Cmep registers

= 0xE0000000: Cmep/ARM =

0xE0000000: MailboxCmepToArm
Response to ARM is written here.

0xE0000010: MailboxArmToCmep
Request from ARM is written here.

0xE0000020: MailboxCmepToDebugger
Size: 2 * DOWORD.

0xE0000028: MailboxDebuggerToCmep
Size: 2 * DWORD.

0xE0000060: MailboxDebuggerToCmep2
Size: 2 * DWORD.

= 0xE0010000: Cmep controller =

0xE0010000: CmepReset
Bit0: Hangs. ARM uses this to reset the cMeP subsystem.

0xE0010004: CmepStatus
Bit31: IsCmepAlive Bit0-2: ?

0xE0010000: 00 00 00 00 05 00 00 80 00 00 00 00 00 00 00 00 0xE0010010: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

0xE0010010: Unknown
Reads back 0x7FF. Then hangs after delay.

Bit5: Disables Key* registers, and Cmep KeyRings.

No bit appears to disable Rsa* registers, or Bigmac*.

= 0xE0020000: Cmep 0xE0020000 =

0xE0020000 flags
Bit0: Reboot when cleared. Bit1: Makes first_loader load secure_kernel. Hang when cleared and unrecoverable. Bit2: No hang when cleared. Bit3: No hang when cleared. Bit4: ? Bit5: ? Bit16: Allows ARM to reset cmep. No hang when cleared. Bit17: ?

= 0xE0030000: Bigmac Keyring controller =

This device is mapped to ScePervasiveResetReg at offset 0x190 for controlling reset and enabling mask writing.

0xE0030000: KeyringNewValue
Size: 8 * DWORD.

0xE0030020: KeyringSetValueTrigger
Write value to a keyring. Requires the keyring to be enabled and WriteByCmepAllowed flag to be set.

Write a keyring to this address, and the Bigmac Keyring Controller will write value from physical address 0xE0030000 to the keyring.

0xE0030024: KeyringClearFlags
Note that there is no known way to set some keyrings flags in any way (doing keyring_flags |= or_flags), even though the opposite (clearing flags) is doable for some flags.

Writing  to   clear flags for this keyring.

Bit0-15: KeyringId Bit16-31: KeyringClearFlagsMask

0xE0030028: KeyringQueryFlags
Writing  to   returns current flags in.

Bit0-15: KeyringId

0xE003002C: KeyringQueryFlagsResponse
Bit Mask value   Clearable   Description 0 (0x0000 0001): N/A       | KeyringExists 1 (0x0000 0002): N/A       | KeyringEnabled. You cannot use the keyring if this is not set. 2 (0x0000 0004): N/A       | Unknown 16 (0x0001 0000): Clearable | AesEncryptAllowed (CTR+CBC+ECB, any key size) 17 (0x0002 0000): Clearable | AesDecryptAllowed (CTR+CBC+ECB, any key size) 18 (0x0004 0000): Clearable | ShaHmacAllowed (SHA1+SHA256) 19 (0x0008 0000): Clearable | AesCmacAllowed 20 (0x0010 0000): Clearable | Master keyring can target memory. 21 (0x0020 0000): Fixed    | IsMaster. Master keyring can target slave keyring (based on Mask Group below). 22 (0x0040 0000): Fixed    | MemberOfGroup0. Keyring Pairing Lock Mask Group 0 (master keyrings 0x204-0x205 and slave keyrings 0-7). 23 (0x0080 0000): Fixed    | MemberOfGroup1. Keyring Pairing Lock Mask Group 1 (master keyrings 0x206-0x20D and slave keyrings 8-0xF). 24 (0x0100 0000): Fixed    | MemberOfGroup2. Keyring Pairing Lock Mask Group 2 (master keyrings 0x340-0x343 and slave keyrings 0x10-0x1F). 25 (0x0200 0000): Fixed    | MemberOfGroup3. Keyring Pairing Lock Mask Group 3 (master keyrings 0x344-0x353 and slave keyrings 0x20-0x2F). 26 (0x0400 0000): Clearable | ?WriteByBigmacAllowed?. ?Locked keyring can target cmep memory.? 27 (0x0800 0000): Clearable | WriteByCmepAllowed. Can be written directly by cmep. 28 (0x1000 0000): Clearable | ReadByCmepAllowed. Can be read directly by cmep.

A normal keyring is a keyring that do not belong to any group (bit21-25 are all zeroes). It can be written by slaves of groups, and also by normal non-keyring operations. They can write to ?a normal keyring or to external memory?.

A master keyring can only write into a slave keyring belonging to the same group(s) as itself. A master keyring cannot write into a non-slave keyring or external memory.

A slave keyring can write to a normal keyring or to external memory, but not to a master keyring.

VULN!! If a keyring has AesDecryptAllowed flag, it is possible to encrypt arbitrary AES blocks without AesEncryptAllowed flag by using AES CTR mode.

= SceBignum controller =

0xE0040000
0x1000 config * 0x10 = 0x10000-bytes

= Bigmac Crypto Controller =

When Keyring is set to src, only slots with the 0x1000 flag can be targeted. Selecting a slot that does not have 0x1000 will only read zeros.

0xE005000C: Bigmac crypto controller function
There is usage of higher bits in the commands that do not seem to have much affect. For the encryption examples, 0xC002000 is also set on the command upper bits.

Bits   Mask Value   Description 0~1 | 0x00000003 | Function index 2 | 0x00000004 | RNG 3~5 | 0x00000038 | Algorithm index 6 | 0x00000040 | DES (Probably) 7 | 0x00000080 | Using external key (A key placed at 0xE0050200 is used instead of the key in the keyring) 8~9 | 0x00000300 | Key size. 0x000: 64-bits, 0x100: 128-bits, 0x200: 192-bits, 0x300: 256-bits 10~11 | 0x00000C00 | Hash transform flags. 0x400: hashUpdate, 0x800: hashFinalize, 0xC00: probably a fusion of hashUpdate and hashFinalize? 12 | 0x00001000 | Unknown. Used by sceDmacMemcpy/sceDmacMemset. 13 | 0x00002000 | Unknown. Some common option. 14~23 | 0x00FFC000 | Unknown 24~25 | 0x03000000 | Some address callback. Used by sceDmacMemcpy/sceDmacMemset. If set, need to call sceKernelSysrootDisableAutoClockDownForDriver. Setting this bit with AES function triggers hang. 26~27 | 0x0C000000 | Unknown 28 | 0x10000000 | Is destination a keyring 29~31 | 0xE0000000 | Unknown

Functions list

function + RNG = bzero?

Index  Real Value   Description 0 | 0x00000000 | Memcpy (Also Bigmac too?) 1 | 0x00000001 | AesEncrypt 2 | 0x00000002 | AesDecrypt 3 | 0x00000003 | Secure Hash Algorithm

Algorithms list

DES algorithms

Unlike for Dmac5, DES is not supported for keyring Controller.

DES is DMAC only. If running on Bigmac, it triggered hang up. (is this true?)

If keysize is 128 or 192, DES is in fact 3DES.

If both DES and SHA bits are set, DES bit is ignored and SHA command is executed.

Algo  Func   Real Value   Description 0 |   0 | 0x00000040 | Unknown 0 |   1 | 0x00000041 | DesEcbEncrypt 0 |   2 | 0x00000042 | DesEcbDecrypt 1 |   1 | 0x00000049 | DesCbcEncrypt 1 |   2 | 0x0000004A | DesCbcDecrypt 4 |   1 | 0x00000061 | Unknown. Hang up on bigmac. (DES + AesCtrEncrypt)

Key size algorithms

Algo  Func   Keysize   Real Value   Description 0 |   1 |     128 | 0x00000101 | Aes128EcbEncrypt 0 |   2 |     128 | 0x00000102 | Aes128EcbDecrypt 0 |   1 |     192 | 0x00000201 | Aes192EcbEncrypt 0 |   2 |     192 | 0x00000202 | Aes192EcbDecrypt 0 |   1 |     256 | 0x00000301 | Aes256EcbEncrypt 0 |   2 |     256 | 0x00000302 | Aes256EcbDecrypt 1 |   1 |     128 | 0x00000109 | Aes128CbcEncrypt 1 |   2 |     128 | 0x0000010A | Aes128CbcDecrypt 1 |   1 |     192 | 0x00000209 | Aes192CbcEncrypt 1 |   2 |     192 | 0x0000020A | Aes192CbcDecrypt 1 |   1 |     256 | 0x00000309 | Aes256CbcEncrypt 1 |   2 |     256 | 0x0000030A | Aes256CbcDecrypt 7 |   3 |     128 | 0x0000013B | Aes128Cmac/AES-CBC-MAC-128 (CMAC, OMAC1) 7 |   3 |     192 | 0x0000023B | Aes192Cmac/AES-CBC-MAC-192 (CMAC, OMAC1) 7 |   3 |     256 | 0x0000033B | Aes256Cmac/AES-CBC-MAC-256 (CMAC, OMAC1)

The following commands are known to be able to write keyrings: * AesEcbEncrypt/Decrypt: Size is rounded up to multiple of 4. If size > 16, size = 16. Read |size| bytes from |src| into HW state. The remaining 16-|size| bytes of state *ARE KEPT FROM RESULT OF PREVIOUS AES OPERATION*. VULN! This allows key recovery of all slave keyrings during boot. The key written to keyring is always 16 bytes long, padded with 00's. * AesCbcEncrypt/Decrypt: Size is rounded up to multiple of 4. * AesCtrEncrypt/Decrypt: Size is rounded up to multiple of 4. * AesCmac               Puts the 16 byte hash into keyring. Bytes 16-31 are *FORCED* 0. * Sha1:                 Puts the 20 byte hash into keyring. Bytes 20-31 are *FORCED* 0. * Sha224:               Puts the 28 byte hash into keyring. Bytes 28-31 are *FORCED* 0. * Sha256:               Puts the 32 byte hash into keyring. * HmacSha1              Probably same as Sha1. * HmacSha256            Probably same as Sha256. * Rng

AesCtrEncrypt when having a keyring dst, still reads from src.

VULN! Any SHA with length==0 produces an output of all zeroes!

0xE0050024: Status
Bit Mask Value   Description 0 | 0x00000001 | Busy 15 | 0x00008000 | Some error status 16 | 0x00010000 | Some error status 17 | 0x00020000 | Some error status 18 | 0x00040000 | Not allowed operation

0xE005003C: Bigmac Rng
Reads a random value.

0xE0050200: Bigmac External Key
Size: 0x20 bytes

VULN! Allows partial overwrite. However when using keyring crypto, this key remains unaffected thus it cannot be used to recover keyring keys.

= Bigmac Key Ring Base =

See F00D Key Ring Base.

All keyrings flags are reset when CMeP is reset.

Keyrings lock list Location       Keyring       Clear    When first_loader |        0xA | 0x1C1F | decrypt_enc_body 0x20 | 0x1C1F | update_slsk_metadata_keys 0x207 | 0x1C1F | remove_slsk_personalization 0x208~0x20D | 0x1C1F | update_slsk_metadata_keys 0x20F | 0x1C0F | Setting eMMC key 0x501 | 0x0800 | update_bigmac_key_0x501 0x700~0x7FF | 0x1000 | slsk_header_rsa_check Any keyring | 0x1C1F | disable_bigmac_keys_by_header second_loader |      0x20E | 0x1FEF | Setting eMMC key secure_kernel |        0x8 | 0x1FFE | on tzs comm 0x2~ 0x7 | 0x1FFF | on tzs comm 0x9~ 0xF | 0x1FFF | on tzs comm 0x11~ 0x21 | 0x1FFF | on tzs comm 0x25~ 0x2F | 0x1FFF | on tzs comm 0x35~ 0x7F | 0x1FFF | on tzs comm 0x101~0x17F | 0x1FFF | on tzs comm 0x200~0x203 | 0x1FFF | on tzs comm 0x206~0x20D | 0x1FFF | on tzs comm 0x20E~0x20F | 0x1FEF | on tzs comm 0x210~0x211 | 0x1FFF | on tzs comm 0x214~0x215 | 0x1FFF | on tzs comm 0x217 | 0x1FFF | on tzs comm 0x300~0x33F | 0x1FFF | on tzs comm 0x341~0x344 | 0x1FFF | on tzs comm 0x349~0x3FF | 0x1FFF | on tzs comm 0x400~0x47F | 0x1FFF | on tzs comm 0x50E | 0x0800 | on tzs comm 0x51C~0x57F | 0x1FFF | on tzs comm 0x605~0x607 | 0x1FFF | on tzs comm 0x700~0x7FF | 0x1FFF | on tzs comm

0xE0058000: Bigmac KeyRings
Size: 0x10000 bytes.

= 0xE0070000: SceEmmcController =

0xE0070000: EmmcCrypto Toggle/Status?
Toggle: Set to 1.

Status: enabled emmc enc/dec?

0xE0070004: EmmcCrypto avalaible status
bit0(& 1): Not available -> second_loader throws error.

0xE0070008: EmmcCrypto keyset
Read value example: 0x20E and 0x20F (FW 1.69-3.73).

write only.

0xE007000C: Unknown
Read value example: 2

= 0xE00C0000 =

0xE00CC000: Unknown
Unknown. Read value example: 0x10006331

0xE00CC014: Unknown
Unknown. Read value example: 0x300000

0xE00CC070: Unknown
Unknown. Read value example: 1

0xE00CC078: Unknown
Unknown. Read value example: 0x300