Cmep registers: Difference between revisions
Line 63: | Line 63: | ||
= Keyring controller = | = Keyring controller = | ||
<pre> | |||
+0x00 = EEP_DATA0 | |||
+0x04 = EEP_DATA1 | |||
+0x08 = EEP_DATA2 | |||
+0x0C = EEP_DATA3 | |||
+0x10 = EEP_DATA4 | |||
+0x14 = EEP_DATA5 | |||
+0x18 = EEP_DATA6 | |||
+0x1C = EEP_DATA7 | |||
+0x20 = EEP_LINE | |||
+0x24 = EEP_SET_PROTECTION | |||
+0x28 = EEP_GET_PROTECTION_REQ | |||
+0x2C = EEP_GET_PROTECTION_RESP | |||
</pre> | |||
Writing <code>line_id</code> to <code>EEP_LINE</code> will trigger writing the <code>EEP_DATA</code> registers into said line. | |||
Writing <code>((prot<<16)|line_id)</code> to <code>EEP_SET_PROTECTION</code> protects a line. prot is a bit mask, 0x1000 makes reads from f00d return 0. | |||
Writing <code>line_id</code> to <code>EEP_GET_PROTECTION_REQ</code> returns current prot in <code>EEP_GET_PROTECTION_RESP</code>. | |||
This device is mapped to ScePervasiveResetReg +0x190 for controlling reset and enabling mask writing. | |||
== 0xE0030000-0xE003001F: KeySetValue == | == 0xE0030000-0xE003001F: KeySetValue == |
Revision as of 00:14, 24 September 2021
Cmep/ARM
0xE0000000: MailboxCmepToArm
Response to ARM is written here.
0xE0000010: MailboxArmToCmep
Request from ARM is written here.
0xE0000020: MailboxCmepToDebugger
Size: 2* u32.
0xE0000028: MailboxDebuggerToCmep
Size: 2* u32.
0xE0000060: MailboxDebuggerToCmep2
Size: 2* u32.
Cmep controller
0xE0010000: CmepReset
Bit0: Hangs. ARM uses this to reset the cMeP subsystem.
0xE0010004: CmepStatus
Bit31: IsCmepAlive Bit0-2: ?
0xE0010000: 00 00 00 00 05 00 00 80 00 00 00 00 00 00 00 00 0xE0010010: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0xE0010010: Unknown
Reads back 0x7FF. Then hangs after delay.
Bit5: Disables Key* registers, and KeyRingDirectAccess
No bit appears to disable Rsa* registers, or Bigmac*.
0xE0020000: 0F 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 0xE0020010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Cmep 0xE0020000
0xE0020000: Unknown
Bit0: Reboot when cleared. Bit1: Hang when cleared. Unrecoverable Bit2: No hang when cleared. Bit3: No hang when cleared. Bit4: Bit5: Bit16: No hang when cleared. Bit17:
0xE0020004: Unknown
second_loader writes 0x30003 followed by 0 here, after clearing keys.
E0020020: Unknown
rsa_expmod() reads and writes back this register before reading the result of the RSA operation.
May be a kind of timer.
Or working state.
Keyring controller
+0x00 = EEP_DATA0 +0x04 = EEP_DATA1 +0x08 = EEP_DATA2 +0x0C = EEP_DATA3 +0x10 = EEP_DATA4 +0x14 = EEP_DATA5 +0x18 = EEP_DATA6 +0x1C = EEP_DATA7 +0x20 = EEP_LINE +0x24 = EEP_SET_PROTECTION +0x28 = EEP_GET_PROTECTION_REQ +0x2C = EEP_GET_PROTECTION_RESP
Writing line_id
to EEP_LINE
will trigger writing the EEP_DATA
registers into said line.
Writing ((prot<<16)|line_id)
to EEP_SET_PROTECTION
protects a line. prot is a bit mask, 0x1000 makes reads from f00d return 0.
Writing line_id
to EEP_GET_PROTECTION_REQ
returns current prot in EEP_GET_PROTECTION_RESP
.
This device is mapped to ScePervasiveResetReg +0x190 for controlling reset and enabling mask writing.
0xE0030000-0xE003001F: KeySetValue
Size: 8x u32.
0xE0030020: KeySetValueTrigger
Write keyslot here, and it will write value written above to it.
0xE0030024: KeySetProtect
Bit0-15: KeyslotNumber Bit16-31: KeyslotClearFlags
0xE0030028: KeyQueryProtect
Bit0-15: KeyslotNumber
0xE003002C: KeyQueryProtectResult
Bit0: SlotExists Bit1: SlotEnabled. You cannot use a key if this is not set. Bit2: Unknown Bit16: Clearable | AesEncryptAllowed (CTR+CBC+ECB, any key size) Bit17: Clearable | AesDecryptAllowed (CTR+CBC+ECB, any key size) Bit18: Clearable | ShaHmacAllowed (SHA1+SHA256) Bit19: Clearable | AesCmacAllowed Bit20: Clearable | EmmcCryptoAllowed (qualified guess!) Bit21: Fixed | IsMaster Bit22: Fixed | MemberOfGroup0 Bit23: Fixed | MemberOfGroup1 Bit24: Fixed | MemberOfGroup2 Bit25: Fixed | MemberOfGroup3 Bit26: Clearable | SetByBigmacAllowed Bit27: Clearable | SetByKeyringAllowed Bit28: Clearable | GetByKeyringAllowed
A master key can only write into a slave keyslot belonging to the same group(s) as itself.
A master key cannot write into a non-slave keyslot or external memory.
Normal keyslots are keyslots that don't belong to any group (bit21-25 are all zeroes). They can be written by slaves of groups, and also by normal non-keyslot operations.
A slave can write output to a normal keyslot or to external memory.
SceBignum controller
0xE0040108: RsaSignatureBuffer
Size: 0x100 bytes.
0xE0040400: RsaModulusBuffer
Size: 0x100 bytes.
0xE0040800: RsaControl
In u32's.
0xE0040800: RsaStatus
Bit31: Busy
0xE0040808: RsaExponent
SceBigmac controller
// base:0xE0050000(channel0), 0xE0050080(channel1) typedef struct SceBigmacOp { const void *src; union { void *dst; int slot_id; }; SceSize len; int func; // BigmacOp int key_slot; void *iv; void *next; int ready; // Writing 1 here starts bigmac operation. int status; int res; // Set when invalid keyslot (0xFFF). Bit18: Set when keyslot is not allowed to perform operation. } SceBigmacOp;
0xE005000C: BigmacOp
Unlike for Dmac5, DES is not supported for Bigmac.
Bit0-6: Algorithm 0x00 = Zeroes? 0x01 = AesEcbEncrypt 0x02 = AesEcbDecrypt 0x03 = Sha1 0x04 = Rng 0x05 = Zeroes 0x06 = Zeroes 0x07 = Zeroes 0x09 = AesCbcEncrypt 0x0A = AesCbcDecrypt 0x0B = Sha224 0x0C = memset 0x0D = Zeroes 0x0E = Zeroes 0x0F = Zeroes 0x10 = AesCtr 0x11 = AesCtrEncrypt 0x12 = AesCtrDecrypt 0x13 = Sha256 0x1B = !!! HANG !!! 0x23 = HmacSha1, keylength=32 bytes 0x2B = !!! HANG !!! 0x33 = HmacSha256, keylength=32 bytes 0x3B = AesCmac 0x41 = !!! HANG !!! 0x43 = <0x03> 0x4B = <0x0b> 0x53 = <0x13> 0x61 = !!! HANG !!! 0x7B = <0x3b> 0x141 = !!! HANG !!!
Bit7: UseExternalKey Bit8-10: KeySize (0=64bit, 1=128bit, 2=192bit, 3=256bit) (Applies only to AesEcb, AesCbc, AesCmac) Bit11: Nothing noticable for AesEcbEncrypt Bit12: Nothing noticable for AesEcbEncrypt Bit24: Causes hang Bit25: Causes hang Bit28: IsDstKeyslot
The following are known to be able to write keyslots:
* AesEcbEncrypt/Decrypt: Size is rounded up to multiple of 4. If size > 16, size = 16.
Read |size| bytes from |src| into HW state. The remaining 16-|size| bytes of state *ARE KEPT FROM RESULT OF PREVIOUS AES OPERATION*. VULN! This allows key recovery of all slave keyslots during boot.
The key written to keyslot is always 16 bytes long, padded with 00's.
* AesCbcEncrypt/Decrypt: Size is rounded up to multiple of 4. * AesCtrEncrypt/Decrypt: Size is rounded up to multiple of 4. * AesCmac Puts the 16 byte hash into keyslot. Bytes 16-31 are *FORCED* 0. * Sha1: Puts the 20 byte hash into keyslot. Bytes 20-31 are *FORCED* 0. * Sha224: Puts the 28 byte hash into keyslot. Bytes 28-31 are *FORCED* 0. * Sha256: Puts the 32 byte hash into keyslot. * HmacSha1 Probably same as Sha1. * HmacSha256 Probably same as Sha256. * Rng
AesCtrEncrypt when having a keyslot dst, still reads from src.
VULN! Any SHA with length==0 produces an output of all zeroes!
0xE005003C: BigmacRng
Reads a random value.
0xE0050200: BigmacExternalKey
Size: 0x20 bytes
VULN! Allows partial overwrite. However when using keyslot crypto, this key remains unaffected. Thus it cannot be used to recover keyslot keys.
SceBigmac Keyring
0xE0058000: KeyRingDirectAccess
Size: 0x10000 bytes.
Key slots
0x000-0x07F:
Initial state: Empty keyslots. 0x000-0x007: Empty group0 slave keyslots, for AES decryption only. 0x008-0x00F: Empty group1 slave keyslots, any algo. 0x010-0x01F: Empty group2 slave keyslots, for AES decryption only. 0x020-0x02F: Empty group3 slave keyslots, any algo. 0x030-0x07F: Empty normal keyslots, any algo.
0x100-0x17F:
Initial state: Empty keyslots. 0x100-0x17F: Empty normal keyslots, any algo.
0x200-0x217:
Initial state: Filled in, key material. 0x200-0x203: AES decryption-only keys (for memory buffers). 0x204-0x205: Master keys (for group0), any algo. 0x206-0x20D: Master keys (for group1), any algo. 0x20E-0x20F: Emmc keys, fully protected. 0x210-0x217: General purpose keys (for memory buffers).
0x300-0x3FF:
Initial state: Filled in, key material. 0x300-0x33F: AES decryption-only keys (for memory buffers). 0x340-0x343: Master keys (for group2), any algo. 0x344-0x353: Master keys (for group3), any algo. 0x354-0x3FF: General purpose keys (for memory buffers).
0x400-0x47F:
Initial state: Empty data storage, read-write from keyring.
0x500-0x57F:
Initial state: Empty data storage, read-write from keyring.
0x600-0x607:
Initial state: Filled in data, read-only. Keyring only. 0x603: u32 BootromFlags. Bit0-15: HasRsaRevocationKey. This is set to 0xFFFF. Bit16: UseAlternativeEmmcClock
0x700-0x77F:
Initial state: Filled in data, read-only. Keyring only. 0x700-0x708: RsaRevocationKey0 0x708-0x710: RsaRevocationKey1 0x710-0x718: RsaRevocationKey2 0x718-0x720: RsaRevocationKey3 0x720-0x728: RsaRevocationKey4 0x728-0x730: RsaRevocationKey5 ... 0x778-0x780: RsaRevocationKey15
SceEmmcController
0xE0070000: EmmcCrypto Toggle/Status?
Toggle : Set to 1.
Status : enabled emmc enc/dec?
0xE0070004: EmmcCrypto avalaible status
bit0(& 1) : Not available -> second_loader throw error.
0xE0070008: EmmcCrypto keyset
1.69-3.73 : 0x20E and 0x20F.
write only.
0xE007000C: Unknown
Read value example: 2
0xE00C0000
0xE00CC000: Unknown
Unknown, Read value example: 0x10006331
0xE00CC014: Unknown
Unknown, Read value example: 0x300000
0xE00CC070: Unknown
Unknown, Read value example: 1
0xE00CC078: Unknown
Unknown, Read value example: 0x300