0
edits
Changes
→WAD Format
Line 60:
Line 60:
=== Chain of Certificates ===
=== Chain of Certificates ===
+
+'''<span style="color: red;">It's recommended to read the [[Certificate chain]] article and using the header information instead of that info and constant offsets.</span>'''
{| style="border-collapse: collapse; padding: 0.2em 0.2em 0.2em 0.2em;"
{| style="border-collapse: collapse; padding: 0.2em 0.2em 0.2em 0.2em;"
Line 120:
Line 122:
=== Key and IV ===
=== Key and IV ===
+
+'''<span style="color: red;">It's recommended to read the [[Ticket]] article and using the header information instead of that info and constant offsets.</span>'''
{| style="border-collapse: collapse; padding: 0.2em 0.2em 0.2em 0.2em;"
{| style="border-collapse: collapse; padding: 0.2em 0.2em 0.2em 0.2em;"
Line 144:
Line 148:
=== File Table ===
=== File Table ===
+
+'''<span style="color: red;">It's recommended to read the [[TMD file structure]] article and using the header information instead of that info and constant offsets.</span>'''
WAD files contain a number of "files" in them. The number of files can be obtained from the halfword (2 bytes) at 0xede. The table itself starts at 0xee4, and it is composed of a number of file entries:
WAD files contain a number of "files" in them. The number of files can be obtained from the halfword (2 bytes) at 0xede. The table itself starts at 0xee4, and it is composed of a number of file entries:
Line 186:
Line 192:
The files are located after the file table, with their starts aligned to a 64 byte boundary. To read a file, skip bytes until the next 64 byte boundary (unless already at one), read the ''File size'' bytes rounded to the next 16 bytes (the AES block size), decrypt using AES (using the title key and the IV in the file table entry plus 14 zero bytes), and take filesize bytes from the result to create the output file. The SHA-1 sum of this should match the one in the file table.
The files are located after the file table, with their starts aligned to a 64 byte boundary. To read a file, skip bytes until the next 64 byte boundary (unless already at one), read the ''File size'' bytes rounded to the next 16 bytes (the AES block size), decrypt using AES (using the title key and the IV in the file table entry plus 14 zero bytes), and take filesize bytes from the result to create the output file. The SHA-1 sum of this should match the one in the file table.
+
+=== APP ===
+The "APP" block in the WAD is a block of encrypted data that contains the info that is actually used by the channel.
+
+The contents in the APP are referenced by the TMD. The file is aligned to 64 bytes after each file.
+
+The files are encrypted using the title key (from the ticket) and the file index (in the TMD, the 2 first bytes of the IV are the index, the last 14 bytes are zeroes) as IV.
+
+To get the title key, you need to decrypt it from the ticket.
+
+=== Trailer ===
+The "trailer" is a copy of the first file in the APP.