Cmep registers
F00D/ARM
E0000000: MailboxFoodToArm
Response to ARM is written here.
E0000010: MailboxArmToFood
Request from ARM is written here.
E0000020: MailboxFoodToDebugger
Size: 2x u32.
E0000028: MailboxDebuggerToFood
Size: 2x u32.
E0000060: MailboxDebuggerToFood2
Size: 2x u32.
F00D controller
E0010000: FootReset
Bit0: Hangs. ARM uses this to reset the F00D subsystem.
E0010004: FoodStatus
Bit31: IsFoodAlive Bit0-2: ?
0xE0010000: 00 00 00 00 05 00 00 80 00 00 00 00 00 00 00 00 0xE0010010: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
E0010010
Reads back 0x7FF. Then hangs after delay.
Bit5: Disables Key* registers, and KeyRingDirectAccess
No bit appears to disable Rsa* registers, or Bigmac*.
0xE0020000: 0F 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 0xE0020010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
F00D_E0020000
E0020000
Bit0: Reboot when cleared. Bit1: Hang when cleared. Unrecoverable Bit2: No hang when cleared. Bit3: No hang when cleared. Bit4: Bit5: Bit16: No hang when cleared. Bit17:
E0020004: ?
second_loader writes 0x30003 followed by 0 here, after clearing keys.
E0020020: ?
rsa_expmod() reads and writes back this register before reading the result of the RSA operation.
Keyring controller
0xE0030000-0xE003001F: KeySetValue
Size: 8x u32.
E0030020: KeySetValueTrigger
Write keyslot here, and it will write value written above to it.
E0030024: KeySetProtect
Bit0-15: KeyslotNumber Bit16-31: KeyslotClearFlags
E0030028: KeyQueryProtect
Bit0-15: KeyslotNumber
E003002C: KeyQueryProtectResult
Bit0: SlotExists Bit1: HasBeenWrittenOnce. You cannot use a key if this is not set. Bit2: HasBeenWrittenMoreThanOnce Bit16: Clearable | AesEncryptAllowed (CTR+CBC+ECB, any key size) Bit17: Clearable | AesDecryptAllowed (CTR+CBC+ECB, any key size) Bit18: Clearable | ShaHmacAllowed (SHA1+SHA256) Bit19: Clearable | AesCmacAllowed Bit20: Clearable | EmmcCryptoAllowed (qualified guess!) Bit21: Fixed | IsMaster Bit22: Fixed | MemberOfGroup0 Bit23: Fixed | MemberOfGroup1 Bit24: Fixed | MemberOfGroup2 Bit25: Fixed | MemberOfGroup3 Bit26: Clearable | SetByBigmacAllowed Bit27: Clearable | SetByKeyringAllowed Bit28: Clearable | GetByKeyringAllowed
A master key can only write into a slave keyslot belonging to the same group(s) as itself.
A master key cannot write into a non-slave keyslot or external memory.
Normal keyslots are keyslots that don't belong to any group (bit21-25 are all zeroes). They can be written by slaves of groups, and also by normal non-keyslot operations.
A slave can write output to a normal keyslot or to external memory.
SceBignum controller
E0040108 RsaSignatureBuffer
Size: 0x100 bytes.
E0040400 RsaModulusBuffer
Size: 0x100 bytes.
E0040800 RsaControl
In u32's.
E0040800 RsaStatus
Bit31: Busy
E0040808 RsaExponent
SceBigmac controller
// base:0xE0050000(channel0), 0xE0050080(channel1) typedef struct SceBigmacOp { const void *src; union { void *dst; int slot_id; }; SceSize len; int func; // BigmacOp int key_slot; void *iv; void *next; int ready; // Writing 1 here starts bigmac operation. int status; int res; // Set when invalid keyslot (0xFFF). Bit18: Set when keyslot is not allowed to perform operation. } SceBigmacOp;
E005000C BigmacOp
Unlike Dmac5, DES is not supported for Bigmac.
Bit0-6: Algorithm 0x00 = Zeroes? 0x01 = AesEcbEncrypt 0x02 = AesEcbDecrypt 0x03 = Sha1 0x04 = Rng 0x05 = Zeroes 0x06 = Zeroes 0x07 = Zeroes 0x09 = AesCbcEncrypt 0x0A = AesCbcDecrypt 0x0B = Sha224 0x0C = Zeroes 0x0D = Zeroes 0x0E = Zeroes 0x0F = Zeroes 0x10 = AesCtr 0x11 = AesCtrEncrypt 0x12 = AesCtrDecrypt 0x13 = Sha256 0x1B = !!! HANG !!! 0x23 = HmacSha1, keylength=32 bytes 0x2B = !!! HANG !!! 0x33 = HmacSha256, keylength=32 bytes 0x3B = AesCmac 0x41 = !!! HANG !!! 0x43 = <0x03> 0x4B = <0x0b> 0x53 = <0x13> 0x61 = !!! HANG !!! 0x7B = <0x3b> 0x141 = !!! HANG !!!
Bit7: UseExternalKey Bit8-10: KeySize (0=64bit, 1=128bit, 2=192bit, 3=256bit) (Applies only to AesEcb, AesCbc, AesCmac) Bit11: Nothing noticable for AesEcbEncrypt Bit12: Nothing noticable for AesEcbEncrypt Bit24: Causes hang Bit25: Causes hang Bit28: IsDstKeyslot
The following are known to be able to write keyslots:
* AesEcbEncrypt/Decrypt: Size is rounded up to multiple of 4. If size > 16, size = 16.
Read |size| bytes from |src| into HW state. The remaining 16-|size| bytes of state *ARE KEPT FROM RESULT OF PREVIOUS AES OPERATION*. VULN! This allows key recovery of all slave keyslots during boot.
The key written to keyslot is always 16 bytes long, padded with 00's.
* AesCbcEncrypt/Decrypt: Size is rounded up to multiple of 4. * AesCtrEncrypt/Decrypt: Size is rounded up to multiple of 4. * AesCmac Puts the 16 byte hash into keyslot. Bytes 16-31 are *FORCED* 0. * Sha1: Puts the 20 byte hash into keyslot. Bytes 20-31 are *FORCED* 0. * Sha224: Puts the 28 byte hash into keyslot. Bytes 28-31 are *FORCED* 0. * Sha256: Puts the 32 byte hash into keyslot. * HmacSha1 Probably same as Sha1. * HmacSha256 Probably same as Sha256. * Rng
AesCtrEncrypt when having a keyslot dst, still reads from src.
VULN! Any SHA with length==0 produces an output of all zeroes!
E005003C BigmacRng
Reads a random value.
E0050200 BigmacExternalKey
Size: 0x20 bytes
VULN! Allows partial overwrite. However when using keyslot crypto, this key remains unaffected. Thus it cannot be used to recover keyslot keys.
SceBigmac Keyring
E0058000 KeyRingDirectAccess
Size: 0x10000 bytes.
Key slots
0x000-0x07F:
Initial state: Empty keyslots. 0x000-0x007: Empty group0 slave keyslots, for AES decryption only. 0x008-0x00F: Empty group1 slave keyslots, any algo. 0x010-0x01F: Empty group2 slave keyslots, for AES decryption only. 0x020-0x02F: Empty group3 slave keyslots, any algo. 0x030-0x07F: Empty normal keyslots, any algo.
0x100-0x17F:
Initial state: Empty keyslots. 0x100-0x17F: Empty normal keyslots, any algo.
0x200-0x217:
Initial state: Filled in, key material. 0x200-0x203: AES decryption-only keys (for memory buffers). 0x204-0x205: Master keys (for group0), any algo. 0x206-0x20D: Master keys (for group1), any algo. 0x20E-0x20F: Emmc keys, fully protected. 0x210-0x217: General purpose keys (for memory buffers).
0x300-0x3FF:
Initial state: Filled in, key material. 0x300-0x33F: AES decryption-only keys (for memory buffers). 0x340-0x343: Master keys (for group2), any algo. 0x344-0x353: Master keys (for group3), any algo. 0x354-0x3FF: General purpose keys (for memory buffers).
0x400-0x47F:
Initial state: Empty data storage, read-write from keyring.
0x500-0x57F:
Initial state: Empty data storage, read-write from keyring.
0x600-0x607:
Initial state: Filled in data, read-only. Keyring only. 0x603: u32 BootromFlags. Bit0-15: HasRsaRevocationKey. This is set to 0xFFFF. Bit16: UseAlternativeEmmcClock
0x700-0x77F:
Initial state: Filled in data, read-only. Keyring only. 0x700-0x708: RsaRevocationKey0 0x708-0x710: RsaRevocationKey1 0x710-0x718: RsaRevocationKey2 0x718-0x720: RsaRevocationKey3 0x720-0x728: RsaRevocationKey4 0x728-0x730: RsaRevocationKey5 ... 0x778-0x780: RsaRevocationKey15
SceEmmcController
0xE0070000 EmmcCrypto Toggle/Status?
Toggle : Set to 1.
Status : enabled emmc encdec?
0xE0070004 EmmcCrypto avaliable status
bit0(& 1) : Not avaliable. -> second_loader throw error.
0xE0070008 EmmcCrypto keyset
1.69-3.73 : 0x20E and 0x20F.
write only.
0xE007000C Unknown
Can to read the 2.
0xE00CC000
0xE00CC000
Unknown, Can to read the 0x10006331.
0xE00CC014
Unknown, Can to read the 0x300000.
0xE00CC070
Unknown, Can to read the 1.
0xE00CC078
Unknown, Can to read the 0x300.