From 569606b8d46a694e92e14ceb95129c379f041152 Mon Sep 17 00:00:00 2001 From: Steveice10 <1269164+Steveice10@users.noreply.github.com> Date: Fri, 16 Jun 2023 03:34:12 -0700 Subject: [PATCH] Retire old dumping method as it is unreliable, and clean up some page formatting. --- AES-Keys.md | 54 +++++++++-------------------------------------------- 1 file changed, 9 insertions(+), 45 deletions(-) diff --git a/AES-Keys.md b/AES-Keys.md index 5488f78..ca6e7fd 100644 --- a/AES-Keys.md +++ b/AES-Keys.md @@ -2,53 +2,17 @@ Users can provide some additional crypto keys to enable some advanced features in Citra. These keys are not officially provided by Citra due to legal considerations. -**Note that if you are using fastboot3DS, methods 1 and 2 likely will not work. fastboot3DS has an issue that prevents accessing bootrom data; this was fixed in a source commit but has yet to be included in a release.** - -### Method 1 (Recommended) +### Automatically (Recommended) In this method, you will create an ```aes_keys.txt``` from your console using a GodMode9 script. This will dump all the keys and other secrets you need for game decryption, Miis, amiibo, etc. **This requires your 3DS to be on firmware 11.16.0 or 11.17.0.** 1. Download the GodMode9 script [here](https://github.com/citra-emu/citra/raw/master/dist/dumpkeys/DumpKeys.gm9) (Right Click -> Save Link As) and save it to the ```gm9/scripts``` directory on your SD card. 2. Launch GodMode9 on your 3DS and run the script by pressing HOME, selecting "Scripts", and selecting "DumpKeys". Wait for the script to finish and return you to the GodMode9 menu, then turn off your 3DS. 3. On your SD card you will find ```gm9/aes_keys.txt```. Copy this file to the ```sysdata``` folder in your Citra user directory. -**If you see an error like ```line 7: read fail``` when dumping in GodMode9, your environment does not have access to the bootrom data. If you are using fastboot3DS, see the message about that at the top of this page.** +**If you see an error like ```line 7: read fail``` when dumping in GodMode9, your environment does not have access to the bootrom data and thus cannot dump the required keys. This can occur if you are using fastboot3DS; please launch GodMode9 through a different method.** -### Method 2 -In this method, you will dump the ARM9 BootROM, `NATIVE_FIRM`, and `SAFE_MODE_FIRM` (and the secret section for the new revision models) from your console using GodMode9. - -**Note:** Extracting 0x25KeyX from `NATIVE_FIRM` is still not correctly implemented, so you will have to provide the key manually using the second method. `NATIVE_FIRM` extraction & installation is still included for completeness. - -**Step 1** - ARM9 BootROM - -1. After launching GodMode9, enter the `[M:] MEMORY VIRTUAL` drive. -2. Navigate to `boot9.bin`; press `A`. -3. Select `Copy to 0:/gm9/out`. `boot9.bin` will be dumped to `gm9/out` on your SD card. -4. Power off the console by pressing `HOME`, and then `Poweroff system`. -5. Eject the SD card from your console and insert it into your computer/device. Copy/move `boot9.bin` from `gm9/out` on the SD card to the `sysdata` folder in the [[User Directory]]. - -**Step 2** - `NATIVE_FIRM`, `SAFE_MODE_FIRM`, and the secret section. - -**For old revision models** -1. Reinsert the SD card into the console and launch GodMode9 -2. Press `HOME`, select `Title manager`, and then select `[1:] NAND / TWL` as a source. -3. After the title scan is complete, navigate to the titles named `0004013800000002 (CTR-P-CTAP)` and `0004013800000003 (CTR-P-CTAP)`. -4. Open `0004013800000002 (CTR-P-CTAP)`, select `Manage Title...`, and then select `Build CIA (standard)`. -5. Repeat the process above with `0004013800000003 (CTR-P-CTAP)` -6. Power off the system by pressing `HOME`, and then `Poweroff system`. -7. Eject the SD card from your console and insert it into your computer/device. Copy/move both CIA files from `gm9/out` on the SD card to a location of your choosing, and install both to Citra's NAND (`File` > `Install CIA...`). - -**For new revision models** -1. Reinsert the SD card into the console and launch GodMode9 -2. Press `HOME`, select `Title manager`, and then select `[1:] NAND / TWL` as a source. -3. After the title scan is complete, navigate to the title named `0004013820000003 (CTR-P-CTAP)`. -4. Open `0004013820000003 (CTR-P-CTAP)`, select `Manage Title...`, and then select `Build CIA (standard)`. -6. Exit the Title manager by pressing `B`, then enter the `[S:] SYSNAND VIRTUAL` drive. Open `sector0x96.bin` (the secret section), and select `Copy to 0:/gm9/out`. -7. Power off the system by pressing `HOME`, and then `Poweroff system`. -8. Eject the SD card from your console and insert it into your computer/device. Copy/move the CIA file from `gm9/out` on the SD card to a location of your choosing, and install it to Citra's NAND (`File` > `Install CIA...`). -9. Copy/move `sector0x96.bin` from `gm9/out` on the SD card to the `sysdata` folder in the [[User Directory]]. - -### Method 3 -As an alternative, instead of dumping the required files, you can provide all the AES keys manually. The keys are supplied by filling the file `sysdata/aes_keys.txt` (located in the [[User Directory]]) in the following format: +### Manually +As an alternative, instead of dumping a keys file using the script, you can create the file and provide all of the AES keys manually. The keys are supplied by filling the file `sysdata/aes_keys.txt` (located in the [[User Directory]]) in the following format: ``` slot0x0DKeyX=0123456789ABCDEF0123456789ABCDEF slot0x0DKeyY=0123456789ABCDEF0123456789ABCDEF @@ -69,22 +33,22 @@ common1=0123456789ABCDEF0123456789ABCDEF ``` The strings `0123456789ABCDEF0123456789ABCDEF` in the example above are all placeholder and should be replaced by correct 32-digit hex values of keys. Not all lines in the example are required at the same time. Please read the explanation below about which key enables which feature -### Loading encrypted games +#### Loading encrypted games Required keys: `slot0x25KeyX` and `slot0x2CKeyX`. If loading encrypted New 3DS games, `slot0x18KeyX` and `slot0x1BKeyX` are also required. For those who are interested, [**here's a write-up about 3DS security**](https://www.reddit.com/r/3dshacks/comments/56lk5p/game_ncch_and_cdn_encryption_an_explanation/), that also talks about the `slot0x25KeyX`. -### Sharing Mii via QR code between Citra and 3DS +#### Sharing Mii via QR code between Citra and 3DS Required keys: single `slot0x2DKeyN`, OR `slot0x2DKeyX`, `slot0x2DKeyY` together. -### Generating accurate UDS data frame +#### Generating accurate UDS data frame Required keys: single `slot0x31KeyN`, OR `slot0x31KeyX`, `slot0x31KeyY` together. -### Using client cert dumped from 3DS +#### Using client cert dumped from 3DS Required keys: single `slot0x0DKeyN`, OR `slot0x0DKeyX`, `slot0x0DKeyY` together. -### Installing encrypted CIA +#### Installing encrypted CIA Required keys: `slot0x3DKeyX` and `common0`. `common1`~`5`are probably also required for some unusual CIA. \ No newline at end of file