In memory of Ben “bushing” Byer, who passed away on Monday, February 8th, 2016.

Difference between revisions of "Nn idbe.rpl"

From WiiUBrew
Jump to navigation Jump to search
Line 46: Line 46:
 
== Decrypted icon format ==
 
== Decrypted icon format ==
  
There's a SHA256 of the data at the beginning of the file. After the sha, there's some stuff that contains UTF-16 text of the game name and publisher, then image data begins.
+
{| class="wikitable"
 +
! Offset
 +
! Length
 +
! Description
 +
|-
 +
| 0x0
 +
| 0x20
 +
| SHA256 hash of the rest of the data
 +
|-
 +
| 0x20
 +
| 0x8
 +
| Title ID
 +
|-
 +
| 0x28
 +
| 0x18
 +
| Unknown (See note 1 below)
 +
|-
 +
| 0x40
 +
| 0x4
 +
| Magic (ÀÀÀÀ)
 +
|-
 +
| 0x44
 +
| 0xC
 +
| Padding?
 +
|-
 +
| 0x50
 +
| 0x2000
 +
| UTF-16 blocks of text for the publisher/title name (See note 2 below)
 +
|-
 +
| 0x2050
 +
| Remainder
 +
| Original TGA
 +
|}
  
The image data is given as Truevision TGA and usually starts 0x2050 bytes into the decrypted buffer.
+
'''Note 1:'''
 +
The first 8 bytes of this section seem to always be relatively empty, where as the last 10 seem to always been some combination of the characters € and À.
  
128x128 pixels.
+
'''Examples:'''
Decryptor here: https://github.com/NexoDevelopment/idbe_decrypt/
+
 
 +
# Breath of The Wild: https://i.imgur.com/qI9ehUQ.png
 +
# Super Mario Maker: https://i.imgur.com/lNfcAM5.png
 +
# Tekken Tag Tournament 2: https://i.imgur.com/8bJeD56.png
 +
# Minecraft WiiU: https://i.imgur.com/fiC840J.png
 +
 
 +
 
 +
'''Note 2:'''
 +
It is only assumed that these string blocks start at offset 0x50. This is assumed because some games have plain-text strings starting here, where others have empty null bytes or seemingly garbage text. There also seems to be a strict format/rule set for how the publisher/title names are supposed to be laid out and structured, but it is not known at the moment.
 +
 
 +
'''Examples:'''
 +
 
 +
# New SUPER MARIO BROS. U + New SUPER LUIGI U: https://i.imgur.com/IeAAKuZ.png
 +
# Super Mario Maker: https://i.imgur.com/Q6yWYiO.png
 +
# Tekken Tag Tournament 2: https://i.imgur.com/f4ENuT5.png
 +
# Minecraft WiiU: https://i.imgur.com/xZPCbdQ.png
 +
 
 +
 
 +
Example decryptor here: https://github.com/NexoDevelopment/idbe_decrypt/

Revision as of 14:28, 11 January 2019

nn_idbe.rpl is a library that downloads and decrypts icon databases.

Addresses

The library can downloads icons for Wii U or 3DS titles.

For Wii U icons, 

https://idbe-wup.cdn.nintendo.net/icondata/%02X/%016llX-%d.idbe

Replace %02X with the first two digits of the second half of the title ID (passing in 10 works fine) and %016llX with the 16-digit title ID. the last %d is the version number.

If you just want the latest icon, you can also use 

https://idbe-wup.cdn.nintendo.net/icondata/%02X/%016llX.idbe

e.g. the icon for Splatoon is https://idbe-wup.cdn.nintendo.net/icondata/10/0005000010176A00.idbe

For 3DS icons: 

https://idbe-ctr.cdn.nintendo.net/icondata/%02X/%016llX-%d.idbe

or 

https://idbe-ctr.cdn.nintendo.net/icondata/%02X/%016llX.idbe

for latest.

These sites use a self-signed SSL certificate, but do allow access without special client certificates (i.e. accessible from a regular browser)

Encryption

The icon database is encrypted with AES-128-CBC. There's a two byte header:

byte 0: always zero. byte 1: aes key index

followed by encrypted data.

nn_idbe contains hardcoded keys in one 0x50 sized block (0x10 * 5), consisting of the 16-byte hardcoded IV, and 4 hardcoded 16-byte AES-128 keys.

In OSv12 (000500101000400A), the keys are located at $.rodata+0x4c of nn_idbe.rpl.

Here are the keys: (no copyright issue as OSv12 is a free title Kappa) 

IV = "A46987AE47D82BB4FA8ABC0450285FA4" 

K0 = "4AB9A40E146975A84BB1B4F3ECEFC47B" 
K1 = "90A0BB1E0E864AE87D13A6A03D28C9B8" 
K2 = "FFBB57C14E98EC6975B384FCF40786B5" 
K3 = "80923799B41F36A6A75FB8B48C95F66F" 

AES_KEYS = [K0, K1, K2, K3]

Decrypted icon format

Offset Length Description
0x0 0x20 SHA256 hash of the rest of the data
0x20 0x8 Title ID
0x28 0x18 Unknown (See note 1 below)
0x40 0x4 Magic (ÀÀÀÀ)
0x44 0xC Padding?
0x50 0x2000 UTF-16 blocks of text for the publisher/title name (See note 2 below)
0x2050 Remainder Original TGA

Note 1: The first 8 bytes of this section seem to always be relatively empty, where as the last 10 seem to always been some combination of the characters € and À.

Examples:

  1. Breath of The Wild: https://i.imgur.com/qI9ehUQ.png
  2. Super Mario Maker: https://i.imgur.com/lNfcAM5.png
  3. Tekken Tag Tournament 2: https://i.imgur.com/8bJeD56.png
  4. Minecraft WiiU: https://i.imgur.com/fiC840J.png


Note 2: It is only assumed that these string blocks start at offset 0x50. This is assumed because some games have plain-text strings starting here, where others have empty null bytes or seemingly garbage text. There also seems to be a strict format/rule set for how the publisher/title names are supposed to be laid out and structured, but it is not known at the moment.

Examples:

  1. New SUPER MARIO BROS. U + New SUPER LUIGI U: https://i.imgur.com/IeAAKuZ.png
  2. Super Mario Maker: https://i.imgur.com/Q6yWYiO.png
  3. Tekken Tag Tournament 2: https://i.imgur.com/f4ENuT5.png
  4. Minecraft WiiU: https://i.imgur.com/xZPCbdQ.png


Example decryptor here: https://github.com/NexoDevelopment/idbe_decrypt/

Retrieved from "https://wiiubrew.org/w/index.php?title=Nn_idbe.rpl&oldid=2705"