SD title export
The System Settings application delivered with each DSi can be used to export applications from NAND to SD. The bin files created on SD are using the Tad file structure. Tad files are encrypted with AES CCM (CTR with CBC-MAC), using a combination of a shared key and a console specific key.
The application itself (APP), and the title metadata (TMD) is encrypted with a console specific key. This means that Nintendo intended that these files can only be imported back into the same DSi.
While the banner, the public savegame, and several other metablocks are encrypted with a shared key, which means any DSi can inspect these parts of the file.
ES block encryption is used to encrypt the header block, footer block, and the 11 content parts. Each are their own seperate ES blocks.
Tad file structure overview
Offset | Size | Description |
---|---|---|
0x0 | 0x4020 | Banner/Icon |
0x4020 | 0xD4 | Header |
0x40F4 | 0x460 | Footer (certificates/hashes) |
0x4554 | - | Content parts in sequence (TMD, SRL, savegame, custom banner). |
The banner, header, footer and savegame are encrypted with a shared key between each DSi. The other content parts are encrypted with a console specific key.
Header block @ 0x4020 (size 0xB4)
0000000: 34 41 4e 54 31 30 00 01 74 e9 2c 1e 24 00 00 00 4ANT10..t.,.$... 0000010: d6 e0 39 c3 98 3f 06 b6 9a b2 9d 14 e7 06 e9 00 ..9..?.......... 0000020: 45 4d 44 4b 04 00 03 00 28 02 00 00 20 d2 e0 00 EMDK....(... ... 0000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000040: 00 00 00 00 00 00 00 00 00 00 00 00 80 80 06 00 ................ 0000050: 00 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 ................ 0000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000070: 00 00 00 00 00 80 06 00 00 00 00 00 00 00 00 00 ................ 0000080: 00 00 00 00 00 86 00 00 00 00 00 00 00 00 00 00 ................ 0000090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000b0: 00 00 00 00 ....
Offset | Size | Description |
---|---|---|
0x00 | 4 | Always 0x544E4134 ('TNA4', endian-swapped) |
0x04 | 2 | group_id/publisher code |
0x06 | 2 | Title version |
0x08 | 6 | DSi MAC address |
0x0E | 2 | zero |
0x10 | 16 | Extracted from HWINFO_N.dat |
0x20 | 4 | Lower TitleID of exported app |
0x24 | 4 | Upper TitleID of exported app |
0x28 | 11 * 4 | Contains the total lengths for each of the 11 parts. |
0x54 | 8 * 4 | List of content ids in same order as tmd |
0x74 | 0x3e | reserved section per tmds |
0000000: d6 f3 24 7c a1 0f 4a dc cd 07 34 d6 ce 62 32 93 ..$|..J...4..b2. 0000010: 11 54 54 a5 28 38 13 5a 0c 87 8e dc 63 0a ab 2e .TT.(8.Z....c... 0000020: 4a 0f 12 5c d7 31 ee 29 72 53 39 1d ff 70 c1 8a J..\.1.)rS9..p.. 0000030: 45 18 c1 88 85 1f f5 55 c6 5f 48 37 27 f3 0a 02 E......U._H7'... 0000040: e7 77 18 8b 84 ee cc e5 e4 40 e5 cb 64 bb 0a f3 .w.......@..d... 0000050: 20 00 53 00 74 00 75 00 64 00 69 00 6f 00 0a 00 .S.t.u.d.i.o... 0000060: 4e 00 69 00 6e 00 74 00 65 00 6e 00 64 00 6f 00 N.i.n.t.e.n.d.o. 0000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000d0: 00 00 00 00 00 00 00 00 00 00 00 00 c5 16 e5 12 ................ 00000e0: 4c 70 9a fd 7a 03 87 d0 13 94 da 86 46 11 ff 31 Lp..z.......F..1 00000f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000100: 00 00 00 00 00 b5 62 b1 02 c9 4e f3 14 2c 85 3d ......b...N..,.= 0000110: a2 c6 be c9 d8 01 db 46 03 12 44 6e 89 87 c4 e5 .......F..Dn.... 0000120: 83 1e 00 03 8f f8 cd 35 e3 e4 b8 8e be 6e 65 36 .......5.....ne6 0000130: f2 6d c6 dc 2c 4b d6 38 2b 2d 7f e5 22 b0 44 3b .m..,K.8+-..".D; 0000140: 00 01 00 02 00 78 58 de a6 c4 70 9c 89 26 22 f2 .....xX...p..&". 0000150: 60 38 cb c5 d7 54 cd a3 d5 b9 d9 b3 84 63 6f be `8...T.......co. 0000160: 36 ef 00 68 f0 9a 6b 35 91 1a 67 6f 73 dc 54 61 6..h..k5..gos.Ta 0000170: c1 c7 6c 6f d4 43 58 e6 e2 62 52 11 65 77 9a ce ..lo.CX..bR.ew.. 0000180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00001a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00001b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00001c0: 52 6f 6f 74 2d 43 41 30 30 30 30 30 30 30 31 2d Root-CA00000001- 00001d0: 4d 53 30 30 30 30 30 30 30 38 2d 54 57 63 37 39 MS00000008-TWc79 00001e0: 64 63 65 63 39 2d 30 38 61 32 30 32 38 37 30 31 dcec9-08a2028701 00001f0: 30 38 34 31 31 38 00 00 00 00 00 00 00 00 00 00 084118.......... 0000200: 00 00 00 02 41 50 30 30 30 33 30 30 31 35 34 38 ....AP0003001548 0000210: 34 65 34 32 34 35 00 00 00 00 00 00 00 00 00 00 4e4245.......... 0000220: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000230: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000240: 00 00 00 00 00 00 00 00 00 d7 c1 33 4e 24 8c 13 ...........3N$.. 0000250: 0f b3 f4 c4 bb 2a 4a 79 81 51 39 6f 00 ee a2 00 .....*Jy.Q9o.... 0000260: 20 a6 f5 cc d8 72 01 74 60 57 4f a4 92 52 9b 5a ....r.t`WO..R.Z 0000270: 56 75 a9 62 4f 67 25 e3 7b 05 21 e4 4f 1f c3 21 Vu.bOg%.{.!.O..! 0000280: 2b d8 ec e7 00 00 00 00 00 00 00 00 00 00 00 00 +............... 0000290: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00002a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00002b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00002c0: 00 01 00 02 00 db da 21 3b e1 f1 bf bb 4d dc 1d .......!;....M.. 00002d0: 60 29 da 19 42 1e 66 4f a8 e5 27 a1 d4 ea 46 7d `)..B.fO..'...F} 00002e0: 9b b4 00 95 c5 0d e8 fa ef a7 8d e9 bc 54 da c1 .............T.. 00002f0: 24 94 0b 7c ad a8 61 d5 05 97 c2 64 38 ad 18 f9 $..|..a....d8... 0000300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000310: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000320: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000330: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000340: 52 6f 6f 74 2d 43 41 30 30 30 30 30 30 30 31 2d Root-CA00000001- 0000350: 4d 53 30 30 30 30 30 30 30 38 00 00 00 00 00 00 MS00000008...... 0000360: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000370: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000380: 00 00 00 02 54 57 63 37 39 64 63 65 63 39 2d 30 ....TWc79dcec9-0 0000390: 38 61 32 30 32 38 37 30 31 30 38 34 31 31 38 00 8a2028701084118. 00003a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00003b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00003c0: 00 00 00 00 6f dd de 42 01 e0 34 a3 19 bc a9 af ....o..B..4..... 00003d0: 50 fe 8a ac 75 08 07 a9 3a 2c 21 51 93 ae 4a 90 P...u...:,!Q..J. 00003e0: 6e 62 41 f1 a2 fe 00 00 3d 0a 13 97 da 53 17 98 nbA.....=....S.. 00003f0: 69 38 65 67 ca f4 9c 87 ec 44 b7 eb d0 ec b8 3d i8eg.....D.....= 0000400: 23 cf 7a 35 00 00 00 00 00 00 00 00 00 00 00 00 #.z5............ 0000410: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000420: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0000430: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Offset | Size | Description |
---|---|---|
0x00 | 20 | SHA1 of banner |
0x14 | 20 | SHA1 of tna4 |
0x28 | 20 | SHA1 of tmd |
0x3c | 20*8 | SHA1 of up to 8 contents [if unused, can be whatever happened to be in memory before] |
0xdc | 20 | SHA1 of save data |
0xf0 | 20 | SHA1 of ? |
0x104 | 0x3c | ECC signature of previous 0x104 bytes with AP cert |
0x140 | 0x180 | AP cert, signed by TW cert |
0x2c0 | 0x180 | TW cert, specific to a console (see dev.kp) |
It is assumed that this block contains an ECC signature, aswell as the console id and serial of the DSi that exported the file, as part of a Nintendo cert. Much like the Wii, the DSi carries with it a private ECC key that it can use to sign things, and a certificate signed by Nintendo that attests to the fact that the public ECC key belongs to a genuine DSi.