|
| ||
| Views: 1,609,263 | Main | Rules/FAQ | Memberlist | Active users | Last posts | Calendar | Stats | Online users | Search | 11-21-24 12:23 PM |
| Guest: | ||
| 0 users reading Decrypting CIA contents directly? | 1 bot |
| Main - Homebrew discussion - Decrypting CIA contents directly? | Hide post layouts | New reply |
| d0k3 |
| ||
|
Member Normal user Level: 20 Posts: 26/75 EXP: 38194 Next: 4245 Since: 06-04-15 Last post: 3250 days ago Last view: 2998 days ago |
I know, CIAs can be decrypted via just installing them and then decrypting the extracted contents. However, this is not what I want to do... What I want to do is to decrypt CIA files (such as stuff downloaded from CDN) directly.
3DSbrew has this information: Posted by http://3dbrew.org/wiki/CIA The ctr (or iv) is pretty simple, and it seems the titlekey has to be used as key. But which? NormalKey, KeyX or KeyY? And what keyslot to use? Maybe 0x3F because that seems to be unused for anything else? profi200's GitHub repo of makerom has some code showing the decryption of a CIA: https://github.com/profi200/Project_CTR/blob/master/makerom/cia.c#L669 However, that doesn't help me much in understanding how to do it on 3DS, because there seems to be only one key in that code (which is based on polarssl). Can anyone help? |
| Dazzozo |
| ||
|
Member Dev of "the best software that almost nobody will ever use" Level: 9 
Posts: 1/13 EXP: 2761 Next: 401 Since: 05-21-15 Last post: 3160 days ago Last view: 2993 days ago |
It can obviously only be a normal key, if this crypto can be performed on a PC.
Which keyslot you use is up to you, and how much you care depends on what you're doing. If you're not FIRM launching and just MCU-rebooting (on exit) it doesn't really matter outside of slots you want to use elsewhere. Edit: 0x11 is a good slot for temporary work. Nintendo also uses it for this purpose. |
| d0k3 |
| ||
|
Member Normal user Level: 20 Posts: 27/75 EXP: 38194 Next: 4245 Since: 06-04-15 Last post: 3250 days ago Last view: 2998 days ago |
Posted by Dazzozo Thank you! I forgot to say, makerom from Project CTR cannot decrypt untouched CIAs (from CDN), so there must be more to it. If the decryption could really be done on PC in all cases, this would already be in makerom. It might still be possible the 3DS hardware is only needed to decrypt the titlekey, though, which would make things a lot easier. |
| Dazzozo |
| ||
|
Member Dev of "the best software that almost nobody will ever use" Level: 9
Posts: 2/13 EXP: 2761 Next: 401 Since: 05-21-15 Last post: 3160 days ago Last view: 2993 days ago |
Yeah, you got it. Only the encryption of the title key uses a "special" key pair (hardware key generator). The title key itself is a normal key. |
| profi200 |
| ||
|
Member Who knows? Level: 19 Posts: 24/70 EXP: 34507 Next: 1270 Since: 05-21-15 From: Germany Last post: 2992 days ago Last view: 2860 days ago |
You can't do everything on the PC because the title key needs to be decrypted through the AES engine. If you have the decrypted title key however it's easy to decrypt the contents of titles. |
| d0k3 |
| ||
|
Member Normal user Level: 20 Posts: 28/75 EXP: 38194 Next: 4245 Since: 06-04-15 Last post: 3250 days ago Last view: 2998 days ago |
Posted by Dazzozo Posted by profi200 Thanks a ton, both of you! After some fiddling around (and noticing my crypto lib is even more broken than I thought it was :/), I finally managed to properly implement full CIA decryption in my WIP version of Decrypt9. |
| Main - Homebrew discussion - Decrypting CIA contents directly? | Hide post layouts | New reply |
|
Page rendered in 0.012 seconds. (2048KB of memory used) MySQL - queries: 26, rows: 73/73, time: 0.005 seconds. ![[powered by Acmlm]](img/poweredbyacmlm.png "powering nostalgia")
Acmlmboard 2.064 (2018-07-20)© 2005-2008 Acmlm, Xkeeper, blackhole89 et al. |