Difference between revisions of "Cmep Key Ring Base"
Jump to navigation
Jump to search
CelesteBlue (talk | contribs) |
|||
| (27 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | Keyslot physical address = 0xE0058000 + 0x20 * slot_id. | |
=== Permission bits === | === Permission bits === | ||
| − | If a | + | |
| + | If a keyslot is not locked, it can target cmep memory or unlocked keyslot. | ||
{| class="wikitable" | {| class="wikitable" | ||
| Line 8: | Line 9: | ||
! Bit !! Function | ! Bit !! Function | ||
|- | |- | ||
| − | | | + | | 0x1 || Encryption operation allowed |
|- | |- | ||
| − | | | + | | 0x2 || Decryption operation allowed |
|- | |- | ||
| − | | | + | | 0x4 || ? operation allowed |
|- | |- | ||
| − | | | + | | 0x8 || ? operation allowed |
|- | |- | ||
| − | | 0x10 || ? | + | | 0x10 || ??? Master Keyslot can target memory ??? |
|- | |- | ||
| − | | 0x20 | + | | 0x20 || Master Keyslot can target user keyslot (based on Mask Group below) |
|- | |- | ||
| 0x40 || Keyslot Pairing Lock Mask Group 0 (Master slots 0x204-0x205 and user slots 0-7) | | 0x40 || Keyslot Pairing Lock Mask Group 0 (Master slots 0x204-0x205 and user slots 0-7) | ||
| Line 24: | Line 25: | ||
| 0x80 || Keyslot Pairing Lock Mask Group 1 (Master slots 0x206-0x20D and user slots 8-0xF) | | 0x80 || Keyslot Pairing Lock Mask Group 1 (Master slots 0x206-0x20D and user slots 8-0xF) | ||
|- | |- | ||
| − | | 0x100 | + | | 0x100 || Keyslot Pairing Lock Mask Group 2 (Master slots 0x340-0x343 and user slots 0x10-0x1F) |
|- | |- | ||
| − | | 0x200 | + | | 0x200 || Keyslot Pairing Lock Mask Group 3 (Master slots 0x344-0x353 and user slots 0x20-0x2F) |
|- | |- | ||
| − | | 0x400 || Locked Keyslot can target | + | | 0x400 || Locked Keyslot can target cmep memory |
|- | |- | ||
| − | | 0x800 || | + | | 0x800 || Can be written directly by cmep |
|- | |- | ||
| − | | 0x1000 || | + | | 0x1000 || Can be read directly by cmep |
|} | |} | ||
| Line 39: | Line 40: | ||
{| class="wikitable" | {| class="wikitable" | ||
|- | |- | ||
| − | ! Slot !! Initial Valid !! Initial Protection !! Protection (1.69) !! Ever Valid (1.69) !! Per Console | + | ! Slot !! Initial Valid !! Initial Protection !! Protection (1.69) !! Ever Valid (1.69) !! Per Console (1.69) !! Set By !! Description |
|- | |- | ||
| − | | 0 | + | | 0 || N || 0x0442 || 0x0442 || Y || N || Many sm || General common slot |
|- | |- | ||
| − | | 1 | + | | 1 || N || 0x0442 || 0x0442 || N || ? || ? || ? |
|- | |- | ||
| − | | 2-7 | + | | 2-7 || N || 0x0442 || 0x0040 || N || ? || ? || ? |
|- | |- | ||
| − | | 8 | + | | 8 || N || 0x049F || 0x0081 || Y || Y || first_loader || [[SLSK]] personalization key (encrypt). Derived from keyslots 0x206 or 0x207. |
|- | |- | ||
| − | | 9 | + | | 9 || N || 0x049F || 0x0080 || N || ? || first_loader || [[SLSK]] personalization key (decrypt). Derived from keyslots 0x206 or 0x207. |
|- | |- | ||
| − | | 0xA || N || 0x049F || 0x0080 || Y || N || | + | | 0xA-0xF || N || 0x049F || 0x0080 || Y || N || first_loader || 6 [[SLSK]] metadata decryption keys. Derived from keyslots 0x208-0x20D. |
|- | |- | ||
| − | | | + | | 0x10 || N || 0x0502 || 0x0502 || N || ? || ? || Supports decryption only. |
|- | |- | ||
| − | | | + | | 0x11-0x1F || N || 0x0502 || 0x0100 || N || ? || ? || ? |
|- | |- | ||
| − | | | + | | 0x20 || N || 0x061F || 0x0200 || Y || ? || first_loader || [[SLSK]] HMAC-SHA256 Key. Derived from keyslot 0x344. |
|- | |- | ||
| − | | | + | | 0x21-0x24 || N || 0x061F || 0x061F || N || ? || ? || Supports encryption and decryption. |
|- | |- | ||
| − | + | | 0x25-0x2F || N || 0x061F || 0x0200 || N || ? || ? || ? | |
| − | |||
| − | | 0x25-0x2F | ||
|- | |- | ||
| 0x30-0x34 || N || 0x041F || 0x041F || N || ? || ? || ? | | 0x30-0x34 || N || 0x041F || 0x041F || N || ? || ? || ? | ||
| Line 69: | Line 68: | ||
| 0x35-0x7F || N || 0x041F || 0x0000 || N || ? || ? || ? | | 0x35-0x7F || N || 0x041F || 0x0000 || N || ? || ? || ? | ||
|- | |- | ||
| − | | 0x80-0xFF || X || 0x0000 || 0x0000 || X || ? || ? || Not used | + | | 0x80-0xFF || X || 0x0000 || 0x0000 || X || ? || ? || Not used. |
|- | |- | ||
| − | | 0x100 || N || 0x041F || 0x041F || N | + | | 0x100 || N || 0x041F || 0x041F || N || ? || ? || ? |
|- | |- | ||
| − | | 0x101-0x17F | + | | 0x101-0x17F || N || 0x041F || 0x0000 || N || ? || ? || ? |
|- | |- | ||
| − | | 0x180-0x1FF | + | | 0x180-0x1FF || X || 0x0000 || 0x0000 || X || ? || ? || Not used. |
|- | |- | ||
| 0x200-0x203 || Y || 0x0002 || 0x0000 || Y || ? || ? || ? | | 0x200-0x203 || Y || 0x0002 || 0x0000 || Y || ? || ? || ? | ||
|- | |- | ||
| − | | 0x204 | + | | 0x204 || Y || 0x006F || 0x006F || Y || Y || ? || AES-256 master key for IdStorage Certificates AES-128-ECB keys derivation. Used by KIRK commands 0x10, 0x12, 0x17 and 0x19. |
|- | |- | ||
| − | | | + | | 0x205 || Y || 0x006F || 0x006F || Y || Y || ? || ? |
|- | |- | ||
| − | | | + | | 0x206 || Y || 0x00AF || 0x00A0 || Y || ? || ? || Master key used to derive key used to decrypt personalized layer over [[SLSK]]. Should be per-console. |
|- | |- | ||
| − | | 0x208-0x20D || Y || 0x00AF || 0x00A0 || Y || ? || ? || 6 keys used to decrypt | + | | 0x207 || Y || 0x00AF || 0x00A0 || Y || ? || ? || Master key used instead of keyslot 0x206 when first_loader secret debug mode is set. (Possibly non-per-console?) |
| + | |- | ||
| + | | 0x208-0x20D || Y || 0x00AF || 0x00A0 || Y || ? || ? || 6 master keys used to derive AES-128-CBC Key to decrypt [[SLSK]] metadata. Which one is used depends on encryption key revision in [[SLSK]] header. | ||
|- | |- | ||
| 0x20E-0x20F || Y || ? || 0x0010 || Y || ? || ? || Maybe per-console eMMC crypto keys? Protected by second_loader. | | 0x20E-0x20F || Y || ? || 0x0010 || Y || ? || ? || Maybe per-console eMMC crypto keys? Protected by second_loader. | ||
| Line 91: | Line 92: | ||
| 0x210-0x211 || Y || 0x001F || 0x0000 || Y || ? || ? || ? | | 0x210-0x211 || Y || 0x001F || 0x0000 || Y || ? || ? || ? | ||
|- | |- | ||
| − | | 0x212 | + | | 0x212 || Y || 0x001F || 0x001F || Y || Y || ? || AES-256-CMAC key used by KIRK commands 0x12 and 0x19. |
|- | |- | ||
| − | | 0x213 | + | | 0x213 || Y || 0x001F || 0x001F || Y || Y || ? || AES-256-CBC key used to derive (by seed encryption) SMI keys in second_loader, which are used for minimum firmware version decryption. |
|- | |- | ||
| − | | 0x214 | + | | 0x214 || Y || 0x001F || 0x0000 || Y || ? || ? || AES-256-CBC key used to derive (by seed encryption) keyslots 0x514 and 0x515 in second_loader. IVs and seeds hardcoded in second_loader. |
|- | |- | ||
| − | | 0x215 | + | | 0x215 || Y || 0x001F || 0x0000 || Y || ? || ? || ? |
|- | |- | ||
| − | | 0x216 || Y || 0x001F || 0x001F || Y || | + | | 0x216 || Y || 0x001F || 0x001F || Y || Y || ? || AES-256-CBC key used to derive (by seed encryption) keyslots 0x502-0x504 in second_loader. IV hardcoded in second_loader. If SMI minimum FW < 0.996, this key is not used and keyslots 0x502-0x504 are set with hardcoded values from second_loader. |
|- | |- | ||
| 0x217 || Y || 0x001F || 0x0000 || Y || ? || ? || ? | | 0x217 || Y || 0x001F || 0x0000 || Y || ? || ? || ? | ||
|- | |- | ||
| − | | 0x218-0x2FF || X || 0x0000 || 0x0000 || X || ? || ? || Not used | + | | 0x218-0x2FF || X || 0x0000 || 0x0000 || X || ? || ? || Not used. |
|- | |- | ||
| 0x300-0x33F || Y || 0x0002 || 0x0000 || Y || ? || ? || ? | | 0x300-0x33F || Y || 0x0002 || 0x0000 || Y || ? || ? || ? | ||
|- | |- | ||
| − | | 0x340 || Y || 0x012F || 0x012F || Y || ? || ? || Used to decrypt keys into the 0x10 keyslot | + | | 0x340 || Y || 0x012F || 0x012F || Y || ? || ? || Used to decrypt keys into the 0x10 keyslot. |
|- | |- | ||
| 0x341-0x343 || Y || 0x012F || 0x0120 || Y || ? || ? || ? | | 0x341-0x343 || Y || 0x012F || 0x0120 || Y || ? || ? || ? | ||
|- | |- | ||
| − | | 0x344 || Y || 0x022F || 0x0220 || Y || ? || ? || | + | | 0x344 || Y || 0x022F || 0x0220 || Y || ? || ? || Master key used to derive the 0x20 keyslot in first_loader. |
|- | |- | ||
| − | | 0x345-0x348 || Y || 0x022F || 0x022F || Y || ? || ? || Used to decrypt keys into one of the 0x21-0x24 | + | | 0x345-0x348 || Y || 0x022F || 0x022F || Y || ? || ? || Used to decrypt keys into one of the 0x21-0x24 keyslots. |
|- | |- | ||
| − | | 0x349-0x353 || Y || 0x022F ||0x0220 || Y || ? || ? || ? | + | | 0x349-0x353 || Y || 0x022F || 0x0220 || Y || ? || ? || ? |
|- | |- | ||
| 0x354-0x3FF || Y || 0x001F || 0x0000 || Y || ? || ? || ? | | 0x354-0x3FF || Y || 0x001F || 0x0000 || Y || ? || ? || ? | ||
| Line 121: | Line 122: | ||
| 0x400-0x47F || N || 0x1800 || 0x0000 || N || ? || ? || ? | | 0x400-0x47F || N || 0x1800 || 0x0000 || N || ? || ? || ? | ||
|- | |- | ||
| − | | 0x480-0x4FF || X || 0x0000 || 0x0000 || X || ? || ? || Not used | + | | 0x480-0x4FF || X || 0x0000 || 0x0000 || X || ? || ? || Not used. |
|- | |- | ||
| 0x500 || N || 0x1800 || 0x1800 || N || ? || ? || ? | | 0x500 || N || 0x1800 || 0x1800 || N || ? || ? || ? | ||
|- | |- | ||
| − | | 0x501 || N || 0x1800 || 0x1000 || Y || N || first_loader || Used by | + | | 0x501 || N || 0x1800 || 0x1000 || Y || N || first_loader || Used by first_loader to figure out whether to load from eMMC or ARM comms after reset. |
| + | |- | ||
| + | | 0x502 || N || 0x1800 || 0x1800 || Y || Y || second_loader || AES XTS Tweak for Ernie SNVS sectors. | ||
| + | |- | ||
| + | | 0x503 || N || 0x1800 || 0x1800 || Y || Y || second_loader || AES XTS Decryption Key for Ernie SNVS sectors. | ||
| + | |- | ||
| + | | 0x504 || N || 0x1800 || 0x1800 || Y || Y || second_loader || AES-128-CMAC Key for Ernie SNVS sectors. | ||
|- | |- | ||
| − | | | + | | 0x505 || N || 0x1800 || 0x0000 || N || ? || ? || ? |
|- | |- | ||
| − | | | + | | 0x506 || N || 0x1800 || 0x1800 || Y || N || second_loader || QAF Token AES-256-CBC and AES-256-CMAC key. Hardcoded in second_loader. Used with IV = keyslot 0x507. |
|- | |- | ||
| − | | | + | | 0x507 || N || 0x1800 || 0x1800 || Y || N || second_loader || QAF Token AES-256-CBC IV. Hardcoded in second_loader. |
|- | |- | ||
| − | | | + | | 0x508 || N || 0x1800 || 0x1800 || Y || Y || second_loader || Ernie version. Comes from [[Ernie]] Code Flash memory ([[Ernie]] command 1). 4 bytes. If lower (older) than 0x00090903, old Ernie protocols (unencrypted SNVS packets and maybe different SNVS keys) are used. |
|- | |- | ||
| − | | | + | | 0x509 || N || 0x1800 || 0x1800 || Y || Y || second_loader || ConsoleId of unit. Comes from IdStorage (eMMC). |
|- | |- | ||
| − | | | + | | 0x50A || N || 0x1800 || 0x1800 || Y || Y || second_loader || [[KBL Param#QA_flags|QA flags]]. 0x10 bytes. Comes from [[Ernie]] NVS ([[Ernie]] command 0x1082). |
|- | |- | ||
| − | | | + | | 0x50B || N || 0x1800 || 0x1800 || Y || Y || second_loader || Mgmt Data. 8 bytes. Comes from [[Ernie]] SNVS block 0 ([[Ernie]] command 0xD2). |
|- | |- | ||
| − | | | + | | 0x50C || N || 0x1800 || 0x1800 || Y || N || second_loader || [[Second_Loader#Boot_type_indicator_for_slsk]] |
|- | |- | ||
| − | | | + | | 0x50D || N || 0x1800 || 0x1800 || Y || Y || second_loader || OpenPSID of unit. Comes from IdStorage (eMMC). |
|- | |- | ||
| − | | | + | | 0x50E || N || 0x1800 || 0x1800 || Y || Y || second_loader || Current firmware version. Comes from [[Ernie]] SNVS ([[Ernie]] command 0xD0). |
|- | |- | ||
| − | | | + | | 0x50F || N || 0x1800 || 0x1800 || Y || Y || second_loader || Minimum firmware version. Comes from IdStorage SMI leaf (eMMC). 4 bytes. |
|- | |- | ||
| − | | | + | | 0x510 || N || 0x1800 || 0x1800 || Y || Y || second_loader || [[KBL Param#DIP_Switches|DIP Switches]]. 0x20 bytes. Comes from CP and [[Ernie]] VS ([[Ernie]] command 0x90 offset 0xE0). |
|- | |- | ||
| − | | | + | | 0x511 || N || 0x1800 || 0x1800 || Y || N (random) || second_loader || Ernie communication session key. Unique per boot. It is generated by a handshake with Ernie through Ernie command 0xD0. AES-128-ECB key used to enc/dec the content of Ernie secure packets. If (baryonVersion < 0x90903 && (ernieDLVersion & 0xffffff) < 0x3600) it is zeroed by second_loader. Part of SKSO data. Used by SK command 0xF01. |
|- | |- | ||
| − | | | + | | 0x512 || N || 0x1800 || 0x1800 || Y || N (counter) || second_loader || Ernie communication ticket count. Used as a challenge at the start of each secure Ernie encrypted communication, for example for SNVS read/write. On each boot it is set to a random value by second_loader. Incremented by 1 after each Ernie secure commmand usage. Part of SKSO data. Used by SK command 0xF01. |
|- | |- | ||
| − | | | + | | 0x513 || N || 0x1800 || 0x1800 || Y || Y || second_loader || DRAM size. Set to 0x20000000 by default, 0x40000000 on DevKit in DevKit Memory Size mode. Determined by [[KBL Param#DIP_Switches|DIP Switches]] (CP). |
|- | |- | ||
| − | | | + | | 0x514 || N || 0x1800 || 0x1800 || Y || see keyslot 0x214 || second_loader || SKSO AES-256-CMAC key. Protected on FW 1.05. Data size 0x90 bytes. Used to verify SKSO. Used by SK command 0xF01. |
|- | |- | ||
| − | | | + | | 0x515 || N || 0x1800 || 0x1800 || Y || see keyslot 0x214 || second_loader || SKSO AES-128-CBC key. Protected on FW 1.05. Data size 0xA0 bytes. Hardcoded IV in second_loader and second_kernel. Used to encrypt/decrypt SKSO (the content written into keyslots 0x511, 0x512, 0x517 and 0x519). Used by SK command 0xF01. |
|- | |- | ||
| − | | | + | | 0x516 || N || 0x1800 || 0x1800 || Y || N || second_loader || Some status. Set to 0 at the start of second_loader main(). Checked for 0 before initiating communication with Ernie. 4 bytes. Used by SK command 0xF01: writes (u32)1 here after having exported the SKSO to paddr 0x4001FF00. |
|- | |- | ||
| − | | | + | | 0x517 || N || 0x1800 || 0x1800 || Y || Y || second_loader, act_sm || Kit Activation status. 4 bytes. Part of SKSO data. When initializing the keyslots, this is zeroed if keyslot ?0x50D? has bit8 clear (on FW 1.692). Used by SK command 0xF01. |
|- | |- | ||
| − | | | + | | 0x518 || N || 0x1800 || 0x1800 || Y || Y || second_loader || Another current FW version (3.60+?). Comes from SNVS ([[Ernie]] command 0xD0). |
|- | |- | ||
| − | | | + | | 0x519 || N || 0x1800 || 0x1800 || Y || Y? || second_loader || Part of SKSO data. Used by SK command 0xF01. Not used (maybe zeroed) on old FWs. Used on FW 3.60. |
|- | |- | ||
| − | | | + | | 0x51A || N || 0x1800 || 0x1800 || Y || N (random) || second_loader || Coredump Encrypted Session Key (FW 2.12+). Randomized 0x20 byte key. Unique for every boot/reboot/resume. Used for Kernel coredump encryption. See [[KBL Param]] and [[SCECAF#Kernel_Coredump_Encrypted_ELF]]. Used by SK command 0x1001. |
|- | |- | ||
| − | | | + | | 0x51B || N || 0x1800 || 0x1800 || Y || Y || second_loader || [[KBL Param#Hardware_Info|Hardware Info]]. 4 bytes. Comes from [[Ernie]] Code Flash memory ([[Ernie]] command 5). |
|- | |- | ||
| − | | | + | | 0x51C-0x51D || N || 0x1800 || 0x0000 || N || ? || ? || Used in update_service_sm for NVS. 4 bytes for each keyslot. |
|- | |- | ||
| − | | | + | | 0x51E-0x521 || N || 0x1800 || 0x0000 || N || ? || ? || Used in update_service_sm for NVS. 4 bytes for each keyslot. |
|- | |- | ||
| − | | | + | | 0x522-0x57F || N || 0x1800 || 0x0000 || N || ? || ? || ? |
|- | |- | ||
| − | | | + | | 0x580-0x5FF || X || 0x0000 || 0x0000 || X || ? || ? || Not used. |
|- | |- | ||
| − | | | + | | 0x600 || Y || 0x1000 || 0x1000 || Y || Y || ? || VisibleId of unit. |
|- | |- | ||
| − | | | + | | 0x601 || Y || 0x1000 || 0x1000 || Y || Y || ? || ? |
|- | |- | ||
| − | | | + | | 0x602 || Y || 0x1000 || 0x1000 || Y || Y || ? || 256 bits copied to 0xE0020100 by second_loader. |
|- | |- | ||
| − | | | + | | 0x603 || Y || 0x1000 || 0x1000 || Y || N || ? || ? |
|- | |- | ||
| − | | | + | | 0x604 || Y || 0x1000 || 0x1000 || Y || N || ? || ? |
|- | |- | ||
| − | | | + | | 0x605-0x607 || Y || 0x1000 || 0x0000 || Y || ? || ? || ? |
|- | |- | ||
| − | | 0x700-0x7FF || Y || 0x1000 || 0x0000 || Y || N || ? | + | | 0x608-0x6FF || X || 0x0000 || 0x0000 || X || X || ? || Not used. |
| + | |- | ||
| + | | 0x700-0x7FF || Y || 0x1000 || 0x0000 || Y || N || ? || 16 RSA public keys for [[SLSK]] files. Which key is used depends on public key revision specified in [[SLSK]] header. | ||
|} | |} | ||
| + | |||
| + | === Protection on 3.60 === | ||
| + | |||
| + | After kernel boottime | ||
| + | |||
| + | <source> | ||
| + | Slot=0x000 Range=0x001 Protect=0x04420003 | ||
| + | Slot=0x001 Range=0x001 Protect=0x04420001 | ||
| + | Slot=0x002 Range=0x006 Protect=0x00400001 | ||
| + | Slot=0x008 Range=0x001 Protect=0x00810003 | ||
| + | Slot=0x009 Range=0x001 Protect=0x00800001 | ||
| + | Slot=0x00A Range=0x006 Protect=0x00800003 | ||
| + | Slot=0x010 Range=0x001 Protect=0x05020001 | ||
| + | Slot=0x011 Range=0x00F Protect=0x01000001 | ||
| + | Slot=0x020 Range=0x001 Protect=0x02000003 | ||
| + | Slot=0x021 Range=0x004 Protect=0x061F0001 | ||
| + | Slot=0x025 Range=0x00B Protect=0x02000001 | ||
| + | Slot=0x030 Range=0x005 Protect=0x041F0001 | ||
| + | Slot=0x035 Range=0x04B Protect=0x00000001 | ||
| + | Slot=0x080 Range=0x080 Protect=0x00000000 | ||
| + | Slot=0x100 Range=0x001 Protect=0x041F0001 | ||
| + | Slot=0x101 Range=0x07F Protect=0x00000001 | ||
| + | Slot=0x180 Range=0x080 Protect=0x00000000 | ||
| + | Slot=0x200 Range=0x004 Protect=0x00000003 | ||
| + | Slot=0x204 Range=0x002 Protect=0x006F0003 | ||
| + | Slot=0x206 Range=0x008 Protect=0x00A00003 | ||
| + | Slot=0x20E Range=0x002 Protect=0x00100003 | ||
| + | Slot=0x210 Range=0x002 Protect=0x00000003 | ||
| + | Slot=0x212 Range=0x002 Protect=0x001F0003 | ||
| + | Slot=0x214 Range=0x002 Protect=0x00000003 | ||
| + | Slot=0x216 Range=0x001 Protect=0x001F0003 | ||
| + | Slot=0x217 Range=0x001 Protect=0x00000003 | ||
| + | Slot=0x218 Range=0x0E8 Protect=0x00000000 | ||
| + | Slot=0x300 Range=0x040 Protect=0x00000003 | ||
| + | Slot=0x340 Range=0x001 Protect=0x012F0003 | ||
| + | Slot=0x341 Range=0x003 Protect=0x01200003 | ||
| + | Slot=0x344 Range=0x001 Protect=0x02200003 | ||
| + | Slot=0x345 Range=0x004 Protect=0x022F0003 | ||
| + | Slot=0x349 Range=0x00B Protect=0x02200003 | ||
| + | Slot=0x354 Range=0x0AC Protect=0x00000003 | ||
| + | Slot=0x400 Range=0x080 Protect=0x00000001 | ||
| + | Slot=0x480 Range=0x080 Protect=0x00000000 | ||
| + | Slot=0x500 Range=0x001 Protect=0x18000001 | ||
| + | Slot=0x501 Range=0x001 Protect=0x10000007 | ||
| + | Slot=0x502 Range=0x003 Protect=0x18000003 | ||
| + | Slot=0x505 Range=0x001 Protect=0x00000001 | ||
| + | Slot=0x506 Range=0x004 Protect=0x18000003 | ||
| + | Slot=0x50A Range=0x001 Protect=0x18000007 | ||
| + | Slot=0x50B Range=0x003 Protect=0x18000003 | ||
| + | Slot=0x50E Range=0x001 Protect=0x10000003 | ||
| + | Slot=0x50F Range=0x003 Protect=0x18000003 | ||
| + | Slot=0x512 Range=0x001 Protect=0x18000007 | ||
| + | Slot=0x513 Range=0x003 Protect=0x18000003 | ||
| + | Slot=0x516 Range=0x001 Protect=0x18000007 | ||
| + | Slot=0x517 Range=0x005 Protect=0x18000003 | ||
| + | Slot=0x51C Range=0x064 Protect=0x00000001 | ||
| + | Slot=0x580 Range=0x080 Protect=0x00000000 | ||
| + | Slot=0x600 Range=0x005 Protect=0x10000003 | ||
| + | Slot=0x605 Range=0x003 Protect=0x00000003 | ||
| + | Slot=0x608 Range=0x0F8 Protect=0x00000000 | ||
| + | Slot=0x700 Range=0x100 Protect=0x00000003 | ||
| + | </source> | ||
Revision as of 09:50, 24 September 2021
Keyslot physical address = 0xE0058000 + 0x20 * slot_id.
Permission bits
If a keyslot is not locked, it can target cmep memory or unlocked keyslot.
| Bit | Function |
|---|---|
| 0x1 | Encryption operation allowed |
| 0x2 | Decryption operation allowed |
| 0x4 | ? operation allowed |
| 0x8 | ? operation allowed |
| 0x10 | ??? Master Keyslot can target memory ??? |
| 0x20 | Master Keyslot can target user keyslot (based on Mask Group below) |
| 0x40 | Keyslot Pairing Lock Mask Group 0 (Master slots 0x204-0x205 and user slots 0-7) |
| 0x80 | Keyslot Pairing Lock Mask Group 1 (Master slots 0x206-0x20D and user slots 8-0xF) |
| 0x100 | Keyslot Pairing Lock Mask Group 2 (Master slots 0x340-0x343 and user slots 0x10-0x1F) |
| 0x200 | Keyslot Pairing Lock Mask Group 3 (Master slots 0x344-0x353 and user slots 0x20-0x2F) |
| 0x400 | Locked Keyslot can target cmep memory |
| 0x800 | Can be written directly by cmep |
| 0x1000 | Can be read directly by cmep |
Key Ring Slots 0xE0058000
| Slot | Initial Valid | Initial Protection | Protection (1.69) | Ever Valid (1.69) | Per Console (1.69) | Set By | Description |
|---|---|---|---|---|---|---|---|
| 0 | N | 0x0442 | 0x0442 | Y | N | Many sm | General common slot |
| 1 | N | 0x0442 | 0x0442 | N | ? | ? | ? |
| 2-7 | N | 0x0442 | 0x0040 | N | ? | ? | ? |
| 8 | N | 0x049F | 0x0081 | Y | Y | first_loader | SLSK personalization key (encrypt). Derived from keyslots 0x206 or 0x207. |
| 9 | N | 0x049F | 0x0080 | N | ? | first_loader | SLSK personalization key (decrypt). Derived from keyslots 0x206 or 0x207. |
| 0xA-0xF | N | 0x049F | 0x0080 | Y | N | first_loader | 6 SLSK metadata decryption keys. Derived from keyslots 0x208-0x20D. |
| 0x10 | N | 0x0502 | 0x0502 | N | ? | ? | Supports decryption only. |
| 0x11-0x1F | N | 0x0502 | 0x0100 | N | ? | ? | ? |
| 0x20 | N | 0x061F | 0x0200 | Y | ? | first_loader | SLSK HMAC-SHA256 Key. Derived from keyslot 0x344. |
| 0x21-0x24 | N | 0x061F | 0x061F | N | ? | ? | Supports encryption and decryption. |
| 0x25-0x2F | N | 0x061F | 0x0200 | N | ? | ? | ? |
| 0x30-0x34 | N | 0x041F | 0x041F | N | ? | ? | ? |
| 0x35-0x7F | N | 0x041F | 0x0000 | N | ? | ? | ? |
| 0x80-0xFF | X | 0x0000 | 0x0000 | X | ? | ? | Not used. |
| 0x100 | N | 0x041F | 0x041F | N | ? | ? | ? |
| 0x101-0x17F | N | 0x041F | 0x0000 | N | ? | ? | ? |
| 0x180-0x1FF | X | 0x0000 | 0x0000 | X | ? | ? | Not used. |
| 0x200-0x203 | Y | 0x0002 | 0x0000 | Y | ? | ? | ? |
| 0x204 | Y | 0x006F | 0x006F | Y | Y | ? | AES-256 master key for IdStorage Certificates AES-128-ECB keys derivation. Used by KIRK commands 0x10, 0x12, 0x17 and 0x19. |
| 0x205 | Y | 0x006F | 0x006F | Y | Y | ? | ? |
| 0x206 | Y | 0x00AF | 0x00A0 | Y | ? | ? | Master key used to derive key used to decrypt personalized layer over SLSK. Should be per-console. |
| 0x207 | Y | 0x00AF | 0x00A0 | Y | ? | ? | Master key used instead of keyslot 0x206 when first_loader secret debug mode is set. (Possibly non-per-console?) |
| 0x208-0x20D | Y | 0x00AF | 0x00A0 | Y | ? | ? | 6 master keys used to derive AES-128-CBC Key to decrypt SLSK metadata. Which one is used depends on encryption key revision in SLSK header. |
| 0x20E-0x20F | Y | ? | 0x0010 | Y | ? | ? | Maybe per-console eMMC crypto keys? Protected by second_loader. |
| 0x210-0x211 | Y | 0x001F | 0x0000 | Y | ? | ? | ? |
| 0x212 | Y | 0x001F | 0x001F | Y | Y | ? | AES-256-CMAC key used by KIRK commands 0x12 and 0x19. |
| 0x213 | Y | 0x001F | 0x001F | Y | Y | ? | AES-256-CBC key used to derive (by seed encryption) SMI keys in second_loader, which are used for minimum firmware version decryption. |
| 0x214 | Y | 0x001F | 0x0000 | Y | ? | ? | AES-256-CBC key used to derive (by seed encryption) keyslots 0x514 and 0x515 in second_loader. IVs and seeds hardcoded in second_loader. |
| 0x215 | Y | 0x001F | 0x0000 | Y | ? | ? | ? |
| 0x216 | Y | 0x001F | 0x001F | Y | Y | ? | AES-256-CBC key used to derive (by seed encryption) keyslots 0x502-0x504 in second_loader. IV hardcoded in second_loader. If SMI minimum FW < 0.996, this key is not used and keyslots 0x502-0x504 are set with hardcoded values from second_loader. |
| 0x217 | Y | 0x001F | 0x0000 | Y | ? | ? | ? |
| 0x218-0x2FF | X | 0x0000 | 0x0000 | X | ? | ? | Not used. |
| 0x300-0x33F | Y | 0x0002 | 0x0000 | Y | ? | ? | ? |
| 0x340 | Y | 0x012F | 0x012F | Y | ? | ? | Used to decrypt keys into the 0x10 keyslot. |
| 0x341-0x343 | Y | 0x012F | 0x0120 | Y | ? | ? | ? |
| 0x344 | Y | 0x022F | 0x0220 | Y | ? | ? | Master key used to derive the 0x20 keyslot in first_loader. |
| 0x345-0x348 | Y | 0x022F | 0x022F | Y | ? | ? | Used to decrypt keys into one of the 0x21-0x24 keyslots. |
| 0x349-0x353 | Y | 0x022F | 0x0220 | Y | ? | ? | ? |
| 0x354-0x3FF | Y | 0x001F | 0x0000 | Y | ? | ? | ? |
| 0x400-0x47F | N | 0x1800 | 0x0000 | N | ? | ? | ? |
| 0x480-0x4FF | X | 0x0000 | 0x0000 | X | ? | ? | Not used. |
| 0x500 | N | 0x1800 | 0x1800 | N | ? | ? | ? |
| 0x501 | N | 0x1800 | 0x1000 | Y | N | first_loader | Used by first_loader to figure out whether to load from eMMC or ARM comms after reset. |
| 0x502 | N | 0x1800 | 0x1800 | Y | Y | second_loader | AES XTS Tweak for Ernie SNVS sectors. |
| 0x503 | N | 0x1800 | 0x1800 | Y | Y | second_loader | AES XTS Decryption Key for Ernie SNVS sectors. |
| 0x504 | N | 0x1800 | 0x1800 | Y | Y | second_loader | AES-128-CMAC Key for Ernie SNVS sectors. |
| 0x505 | N | 0x1800 | 0x0000 | N | ? | ? | ? |
| 0x506 | N | 0x1800 | 0x1800 | Y | N | second_loader | QAF Token AES-256-CBC and AES-256-CMAC key. Hardcoded in second_loader. Used with IV = keyslot 0x507. |
| 0x507 | N | 0x1800 | 0x1800 | Y | N | second_loader | QAF Token AES-256-CBC IV. Hardcoded in second_loader. |
| 0x508 | N | 0x1800 | 0x1800 | Y | Y | second_loader | Ernie version. Comes from Ernie Code Flash memory (Ernie command 1). 4 bytes. If lower (older) than 0x00090903, old Ernie protocols (unencrypted SNVS packets and maybe different SNVS keys) are used. |
| 0x509 | N | 0x1800 | 0x1800 | Y | Y | second_loader | ConsoleId of unit. Comes from IdStorage (eMMC). |
| 0x50A | N | 0x1800 | 0x1800 | Y | Y | second_loader | QA flags. 0x10 bytes. Comes from Ernie NVS (Ernie command 0x1082). |
| 0x50B | N | 0x1800 | 0x1800 | Y | Y | second_loader | Mgmt Data. 8 bytes. Comes from Ernie SNVS block 0 (Ernie command 0xD2). |
| 0x50C | N | 0x1800 | 0x1800 | Y | N | second_loader | Second_Loader#Boot_type_indicator_for_slsk |
| 0x50D | N | 0x1800 | 0x1800 | Y | Y | second_loader | OpenPSID of unit. Comes from IdStorage (eMMC). |
| 0x50E | N | 0x1800 | 0x1800 | Y | Y | second_loader | Current firmware version. Comes from Ernie SNVS (Ernie command 0xD0). |
| 0x50F | N | 0x1800 | 0x1800 | Y | Y | second_loader | Minimum firmware version. Comes from IdStorage SMI leaf (eMMC). 4 bytes. |
| 0x510 | N | 0x1800 | 0x1800 | Y | Y | second_loader | DIP Switches. 0x20 bytes. Comes from CP and Ernie VS (Ernie command 0x90 offset 0xE0). |
| 0x511 | N | 0x1800 | 0x1800 | Y | N (random) | second_loader | Ernie communication session key. Unique per boot. It is generated by a handshake with Ernie through Ernie command 0xD0. AES-128-ECB key used to enc/dec the content of Ernie secure packets. If (baryonVersion < 0x90903 && (ernieDLVersion & 0xffffff) < 0x3600) it is zeroed by second_loader. Part of SKSO data. Used by SK command 0xF01. |
| 0x512 | N | 0x1800 | 0x1800 | Y | N (counter) | second_loader | Ernie communication ticket count. Used as a challenge at the start of each secure Ernie encrypted communication, for example for SNVS read/write. On each boot it is set to a random value by second_loader. Incremented by 1 after each Ernie secure commmand usage. Part of SKSO data. Used by SK command 0xF01. |
| 0x513 | N | 0x1800 | 0x1800 | Y | Y | second_loader | DRAM size. Set to 0x20000000 by default, 0x40000000 on DevKit in DevKit Memory Size mode. Determined by DIP Switches (CP). |
| 0x514 | N | 0x1800 | 0x1800 | Y | see keyslot 0x214 | second_loader | SKSO AES-256-CMAC key. Protected on FW 1.05. Data size 0x90 bytes. Used to verify SKSO. Used by SK command 0xF01. |
| 0x515 | N | 0x1800 | 0x1800 | Y | see keyslot 0x214 | second_loader | SKSO AES-128-CBC key. Protected on FW 1.05. Data size 0xA0 bytes. Hardcoded IV in second_loader and second_kernel. Used to encrypt/decrypt SKSO (the content written into keyslots 0x511, 0x512, 0x517 and 0x519). Used by SK command 0xF01. |
| 0x516 | N | 0x1800 | 0x1800 | Y | N | second_loader | Some status. Set to 0 at the start of second_loader main(). Checked for 0 before initiating communication with Ernie. 4 bytes. Used by SK command 0xF01: writes (u32)1 here after having exported the SKSO to paddr 0x4001FF00. |
| 0x517 | N | 0x1800 | 0x1800 | Y | Y | second_loader, act_sm | Kit Activation status. 4 bytes. Part of SKSO data. When initializing the keyslots, this is zeroed if keyslot ?0x50D? has bit8 clear (on FW 1.692). Used by SK command 0xF01. |
| 0x518 | N | 0x1800 | 0x1800 | Y | Y | second_loader | Another current FW version (3.60+?). Comes from SNVS (Ernie command 0xD0). |
| 0x519 | N | 0x1800 | 0x1800 | Y | Y? | second_loader | Part of SKSO data. Used by SK command 0xF01. Not used (maybe zeroed) on old FWs. Used on FW 3.60. |
| 0x51A | N | 0x1800 | 0x1800 | Y | N (random) | second_loader | Coredump Encrypted Session Key (FW 2.12+). Randomized 0x20 byte key. Unique for every boot/reboot/resume. Used for Kernel coredump encryption. See KBL Param and SCECAF#Kernel_Coredump_Encrypted_ELF. Used by SK command 0x1001. |
| 0x51B | N | 0x1800 | 0x1800 | Y | Y | second_loader | Hardware Info. 4 bytes. Comes from Ernie Code Flash memory (Ernie command 5). |
| 0x51C-0x51D | N | 0x1800 | 0x0000 | N | ? | ? | Used in update_service_sm for NVS. 4 bytes for each keyslot. |
| 0x51E-0x521 | N | 0x1800 | 0x0000 | N | ? | ? | Used in update_service_sm for NVS. 4 bytes for each keyslot. |
| 0x522-0x57F | N | 0x1800 | 0x0000 | N | ? | ? | ? |
| 0x580-0x5FF | X | 0x0000 | 0x0000 | X | ? | ? | Not used. |
| 0x600 | Y | 0x1000 | 0x1000 | Y | Y | ? | VisibleId of unit. |
| 0x601 | Y | 0x1000 | 0x1000 | Y | Y | ? | ? |
| 0x602 | Y | 0x1000 | 0x1000 | Y | Y | ? | 256 bits copied to 0xE0020100 by second_loader. |
| 0x603 | Y | 0x1000 | 0x1000 | Y | N | ? | ? |
| 0x604 | Y | 0x1000 | 0x1000 | Y | N | ? | ? |
| 0x605-0x607 | Y | 0x1000 | 0x0000 | Y | ? | ? | ? |
| 0x608-0x6FF | X | 0x0000 | 0x0000 | X | X | ? | Not used. |
| 0x700-0x7FF | Y | 0x1000 | 0x0000 | Y | N | ? | 16 RSA public keys for SLSK files. Which key is used depends on public key revision specified in SLSK header. |
Protection on 3.60
After kernel boottime
Slot=0x000 Range=0x001 Protect=0x04420003
Slot=0x001 Range=0x001 Protect=0x04420001
Slot=0x002 Range=0x006 Protect=0x00400001
Slot=0x008 Range=0x001 Protect=0x00810003
Slot=0x009 Range=0x001 Protect=0x00800001
Slot=0x00A Range=0x006 Protect=0x00800003
Slot=0x010 Range=0x001 Protect=0x05020001
Slot=0x011 Range=0x00F Protect=0x01000001
Slot=0x020 Range=0x001 Protect=0x02000003
Slot=0x021 Range=0x004 Protect=0x061F0001
Slot=0x025 Range=0x00B Protect=0x02000001
Slot=0x030 Range=0x005 Protect=0x041F0001
Slot=0x035 Range=0x04B Protect=0x00000001
Slot=0x080 Range=0x080 Protect=0x00000000
Slot=0x100 Range=0x001 Protect=0x041F0001
Slot=0x101 Range=0x07F Protect=0x00000001
Slot=0x180 Range=0x080 Protect=0x00000000
Slot=0x200 Range=0x004 Protect=0x00000003
Slot=0x204 Range=0x002 Protect=0x006F0003
Slot=0x206 Range=0x008 Protect=0x00A00003
Slot=0x20E Range=0x002 Protect=0x00100003
Slot=0x210 Range=0x002 Protect=0x00000003
Slot=0x212 Range=0x002 Protect=0x001F0003
Slot=0x214 Range=0x002 Protect=0x00000003
Slot=0x216 Range=0x001 Protect=0x001F0003
Slot=0x217 Range=0x001 Protect=0x00000003
Slot=0x218 Range=0x0E8 Protect=0x00000000
Slot=0x300 Range=0x040 Protect=0x00000003
Slot=0x340 Range=0x001 Protect=0x012F0003
Slot=0x341 Range=0x003 Protect=0x01200003
Slot=0x344 Range=0x001 Protect=0x02200003
Slot=0x345 Range=0x004 Protect=0x022F0003
Slot=0x349 Range=0x00B Protect=0x02200003
Slot=0x354 Range=0x0AC Protect=0x00000003
Slot=0x400 Range=0x080 Protect=0x00000001
Slot=0x480 Range=0x080 Protect=0x00000000
Slot=0x500 Range=0x001 Protect=0x18000001
Slot=0x501 Range=0x001 Protect=0x10000007
Slot=0x502 Range=0x003 Protect=0x18000003
Slot=0x505 Range=0x001 Protect=0x00000001
Slot=0x506 Range=0x004 Protect=0x18000003
Slot=0x50A Range=0x001 Protect=0x18000007
Slot=0x50B Range=0x003 Protect=0x18000003
Slot=0x50E Range=0x001 Protect=0x10000003
Slot=0x50F Range=0x003 Protect=0x18000003
Slot=0x512 Range=0x001 Protect=0x18000007
Slot=0x513 Range=0x003 Protect=0x18000003
Slot=0x516 Range=0x001 Protect=0x18000007
Slot=0x517 Range=0x005 Protect=0x18000003
Slot=0x51C Range=0x064 Protect=0x00000001
Slot=0x580 Range=0x080 Protect=0x00000000
Slot=0x600 Range=0x005 Protect=0x10000003
Slot=0x605 Range=0x003 Protect=0x00000003
Slot=0x608 Range=0x0F8 Protect=0x00000000
Slot=0x700 Range=0x100 Protect=0x00000003