Cmep registers

= 0xE0000000: Cmep/ARM =

0xE0000000: MailboxCmepToArm
Response to ARM is written here.

0xE0000010: MailboxArmToCmep
Request from ARM is written here.

0xE0000020: MailboxCmepToDebugger
Size: 2 * DOWORD.

0xE0000028: MailboxDebuggerToCmep
Size: 2 * DWORD.

0xE0000060: MailboxDebuggerToCmep2
Size: 2 * DWORD.

= 0xE0010000: Cmep controller =

0xE0010000: CmepReset
Bit0: Hangs. ARM uses this to reset the cMeP subsystem.

0xE0010004: CmepStatus
Bit31: IsCmepAlive Bit0-2: ?

0xE0010000: 00 00 00 00 05 00 00 80 00 00 00 00 00 00 00 00 0xE0010010: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

0xE0010010: Unknown
Reads back 0x7FF. Then hangs after delay.

Bit5: Disables Key* registers, and Cmep KeyRings.

No bit appears to disable Rsa* registers, or Bigmac*.

0xE0020000: 0F 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 0xE0020010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

= 0xE0020000: Cmep 0xE0020000 =

0xE0020000 flags
Bit0: Reboot when cleared. Bit1: Makes first_loader load secure_kernel. Hang when cleared and unrecoverable. Bit2: No hang when cleared. Bit3: No hang when cleared. Bit4: ? Bit5: ? Bit16: Allows ARM to reset cmep. No hang when cleared. Bit17: ?

= 0xE0030000: Bigmac Keyring controller =

This device is mapped to ScePervasiveResetReg at offset 0x190 for controlling reset and enabling mask writing.

0xE0030000: KeyringNewValue
Size: 8 * DWORD.

0xE0030020: KeyringSetValueTrigger
Write value to a keyring. Requires the keyring to be enabled and WriteByCmepAllowed flag to be set.

Write a keyring to this address, and the Bigmac Keyring Controller will write value from physical address 0xE0030000 to the keyring.

0xE0030024: KeyringClearFlags
Note that there is no known way to set some keyrings flags in any way (doing keyring_flags |= or_flags), even though the opposite (clearing flags) is doable for some flags.

Writing  to   clear flags for this keyring.

Bit0-15: KeyringId Bit16-31: KeyringClearFlagsMask

0xE0030028: KeyringQueryFlags
Writing  to   returns current flags in.

Bit0-15: KeyringId

0xE003002C: KeyringQueryFlagsResponse
Bit Mask value   Clearable   Description 0 (0x0000 0001): N/A       | KeyringExists 1 (0x0000 0002): N/A       | KeyringEnabled. You cannot use the keyring if this is not set. 2 (0x0000 0004): N/A       | Unknown 16 (0x0001 0000): Clearable | AesEncryptAllowed (CTR+CBC+ECB, any key size) 17 (0x0002 0000): Clearable | AesDecryptAllowed (CTR+CBC+ECB, any key size) 18 (0x0004 0000): Clearable | ShaHmacAllowed (SHA1+SHA256) 19 (0x0008 0000): Clearable | AesCmacAllowed 20 (0x0010 0000): Clearable | ?EmmcCryptoAllowed (qualified guess!, maybe AES XTS)?. ?Master keyring can target memory? 21 (0x0020 0000): Fixed    | IsMaster. Master keyring can target slave keyring (based on Mask Group below). 22 (0x0040 0000): Fixed    | MemberOfGroup0. Keyring Pairing Lock Mask Group 0 (master keyrings 0x204-0x205 and slave keyrings 0-7). 23 (0x0080 0000): Fixed    | MemberOfGroup1. Keyring Pairing Lock Mask Group 1 (master keyrings 0x206-0x20D and slave keyrings 8-0xF). 24 (0x0100 0000): Fixed    | MemberOfGroup2. Keyring Pairing Lock Mask Group 2 (master keyrings 0x340-0x343 and slave keyrings 0x10-0x1F). 25 (0x0200 0000): Fixed    | MemberOfGroup3. Keyring Pairing Lock Mask Group 3 (master keyrings 0x344-0x353 and slave keyrings 0x20-0x2F). 26 (0x0400 0000): Clearable | ?WriteByBigmacAllowed?. ?Locked keyring can target cmep memory.? 27 (0x0800 0000): Clearable | WriteByCmepAllowed. Can be written directly by cmep. 28 (0x1000 0000): Clearable | ReadByCmepAllowed. Can be read directly by cmep.

A normal keyring is a keyring that do not belong to any group (bit21-25 are all zeroes). It can be written by slaves of groups, and also by normal non-keyring operations. They can write to ?a normal keyring or to external memory?.

A master keyring can only write into a slave keyring belonging to the same group(s) as itself. A master keyring cannot write into a non-slave keyring or external memory.

A slave keyring can write to a normal keyring or to external memory, but not to a master keyring.

VULN!! If a keyring has AesDecryptAllowed flag, it is possible to encrypt arbitrary AES blocks without AesEncryptAllowed flag by using AES CTR mode.

= SceBignum controller =

0xE0040108: RsaSignatureBuffer
Size: 0x100 bytes.

0xE0040400: RsaModulusBuffer
Size: 0x100 bytes.

0xE0040800: RsaControl
In DWORDs.

0xE0040800: RsaStatus
Bit31: Busy

0xE0040808: RsaExponent
= Bigmac Crypto Controller =

0xE005000C: Bigmac crypto controller function
Unlike for Dmac5, DES is not supported for KR Controller, but most commands are the same.

Bits   Mask Value   Description 0~ 1 | 0x00000003 | The func index 2 | 0x00000004 | RNG 3~ 5 | 0x00000038 | The algo index 6   | 0x00000040 | DES (Probably) 7   | 0x00000080 | Using external key (not keyring) 8~ 9 | 0x00000300 | Keysize. 0x000:64-bits 0x100:128-bits 0x200:192-bits 0x300:256-bits 10~11 | 0x00000C00 | Hash transform flags. 0x400:hashUpdate 0x800:hashFinalize 0xC00:Probably a fusion of hashUpdate and hashFinalize? 14~23 | 0x00FFF000 | Unknown 24~25 | 0x03000000 | Causes hang 26~27 | 0x0C000000 | Unknown 28   | 0x10000000 | Dst is keyring 29~31 | 0xE0000000 | Unknown

Func list

func + RNG = bzero?

Index  Real Value   Description 0 | 0x00000000 | Memcpy (DMAC only) 1 | 0x00000001 | AesEcbEncrypt 2 | 0x00000002 | AesEcbDecrypt 3 | 0x00000003 | Secure Hash Algorithm

Algo list

DES algos

DES is DMAC only. If running on Bigmac, it triggered hang up.

It's 3DES if keysize is 128 or 192

If DES + SHA, DES bit is ignored (Execute SHA command).

Algo  Func   Real Value   Description 0 |   0 | 0x00000040 | Unknown 0 |   1 | 0x00000041 | DesEcbEncrypt 0 |   2 | 0x00000042 | DesEcbDecrypt 1 |   1 | 0x00000049 | DesCbcEncrypt 1 |   2 | 0x0000004A | DesCbcDecrypt 4 |   1 | 0x00000061 | Unknown (DES + AesCtrEncrypt) // If you have more found, add that to here

The following are known to be able to write keyrings: * AesEcbEncrypt/Decrypt: Size is rounded up to multiple of 4. If size > 16, size = 16.

Read |size| bytes from |src| into HW state. The remaining 16-|size| bytes of state *ARE KEPT FROM RESULT OF PREVIOUS AES OPERATION*. VULN! This allows key recovery of all slave keyrings during boot.

The key written to keyring is always 16 bytes long, padded with 00's.

* AesCbcEncrypt/Decrypt: Size is rounded up to multiple of 4. * AesCtrEncrypt/Decrypt: Size is rounded up to multiple of 4. * AesCmac               Puts the 16 byte hash into keyring. Bytes 16-31 are *FORCED* 0. * Sha1:                 Puts the 20 byte hash into keyring. Bytes 20-31 are *FORCED* 0. * Sha224:               Puts the 28 byte hash into keyring. Bytes 28-31 are *FORCED* 0. * Sha256:               Puts the 32 byte hash into keyring. * HmacSha1              Probably same as Sha1. * HmacSha256            Probably same as Sha256. * Rng

AesCtrEncrypt when having a keyring dst, still reads from src.

VULN! Any SHA with length==0 produces an output of all zeroes!

0xE005003C: Bigmac Rng
Reads a random value.

0xE0050200: Bigmac External Key
Size: 0x20 bytes

VULN! Allows partial overwrite. However when using keyring crypto, this key remains unaffected thus it cannot be used to recover keyring keys.

= Bigmac Key Ring Base =

See F00D Key Ring Base.

0xE0058000: Bigmac KeyRings
Size: 0x10000 bytes.

0x000-0x07F: Initial state: Empty keyrings. 0x000-0x007: Empty group0 slave keyrings, for AES decryption only. 0x008-0x00F: Empty group1 slave keyrings, any algo. 0x010-0x01F: Empty group2 slave keyrings, for AES decryption only. 0x020-0x02F: Empty group3 slave keyrings, any algo. 0x030-0x07F: Empty normal keyrings, any algo.

0x100-0x17F: Initial state: Empty keyrings. 0x100-0x17F: Empty normal keyrings, any algo.

0x200-0x217: Initial state: Filled in, key material. 0x200-0x203: AES decryption-only keys (for memory buffers). 0x204-0x205: Master keys (for group0), any algo. 0x206-0x20D: Master keys (for group1), any algo. 0x20E-0x20F: Emmc keys, fully protected. 0x210-0x217: General purpose keys (for memory buffers).

0x300-0x3FF: Initial state: Filled in, key material. 0x300-0x33F: AES decryption-only keys (for memory buffers). 0x340-0x343: Master keys (for group2), any algo. 0x344-0x353: Master keys (for group3), any algo. 0x354-0x3FF: General purpose keys (for memory buffers).

0x400-0x47F: Initial state: Empty data storage, read-write from keyring.

0x500-0x57F: Initial state: Empty data storage, read-write from keyring.

0x600-0x607: Initial state: Filled in data, read-only. Keyring only. 0x603: DWORD BootromFlags. Bit0-15: HasRsaRevocationKey. This is set to 0xFFFF. Bit16:  UseAlternativeEmmcClock

0x700-0x77F: Initial state: Filled in data, read-only. Keyring only. 0x700-0x708: RsaRevocationKey0 0x708-0x710: RsaRevocationKey1 0x710-0x718: RsaRevocationKey2 0x718-0x720: RsaRevocationKey3 0x720-0x728: RsaRevocationKey4 0x728-0x730: RsaRevocationKey5 ...   0x778-0x780: RsaRevocationKey15

= 0xE0070000: SceEmmcController =

0xE0070000: EmmcCrypto Toggle/Status?
Toggle: Set to 1.

Status: enabled emmc enc/dec?

0xE0070004: EmmcCrypto avalaible status
bit0(& 1): Not available -> second_loader throws error.

0xE0070008: EmmcCrypto keyset
Read value example: 0x20E and 0x20F (FW 1.69-3.73).

write only.

0xE007000C: Unknown
Read value example: 2

= 0xE00C0000 =

0xE00CC000: Unknown
Unknown. Read value example: 0x10006331

0xE00CC014: Unknown
Unknown. Read value example: 0x300000

0xE00CC070: Unknown
Unknown. Read value example: 1

0xE00CC078: Unknown
Unknown. Read value example: 0x300