Difference between revisions of "Nand:/sys/dev.kp"
m (dev.kp data from server is random and new dev.kps can't exactly be generated either.) |
|||
Line 4: | Line 4: | ||
This file contains the unique per-console ECC private-public key pair, along with a certificate issued by Nintendo. | This file contains the unique per-console ECC private-public key pair, along with a certificate issued by Nintendo. | ||
− | This file is created by the DSi Shop, with data from a SOAP reply. The SOAP request data includes the hw console id, and the 0x100-byte RSA signature stored in a NAND [[Nand/sys/HWID.sgn|file]]. Trying to send that request would require a NAND dump, | + | This file is created by the DSi Shop, with data from a SOAP reply. The SOAP request data includes the hw console id, and the 0x100-byte RSA signature stored in a NAND [[Nand/sys/HWID.sgn|file]]. Trying to send that request would require a NAND dump, but when you have a NAND dump already sending that request is pointless since you can grab dev.kp from NAND. |
Signature across rest of block -- type = 0x00010002, ECC | Signature across rest of block -- type = 0x00010002, ECC |
Revision as of 03:21, 13 July 2011
The dev.kp file is encrypted with ES block encryption, and the contents of an example dev.kp file after decryption is shown below.
Note that the console id itself is burned in an OTP area of the TWL CPU, and changing the contents of this file will not actually change the console id.
This file contains the unique per-console ECC private-public key pair, along with a certificate issued by Nintendo. This file is created by the DSi Shop, with data from a SOAP reply. The SOAP request data includes the hw console id, and the 0x100-byte RSA signature stored in a NAND file. Trying to send that request would require a NAND dump, but when you have a NAND dump already sending that request is pointless since you can grab dev.kp from NAND.
Signature across rest of block -- type = 0x00010002, ECC 0000000: 00 01 00 02 00 db da 21 3b e1 f1 bf bb 4d dc 1d 0000010: 60 29 da 19 42 1e 66 4f a8 e5 27 a1 d4 ea 46 7d 0000020: 9b b4 00 95 c5 0d e8 fa ef a7 8d e9 bc 54 da c1 0000030: 24 94 0b 7c ad a8 61 d5 05 97 c2 64 38 ad 18 f9 0000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Key used to sign this cert (Root-CA00000001-MS00000008) 0000080: 52 6f 6f 74 2d 43 41 30 30 30 30 30 30 30 31 2d Root-CA00000001- 0000090: 4d 53 30 30 30 30 30 30 30 38 00 00 00 00 00 00 MS00000008 00000a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00000b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Console ID string 00000c0: 00 00 00 02 54 57 63 37 39 64 63 65 63 39 2d 30 ....TWc79dcec9-0 00000d0: 38 61 32 30 32 38 37 30 31 30 38 34 31 31 38 00 8a2028701084118. 00000e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00000f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Public ECC key (30 bytes, starting at 0x108) 0000100: 00 00 00 00 6f dd de 42 01 e0 34 a3 19 bc a9 af 0000110: 50 fe 8a ac 75 08 07 a9 3a 2c 21 51 93 ae 4a 90 0000120: 6e 62 41 f1 a2 fe 00 00 3d 0a 13 97 da 53 17 98 0000130: 69 38 65 67 ca f4 9c 87 ec 44 b7 eb d0 ec b8 3d 0000140: 23 cf 7a 35 00 00 00 00 00 00 00 00 00 00 00 00 0000150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Private per-console ECC key, used for signing files on SD 0000180: 01 12 9d e0 77 82 44 d3 ee 99 ad ce e5 fa fa ed 0000190: c9 ab 8e a1 f9 b5 c8 14 3c 74 74 f8 19 3a
See also Certificate Chain, nand/sys/cert.sys