Trust Center Backup File Format

Hi! Is the file Zigbee Trust Center backup file format documented?
The file has the name backup_TC*.xbee and is generated with BK AT command.
I only know that the contents is encrypted with AES-256-CTR.
The file begins with '\x02\x00\x00\x00\x12\x10…` followed by 2028 bytes of data that looks like random.
The Nonce is 20 bytes starting with ‘\x10\x00\x00\x00’ and the rest 16 bytes look random. This is strange because a nonce is usually less than 16 bytes.
Also, 2028 is not a multiple of 16 (the AES block size).

No it is not documented for the public to see as that would then result in someone being able to decrypt the file.

But it’s already encrypted, so the contents is not available to anyone without the key anyways.

Consider this use-case: I want to replace a legacy XBee coordinator (that predates the backup files) with a new one without reforming the network. Because the network ID is not writable, my only option is to build the backup file by hand, encrypt it with KB key, then restore from it. However because the format is not known, I don’t know how to do that.

If you are using this kind of encryption, then you should be creating a backup file on a regular basis. Using an out of date backup file to restore the network with is not recommended.

But for that to work, I need either:

  1. An updated firmware that allows to set the network ID
  2. A hint on how to manually create the backup file

Shulyaka, that is not a function that is going to be made public.