DSiWare titles will not encrypt in buildcia script or re-encrypt.

[TurdPooCharger]

This example was done in GodMode9 v1.8.0.

1. Hold (R)-shoulder and press (A) on [2:] SYSNAND TWLN → Search for titles.
2. While in the [Z:] LAST SEARCH drive, press (A) on DS Download Play (NTR-HNDA).tmd.
3. TMD file options... → Build CIA (legit).
4. Go to [0:] SDCARD ( )/gm9/out/
5. Press (A) on DS Download Play (NTR-HNDA).legit.cia → CIA image options... → CIA checker tool.

As expected for an intact TWL system title, the status is:

• Ticket/TMD: legit/legit.

---

Continuing...

6. CIA image options... → Decrypt file (0:/gm9/out)
7. CIA image options... → CIA checker tool

The status is now:

• Ticket/TMD: legit/illegit

---

No problem. Let's try re-encrypting the .cia.

8. CIA image options... → Encrypt file (0:/gm9/out)
9. CIA image options... → CIA checker tool

However, the status stays as:

• Ticket/TMD: legit/illegit

---

When using gm9 script encrypt function on a decrypted DSiWare .cia, the output file stays decrypted.

[d0k3]

You think the TMD becomes legit again from reencrypting? By doing any crypto stuff there, you change the TMD, thus it is no more legit.

Maybe there's something we can do about it, in that case. Can you do a hex comparison of the two TMDs? The legit one and the illegit one. Or, upload them somewhere for me to have a look at.

[TurdPooCharger]

Late reply. I needed time to reexamine what was observed. From what I gathered, the legit status of the .tmd is a separate issue of whether a .cia file is encrypted or decrypted, yes?

1. Below are the hex views of several DS Download Play .cia files.
2. Offset 0x3900 is where the header.bin is located in the .cia.

---

Encrypted

Method A

Seen on the left, this is produced when using:

• TMD file options... → Build CIA (legit)

---

Decrypted

Seen on the right, these are the outputs when using:

Method B

On the DS Download Play (NTR-HNDA).legit.cia that was made from Method A,

• CIA image options... → Decrypt file (0:/gm9/out).

This is expected.

Method C

Producing standard built .cia.

• TMD file options... → Build CIA (standard)

This is also expected.

Method D

Using this gm9 script code with the "--legit" flag, this does not produce a legit version.

• buildcia -l "2:/title/00030005/484e4441/content/00000000.tmd"

The output is DS Download Play (NTR-HNDA).cia.

I'm not sure if the legit flag was meant to only be used for CTRNAND system titles.

Method E

Using this script code on the .cia file made from Method D,

• encrypt "$[GM9OUT]/DS Download Play (NTR-HNDA).cia"

the SHA-256 hash stays the same for the file.

Method F

Doing this on the same file from Method E,

• CIA image options... → Encrypt file (0:/gm9/out)

the SHA-256 hash still stays the same.

[d0k3]

@TurdPooCharger - I think I found the problem... can you try this test build, please? https://f.secretalgorithm.com/RTSZP/godmode9.firm

[TurdPooCharger]

Sorry, late reply. That build introduces a new bug. When doing Search for titles, it no longer lists the .tmd in [Title ID] [Name] [Product Code] [Region] format. I'll continue with DSiWare (en/de)cryption testing depending if you want to move forward past this.

[d0k3]

Oh well... fix one thing, break two things... Gimme a few minutes with that...

[d0k3]

@TurdPooCharger - can you try this one? https://f.secretalgorithm.com/8h9Mn/godmode9.firm

[TurdPooCharger]

GodMode9 v1.8.0-46-g2bdcdf8b - Results for DS Download Play.

Method A: :+1: , CIA is built with legit ticket and is encrypted. Method B: :+1: , (A copy of the) CIA from Method A keeps its legit ticket and is decrypted. Method C: :+1: , CIA is built with nonlegit ticket and is decrypted. Method D: :+1: , CIA built through script with -l flag matches hash with the CIA from method A.

Method E: :-1: , (A copy of the) CIA from Method C does not re-encrypt with script's encrypt function. Method F: :-1: , The CIA from Method E does not re-encrypt when using Encrypt file (0:/gm9/out) on it. The hash stays the same.

---

Other observations.

1. When editing the file names, the character scroll bar disappears the moment you let off pressing the (UP/DOWN) d-pad.

2. Pressing the (HOME) button, the Testing... option feels out of place. It should go in-between Payloads... and More... as More... option seems more of natural fit being placed at the end.

[d0k3]

Okay, I'll look into E&F. Testing stuff is, you may have guessed it, just temporary. Pretty sure you already gave the swkbd a try by now, so I'd be interested in your opinion on it.

I'll also look into the character scroll bar thing.

[TurdPooCharger]

• I like that the circle pad can be used to navigate the menu. The only drawback is it's too sensitive to use the (LEFT/RIGHT) inputs where the selector goes all the way to the top or bottom.

• What kind of black sorcery happened to the gm9 script!? It's like speed dialed on meth or something. Lmao.

• I noticed that modifying the [1:] SYSNAND CTRNAND has been raised to Lvl3 privilege. I thought Lvl3 was reserved for actions that can cause bootrom soft bricks.

• For the fill script command, the -n or no cancel flag doesn't work.

• For the Build CIA (legit) option and buildcia script command, the -l or legit force flag now includes building SD titles. Does this mean buildcia -l will also work in dumping DSiWare games, too? However, being able to dump example title.legit.cia without the inclusion of the legit ticket will likely raise confusion later. This is unless a new naming tag is developed to distinguish either cases: (1) legit (ticket & tmd) versus (2) legit (tmd only).

• If the Paint9 or Touchscreen playground is to be officially implemented, that right vertical bar should show color palette. Other than that, no complaints test drawing phallic shapes. Hue.

• The Software keyboard works, but it's a little small on my n3DSXL. I'm guess this was developed on your n3DS where it does take up the full screen width. If it's possible, it would be nice to have audio click feedback when tapping the virtual buttons.

[d0k3]

Alright, I fixed the character scroll bar, and fill should now work with the -n flag. Permission system will also be fixed. (EDIT: permission system is fixed) Some stuff needs clarification.

Paint9: Well, suggest an actual palette. I may include it. I know the picker tool is not perfect.

Software keyboard: I'm using it on a small N3DS, and it's pixel based (not width based). It takes up the same amount of (relative) screen estate on every console. Using it on the small N3DS it takes a little time to get used to, but I think it works. You should have a lot more room on that big screen of yours.

buildcia -l should always include the legit ticket when building a CIA from a TMD, regardless of from where that CIA is built. Is there any case where you don't get a legit ticket with it?

As for that:

Method E: 👎 , (A copy of the) CIA from Method C does not re-encrypt with script's encrypt function. Method F: 👎 , The CIA from Method E does not re-encrypt when using Encrypt file (0:/gm9/out) on it.

Well... depends on what you want if you encrypt a CIA. We don't do the CIA/titlekey encryption, cause, frankly, no one will likely want that on a already decrypted CIA. We only (NCCH-)encrypt the contents within. The purpose of encryption is not to make it legit again.

Did I forget about something?

[TurdPooCharger]

On that v1.8.0-46-g2bdcdf8b build,

• Pressing (HOME) button → More... → System Info, the data fields for Model, Serial, Region (system), and Region (sales) are labelled unknown.

• When building a legit CIA for SD titles, a choice is given to Use generic ticket (not legit). The TMD will be legit but not the ticket.

• Pressing the (L)+(R) shoulder buttons to do screenshots result in corrupt PNG.

I have mock-up ideas of a full width keyboard and color palette for Paint9, but the screenshot bug prevented getting image templates.