Changes

Jump to navigation Jump to search
588 bytes added ,  19:34, 18 April 2015
Line 19: Line 19:  
:5) Yeah, reversing KeyX without KeyY won't work (I can confirm that). If that Tad KeyX is one of the "known" DSi keys (those relocated from DSi BIOS ROM to TCM/WRAM during booting), then everything would be fine. And otherwise, one would need some 3DS exploit to get that DSi-key-stash... supposedly some special kernel exploit which isn't available to normal 3DS programmers?
 
:5) Yeah, reversing KeyX without KeyY won't work (I can confirm that). If that Tad KeyX is one of the "known" DSi keys (those relocated from DSi BIOS ROM to TCM/WRAM during booting), then everything would be fine. And otherwise, one would need some 3DS exploit to get that DSi-key-stash... supposedly some special kernel exploit which isn't available to normal 3DS programmers?
 
:PS. I've added some contact info on my wiki/user page (just in case) --[[User:Nocash|Nocash]] 22:56, 14 April 2015 (CEST)
 
:PS. I've added some contact info on my wiki/user page (just in case) --[[User:Nocash|Nocash]] 22:56, 14 April 2015 (CEST)
 +
 +
::Yes, those two RSA pubks are stored in the TWL_FIRM Process9 binary itself. When one has TWL_FIRM decrypted one can just extract those keys from there. There's public exploit(s)+tools for that, including arm9hax which is required for dumping the DSi keys from 3DS ARM9 ITCM. The common tad-keyX is written to the AES engine keyslot for it by bootrom, AFAIK it doesn't get copied elsewhere(the keyY for it is copied to the keystorage area near the end of ARM7 memory, but of course that area gets cleared when games are booted). --[[User:Yellows8|Yellows8]] 20:34, 18 April 2015 (CEST)
    
== Bootloader Error Photos ==
 
== Bootloader Error Photos ==

Navigation menu