | |- | ||
| + | | 0x74 | ||
| + | | 0x30 | ||
| ? | | ? | ||
|- | |- | ||
Revision as of 00:17, 24 April 2013
The DSiWare exported from a 3DS is located at "sdmc:/Nintendo 3DS/<ID0>/<ID1>/Nintendo DSiWare". Filenames are same format as DSi: "<TitleID-Low>.bin". The below sizes include the 0x20-byte block metadata.
DSiWare exported from 3DS use keyslots initialized by movable.sed. Each section is encrypted with AES-CBC.
The content sections are ordered the same way as DSi: TMD, SRL from content0, <content1-7 for format v2>, savegame, and banner.sav.(ContentX here is the .app data from TWL-NAND /title)
Block Metadata
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x10 | AES MAC over a SHA-256 hash |
| 0x10 | 0x10 | IV, generated by the RNG. |
Each section begins with the payload encrypted data, followed by this block metadata. The hash used for the MAC is calculated over the the cleartext payload, this hash is calculated the same way as the section hashes stored in the footer.
File Structure v1
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x4020 | Banner section |
| 0x4020 | 0xC0 | Header section |
| 0x40E0 | 0x420 | Footer section |
| 0x4500 | Data for the 4 content sections are stored here. |
Header
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x4 | Magic number 0x54444633, "3FDT". |
| 0x4 | 0x2 | Byte-swapped groupID from the TWL TMD. |
| 0x6 | 0x2 | Byte-swapped title version from the TWL TMD. |
| 0x8 | 0x20 | SHA-256 hash calculated over the encrypted movable.sed. |
| 0x28 | 0x10 | Encrypted AES block from encrypting an all-zero 0x10-byte block with AES-CBC, where the IV is all-zero. |
| 0x38 | 0x8 | Byte-swapped titleID from the TWL TMD. |
| 0x40 | 0x8 | ? |
| 0x48 | 0x10 | u32 payload sizes for the 4 content sections. |
| 0x58 | 0x4 | ? |
| 0x5C | 0x3E | Data from the TWL TMD reserved section. Only the first 0x20-bytes from the TWL TMD is written here, the rest is uninitialized. |
| 0x9A | 0x6 | Padding? |
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0xC0 | SHA-256 hashes over each section, it's unknown how these are calculated. |
| 0xC0 | 0x3C | ECDSA signature over the previous data, signed by the AP cert? |
| 0xFC | 0x180 | ECDSA "APXXXXXXXXXXXXXXXX" cert signed by the CTCert, where X is random lowercase ASCII hex data. |
| 0x27C | 0x180 | ECDSA CTCert |
| 0x3FC | 0x4 | Uninitialized padding. |
File Structure v2
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x4020 | Banner section |
| 0x4020 | 0x110 | Header section |
| 0x4130 | ? | Footer section |
| Data for the 11 content sections are stored here. |
Header
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x4 | Magic number 0x54444633, "3FDT". |
| 0x4 | 0x2 | Byte-swapped groupID from the TWL TMD. |
| 0x6 | 0x2 | Byte-swapped title version from the TWL TMD. |
| 0x8 | 0x20 | SHA-256 hash calculated over the encrypted movable.sed. |
| 0x28 | 0x10 | Encrypted AES block from encrypting an all-zero 0x10-byte block with AES-CBC, where the IV is all-zero. |
| 0x38 | 0x8 | Byte-swapped titleID from the TWL TMD. |
| 0x40 | 0x8 | ? |
| 0x48 | 0x2C | u32 payload sizes for the 11 content sections. |
| 0x74 | 0x30 | ? |
| 0xA4 | 0x3E | Data from the TWL TMD reserved section. Only the first 0x20-bytes from the TWL TMD is written here, the rest is uninitialized. |
| 0xE2 | 0x0E | Padding? |
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0xD0 | ? |
| 0xD0 | 0xE0 | Normally all-zero? |
| 0x1B0 | 0x20 | SHA256 hash? |
| 0x1D0 | 0x20 | Normally all-zero? |
| 0x1F0 | 0x3C | ECDSA signature over the previous data, signed by the AP cert? |
| 0x22C | 0x180 | ECDSA "APXXXXXXXXXXXXXXXX" cert signed by the CTCert, where X is random lowercase ASCII hex data. |
| 0x3AC | 0x54 | ECDSA certificate, the last 0x14-bytes here are all-zero. |