NVriezen
commented
4 months ago I managed to come a long way with replicating the 3DS pairing. However to decrypt the HMAC key I need to find another key in the .rodata of the System Settings app (mset). So I do have the HMAC key itself and the counter used for the counter (IV/CTR).
This was only possibly with the information on 3dbrew, so that is where you need to find the pointers you are asking for. Godmode9 is a necessary tool to grab the binaries needed to reverse engineer anything. Hopefully this help you.
If someone knows where in the .rodata this other key is stored or how it can be identified, a little hint would be greatly appreciated.
I would love to have some pointers on how to get the HMAC key used to derive the CCMP AES key.
Conceptually, I'm assuming the key can be found by reverse engineering the daemon responsible for StreetPass communications. How do I find the binary for this daemon?