F00D Keyring Regs

From Vita Development Wiki
Jump to navigation Jump to search

Key slots

0x000-0x07F:

   Initial state: Empty keyslots.
   0x000-0x007: Empty group0 slave keyslots, for AES decryption only.
   0x008-0x00F: Empty group1 slave keyslots, any algo.
   0x010-0x01F: Empty group2 slave keyslots, for AES decryption only.
   0x020-0x02F: Empty group3 slave keyslots, any algo.
   0x030-0x07F: Empty normal keyslots, any algo.

0x100-0x17F:

   Initial state: Empty keyslots.
   0x100-0x17F: Empty normal keyslots, any algo.

0x200-0x217:

   Initial state: Filled in, key material.
   0x200-0x203: AES decryption-only keys (for memory buffers).
   0x204-0x205: Master keys (for group0), any algo.
   0x206-0x20D: Master keys (for group1), any algo.
   0x20E-0x20F: Emmc keys, fully protected.
   0x210-0x217: General purpose keys (for memory buffers).

0x300-0x3FF:

   Initial state: Filled in, key material.
   0x300-0x33F: AES decryption-only keys (for memory buffers).
   0x340-0x343: Master keys (for group2), any algo.
   0x344-0x353: Master keys (for group3), any algo.
   0x354-0x3FF: General purpose keys (for memory buffers).

0x400-0x47F:

   Initial state: Empty data storage, read-write from keyring.

0x500-0x57F:

   Initial state: Empty data storage, read-write from keyring.

0x600-0x607:

   Initial state: Filled in data, read-only. Keyring only.
   0x603: u32 BootromFlags.
     Bit0-15: HasRsaRevocationKey. This is set to 0xFFFF.
     Bit16:   UseAlternativeEmmcClock

0x700-0x77F:

   Initial state: Filled in data, read-only. Keyring only.
   0x700-0x708: RsaRevocationKey0
   0x708-0x710: RsaRevocationKey1
   0x710-0x718: RsaRevocationKey2
   0x718-0x720: RsaRevocationKey3
   0x720-0x728: RsaRevocationKey4
   0x728-0x730: RsaRevocationKey5
   ...
   0x778-0x780: RsaRevocationKey15

E0000000: MailboxFoodToArm

Response to ARM is written here.

E0000010: MailboxArmToFood

Request from ARM is written here.

E0000020: MailboxFoodToDebugger

Size: 2x u32.

E0000028: MailboxDebuggerToFood

Size: 2x u32.

E0000060: MailboxDebuggerToFood2

Size: 2x u32.

E0010000: FootReset

   Bit0: Hangs. ARM uses this to reset the F00D subsystem.

E0010004: FoodStatus

   Bit31:  IsFoodAlive
   Bit0-2: ?
   0xE0010000: 00 00 00 00 05 00 00 80 00 00 00 00 00 00 00 00
   0xE0010010: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

E0010010

Reads back 0x7FF. Then hangs after delay.

   Bit5: Disables Key* registers, and KeyRingDirectAccess

No bit appears to disable Rsa* registers, or Bigmac*.

   0xE0020000: 0F 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00
   0xE0020010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

E0020000

   Bit0: Reboot when cleared.
   Bit1: Hang when cleared. Unrecoverable
   Bit2: No hang when cleared.
   Bit3: No hang when cleared.
   Bit4:
   Bit5:
   Bit16: No hang when cleared.
   Bit17:

E0020004: ?

second_loader writes 0x30003 followed by 0 here, after clearing keys.

E0020020: ?

rsa_expmod() reads and writes back this register before reading the result of the RSA operation.

E0030000: KeySetValue

Size: 8x u32.

E0030020: KeySetValueTrigger

Write keyslot here, and it will write value written above to it.

E0030024: KeySetProtect

   Bit0-15:  KeyslotNumber
   Bit16-31: KeyslotClearFlags

E0030028: KeyQueryProtect

   Bit0-15: KeyslotNumber

E003002C: KeyQueryProtectResult

   Bit0: SlotExists
   Bit1: HasBeenWrittenOnce. You cannot use a key if this is not set.
   Bit2: HasBeenWrittenMoreThanOnce
   Bit16:   Clearable   | AesEncryptAllowed (CTR+CBC+ECB, any key size)
   Bit17:   Clearable   | AesDecryptAllowed (CTR+CBC+ECB, any key size)
   Bit18:   Clearable   | ShaHmacAllowed (SHA1+SHA256)
   Bit19:   Clearable   | AesCmacAllowed
   Bit20:   Clearable   | EmmcCryptoAllowed (qualified guess!)
   Bit21:   Fixed       | IsMaster
   Bit22:   Fixed       | MemberOfGroup0
   Bit23:   Fixed       | MemberOfGroup1
   Bit24:   Fixed       | MemberOfGroup2
   Bit25:   Fixed       | MemberOfGroup3
   Bit26:   Clearable   | SetByBigmacAllowed
   Bit27:   Clearable   | SetByKeyringAllowed
   Bit28:   Clearable   | GetByKeyringAllowed

A master key can only write into a slave keyslot belonging to the same group(s) as itself.

A master key cannot write into a non-slave keyslot or external memory.

Normal keyslots are keyslots that don't belong to any group (bit21-25 are all zeroes). They can be written by slaves of groups, and also by normal non-keyslot operations.

A slave can write output to a normal keyslot or to external memory.

VULN!! If you have AesDecryptAllowed, you can encrypt arbitrary AES blocks without AesEncryptAllowed. Use CTR mode.


E0040108 RsaSignatureBuffer

Size: 0x100 bytes.

E0040400 RsaModulusBuffer

Size: 0x100 bytes.

E0040800 RsaControl

In u32's.

E0040800 RsaStatus

   Bit31: Busy

E0040808 RsaExponent

E0050000 BigmacSrc

E0050004 BigmacDst

E0050008 BigmacSize

E005000C BigmacOp

Unlike Dmac5, DES is not supported for Bigmac.

 Bit0-6: Algorithm
 0x00 = Zeroes?
 0x01 = AesEcbEncrypt
 0x11 = AesCtrEncrypt
 0x21 = AesCtrDecrypt
 0x41  = !!! HANG !!!
 0x61  = !!! HANG !!!
 0x141 = !!! HANG !!!
 0x02 = AesEcbDecrypt
 0x03 = Sha1
 0x13 = Sha256
 0x23 = HmacSha1, keylength=32 bytes
 0x33 = HmacSha256, keylength=32 bytes
 0x43 = <0x03>
 0x53 = <0x13>
 0x04 = Rng
 0x05 = Zeroes
 0x06 = Zeroes
 0x07 = Zeroes
 0x09 = AesCbcEncrypt
 0x0a = AesCbcEncrypt
 0x0b = Sha224
 0x1b = !!! HANG !!!
 0x2b = !!! HANG !!!
 0x3b = AesCmac
 0x4b = <0x0b>
 0x7b = <0x3b>
 0x0c = Zeroes
 0x0d = Zeroes
 0x0e = Zeroes
 0x0f = Zeroes
   Bit7:    UseExternalKey
   Bit8-10: KeySize (0=64bit, 1=128bit, 2=192bit, 3=256bit)
            (Applies only to AesEcb, AesCbc, AesCmac)
   Bit11:   Nothing noticable for AesEcbEncrypt
   Bit12:   Nothing noticable for AesEcbEncrypt
   Bit24:   Causes hang
   Bit25:   Causes hang
   Bit28:   IsDstKeyslot

The following are known to be able to write keyslots:

 * AesEcbEncrypt/Decrypt:
     Size is rounded up to multiple of 4.
     If size > 16, size = 16.
     Read |size| bytes from |src| into HW state.
     The remaining 16-|size| bytes of state *ARE KEPT FROM RESULT OF PREVIOUS AES OPERATION*.
     VULN! This allows key recovery of all slave keyslots during boot.
     The key written to keyslot is always 16 bytes long, padded with 00's.
 * AesCbcEncrypt/Decrypt: Size is rounded up to multiple of 4. 
 * AesCtrEncrypt/Decrypt: Size is rounded up to multiple of 4.
 * AesCmac                Puts the 16 byte hash into keyslot.
                          Bytes 16-31 are *FORCED* 0.
 * Sha1:                  Puts the 20 byte hash into keyslot.
                          Bytes 20-31 are *FORCED* 0.
 * Sha224:                Puts the 28 byte hash into keyslot.
                          Bytes 28-31 are *FORCED* 0.
 * Sha256:                Puts the 32 byte hash into keyslot.
 * HmacSha1               Probably same as Sha1.
 * HmacSha256             Probably same as Sha256.
 * Rng

AesCtrEncrypt when having a keyslot dst, still reads from src.

VULN! Any SHA with length==0 produces an output of all zeroes!

E005001C BigmacTrigger

Writing 1 here starts bigmac operation.

E0050024 BigmacStatus

Set when invalid keyslot (0xFFF).

   Bit18: Set when keyslot is not allowed to perform operation.

E005003C BigmacRng

Reads a random value.

E0050200 BigmacExternalKey

Size: 0x20 bytes

VULN! Allows partial overwrite. However when using keyslot crypto, this key remains unaffected. Thus it cannot be used to recover keyslot keys.

E0058000 KeyRingDirectAccess

Size: 0x10000 bytes.

E0070000 EmmcCryptoToggle?

Set to 1.