Physical address: 0xE0058000 + 0x20 * keyring_number
.
Flags: See here
Keyring information
0x0~0xFF: Slave keyrings
Initial state: Empty keyrings.
0x000-0x007: Empty group0 slave keyrings, for AES decryption only.
0x008-0x00F: Empty group1 slave keyrings, any algo.
0x010-0x01F: Empty group2 slave keyrings, for AES decryption only.
0x020-0x02F: Empty group3 slave keyrings, any algo.
0x030-0x07F: Empty normal keyrings, any algo.
Keyring
|
Initial flags
|
Flags after kernel boot
|
Per Console
|
Set By
|
Description
|
0
|
0x04420001
|
0x04420003
|
Y/N
|
Secure Modules
|
General common keyring for crypto operation.
|
1
|
0x04420001
|
?
|
?
|
?
|
2-7
|
0x00400001
|
8
|
0x049F0001
|
0x00810003
|
Y
|
first_loader
|
SLSK personalization key (encrypt). Derived from keyrings 0x206 or 0x207.
|
9
|
0x00800001
|
SLSK personalization key (decrypt). Derived from keyrings 0x206 or 0x207.
|
0xA-0xF
|
0x00800003
|
N
|
6 SLSK metadata decryption keys. Derived from keyrings 0x208-0x20D.
|
0x10
|
0x05020001
|
0x05020001
|
?
|
?
|
Supports decryption only.
|
0x11-0x1F
|
0x01000001
|
?
|
0x20
|
0x061F0001
|
0x02000003
|
N
|
first_loader
|
SLSK HMAC-SHA256 Key. Derived from keyring 0x344.
|
0x21-0x24
|
0x061F0001
|
?
|
N/A
|
Supports encryption and decryption.
|
0x25-0x2F
|
0x02000001
|
?
|
0x30-0x34
|
0x041F0001
|
0x041F0001
|
0x35-0x7F
|
0x00000001
|
0x80-0xFF
|
0x00000000
|
0x00000000
|
Not exist.
|
0x100~0x1FF: Slave keyrings (Reserved)
Initial state: Empty keyrings.
0x100-0x17F: Empty normal keyrings, any algo.
Keyring
|
Initial flags
|
Flags after kernel boot
|
Per Console
|
Set By
|
Description
|
0x100
|
0x041F0001
|
0x041F0001
|
?
|
?
|
?
|
0x101-0x17F
|
0x00000001
|
0x180-0x1FF
|
0x00000000
|
0x00000000
|
N/A
|
Not exist.
|
0x200~0x2FF: Master keyrings
Initial state: Filled in, key material.
0x200-0x203: AES decryption-only keys (for memory buffers).
0x204-0x205: Master keys (for group0), any algo.
0x206-0x20D: Master keys (for group1), any algo.
0x20E-0x20F: Emmc keys, fully protected.
0x210-0x217: General purpose keys (for memory buffers).
Keyring
|
Initial flags
|
Flags after kernel boot
|
Per Console
|
Set By
|
Description
|
0x200-0x203
|
0x00020003
|
0x00000003
|
?
|
?
|
?
|
0x204
|
0x006F0003
|
0x006F0003
|
Y
|
Bigmac
|
AES-256 master key for IdStorage Certificates AES-128-ECB keys derivation. Used by KIRK commands 0x10, 0x12, 0x17 and 0x19.
|
0x205
|
?
|
0x206
|
0x00AF0003
|
0x00A00003
|
?
|
Master key used to derive key used to decrypt personalized layer over SLSK. Should be per-console.
|
0x207
|
Master key used instead of keyring 0x206 when first_loader secret debug mode is set. (Possibly non-per-console?)
|
0x208-0x20D
|
N
|
6 master keys used to derive AES-128-CBC Key to decrypt SLSK metadata. Which one is used depends on encryption key revision in SLSK header.
|
0x20E
|
0xXXXX0003
|
0x00100003
|
?
|
Maybe per-console eMMC crypto keys. Protected by second_loader.
|
0x20F
|
Maybe per-console eMMC crypto keys. Protected by first_loader.
|
0x210-0x211
|
0x001F0003
|
0x00000003
|
?
|
?
|
?
|
0x212
|
0x001F0003
|
Y
|
Bigmac
|
AES-256-CMAC key used by KIRK commands 0x12 and 0x19.
|
0x213
|
AES-256-CBC key used to derive (by seed encryption) SMI keys in second_loader, which are used for minimum firmware version decryption.
|
0x214
|
0x00000003
|
?
|
?
|
AES-256-CBC key used to derive (by seed encryption) keyrings 0x514 and 0x515 in second_loader. IVs and seeds hardcoded in second_loader.
|
0x215
|
?
|
0x216
|
0x001F0003
|
Y
|
Bigmac
|
AES-256-CBC key used to derive (by seed encryption) keyrings 0x502-0x504 in second_loader. IV hardcoded in second_loader. If SMI minimum FW < 0.996, this key is not used and keyrings 0x502-0x504 are set with hardcoded values from second_loader.
|
0x217
|
0x00000003
|
?
|
?
|
?
|
0x218-0x2FF
|
0x00000000
|
0x00000000
|
X
|
N/A
|
Not exist.
|
0x300~0x3FF: Master keyrings 2
Initial state: Filled in, key material.
0x300-0x33F: AES decryption-only keys (for memory buffers).
0x340-0x343: Master keys (for group2), any algo.
0x344-0x353: Master keys (for group3), any algo.
0x354-0x3FF: General purpose keys (for memory buffers).
Keyring |
Initial flags |
Flags after kernel boot |
Per Console |
Set By |
Description
|
0x300-0x33F |
0x00020003 |
0x00000003 |
? |
? |
?
|
0x340 |
0x012F0003 |
0x012F0003 |
? |
? |
Used to decrypt keys into the 0x10 keyring.
|
0x341-0x343 |
0x012F0003 |
0x01200003 |
? |
? |
?
|
0x344 |
0x022F0003 |
0x02200003 |
? |
? |
Master key used to derive the 0x20 keyring in first_loader.
|
0x345-0x348 |
0x022F0003 |
0x022F0003 |
? |
? |
Used to decrypt keys into one of the 0x21-0x24 keyrings.
|
0x349-0x353 |
0x022F0003 |
0x02200003 |
? |
? |
?
|
0x354-0x3FF |
0x001F0003 |
0x00000003 |
? |
? |
?
|
0x400~0x4FF: RW storage keyrings (Reserved)
Initial state: Empty data storage, read-write from keyring.
Keyring
|
Initial flags
|
Flags after kernel boot
|
Per Console
|
Set By
|
Description
|
0x400-0x47F
|
0x18000001
|
0x00000001
|
?
|
?
|
?
|
0x480-0x4FF
|
0x00000000
|
0x00000000
|
X
|
N/A
|
Not exist.
|
0x500~0x5FF: RW storage keyrings
Initial state: Empty data storage, read-write from keyring.
Keyring |
Initial flags |
Flags after kernel boot |
Per Console |
Set By |
Description
|
0x500 |
0x18000001 |
0x18000001 |
? |
? |
?
|
0x501 |
0x18000001? |
0x10000007 |
N |
first_loader |
Used by first_loader to figure out whether to load from eMMC or ARM comms after reset. Also SLSK AES Key revision on offset>0x1C-byte>bit:0xF0000000
|
0x502 |
0x18000001 |
0x18000003 |
Y |
second_loader |
AES XTS Tweak for Ernie SNVS sectors.
|
0x503 |
0x18000001 |
0x18000003 |
Y |
second_loader |
AES XTS Decryption Key for Ernie SNVS sectors.
|
0x504 |
0x18000001 |
0x18000003 |
Y |
second_loader |
AES-128-CMAC Key for Ernie SNVS sectors.
|
0x505 |
0x18000001 |
0x00000001 |
? |
? |
?
|
0x506 |
0x18000001 |
0x18000003 |
N |
second_loader |
QAF Token AES-256-CBC and AES-256-CMAC key. Hardcoded in second_loader. Used with IV = keyring 0x507.
|
0x507 |
0x18000001 |
0x18000003 |
N |
second_loader |
QAF Token AES-256-CBC IV. Hardcoded in second_loader.
|
0x508 |
0x18000001 |
0x18000003 |
Y |
second_loader |
Ernie version. Comes from Ernie Code Flash memory (Ernie command 1). 4 bytes. If lower (older) than 0x00090903, old Ernie protocols (unencrypted SNVS packets and maybe different SNVS keys) are used.
|
0x509 |
0x18000001 |
0x18000003 |
Y |
second_loader |
ConsoleId of unit. Comes from IdStorage (eMMC).
|
0x50A |
0x18000001? |
0x18000007 |
Y |
second_loader |
QA flags. 0x10 bytes. Comes from Ernie NVS (Ernie command 0x1082).
|
0x50B |
0x18000001 |
0x18000003 |
Y |
second_loader |
Mgmt Data. 8 bytes. Comes from Ernie SNVS block 0 (Ernie command 0xD2).
|
0x50C |
0x18000001 |
0x18000003 |
N |
second_loader |
Second_Loader#Boot_type_indicator_for_slsk
|
0x50D |
0x18000001 |
0x18000003 |
Y |
second_loader |
OpenPSID of unit. Comes from IdStorage (eMMC).
|
0x50E |
0x18000001
|
1.69: 0x18000003
3.60: 0x10000003
|
Y |
second_loader |
Current firmware version. Comes from Ernie SNVS (Ernie command 0xD0).
|
0x50F |
0x18000001 |
0x18000003 |
Y |
second_loader |
Minimum firmware version. Comes from IdStorage SMI leaf (eMMC). 4 bytes.
|
0x510 |
0x18000001 |
0x18000003 |
Y |
second_loader |
DIP Switches. 0x20 bytes. Comes from CP and Ernie VS (Ernie command 0x90 offset 0xE0).
|
0x511 |
0x18000001 |
0x18000003 |
N (random) |
second_loader |
Ernie communication session key. Unique per boot. It is generated by a handshake with Ernie through Ernie command 0xD0. AES-128-ECB key used to enc/dec the content of Ernie secure packets. If (baryonVersion < 0x90903 && (ernieDLVersion & 0xffffff) < 0x3600) it is zeroed by second_loader. Part of SKSO data. Used by SK command 0xF01.
|
0x512 |
0x18000001? |
0x18000007 |
N (counter) |
second_loader |
Ernie communication ticket count. Used as a challenge at the start of each secure Ernie encrypted communication, for example for SNVS read/write. On each boot it is set to a random value by second_loader. Incremented by 1 after each Ernie secure commmand usage. Part of SKSO data. Used by SK command 0xF01.
|
0x513 |
0x18000001 |
0x18000003 |
Y |
second_loader |
DRAM size. Set to 0x20000000 by default, 0x40000000 on DevKit in DevKit Memory Size mode. Determined by DIP Switches (CP).
|
0x514 |
0x18000001 |
0x18000003 |
see keyring 0x214 |
second_loader |
SKSO AES-256-CMAC key. Protected on FW 1.05. Data size 0x90 bytes. Used to verify SKSO. Used by SK command 0xF01.
|
0x515 |
0x18000001 |
0x18000003 |
see keyring 0x214 |
second_loader |
SKSO AES-128-CBC key. Protected on FW 1.05. Data size 0xA0 bytes. Hardcoded IV in second_loader and second_kernel. Used to encrypt/decrypt SKSO (the content written into keyrings 0x511, 0x512, 0x517 and 0x519). Used by SK command 0xF01.
|
0x516 |
0x18000001? |
0x18000007 |
N |
second_loader |
Some status. Set to 0 at the start of second_loader main(). Checked for 0 before initiating communication with Ernie. 4 bytes. Used by SK command 0xF01: writes (u32)1 here after having exported the SKSO to paddr 0x4001FF00.
|
0x517 |
0x18000001 |
0x18000003 |
Y |
second_loader, act_sm |
Kit Activation status. 4 bytes. Part of SKSO data. When initializing the keyrings, this is zeroed if keyring ?0x50D? has bit8 clear (on FW 1.692). Used by SK command 0xF01.
|
0x518 |
0x18000001 |
0x18000003 |
Y |
second_loader |
Another current FW version (3.60+?). Comes from SNVS (Ernie command 0xD0).
|
0x519 |
0x18000001 |
0x18000003 |
Y? |
second_loader |
Part of SKSO data. Used by SK command 0xF01. Not used (maybe zeroed) on old FWs. Used on FW 3.60.
|
0x51A |
0x18000001 |
0x18000003 |
N (random) |
second_loader |
Coredump Encrypted Session Key (FW 2.12+). Randomized 0x20 byte key. Unique for every boot/reboot/resume. Used for Kernel coredump encryption. See KBL Param and SCECAF#Kernel_Coredump_Encrypted_ELF. Used by SK command 0x1001.
|
0x51B |
0x18000001 |
0x18000003 |
Y |
second_loader |
Hardware Info. 4 bytes. Comes from Ernie Code Flash memory (Ernie command 5).
|
0x51C-0x51D |
0x18000001 |
0x00000001 |
? |
? |
Used in update_service_sm for NVS. 4 bytes for each keyring.
|
0x51E-0x521 |
0x18000001 |
0x00000001 |
? |
? |
Used in update_service_sm for NVS. 4 bytes for each keyring.
|
0x522-0x57F |
0x18000001 |
0x00000001 |
? |
? |
?
|
0x580-0x5FF
|
0x00000000
|
0x00000000
|
X
|
N/A
|
Not exist.
|
0x600~0x6FF: OTP keyrings
Initial state: Filled in data, read-only. Keyring only.
0x603: DWORD BootromFlags.
Bit 0~15: HasRsaRevocationKey. This is set to 0xFFFF.
Bit 16: UseAlternativeEmmcClock
Keyring |
Initial flags |
Flags after kernel boot |
Per Console |
Set By |
Description
|
0x600 |
0x10000003 |
0x10000003 |
Y |
Bigmac |
VisibleId of unit.
|
0x601 |
0x10000003 |
0x10000003 |
Y |
? |
?
|
0x602 |
0x10000003 |
0x10000003 |
Y |
Bigmac |
256 bits copied to 0xE0020100 by second_loader.
|
0x603 |
0x10000003 |
0x10000003 |
Y |
Bigmac |
SLSK RSA public key has flags
|
0x604 |
0x10000003 |
0x10000003 |
? |
? |
?
|
0x605-0x607 |
0x10000003 |
0x00000003 |
? |
? |
?
|
0x608-0x6FF
|
0x00000000
|
0x00000000
|
X
|
N/A
|
Not exist.
|
0x700~0x7FF: SLSK RSA Public keyrings
Initial state: Filled in data, read-only. Keyring only.
Keyring |
Initial flags |
Flags after kernel boot |
Per Console |
Set By |
Description
|
0x700-0x7FF |
0x10000003 |
0x00000003 |
N |
Bigmac |
16 RSA public keys for SLSK files. Which key is used depends on public key revision specified in SLSK header.
|