Change readme. Add information about keys.

This commit is contained in:
jakcron 2018-04-24 17:25:05 +08:00
parent b4d3fbe7f9
commit f36ef0061d
2 changed files with 85 additions and 8 deletions

60
KEYS.md Normal file
View file

@ -0,0 +1,60 @@
# Format
Programs in NXTools currently recognise the following keys (## represents a hexadecimal number between 00 and 1F):
```
; Key Sources
master_key_## : Master key, used to derive other keys. (0x10 bytes)
aes_kek_generation_source : Used to derive other aes-keks. (0x10 bytes)
aes_key_generation_source : Used to derive other aes-keys. (0x10 bytes)
package2_key_source : Used with master_key_## to derive package2_key_##. (0x10 bytes)
ticket_commonkey_source : Used with master_key_## to derive ticket_commonkey_##. (0x10 bytes)
nca_header_kek_source : Used with master_key_00, aes_kek_generation_source and aes_key_generation_source to generate nca_header_kek. (0x10 bytes)
nca_header_key_source : Used with nca_header_kek to generate nca_header_key. (0x20 bytes)
nca_body_keak_application_source : Used with master_key_##, aes_kek_generation_source and aes_key_generation_source to generate nca_body_keak_application_##. (0x10 bytes)
nca_body_keak_ocean_source : Used with master_key_##, aes_kek_generation_source and aes_key_generation_source to generate nca_body_keak_ocean_##. (0x10 bytes)
nca_body_keak_system_source : Used with master_key_##, aes_kek_generation_source and aes_key_generation_source to generate nca_body_keak_system_##. (0x10 bytes)
; Package1 keys
package1_key_## : AES128 Key (0x10 bytes)
; Package2 Keys
package2_key_## : AES128 Key (0x10 bytes)
package2_sign_key_modulus : RSA2048 Modulus (0x100 bytes)
package2_sign_key_private : RSA2048 Private Exponent (0x100 bytes)
; Ticket Keys
ticket_commonkey_## : AES128 Key (0x10 bytes)
; NCA Keys
nca_header_key : AES128-XTS Key (0x20 bytes)
nca_header_sign_key_modulus : RSA2048 Modulus (0x100 bytes)
nca_header_sign_key_private : RSA2048 Private Exponent (0x100 bytes)
nca_body_keak_application_## : AES128 Key (0x10 bytes)
nca_body_keak_ocean_## : AES128 Key (0x10 bytes)
nca_body_keak_system_## : AES128 Key (0x10 bytes)
; XCI Keys
xci_header_key : AES128 Key (0x10 bytes)
xci_header_sign_key_modulus : RSA2048 Modulus (0x100 bytes)
xci_header_sign_key_private : RSA2048 Private Exponent (0x100 bytes)
; ACID Keys
acid_sign_key_modulus : RSA2048 Modulus (0x100 bytes)
acid_sign_key_private : RSA2048 Private Exponent (0x100 bytes)
```
# Compatibility with hactool keyset files
NXTools keyset files share the same keyset file format as [hactool](https://github.com/SciresM/hactool/blob/master/KEYS.md), but names of keys may differ. For compatibility, hactool names for equivalent keys are accepted.
```
titlekey_source : hactool alias for ticket_commonkey_source
header_key_source : hactool alias for nca_header_key_source
header_kek_source : hactool alias for nca_header_kek_source
key_area_key_application_source : hactool alias for nca_body_keak_application_source
key_area_key_ocean_source : hactool alias for nca_body_keak_ocean_source
key_area_key_system_source : hactool alias for nca_body_keak_system_source
titlekek_## : hactool alias for ticket_commonkey_##
header_key : hactool alias for nca_header_key
key_area_key_application_## : hactool alias for nca_body_keak_application_##
key_area_key_ocean_## : hactool alias for nca_body_keak_ocean_##
key_area_key_system_## : hactool alias for nca_body_keak_system_##
```

View file

@ -1,11 +1,28 @@
# NXTools
Tools for NX (Nintendo Switch).
== Tools ==
* ncatool - read/extract *.nca
* nstool - read *.npdm, read/extract PartitionFS (PFS0|HFS0) blobs (including *.nsp), read *.xci
* tiktool - read ticket fields.
Tools & Libraries for NX (Nintendo Switch).
== Issues ==
* [ncatool] nca section extraction not implemented
* [nstool] romfs support not implemented
![License](https://img.shields.io/badge/license-MIT-blue.svg)
# Tools
* (nstool)[/programs/nstool] - read *.npdm, read/extract PartitionFS (PFS0|HFS0) blobs (including *.nsp), read *.xci
* (ncatool)[/programs/ncatool] - read/extract *.nca
* (tiktool)[/programs/tiktool] - read ticket fields.
# Libraries
* (libfnd)[/lib/libfnd] - Foundation library.
* (libcrypto)[/lib/libcrypto] - Cryptographic functions (AES,SHA,RSA). Wrapper for [mbedTLS](https://github.com/ARMmbed/mbedtls)
* (libes)[/lib/libes] - Handling of (NS relevant) eShop file type processing. (eTickets, etc)
* (libnx)[/lib/libnx] - Handling of NS file types
# External Keys
Programs/libraries don't embed any keys that are copyright protected. However keys can be imported via a keyset file.
For programs that support it, the keyset file can either be provided via the command line (see program usage for details). Alternatively a keyset file located in _$HOME/.switch/prod.keys_ (or _$HOME/.switch/dev.keys_ for dev) will be imported automatically if one is not provided at the command line.
Keyset files are ASCII text files containing one key per line, in the form "key_name = HEXADECIMALKEY". Case and whitespace do not matter, ';' character can be used to insert comments.
See [KEYS.md](/KEYS.md) for more details.