Cmep Key Ring Base: Difference between revisions

From Vita Development Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 8: Line 8:
! Bit          !! Function
! Bit          !! Function
|-
|-
| 0x01        || Encryption operation allowed
| 0x1          || Encryption operation allowed
|-
|-
| 0x02        || Decryption operation allowed
| 0x2          || Decryption operation allowed
|-
|-
| 0x04        || ? operation allowed
| 0x4          || ? operation allowed
|-
|-
| 0x08        || ? operation allowed
| 0x8          || ? operation allowed
|-
|-
| 0x10        || ?
| 0x10        || ?
|-
|-
| 0x20       || Master Keyslot can target user keyslot (based on Mask Group below)
| 0x20         || Master Keyslot can target user keyslot (based on Mask Group below)
|-
|-
| 0x40        || Keyslot Pairing Lock Mask Group 0 (Master slots 0x204-0x205 and user slots 0-7)
| 0x40        || Keyslot Pairing Lock Mask Group 0 (Master slots 0x204-0x205 and user slots 0-7)
Line 24: Line 24:
| 0x80        || Keyslot Pairing Lock Mask Group 1 (Master slots 0x206-0x20D and user slots 8-0xF)
| 0x80        || Keyslot Pairing Lock Mask Group 1 (Master slots 0x206-0x20D and user slots 8-0xF)
|-
|-
| 0x100         || Keyslot Pairing Lock Mask Group 2 (Master slots 0x340-0x343 and user slots 0x10-0x1F)
| 0x100       || Keyslot Pairing Lock Mask Group 2 (Master slots 0x340-0x343 and user slots 0x10-0x1F)
|-
|-
| 0x200         || Keyslot Pairing Lock Mask Group 3 (Master slots 0x344-0x353 and user slots 0x20-0x2F)
| 0x200       || Keyslot Pairing Lock Mask Group 3 (Master slots 0x344-0x353 and user slots 0x20-0x2F)
|-
|-
| 0x400        || Locked Keyslot can target f00d memory
| 0x400        || Locked Keyslot can target f00d memory
|-
|-
| 0x800        || can be written directly by f00d
| 0x800        || Can be written directly by f00d
|-
|-
| 0x1000      || can be read directly by f00d
| 0x1000      || Can be read directly by f00d
|}
|}


Line 39: Line 39:
{| class="wikitable"
{| class="wikitable"
|-
|-
! Slot          !! Initial Valid !! Initial Protection !! Protection (1.69)  !! Ever Valid (1.69) !! Per Console? (1.69) !! Set By? !! Description
! Slot          !! Initial Valid !! Initial Protection !! Protection (1.69)  !! Ever Valid (1.69) !! Per Console (1.69) !! Set By !! Description
|-
|-
| 0              || N || 0x0442 || 0x0442      || Y || ? || ?          || ?
| 0              || N || 0x0442 || 0x0442      || Y || ? || ?          || ?
Line 59: Line 59:
| 0x11-0x1F      || N || 0x0502 || 0x0100      || N || ? ||  ?          || ?
| 0x11-0x1F      || N || 0x0502 || 0x0100      || N || ? ||  ?          || ?
|-
|-
| 0x20          || N || 0x061F || 0x0200      || Y || ? ||  first_loader (0x344)          || Derived from 0x344, used for hmac-sha256 over ENC files.
| 0x20          || N || 0x061F || 0x0200      || Y || ? ||  first_loader (0x344)          || Derived from keyslot 0x344, used for hmac-sha256 over ENC files.
|-
|-
| 0x21-0x24      || N || 0x061F || 0x061F      || N || ? ||  ?          || supports encryption and decryption
| 0x21-0x24      || N || 0x061F || 0x061F      || N || ? ||  ?          || Supports encryption and decryption.
|-
|-
| 0x25-0x2F      || N || 0x061F || 0x0200      || N || ? ||  ?          || ?
| 0x25-0x2F      || N || 0x061F || 0x0200      || N || ? ||  ?          || ?
Line 93: Line 93:
| 0x212          || Y || 0x001F || 0x001F      || Y || Y ||  ?          || AES256-CMAC key used by KIRK commands 0x12 and 0x19.
| 0x212          || Y || 0x001F || 0x001F      || Y || Y ||  ?          || AES256-CMAC key used by KIRK commands 0x12 and 0x19.
|-
|-
| 0x213          || Y || 0x001F || 0x001F      || Y || Y ||  ?          || Used to derive SMI keys, which are used for factory fw decryption.
| 0x213          || Y || 0x001F || 0x001F      || Y || Y ||  ?          || Used to derive SMI keys, which are used for minimum firmware version decryption.
|-
|-
| 0x214          || Y || 0x001F || 0x0000      || Y || ? ||  ?          || AES256CBC key used to derive (by encryption) keyslots 0x514 and 0x515 in second_loader. IVs hardcoded in second_loader.
| 0x214          || Y || 0x001F || 0x0000      || Y || ? ||  ?          || AES256CBC key used to derive (by encryption) keyslots 0x514 and 0x515 in second_loader. IVs hardcoded in second_loader.
Line 99: Line 99:
| 0x215          || Y || 0x001F || 0x0000      || Y || ? ||  ?          || ?
| 0x215          || Y || 0x001F || 0x0000      || Y || ? ||  ?          || ?
|-
|-
| 0x216          || Y || 0x001F || 0x001F      || Y || ? ||  ?          || AES256CBC key used to derive (by encryption) keyslots 0x502-0x504 in second_loader on FW >= 0.996. Single IV hardcoded in second_loader. For FW < 0.996, the keyslots 0x502-0x504 are hardcoded in second_loader.
| 0x216          || Y || 0x001F || 0x001F      || Y || ? ||  ?          || AES256CBC key used to derive (by encryption) keyslots 0x502-0x504 in second_loader on FW >= 0.996. Single IV hardcoded in second_loader. For FW < 0.996, keyslots 0x502-0x504 are hardcoded in second_loader.
|-
|-
| 0x217          || Y || 0x001F || 0x0000      || Y || ? ||  ?          || ?
| 0x217          || Y || 0x001F || 0x0000      || Y || ? ||  ?          || ?
|-
|-
| 0x218-0x2FF    || X || 0x0000 || 0x0000      || X || ? ||  ?          || Not used
| 0x218-0x2FF    || X || 0x0000 || 0x0000      || X || ? ||  ?          || Not used.
|-
|-
| 0x300-0x33F    || Y || 0x0002 || 0x0000      || Y || ? ||  ?          || ?
| 0x300-0x33F    || Y || 0x0002 || 0x0000      || Y || ? ||  ?          || ?
Line 113: Line 113:
| 0x344          || Y || 0x022F || 0x0220      || Y || ? ||  ?          || Used to derive key 0x20 in bootrom.
| 0x344          || Y || 0x022F || 0x0220      || Y || ? ||  ?          || Used to derive key 0x20 in bootrom.
|-
|-
| 0x345-0x348    || Y || 0x022F || 0x022F      || Y || ? ||  ?          || Used to decrypt keys into one of the 0x21-0x24 keyslot.
| 0x345-0x348    || Y || 0x022F || 0x022F      || Y || ? ||  ?          || Used to decrypt keys into one of the 0x21-0x24 keyslots.
|-
|-
| 0x349-0x353    || Y || 0x022F ||0x0220      || Y || ? ||  ?          || ?
| 0x349-0x353    || Y || 0x022F ||0x0220      || Y || ? ||  ?          || ?
Line 153: Line 153:
| 0x510          || N || 0x1800 || 0x1800      || Y || Y || second_loader || [[Sysroot#DIP_Switches|DIP Switches]]. 0x20 bytes. Comes from Ernie cmd 0x90 offset 0xE0.
| 0x510          || N || 0x1800 || 0x1800      || Y || Y || second_loader || [[Sysroot#DIP_Switches|DIP Switches]]. 0x20 bytes. Comes from Ernie cmd 0x90 offset 0xE0.
|-
|-
| 0x511          || N || 0x1800 || 0x1800      || Y || Y || second_loader || Unique per boot session id. Ernie shared 0xD0 session key. AES128CBC key used to encrypt with null IV a buffer of size 0x30 bytes coming from Ernie in second_loader. Also used to enc/dec the content of Ernie "packets 0x28" coming from Ernie. If (baryonVersion < 0x90903 && (ernieDLVersion & 0xffffff) < 0x3600) it is zeroed by second_loader.
| 0x511          || N || 0x1800 || 0x1800      || Y || Y || second_loader || Unique per boot session id. Ernie shared 0xD0 session key. AES128CBC key used to encrypt with null IV a buffer of size 0x30 bytes coming from Ernie in second_loader. Also used to enc/dec the content of Ernie "packets 0x28" coming from Ernie. If (baryonVersion < 0x90903 && (ernieDLVersion & 0xffffff) < 0x3600) it is zeroed by second_loader. Used by SK command 0xF01.
|-
|-
| 0x512          || N || 0x1800 || 0x1800      || Y || Y || second_loader || Ticket count. Used as a challenge at the start of each secure Ernie encrypted communication, for example for SNVS read/write. Set to a random value when session key is set. Incremented by 1 after each usage.
| 0x512          || N || 0x1800 || 0x1800      || Y || Y || second_loader || Ticket count. Used as a challenge at the start of each secure Ernie encrypted communication, for example for SNVS read/write. Set to a random value when session key is set. Incremented by 1 after each usage. Used by SK command 0xF01.
|-
|-
| 0x513          || N || 0x1800 || 0x1800      || Y || Y || second_loader || DRAM size. Set to 0x20000000 by default, 0x40000000 on DevKit in DevKit Memory Size mode.
| 0x513          || N || 0x1800 || 0x1800      || Y || Y || second_loader || DRAM size. Set to 0x20000000 by default, 0x40000000 on DevKit in DevKit Memory Size mode.
|-
|-
| 0x514          || N || 0x1800 || 0x1800      || Y || N? || second_loader || F00d-cmd F01 AES-128-CMAC key. Protected on FW 1.05. Data size 0x90 bytes. Used to verify SKSO integrity.
| 0x514          || N || 0x1800 || 0x1800      || Y || N? || second_loader || SKSO AES-256-CMAC key. Protected on FW 1.05. Data size 0x90 bytes. Used to verify SKSO. Used by SK command 0xF01.
|-
|-
| 0x515          || N || 0x1800 || 0x1800      || Y || N? || second_loader || F00d-cmd F01 AES-128-CBC key. Protected on FW 1.05. Data size 0xA0 bytes. Hardcoded IV. Used to encrypt/decrypt SKSO (the content written into keyslots 0x511, 0x512, 0x517 and 0x519).
| 0x515          || N || 0x1800 || 0x1800      || Y || N? || second_loader || SKSO AES-128-CBC key. Protected on FW 1.05. Data size 0xA0 bytes. Hardcoded IV in second_loader and second_kernel. Used to encrypt/decrypt SKSO (the content written into keyslots 0x511, 0x512, 0x517 and 0x519). Used by SK command 0xF01.
|-
|-
| 0x516          || N || 0x1800 || 0x1800      || Y || ? || second_loader || F00d-cmd F01 writes (u32)1 here when exporting the infoblk. Set to 0 at the start of second_loader main(). Checked for 0 before initiating communication with Ernie. 4 bytes.
| 0x516          || N || 0x1800 || 0x1800      || Y || ? || second_loader || Some status. Set to 0 at the start of second_loader main(). Checked for 0 before initiating communication with Ernie. 4 bytes. Used by SK command 0xF01: writes (u32)1 here after having exported the SKSO to paddr 0x4001FF00.
|-
|-
| 0x517          || N || 0x1800 || 0x1800      || Y || ? || second_loader || When initializing the EEPROM, this is zeroed if keyslot 0x50D has bit8 clear (on 1.692).
| 0x517          || N || 0x1800 || 0x1800      || Y || ? || second_loader || When initializing the EEPROM, this is zeroed if keyslot 0x50D has bit8 clear (on 1.692). Used by SK command 0xF01.
|-
|-
| 0x518          || N || 0x1800 || 0x1800      || Y || Y || second_loader || Another current FW version (3.60+?). Comes from SNVS (Ernie).
| 0x518          || N || 0x1800 || 0x1800      || Y || Y || second_loader || Another current FW version (3.60+?). Comes from SNVS (Ernie).
|-
|-
| 0x519          || N || 0x1800 || 0x1800      || Y || N || second_loader || zeroes
| 0x519          || N || 0x1800 || 0x1800      || Y || N || second_loader || Zeroes. Used by SK command 0xF01.
|-
|-
| 0x51A          || N || 0x1800 || 0x1800      || Y || Y ||  ?          || Encrypted Session Key (FW 2.12+). Randomized 0x20 byte key unique every boot/reboot/resume used for kernel coredump encryption. See [[Sysroot]] and [[SCECAF#Kernel_Coredump_Encrypted_ELF]].
| 0x51A          || N || 0x1800 || 0x1800      || Y || Y ||  ?          || Encrypted Session Key (FW 2.12+). Randomized 0x20 byte key unique every boot/reboot/resume used for kernel coredump encryption. See [[Sysroot]] and [[SCECAF#Kernel_Coredump_Encrypted_ELF]]. Used by SK command 0x1001.
|-
|-
| 0x51B          || N || 0x1800 || 0x1800      || Y || Y || second_loader || [[Sysroot#Hardware_Info|Hardware Info]]. 4 bytes.
| 0x51B          || N || 0x1800 || 0x1800      || Y || Y || second_loader || [[Sysroot#Hardware_Info|Hardware Info]]. 4 bytes.
Line 177: Line 177:
| 0x51C-0x57F    || N || 0x1800 || 0x0000      || N || ? ||  ?          || ?
| 0x51C-0x57F    || N || 0x1800 || 0x0000      || N || ? ||  ?          || ?
|-
|-
| 0x580-0x5FF    || X || 0x0000  || 0x0000      || X || ? ||  ?          || Not used
| 0x580-0x5FF    || X || 0x0000  || 0x0000      || X || ? ||  ?          || Not used.
|-
|-
| 0x600          || Y || 0x1000 || 0x1000      || Y || Y ||  ?        || VisibleId of unit
| 0x600          || Y || 0x1000 || 0x1000      || Y || Y ||  ?        || VisibleId of unit.
|-
|-
| 0x601          || Y || 0x1000 || 0x1000      || Y || Y ||  ?        || ?
| 0x601          || Y || 0x1000 || 0x1000      || Y || Y ||  ?        || ?

Revision as of 14:02, 25 May 2020

Physical address = 0xE0058000 + 32 * slot

Permission bits

If a key slot is not locked, it can target f00d memory or unlocked keyslot

Bit Function
0x1 Encryption operation allowed
0x2 Decryption operation allowed
0x4 ? operation allowed
0x8 ? operation allowed
0x10 ?
0x20 Master Keyslot can target user keyslot (based on Mask Group below)
0x40 Keyslot Pairing Lock Mask Group 0 (Master slots 0x204-0x205 and user slots 0-7)
0x80 Keyslot Pairing Lock Mask Group 1 (Master slots 0x206-0x20D and user slots 8-0xF)
0x100 Keyslot Pairing Lock Mask Group 2 (Master slots 0x340-0x343 and user slots 0x10-0x1F)
0x200 Keyslot Pairing Lock Mask Group 3 (Master slots 0x344-0x353 and user slots 0x20-0x2F)
0x400 Locked Keyslot can target f00d memory
0x800 Can be written directly by f00d
0x1000 Can be read directly by f00d

Key Ring Slots 0xE0058000

Slot Initial Valid Initial Protection Protection (1.69) Ever Valid (1.69) Per Console (1.69) Set By Description
0 N 0x0442 0x0442 Y ? ? ?
1 N 0x0442 0x0442 N ? ? ?
2-7 N 0x0442 0x0040 N ? ? ?
8 N 0x049F 0x0081 Y Y first_loader (0x206/0x207) SLSK per-console key (encrypt)
9 N 0x049F 0x0080 N ? first_loader (0x206/0x207) SLSK per-console key (decrypt)
0xA N 0x049F 0x0080 Y N first_loader (0x208-0x20D) SLSK metadata key
0xB-0xF N 0x049F 0x0080 Y N first_loader (0x208-0x20D) ?
0x10 N 0x0502 0x0502 N ? ? supports decryption only
0x11-0x1F N 0x0502 0x0100 N ? ? ?
0x20 N 0x061F 0x0200 Y ? first_loader (0x344) Derived from keyslot 0x344, used for hmac-sha256 over ENC files.
0x21-0x24 N 0x061F 0x061F N ? ? Supports encryption and decryption.
0x25-0x2F N 0x061F 0x0200 N ? ? ?
0x30-0x34 N 0x041F 0x041F N ? ? ?
0x35-0x7F N 0x041F 0x0000 N ? ? ?
0x80-0xFF X 0x0000 0x0000 X ? ? Not used
0x100 N 0x041F 0x041F N ? ? ?
0x101-0x17F N 0x041F 0x0000 N ? ? ?
0x180-0x1FF X 0x0000 0x0000 X ? ? Not used
0x200-0x203 Y 0x0002 0x0000 Y ? ? ?
0x204-0x205 Y 0x006F 0x006F Y Y ? ?
0x206 Y 0x00AF 0x00A0 Y ? ? Used to derive key used to decrypt personalized layer over ENC. Should be per-console.
0x207 Y 0x00AF 0x00A0 Y ? ? Used instead of the above key when secret debug mode is set. (Possibly non-per-console?)
0x208-0x20D Y 0x00AF 0x00A0 Y ? ? 6 keys used to decrypt ENC metadata, which one is used depends on key revision in ENC header.
0x20E-0x20F Y ? 0x0010 Y ? ? Maybe per-console eMMC crypto keys? Protected by second_loader.
0x210-0x211 Y 0x001F 0x0000 Y ? ? ?
0x212 Y 0x001F 0x001F Y Y ? AES256-CMAC key used by KIRK commands 0x12 and 0x19.
0x213 Y 0x001F 0x001F Y Y ? Used to derive SMI keys, which are used for minimum firmware version decryption.
0x214 Y 0x001F 0x0000 Y ? ? AES256CBC key used to derive (by encryption) keyslots 0x514 and 0x515 in second_loader. IVs hardcoded in second_loader.
0x215 Y 0x001F 0x0000 Y ? ? ?
0x216 Y 0x001F 0x001F Y ? ? AES256CBC key used to derive (by encryption) keyslots 0x502-0x504 in second_loader on FW >= 0.996. Single IV hardcoded in second_loader. For FW < 0.996, keyslots 0x502-0x504 are hardcoded in second_loader.
0x217 Y 0x001F 0x0000 Y ? ? ?
0x218-0x2FF X 0x0000 0x0000 X ? ? Not used.
0x300-0x33F Y 0x0002 0x0000 Y ? ? ?
0x340 Y 0x012F 0x012F Y ? ? Used to decrypt keys into the 0x10 keyslot.
0x341-0x343 Y 0x012F 0x0120 Y ? ? ?
0x344 Y 0x022F 0x0220 Y ? ? Used to derive key 0x20 in bootrom.
0x345-0x348 Y 0x022F 0x022F Y ? ? Used to decrypt keys into one of the 0x21-0x24 keyslots.
0x349-0x353 Y 0x022F 0x0220 Y ? ? ?
0x354-0x3FF Y 0x001F 0x0000 Y ? ? ?
0x400-0x47F N 0x1800 0x0000 N ? ? ?
0x480-0x4FF X 0x0000 0x0000 X ? ? Not used
0x500 N 0x1800 0x1800 N ? ? ?
0x501 N 0x1800 0x1000 Y N first_loader Used by bootrom first_loader to figure out whether to load from eMMC or ARM comms after reset
0x502-0x504 N 0x1800 0x1800 Y Y second_loader Related to Ernie SNVS.
0x505 N 0x1800 0x0000 N ? ? ?
0x506 N 0x1800 0x1800 Y N second_loader Hardcoded in second_loader.
0x507 N 0x1800 0x1800 Y N second_loader Hardcoded in second_loader.
0x508 N 0x1800 0x1800 Y Y second_loader Baryon version (from Ernie cmd 0x1). 4 bytes. Set to 0x100010A on FW 1.05, 0x0100010B on FW 1.50, 0x100060D on FW 1.692. If lower (older) than 0x90903, old Syscon protocols (unencrypted packets and NVS) are used.
0x509 N 0x1800 0x1800 Y Y second_loader ConsoleId of unit. Comes from IdStorage (eMMC).
0x50A N 0x1800 0x1800 Y Y second_loader QA flags. 0x10 bytes.
0x50B N 0x1800 0x1800 Y ? second_loader Comes from 0xD2 SNVS block 0, 8 bytes (Ernie). (?Mgmt Data?)
0x50C N 0x1800 0x1800 Y N second_loader Some boot flags. Like Boot type indicator 1. Set to 1 on FW 1.692 and newer, 0 on older.
0x50D N 0x1800 0x1800 Y Y second_loader OpenPSID of unit. Comes from IdStorage (eMMC).
0x50E N 0x1800 0x1800 Y Y second_loader Current firmware version. Comes from SNVS (Ernie).
0x50F N 0x1800 0x1800 Y Y second_loader Minimum firmware version. Comes from IdStorage SMI leaf (eMMC). 4 bytes.
0x510 N 0x1800 0x1800 Y Y second_loader DIP Switches. 0x20 bytes. Comes from Ernie cmd 0x90 offset 0xE0.
0x511 N 0x1800 0x1800 Y Y second_loader Unique per boot session id. Ernie shared 0xD0 session key. AES128CBC key used to encrypt with null IV a buffer of size 0x30 bytes coming from Ernie in second_loader. Also used to enc/dec the content of Ernie "packets 0x28" coming from Ernie. If (baryonVersion < 0x90903 && (ernieDLVersion & 0xffffff) < 0x3600) it is zeroed by second_loader. Used by SK command 0xF01.
0x512 N 0x1800 0x1800 Y Y second_loader Ticket count. Used as a challenge at the start of each secure Ernie encrypted communication, for example for SNVS read/write. Set to a random value when session key is set. Incremented by 1 after each usage. Used by SK command 0xF01.
0x513 N 0x1800 0x1800 Y Y second_loader DRAM size. Set to 0x20000000 by default, 0x40000000 on DevKit in DevKit Memory Size mode.
0x514 N 0x1800 0x1800 Y N? second_loader SKSO AES-256-CMAC key. Protected on FW 1.05. Data size 0x90 bytes. Used to verify SKSO. Used by SK command 0xF01.
0x515 N 0x1800 0x1800 Y N? second_loader SKSO AES-128-CBC key. Protected on FW 1.05. Data size 0xA0 bytes. Hardcoded IV in second_loader and second_kernel. Used to encrypt/decrypt SKSO (the content written into keyslots 0x511, 0x512, 0x517 and 0x519). Used by SK command 0xF01.
0x516 N 0x1800 0x1800 Y ? second_loader Some status. Set to 0 at the start of second_loader main(). Checked for 0 before initiating communication with Ernie. 4 bytes. Used by SK command 0xF01: writes (u32)1 here after having exported the SKSO to paddr 0x4001FF00.
0x517 N 0x1800 0x1800 Y ? second_loader When initializing the EEPROM, this is zeroed if keyslot 0x50D has bit8 clear (on 1.692). Used by SK command 0xF01.
0x518 N 0x1800 0x1800 Y Y second_loader Another current FW version (3.60+?). Comes from SNVS (Ernie).
0x519 N 0x1800 0x1800 Y N second_loader Zeroes. Used by SK command 0xF01.
0x51A N 0x1800 0x1800 Y Y ? Encrypted Session Key (FW 2.12+). Randomized 0x20 byte key unique every boot/reboot/resume used for kernel coredump encryption. See Sysroot and SCECAF#Kernel_Coredump_Encrypted_ELF. Used by SK command 0x1001.
0x51B N 0x1800 0x1800 Y Y second_loader Hardware Info. 4 bytes.
0x51C-0x57F N 0x1800 0x0000 N ? ? ?
0x580-0x5FF X 0x0000 0x0000 X ? ? Not used.
0x600 Y 0x1000 0x1000 Y Y ? VisibleId of unit.
0x601 Y 0x1000 0x1000 Y Y ? ?
0x602 Y 0x1000 0x1000 Y Y ? ?
0x603 Y 0x1000 0x1000 Y N ? ?
0x604 Y 0x1000 0x1000 Y N ? ?
0x605-0x607 Y 0x1000 0x0000 Y ? ? ?
0x608-0x6FF X 0x0000 0x0000 X X ? Not used
0x700-0x7FF Y 0x1000 0x0000 Y N ? 16 public RSA keys for ENC files. Which key is used depends on public key revision specified in ENC header.