Difference between revisions of "Ticket"
Line 101: | Line 101: | ||
|} | |} | ||
− | The title key can be encrypted as a single AES block when title key type is 0 (presumably AES-128-CBC) or as | + | The title key can be encrypted as a single AES block when title key type is 0 (presumably AES-128-CBC) or as a "personalized" RSA-2048 message when title key type is 1. The latter is used for titles requiring stronger licensing (applications, add-on content), while the former (old) method is used for patches. |
When RSA is used, this uses an SPL key handle that is initialized with the console-unique RSA-2048 ticket key. | When RSA is used, this uses an SPL key handle that is initialized with the console-unique RSA-2048 ticket key. | ||
Line 119: | Line 119: | ||
| XS00000021 | | XS00000021 | ||
| ? | | ? | ||
− | | Used to verify ticket signatures using RSA title key block | + | | Used to verify ticket signatures using RSA title key block ("personalized" tickets) |
|- | |- | ||
| Ticket | | Ticket |
Revision as of 23:30, 6 July 2017
Tickets are a format used to store an encrypted title key. The format has been updated again since 3DS.
Structure
Offset | Size | Description |
---|---|---|
0x000 | Y | Signature data |
Y | 0x2C0 | Ticket data |
Y denotes the total size of the "signature data" section and depends on the signature type.
Signature data
Offset | Size | Description |
---|---|---|
0x0 | 0x4 | Signature type |
0x4 | X | Signature |
0x4 + X | Padding to align the signature data to 0x40 bytes |
Signature type
Value | Signature method | Signature size | Padding size |
---|---|---|---|
0x010000 | RSA_4096 SHA1 | 0x200 | 0x3C |
0x010001 | RSA_2048 SHA1 | 0x100 | 0x3C |
0x010002 | ECDSA SHA1 | 0x3C | 0x40 |
0x010003 | RSA_4096 SHA256 | 0x200 | 0x3C |
0x010004 | RSA_2048 SHA256 | 0x100 | 0x3C |
0x010005 | ECDSA SHA256 | 0x3C | 0x40 |
The hash for the signature is calculated over the ticket data.
Ticket data
Offset | Size | Description |
---|---|---|
0x0 | 0x40 | Issuer |
0x40 | 0x100 | Title key block |
0x140 | 0x1 | Unknown |
0x141 | 0x1 | Title key type |
0x142 | 0xE | Unknown |
0x150 | 0x8 | Ticket ID |
0x158 | 0x8 | Device ID |
0x160 | 0x8 | Title ID |
0x168 | 0x8 | Unknown |
0x170 | 0x4 | Account ID |
0x174 | 0xC | Unknown |
0x180 | 0x140 | Unknown |
The title key can be encrypted as a single AES block when title key type is 0 (presumably AES-128-CBC) or as a "personalized" RSA-2048 message when title key type is 1. The latter is used for titles requiring stronger licensing (applications, add-on content), while the former (old) method is used for patches.
When RSA is used, this uses an SPL key handle that is initialized with the console-unique RSA-2048 ticket key.
CommonETicket (or cetk) no longer exist.
Certificate chain
Certificate | Signature type | Retail cert name | Debug cert name | Description |
---|---|---|---|---|
Ticket | RSA-2048 | XS00000021 | ? | Used to verify ticket signatures using RSA title key block ("personalized" tickets) |
Ticket | RSA-2048 | XS00000020 | ? | Used to verify ticket signatures using AES title key block |
CA | RSA-4096 | CA00000003 | CA00000004 | Used to verify the ticket certificate |
The CA certificate is issued by 'Root', the public key for which is stored in ES.