In memory of Ben “bushing” Byer, who passed away on Monday, February 8th, 2016.

Nn idbe.rpl

From WiiUBrew
Jump to navigation Jump to search

nn_idbe.rpl is a library that downloads and decrypts icon databases.

Addresses

The library can downloads icons for Wii U or 3DS titles.

For Wii U icons, 

https://idbe-wup.cdn.nintendo.net/icondata/%02X/%016llX-%d.idbe

Replace %02X with the first two digits of the second half of the title ID (passing in 10 works fine) and %016llX with the 16-digit title ID. the last %d is the version number.

If you just want the latest icon, you can also use 

https://idbe-wup.cdn.nintendo.net/icondata/%02X/%016llX.idbe

e.g. the icon for Splatoon is https://idbe-wup.cdn.nintendo.net/icondata/10/0005000010176A00.idbe

For 3DS icons: 

https://idbe-ctr.cdn.nintendo.net/icondata/%02X/%016llX-%d.idbe

or 

https://idbe-ctr.cdn.nintendo.net/icondata/%02X/%016llX.idbe

for latest.

These sites use a self-signed SSL certificate, but do allow access without special client certificates (i.e. accessible from a regular browser)

Encryption

The icon database is encrypted with AES-128-CBC. There's a two byte header:

byte 0: always zero. byte 1: aes key index

followed by encrypted data.

nn_idbe contains hardcoded keys in one 0x50 sized block (0x10 * 5), consisting of the 16-byte hardcoded IV, and 4 hardcoded 16-byte AES-128 keys.

In OSv12 (000500101000400A), the keys are located at $.rodata+0x4c of nn_idbe.rpl.

Here are the keys: (no copyright issue as OSv12 is a free title Kappa) 

IV = "A46987AE47D82BB4FA8ABC0450285FA4" 

K0 = "4AB9A40E146975A84BB1B4F3ECEFC47B" 
K1 = "90A0BB1E0E864AE87D13A6A03D28C9B8" 
K2 = "FFBB57C14E98EC6975B384FCF40786B5" 
K3 = "80923799B41F36A6A75FB8B48C95F66F" 

AES_KEYS = [K0, K1, K2, K3]

Decrypted icon format

Offset Length Description
0x0 0x20 SHA256 hash of the rest of the data
0x20 0x8 Title ID
0x28 0x18 Unknown (See note 1 below)
0x40 0x4 Magic (ÀÀÀÀ)
0x44 0xC Padding?
0x50 0x200*16 Title Info (See note 2 below)
0x2050 Remainder Original TGA

Title Info

Offset Length Description
0x0 0x80 Short title name
0x80 0x100 Full title name
0x180 0x80 Publisher

Note 1: The first 8 bytes of this section seem to always be relatively empty, where as the last 16 seem to always been some combination of the characters € and À.

Examples:

  1. Breath of The Wild: https://i.imgur.com/qI9ehUQ.png
  2. Super Mario Maker: https://i.imgur.com/lNfcAM5.png
  3. Tekken Tag Tournament 2: https://i.imgur.com/8bJeD56.png
  4. Minecraft WiiU: https://i.imgur.com/fiC840J.png


Note 2: Each of the 16 0x200-length groups has 3 UTF-16 text blocks. There is always 3 blocks, even if the string does not take up the entire (or any of the) block. Some games have plain-text strings starting here, where others have empty null bytes or seemingly garbage text (sometimes a mix of all 3).

Examples:

  1. New SUPER MARIO BROS. U + New SUPER LUIGI U: https://i.imgur.com/IeAAKuZ.png
  2. Super Mario Maker: https://i.imgur.com/Q6yWYiO.png
  3. Tekken Tag Tournament 2: https://i.imgur.com/f4ENuT5.png
  4. Minecraft WiiU: https://i.imgur.com/xZPCbdQ.png


Example decryptor here: https://github.com/NexoDevelopment/idbe_decrypt/

Retrieved from "https://wiiubrew.org/w/index.php?title=Nn_idbe.rpl&oldid=2707"