Difference between revisions of "Ancast image"
Hallowizer2 (talk | contribs) m (Hallowizer2 moved page Ancast Image to Ancast image: Sentence case) |
Hallowizer2 (talk | contribs) (not sure about wii u images, but vwii images seem to be DOL files?) |
||
| Line 1: | Line 1: | ||
Ancast images are encrypted and signed binaries for the [[Hardware/Espresso|Espresso]] and [[Hardware/Starbuck|Starbuck]] processors to execute. | Ancast images are encrypted and signed binaries for the [[Hardware/Espresso|Espresso]] and [[Hardware/Starbuck|Starbuck]] processors to execute. | ||
| − | The Espresso contains a secure [[Espresso Boot ROM|boot ROM]] that runs upon a PowerPC hard reset, which will only boot signed code. This code comes in the form of an ancast image. Before resetting the PPC, the currently running ARM code (either [[IOSU]] or vWii [https://wiibrew.org/wiki/IOS IOS]) must load the ancast image to the physical address 0x08000000 (Wii U images) or 0x01330000 (vWii images) for the boot ROM to verify and decrypt. The [[Cafe OS]] kernel, [[WiiMode|vWii]] [https://wiibrew.org/wiki/System_Menu System Menu], and | + | The Espresso contains a secure [[Espresso Boot ROM|boot ROM]] that runs upon a PowerPC hard reset, which will only boot signed code. This code comes in the form of an ancast image. Before resetting the PPC, the currently running ARM code (either [[IOSU]] or vWii [https://wiibrew.org/wiki/IOS IOS]) must load the ancast image to the physical address 0x08000000 (Wii U images) or 0x01330000 (vWii images) for the boot ROM to verify and decrypt. The [[Cafe OS]] kernel, [[WiiMode|vWii]] [https://wiibrew.org/wiki/System_Menu System Menu], and [https://wiibrew.org/wiki/BC-NAND BC-NAND]/[https://wiibrew.org/wiki/BC-WFS BC-WFS] are all in the form of ancast images; WiiMode images are stored inside a [https://wiibrew.org/wiki/DOL DOL] in Data0, while Text0 contains a standard boot stub that was probably automatically added by Nintendo's compiling software. |
The Starbuck's boot chain ([[boot0]] and [[boot1]]) only boots signed code in the form of an ancast image as well. On the ARM side, the IOS-MCP module is responsible for launching [[cafe2wii]] and relaunching IOSU (warm boot). IOS-MCP loads ARM ancast images into MEM1 (0x01000000), verifies and decrypts them before executing with full privileges (all memory protection is disabled and must be re-enabled by the binary itself). | The Starbuck's boot chain ([[boot0]] and [[boot1]]) only boots signed code in the form of an ancast image as well. On the ARM side, the IOS-MCP module is responsible for launching [[cafe2wii]] and relaunching IOSU (warm boot). IOS-MCP loads ARM ancast images into MEM1 (0x01000000), verifies and decrypts them before executing with full privileges (all memory protection is disabled and must be re-enabled by the binary itself). | ||
Revision as of 02:13, 16 January 2022
Ancast images are encrypted and signed binaries for the Espresso and Starbuck processors to execute.
The Espresso contains a secure boot ROM that runs upon a PowerPC hard reset, which will only boot signed code. This code comes in the form of an ancast image. Before resetting the PPC, the currently running ARM code (either IOSU or vWii IOS) must load the ancast image to the physical address 0x08000000 (Wii U images) or 0x01330000 (vWii images) for the boot ROM to verify and decrypt. The Cafe OS kernel, vWii System Menu, and BC-NAND/BC-WFS are all in the form of ancast images; WiiMode images are stored inside a DOL in Data0, while Text0 contains a standard boot stub that was probably automatically added by Nintendo's compiling software.
The Starbuck's boot chain (boot0 and boot1) only boots signed code in the form of an ancast image as well. On the ARM side, the IOS-MCP module is responsible for launching cafe2wii and relaunching IOSU (warm boot). IOS-MCP loads ARM ancast images into MEM1 (0x01000000), verifies and decrypts them before executing with full privileges (all memory protection is disabled and must be re-enabled by the binary itself).
Ancast images consist of a signature and related information, known as the ancast header, and the AES-encrypted code, known as the ancast body. ARM and PPC ancast images both use AES-128-CBC for encryption, but differ in signature algorithms. For this reason, their headers are also different.
"Ancast" is an unofficial acronym for "The princess is in another castle", which is a pun introduced during fail0verflow's initial hacking efforts. It doesn't transmit any actual meaning besides that.
ARM ancast image
Header
| Start | Length | Description |
|---|---|---|
| 0x00 | 0x04 | Magic (0xEFA282D9) |
| 0x04 | 0x04 | NULL |
| 0x08 | 0x04 | Signature offset (0x20) |
| 0x0C | 0x04 | NULL |
| 0x10 | 0x10 | NULL |
| 0x20 | 0x04 | Signature type (0x02) |
| 0x24 | 0x100 | Ancast image signature |
| 0x124 | 0x7C | Padding (must be NULL) |
| 0x1A0 | 0x02 | Must be NULL |
| 0x1A2 | 0x01 | Must be NULL |
| 0x1A3 | 0x01 | Must be NULL |
| 0x1A4 | 0x04 | Target device (0x21 for NAND, 0x22 for SD) |
| 0x1A8 | 0x04 | Console type (0x01 for debug, 0x02 for retail) |
| 0x1AC | 0x04 | Ancast image body size |
| 0x1B0 | 0x14 | Ancast image body hash |
| 0x1C4 | 0x04 | Version (always 0x02 for fw.img and c2w.img, matches Title ID version for boot1) |
| 0x1C8 | 0x38 | Padding (must be NULL) |
Body
The image's body is composed of AES-128-CBC encrypted (with the Starbuck WiiU, vWii or boot1 ancast keys) data.
PPC ancast image
Header
| Start | Length | Description |
|---|---|---|
| 0x00 | 0x04 | Magic (0xEFA282D9) |
| 0x04 | 0x04 | NULL |
| 0x08 | 0x04 | Signature offset (0x20) |
| 0x0C | 0x04 | NULL |
| 0x10 | 0x10 | NULL |
| 0x20 | 0x04 | Signature type (0x01) |
| 0x24 | 0x38 | Ancast image signature |
| 0x5C | 0x44 | Padding (must be NULL) |
| 0xA0 | 0x02 | Must be NULL |
| 0xA2 | 0x01 | Must be NULL |
| 0xA3 | 0x01 | Must be NULL |
| 0xA4 | 0x04 | Unknown (0x11 on Wii U images, 0x13 on vWii images) |
| 0xA8 | 0x04 | Hash type (0x02) |
| 0xAC | 0x04 | Ancast image body size |
| 0xB0 | 0x14 | Ancast image body hash |
| 0xC4 | 0x3C | Padding (must be NULL) |
Body
The image's body is composed of AES-128-CBC encrypted (with the Espresso WiiU or vWii ancast keys) data. It starts 0x100 bytes after the start of the header.