Difference between revisions of "F00D Key Ring Base"

From Vita Development Wiki
Jump to navigation Jump to search
 
(25 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Physical address = 0xE0058000 + 32 * slot
+
Keyslot physical address = 0xE0058000 + 0x20 * slot_id.
  
 
=== Permission bits ===
 
=== Permission bits ===
If a key slot is not locked, it can target f00d memory or unlocked keyslot
+
 
 +
If a keyslot is not locked, it can target cmep memory or unlocked keyslot.
  
 
{| class="wikitable"
 
{| class="wikitable"
Line 8: Line 9:
 
! Bit          !! Function
 
! Bit          !! Function
 
|-
 
|-
| 0x01        || Encryption operation allowed
+
| 0x1          || Encryption operation allowed
 
|-
 
|-
| 0x02        || Decryption operation allowed
+
| 0x2          || Decryption operation allowed
 
|-
 
|-
| 0x04        || ? operation allowed
+
| 0x4          || ? operation allowed
 
|-
 
|-
| 0x08        || ? operation allowed
+
| 0x8          || ? operation allowed
 
|-
 
|-
| 0x10        || ?
+
| 0x10        || ??? Master Keyslot can target memory ???
 
|-
 
|-
| 0x20       || Master Keyslot can target user keyslot (based on Mask Group below)
+
| 0x20         || Master Keyslot can target user keyslot (based on Mask Group below)
 
|-
 
|-
 
| 0x40        || Keyslot Pairing Lock Mask Group 0 (Master slots 0x204-0x205 and user slots 0-7)
 
| 0x40        || Keyslot Pairing Lock Mask Group 0 (Master slots 0x204-0x205 and user slots 0-7)
Line 24: Line 25:
 
| 0x80        || Keyslot Pairing Lock Mask Group 1 (Master slots 0x206-0x20D and user slots 8-0xF)
 
| 0x80        || Keyslot Pairing Lock Mask Group 1 (Master slots 0x206-0x20D and user slots 8-0xF)
 
|-
 
|-
| 0x100         || Keyslot Pairing Lock Mask Group 2 (Master slots 0x340-0x343 and user slots 0x10-0x1F)
+
| 0x100       || Keyslot Pairing Lock Mask Group 2 (Master slots 0x340-0x343 and user slots 0x10-0x1F)
 
|-
 
|-
| 0x200         || Keyslot Pairing Lock Mask Group 3 (Master slots 0x344-0x353 and user slots 0x20-0x2F)
+
| 0x200       || Keyslot Pairing Lock Mask Group 3 (Master slots 0x344-0x353 and user slots 0x20-0x2F)
 
|-
 
|-
| 0x400        || Locked Keyslot can target f00d memory
+
| 0x400        || Locked Keyslot can target cmep memory
 
|-
 
|-
| 0x800        || can be written directly by f00d
+
| 0x800        || Can be written directly by cmep
 
|-
 
|-
| 0x1000      || can be read directly by f00d
+
| 0x1000      || Can be read directly by cmep
 
|}
 
|}
  
Line 39: Line 40:
 
{| class="wikitable"
 
{| class="wikitable"
 
|-
 
|-
! Slot          !! Initial Valid !! Initial Protection !! Protection (1.69)  !! Ever Valid (1.69) !! Per Console? (1.69) !! Set By? !! Description
+
! Slot          !! Initial Valid !! Initial Protection !! Protection (1.69)  !! Ever Valid (1.69) !! Per Console (1.69) !! Set By !! Description
 
|-
 
|-
| 0           || N || 0x0442 || 0x0442      || Y || ? || ?          || ?
+
| 0             || N || 0x0442 || 0x0442      || Y || N || Many sm || General common slot
 
|-
 
|-
| 1           || N || 0x0442 || 0x0442      || N || ? ||  ?          || ?
+
| 1             || N || 0x0442 || 0x0442      || N || ? ||  ?          || ?
 
|-
 
|-
| 2-7         || N || 0x0442 || 0x0040      || N || ? ||  ?          || ?
+
| 2-7           || N || 0x0442 || 0x0040      || N || ? ||  ?          || ?
 
|-
 
|-
| 8           || N || 0x049F || 0x0081      || Y || Y || first_loader (0x206/0x207)        || SLSK per-console key (encrypt)
+
| 8             || N || 0x049F || 0x0081      || Y || Y || first_loader || [[SLSK]] personalization key (encrypt). Derived from keyslots 0x206 or 0x207.
 
|-
 
|-
| 9         || N || 0x049F || 0x0080      || N || ? || first_loader (0x206/0x207)          || SLSK per-console key (decrypt)
+
| 9             || N || 0x049F || 0x0080      || N || ? || first_loader || [[SLSK]] personalization key (decrypt). Derived from keyslots 0x206 or 0x207.
 
|-
 
|-
| 0xA        || N || 0x049F || 0x0080      || Y || N || first_loader (0x208-0x20D)          || SLSK metadata key
+
| 0xA-0xF       || N || 0x049F || 0x0080      || Y || N || first_loader || 6 [[SLSK]] metadata decryption keys. Derived from keyslots 0x208-0x20D.
 
|-
 
|-
| 0xB-0xF        || N || 0x049F || 0x0080     || Y || N ||  first_loader (0x208-0x20D)           || ?
+
| 0x10          || N || 0x0502 || 0x0502     || N || ? ||  ?           || Supports decryption only.
 
|-
 
|-
| 0x10          || N || 0x0502 || 0x0502     || N || ? ||  ?          || supports decryption only
+
| 0x11-0x1F      || N || 0x0502 || 0x0100     || N || ? ||  ?          || ?
 
|-
 
|-
| 0x11-0x1F      || N     || 0x0502 || 0x0100     || N || ? || ?          || ?
+
| 0x20          || N || 0x061F || 0x0200     || Y || ? || first_loader || [[SLSK]] HMAC-SHA256 Key. Derived from keyslot 0x344.
 
|-
 
|-
| 0x20          || N || 0x061F || 0x0200     || Y || ? ||  first_loader (0x344)           || Derived from 0x344, used for hmac-sha256 over ENC files.
+
| 0x21-0x24      || N || 0x061F || 0x061F     || N || ? ||  ?           || Supports encryption and decryption.
 
|-
 
|-
| 0x21-0x24      || N || 0x061F || 0x061F      || N || ? ||  ?          || supports encryption and decryption
+
| 0x25-0x2F     || N || 0x061F || 0x0200      || N || ? ||  ?          || ?
|-
 
| 0x25-0x2F     || N || 0x061F || 0x0200      || N || ? ||  ?          || ?
 
 
|-
 
|-
 
| 0x30-0x34      || N || 0x041F || 0x041F      || N || ? ||  ?          || ?
 
| 0x30-0x34      || N || 0x041F || 0x041F      || N || ? ||  ?          || ?
Line 69: Line 68:
 
| 0x35-0x7F      || N || 0x041F || 0x0000      || N || ? ||  ?          || ?
 
| 0x35-0x7F      || N || 0x041F || 0x0000      || N || ? ||  ?          || ?
 
|-
 
|-
| 0x80-0xFF      || X || 0x0000 || 0x0000      || X || ? ||  ?          || Not used
+
| 0x80-0xFF      || X || 0x0000 || 0x0000      || X || ? ||  ?          || Not used.
 
|-
 
|-
| 0x100          || N || 0x041F || 0x041F      || N || ? ||  ?          || ?
+
| 0x100          || N || 0x041F || 0x041F      || N || ? ||  ?          || ?
 
|-
 
|-
| 0x101-0x17F   || N || 0x041F || 0x0000      || N || ? ||  ?          || ?
+
| 0x101-0x17F   || N || 0x041F || 0x0000      || N || ? ||  ?          || ?
 
|-
 
|-
| 0x180-0x1FF   || X || 0x0000 || 0x0000      || X || ? ||  ?          || Not used
+
| 0x180-0x1FF   || X || 0x0000 || 0x0000      || X || ? ||  ?          || Not used.
 
|-
 
|-
 
| 0x200-0x203    || Y || 0x0002 || 0x0000      || Y || ? ||  ?          || ?
 
| 0x200-0x203    || Y || 0x0002 || 0x0000      || Y || ? ||  ?          || ?
 
|-
 
|-
| 0x204-0x205    || Y || 0x006F || 0x006F      || Y || Y ||  ?          || ?
+
| 0x204         || Y || 0x006F || 0x006F      || Y || Y ||  ?          || AES-256 master key for IdStorage Certificates AES-128-ECB keys derivation. Used by KIRK commands 0x10, 0x12, 0x17 and 0x19.
 
|-
 
|-
| 0x206         || Y || 0x00AF || 0x00A0     || Y || ? ||  ?          || Used to derive key used to decrypt personalized layer over ENC. Should be per-console.
+
| 0x205         || Y || 0x006F || 0x006F     || Y || Y ||  ?          || ?
 
|-
 
|-
| 0x207         || Y || 0x00AF || 0x00A0      || Y || ? ||  ?          || Used instead of the above key when secret debug mode is set. (Possibly non-per-console?)
+
| 0x206         || Y || 0x00AF || 0x00A0      || Y || ? ||  ?          || Master key used to derive key used to decrypt personalized layer over [[SLSK]]. Should be per-console.
 
|-
 
|-
| 0x208-0x20D    || Y || 0x00AF || 0x00A0      || Y || ? ||  ?          || 6 keys used to decrypt ENC metadata, which one is used depends on key revision in ENC header.
+
| 0x207          || Y || 0x00AF || 0x00A0      || Y || ? ||  ?          || Master key used instead of keyslot 0x206 when first_loader secret debug mode is set. (Possibly non-per-console?)
 +
|-
 +
| 0x208-0x20D    || Y || 0x00AF || 0x00A0      || Y || ? ||  ?          || 6 master keys used to derive AES-128-CBC Key to decrypt [[SLSK]] metadata. Which one is used depends on encryption key revision in [[SLSK]] header.
 
|-
 
|-
 
| 0x20E-0x20F    || Y || ? || 0x0010      || Y || ? ||  ?          || Maybe per-console eMMC crypto keys? Protected by second_loader.
 
| 0x20E-0x20F    || Y || ? || 0x0010      || Y || ? ||  ?          || Maybe per-console eMMC crypto keys? Protected by second_loader.
Line 91: Line 92:
 
| 0x210-0x211    || Y || 0x001F || 0x0000      || Y || ? ||  ?          || ?
 
| 0x210-0x211    || Y || 0x001F || 0x0000      || Y || ? ||  ?          || ?
 
|-
 
|-
| 0x212   || Y || 0x001F || 0x001F      || Y || Y ||  ?          || AES256-CMAC key used by KIRK commands 0x12 and 0x19.
+
| 0x212         || Y || 0x001F || 0x001F      || Y || Y ||  ?          || AES-256-CMAC key used by KIRK commands 0x12 and 0x19.
 
|-
 
|-
| 0x213   || Y || 0x001F || 0x001F      || Y || Y ||  ?          || Used to derive SMI keys, which are used for factory fw decryption.
+
| 0x213         || Y || 0x001F || 0x001F      || Y || Y ||  ?          || AES-256-CBC key used to derive (by seed encryption) SMI keys in second_loader, which are used for minimum firmware version decryption.
 
|-
 
|-
| 0x214   || Y || 0x001F || 0x0000      || Y || ? ||  ?          || AES256CBC key used to derive (by encryption) keyslots 0x514 and 0x515 in second_loader. IVs hardcoded in second_loader.
+
| 0x214         || Y || 0x001F || 0x0000      || Y || ? ||  ?          || AES-256-CBC key used to derive (by seed encryption) keyslots 0x514 and 0x515 in second_loader. IVs and seeds hardcoded in second_loader.
 
|-
 
|-
| 0x215   || Y || 0x001F || 0x0000      || Y || ? ||  ?          || ?
+
| 0x215         || Y || 0x001F || 0x0000      || Y || ? ||  ?          || ?
 
|-
 
|-
| 0x216          || Y || 0x001F || 0x001F      || Y || ? ||  ?          || AES256CBC key used to derive (by encryption) keyslots 0x502-0x504 in second_loader on FW >= 0.996. Single IV hardcoded in second_loader. For FW < 0.996, the keyslots 0x502-0x504 are hardcoded in second_loader.
+
| 0x216          || Y || 0x001F || 0x001F      || Y || Y ||  ?          || AES-256-CBC key used to derive (by seed encryption) keyslots 0x502-0x504 in second_loader. IV hardcoded in second_loader. If SMI minimum FW < 0.996, this key is not used and keyslots 0x502-0x504 are set with hardcoded values from second_loader.
 
|-
 
|-
 
| 0x217          || Y || 0x001F || 0x0000      || Y || ? ||  ?          || ?
 
| 0x217          || Y || 0x001F || 0x0000      || Y || ? ||  ?          || ?
 
|-
 
|-
| 0x218-0x2FF    || X || 0x0000 || 0x0000      || X || ? ||  ?          || Not used
+
| 0x218-0x2FF    || X || 0x0000 || 0x0000      || X || ? ||  ?          || Not used.
 
|-
 
|-
 
| 0x300-0x33F    || Y || 0x0002 || 0x0000      || Y || ? ||  ?          || ?
 
| 0x300-0x33F    || Y || 0x0002 || 0x0000      || Y || ? ||  ?          || ?
Line 111: Line 112:
 
| 0x341-0x343    || Y || 0x012F || 0x0120      || Y || ? ||  ?          || ?
 
| 0x341-0x343    || Y || 0x012F || 0x0120      || Y || ? ||  ?          || ?
 
|-
 
|-
| 0x344          || Y || 0x022F || 0x0220      || Y || ? ||  ?          || Used to derive key 0x20 in bootrom.
+
| 0x344          || Y || 0x022F || 0x0220      || Y || ? ||  ?          || Master key used to derive the 0x20 keyslot in first_loader.
 
|-
 
|-
| 0x345-0x348    || Y || 0x022F || 0x022F      || Y || ? ||  ?          || Used to decrypt keys into one of the 0x21-0x24 keyslot.
+
| 0x345-0x348    || Y || 0x022F || 0x022F      || Y || ? ||  ?          || Used to decrypt keys into one of the 0x21-0x24 keyslots.
 
|-
 
|-
| 0x349-0x353    || Y || 0x022F ||0x0220      || Y || ? ||  ?          || ?
+
| 0x349-0x353    || Y || 0x022F || 0x0220      || Y || ? ||  ?          || ?
 
|-
 
|-
 
| 0x354-0x3FF    || Y || 0x001F || 0x0000      || Y || ? ||  ?          || ?
 
| 0x354-0x3FF    || Y || 0x001F || 0x0000      || Y || ? ||  ?          || ?
Line 121: Line 122:
 
| 0x400-0x47F    || N || 0x1800 || 0x0000      || N || ? ||  ?          || ?
 
| 0x400-0x47F    || N || 0x1800 || 0x0000      || N || ? ||  ?          || ?
 
|-
 
|-
| 0x480-0x4FF    || X || 0x0000 || 0x0000      || X || ? ||  ?          || Not used
+
| 0x480-0x4FF    || X || 0x0000 || 0x0000      || X || ? ||  ?          || Not used.
 
|-
 
|-
 
| 0x500          || N || 0x1800 || 0x1800      || N || ? ||  ?          || ?
 
| 0x500          || N || 0x1800 || 0x1800      || N || ? ||  ?          || ?
 
|-
 
|-
| 0x501          || N || 0x1800 || 0x1000      || Y || N || first_loader || Used by bootrom first_loader to figure out whether to load from eMMC or ARM comms after reset
+
| 0x501          || N || 0x1800 || 0x1000      || Y || N || first_loader || Used by first_loader to figure out whether to load from eMMC or ARM comms after reset.
 +
|-
 +
| 0x502          || N || 0x1800 || 0x1800      || Y || Y || second_loader || AES XTS Tweak for Ernie SNVS sectors.
 +
|-
 +
| 0x503          || N || 0x1800 || 0x1800      || Y || Y || second_loader || AES XTS Decryption Key for Ernie SNVS sectors.
 +
|-
 +
| 0x504          || N || 0x1800 || 0x1800      || Y || Y || second_loader || AES-128-CMAC Key for Ernie SNVS sectors.
 
|-
 
|-
| 0x502-0x504    || N || 0x1800 || 0x1800     || Y || Y || second_loader || Related to Ernie SNVS.
+
| 0x505          || N || 0x1800 || 0x0000     || N || ? || ?            || ?
 
|-
 
|-
| 0x505         || N || 0x1800 || 0x0000     || N || ? || ?          || ?
+
| 0x506         || N || 0x1800 || 0x1800     || Y || N || second_loader || QAF Token AES-256-CBC and AES-256-CMAC key. Hardcoded in second_loader. Used with IV = keyslot 0x507.
 
|-
 
|-
| 0x506         || N || 0x1800 || 0x1800      || Y || ? || ?          || ?
+
| 0x507         || N || 0x1800 || 0x1800      || Y || N || second_loader || QAF Token AES-256-CBC IV. Hardcoded in second_loader.
 
|-
 
|-
| 0x507         || N || 0x1800 || 0x1800      || Y || N || ?          || ?
+
| 0x508         || N || 0x1800 || 0x1800      || Y || Y || second_loader || Ernie version. Comes from [[Ernie]] Code Flash memory ([[Ernie]] command 1). 4 bytes. If lower (older) than 0x00090903, old Ernie protocols (unencrypted SNVS packets and maybe different SNVS keys) are used.
 
|-
 
|-
| 0x508         || N || 0x1800 || 0x1800      || Y || N || second loader || Baryon version (from Ernie cmd 0x1). 4 bytes. Set to 0x100010A on FW 1.05, 0x0100010B on FW 1.50, 0x100060D on FW 1.692. If lower (older) than 0x90903, old Syscon protocols (unencrypted packets and NVS) are used.
+
| 0x509         || N || 0x1800 || 0x1800      || Y || Y || second_loader || ConsoleId of unit. Comes from IdStorage (eMMC).
 
|-
 
|-
| 0x509         || N || 0x1800 || 0x1800      || Y || Y || second loader || ConsoleId of unit. Comes from IdStorage (eMMC).
+
| 0x50A         || N || 0x1800 || 0x1800      || Y || Y || second_loader || [[KBL Param#QA_flags|QA flags]]. 0x10 bytes. Comes from [[Ernie]] NVS ([[Ernie]] command 0x1082).
 
|-
 
|-
| 0x50A         || N || 0x1800 || 0x1800      || Y || ? || second loader || [[Sysroot#QA_flags|QA flags]]. 0x10 bytes.
+
| 0x50B         || N || 0x1800 || 0x1800      || Y || Y || second_loader || Mgmt Data. 8 bytes. Comes from [[Ernie]] SNVS block 0 ([[Ernie]] command 0xD2).
 
|-
 
|-
| 0x50B         || N || 0x1800 || 0x1800      || Y || ? || second loader || From 0xD2 SNVS block 0, 8 bytes. (?Mgmt Data?)
+
| 0x50C         || N || 0x1800 || 0x1800      || Y || N || second_loader || [[Second_Loader#Boot_type_indicator_for_slsk]]
 
|-
 
|-
| 0x50C         || N || 0x1800 || 0x1800      || Y || N || second loader || Some boot flags. Like Boot type indicator 1. Set to 1 on FW 1.692 and newer, 0 on older.
+
| 0x50D         || N || 0x1800 || 0x1800      || Y || Y || second_loader || OpenPSID of unit. Comes from IdStorage (eMMC).
 
|-
 
|-
| 0x50D         || N || 0x1800 || 0x1800      || Y || Y || second loader || OpenPSID of unit. Comes from IdStorage (eMMC).
+
| 0x50E         || N || 0x1800 || 0x1800      || Y || Y || second_loader || Current firmware version. Comes from [[Ernie]] SNVS ([[Ernie]] command 0xD0).
 
|-
 
|-
| 0x50E         || N || 0x1800 || 0x1800      || Y || Y || second loader || Current firmware version. Comes from SNVS (Ernie).
+
| 0x50F         || N || 0x1800 || 0x1800      || Y || Y || second_loader || Minimum firmware version. Comes from IdStorage SMI leaf (eMMC). 4 bytes.
 
|-
 
|-
| 0x50F         || N || 0x1800 || 0x1800      || Y || Y || second loader || Factory firmware version. Comes from IdStorage (eMMC). 4 bytes.
+
| 0x510         || N || 0x1800 || 0x1800      || Y || Y || second_loader || [[KBL Param#DIP_Switches|DIP Switches]]. 0x20 bytes. Comes from CP and [[Ernie]] VS ([[Ernie]] command 0x90 offset 0xE0).
 
|-
 
|-
| 0x510         || N || 0x1800 || 0x1800      || Y || Y || second loader || [[Sysroot#DIP_Switches|DIP Switches]]. 0x20 bytes. Comes from Ernie cmd 0x90 offset 0xE0.
+
| 0x511         || N || 0x1800 || 0x1800      || Y || N (random) || second_loader || Ernie communication session key. Unique per boot. It is generated by a handshake with Ernie through Ernie command 0xD0. AES-128-ECB key used to enc/dec the content of Ernie secure packets. If (baryonVersion < 0x90903 && (ernieDLVersion & 0xffffff) < 0x3600) it is zeroed by second_loader. Part of SKSO data. Used by SK command 0xF01.
 
|-
 
|-
| 0x511         || N || 0x1800 || 0x1800      || Y || Y || second loader || Unique per boot session id. Ernie shared 0xD0 session key. AES128CBC key used to encrypt with null IV a buffer of size 0x30 bytes coming from Ernie in second_loader. Also used to enc/dec the content of Ernie "packets 0x28" coming from Ernie. If (baryonVersion < 0x90903 && (ernieDLVersion & 0xffffff) < 0x3600) it is zeroed by second_loader.
+
| 0x512         || N || 0x1800 || 0x1800      || Y || N (counter) || second_loader || Ernie communication ticket count. Used as a challenge at the start of each secure Ernie encrypted communication, for example for SNVS read/write. On each boot it is set to a random value by second_loader. Incremented by 1 after each Ernie secure commmand usage. Part of SKSO data. Used by SK command 0xF01.
 
|-
 
|-
| 0x512         || N || 0x1800 || 0x1800      || Y || Y || second loader || Ticket count. Used as a challenge at the start of each secure Ernie encrypted communication, for example for SNVS read/write. Set to a random value when session key is set. Incremented by 1 after each usage.
+
| 0x513         || N || 0x1800 || 0x1800      || Y || Y || second_loader || DRAM size. Set to 0x20000000 by default, 0x40000000 on DevKit in DevKit Memory Size mode. Determined by [[KBL Param#DIP_Switches|DIP Switches]] (CP).
 
|-
 
|-
| 0x513         || N || 0x1800 || 0x1800      || Y || N || second loader || DRAM size. Set to 0x20000000 by default, 0x40000000 on DevKit in DevKit Memory Size mode.
+
| 0x514         || N || 0x1800 || 0x1800      || Y || see keyslot 0x214 || second_loader || SKSO AES-256-CMAC key. Protected on FW 1.05. Data size 0x90 bytes. Used to verify SKSO. Used by SK command 0xF01.
 
|-
 
|-
| 0x514        || N || 0x1800 || 0x1800      || Y || N? || second loader || F00d-cmd F01 AES-128-CMAC key. Protected on FW 1.05. Data size 0x90 bytes. Used to verify SKSO integrity.
+
| 0x515          || N || 0x1800 || 0x1800      || Y || see keyslot 0x214 || second_loader || SKSO AES-128-CBC key. Protected on FW 1.05. Data size 0xA0 bytes. Hardcoded IV in second_loader and second_kernel. Used to encrypt/decrypt SKSO (the content written into keyslots 0x511, 0x512, 0x517 and 0x519). Used by SK command 0xF01.
 
|-
 
|-
| 0x515         || N || 0x1800 || 0x1800      || Y || N? || second loader || F00d-cmd F01 AES-128-CBC key. Protected on FW 1.05. Data size 0xA0 bytes. Hardcoded IV. Used to encrypt/decrypt SKSO (the content written into keyslots 0x511, 0x512, 0x517 and 0x519).
+
| 0x516         || N || 0x1800 || 0x1800      || Y || N || second_loader || Some status. Set to 0 at the start of second_loader main(). Checked for 0 before initiating communication with Ernie. 4 bytes. Used by SK command 0xF01: writes (u32)1 here after having exported the SKSO to paddr 0x4001FF00.
 
|-
 
|-
| 0x516         || N || 0x1800 || 0x1800      || Y || ? || second loader || F00d-cmd F01 writes (u32)1 here when exporting the infoblk. Set to 0 at the start of second_loader main(). Checked for 0 before initiating communication with Ernie. 4 bytes.
+
| 0x517         || N || 0x1800 || 0x1800      || Y || Y || second_loader, act_sm || Kit Activation status. 4 bytes. Part of SKSO data. When initializing the keyslots, this is zeroed if keyslot ?0x50D? has bit8 clear (on FW 1.692). Used by SK command 0xF01.
 
|-
 
|-
| 0x517         || N || 0x1800 || 0x1800      || Y || ? || second loader || When initializing the EEPROM, this is zeroed if 0x50D has bit8 clear (on 1.692).
+
| 0x518         || N || 0x1800 || 0x1800      || Y || Y || second_loader || Another current FW version (3.60+?). Comes from SNVS ([[Ernie]] command 0xD0).
 
|-
 
|-
| 0x518         || N || 0x1800 || 0x1800      || Y || N || second loader || Another current FW version (3.60+?). Comes from SNVS (Ernie).
+
| 0x519         || N || 0x1800 || 0x1800      || Y || Y? || second_loader || Part of SKSO data. Used by SK command 0xF01. Not used (maybe zeroed) on old FWs. Used on FW 3.60.
 
|-
 
|-
| 0x519         || N || 0x1800 || 0x1800      || Y || N || second loader || zeroes
+
| 0x51A         || N || 0x1800 || 0x1800      || Y || N (random) || second_loader || Coredump Encrypted Session Key (FW 2.12+). Randomized 0x20 byte key. Unique for every boot/reboot/resume. Used for Kernel coredump encryption. See [[KBL Param]] and [[SCECAF#Kernel_Coredump_Encrypted_ELF]]. Used by SK command 0x1001.
 
|-
 
|-
| 0x51A         || N || 0x1800 || 0x1800      || Y || Y || ?          || Encrypted Session Key (FW 2.12+). Randomized 0x20 byte key unique every boot/reboot/resume used for kernel coredump encryption. See [[Sysroot]] and [[SCECAF#Kernel_Coredump_Encrypted_ELF]].
+
| 0x51B         || N || 0x1800 || 0x1800      || Y || Y || second_loader || [[KBL Param#Hardware_Info|Hardware Info]]. 4 bytes. Comes from [[Ernie]] Code Flash memory ([[Ernie]] command 5).
 
|-
 
|-
| 0x51B          || N || 0x1800 || 0x1800     || Y || N || second loader || [[Sysroot#Hardware_Info|Hardware Info]]. 4 bytes.
+
| 0x51C-0x51D    || N || 0x1800 || 0x0000     || N || ? || ?            || Used in update_service_sm for NVS. 4 bytes for each keyslot.
 
|-
 
|-
| 0x51C-0x57F   || N || 0x1800 || 0x0000      || N || ? ||  ?           || ?
+
| 0x51E-0x521   || N || 0x1800 || 0x0000      || N || ? ||  ?           || Used in update_service_sm for NVS. 4 bytes for each keyslot.
 
|-
 
|-
| 0x580-0x5FF   || X || 0x0000  || 0x0000      || X || ? ||  ?           || Not used
+
| 0x522-0x57F   || N || 0x1800 || 0x0000      || N || ? ||  ?           || ?
 
|-
 
|-
| 0x600  || Y || 0x1000 || 0x1000     || Y || Y ||  ?         || VisibleId of unit
+
| 0x580-0x5FF    || X || 0x0000 || 0x0000     || X || ? ||  ?           || Not used.
 
|-
 
|-
| 0x601  || Y || 0x1000 || 0x1000      || Y || Y ||  ?         || ?
+
| 0x600          || Y || 0x1000 || 0x1000      || Y || Y ||  ?           || VisibleId of unit.
 
|-
 
|-
| 0x602  || Y || 0x1000 || 0x1000      || Y || Y ||  ?         || ?
+
| 0x601          || Y || 0x1000 || 0x1000      || Y || Y ||  ?           || ?
 
|-
 
|-
| 0x603         || Y || 0x1000 || 0x1000      || Y || N ||  ?         || ?
+
| 0x602         || Y || 0x1000 || 0x1000      || Y || Y ||  ?           || 256 bits copied to 0xE0020100 by second_loader.
 
|-
 
|-
| 0x604         || Y || 0x1000 || 0x1000      || Y || N ||  ?         || ?
+
| 0x603         || Y || 0x1000 || 0x1000      || Y || N ||  ?           || ?
 
|-
 
|-
| 0x605-0x607    || Y || 0x1000 || 0x0000     || Y || ? ||  ?           || ?
+
| 0x604          || Y || 0x1000 || 0x1000     || Y || N ||  ?           || ?
 
|-
 
|-
| 0x608-0x6FF   || X || 0x0000 || 0x0000      || X || ? ||  ?           || Not used
+
| 0x605-0x607   || Y || 0x1000 || 0x0000      || Y || ? ||  ?           || ?
 
|-
 
|-
| 0x700-0x7FF    || Y || 0x1000 || 0x0000      || Y || N ||  ?           || 16 public RSA keys for ENC files. Which key is used depends on public key revision specified in ENC header.
+
| 0x608-0x6FF    || X || 0x0000 || 0x0000      || X || X ||  ?            || Not used.
 +
|-
 +
| 0x700-0x7FF    || Y || 0x1000 || 0x0000      || Y || N ||  ?           || 16 RSA public keys for [[SLSK]] files. Which key is used depends on public key revision specified in [[SLSK]] header.
 
|}
 
|}
 +
 +
=== Protection on 3.60 ===
 +
 +
After kernel boottime
 +
 +
<source>
 +
Slot=0x000 Range=0x001 Protect=0x04420003
 +
Slot=0x001 Range=0x001 Protect=0x04420001
 +
Slot=0x002 Range=0x006 Protect=0x00400001
 +
Slot=0x008 Range=0x001 Protect=0x00810003
 +
Slot=0x009 Range=0x001 Protect=0x00800001
 +
Slot=0x00A Range=0x006 Protect=0x00800003
 +
Slot=0x010 Range=0x001 Protect=0x05020001
 +
Slot=0x011 Range=0x00F Protect=0x01000001
 +
Slot=0x020 Range=0x001 Protect=0x02000003
 +
Slot=0x021 Range=0x004 Protect=0x061F0001
 +
Slot=0x025 Range=0x00B Protect=0x02000001
 +
Slot=0x030 Range=0x005 Protect=0x041F0001
 +
Slot=0x035 Range=0x04B Protect=0x00000001
 +
Slot=0x080 Range=0x080 Protect=0x00000000
 +
Slot=0x100 Range=0x001 Protect=0x041F0001
 +
Slot=0x101 Range=0x07F Protect=0x00000001
 +
Slot=0x180 Range=0x080 Protect=0x00000000
 +
Slot=0x200 Range=0x004 Protect=0x00000003
 +
Slot=0x204 Range=0x002 Protect=0x006F0003
 +
Slot=0x206 Range=0x008 Protect=0x00A00003
 +
Slot=0x20E Range=0x002 Protect=0x00100003
 +
Slot=0x210 Range=0x002 Protect=0x00000003
 +
Slot=0x212 Range=0x002 Protect=0x001F0003
 +
Slot=0x214 Range=0x002 Protect=0x00000003
 +
Slot=0x216 Range=0x001 Protect=0x001F0003
 +
Slot=0x217 Range=0x001 Protect=0x00000003
 +
Slot=0x218 Range=0x0E8 Protect=0x00000000
 +
Slot=0x300 Range=0x040 Protect=0x00000003
 +
Slot=0x340 Range=0x001 Protect=0x012F0003
 +
Slot=0x341 Range=0x003 Protect=0x01200003
 +
Slot=0x344 Range=0x001 Protect=0x02200003
 +
Slot=0x345 Range=0x004 Protect=0x022F0003
 +
Slot=0x349 Range=0x00B Protect=0x02200003
 +
Slot=0x354 Range=0x0AC Protect=0x00000003
 +
Slot=0x400 Range=0x080 Protect=0x00000001
 +
Slot=0x480 Range=0x080 Protect=0x00000000
 +
Slot=0x500 Range=0x001 Protect=0x18000001
 +
Slot=0x501 Range=0x001 Protect=0x10000007
 +
Slot=0x502 Range=0x003 Protect=0x18000003
 +
Slot=0x505 Range=0x001 Protect=0x00000001
 +
Slot=0x506 Range=0x004 Protect=0x18000003
 +
Slot=0x50A Range=0x001 Protect=0x18000007
 +
Slot=0x50B Range=0x003 Protect=0x18000003
 +
Slot=0x50E Range=0x001 Protect=0x10000003
 +
Slot=0x50F Range=0x003 Protect=0x18000003
 +
Slot=0x512 Range=0x001 Protect=0x18000007
 +
Slot=0x513 Range=0x003 Protect=0x18000003
 +
Slot=0x516 Range=0x001 Protect=0x18000007
 +
Slot=0x517 Range=0x005 Protect=0x18000003
 +
Slot=0x51C Range=0x064 Protect=0x00000001
 +
Slot=0x580 Range=0x080 Protect=0x00000000
 +
Slot=0x600 Range=0x005 Protect=0x10000003
 +
Slot=0x605 Range=0x003 Protect=0x00000003
 +
Slot=0x608 Range=0x0F8 Protect=0x00000000
 +
Slot=0x700 Range=0x100 Protect=0x00000003
 +
</source>

Latest revision as of 09:50, 24 September 2021

Keyslot physical address = 0xE0058000 + 0x20 * slot_id.

Permission bits

If a keyslot is not locked, it can target cmep memory or unlocked keyslot.

Bit Function
0x1 Encryption operation allowed
0x2 Decryption operation allowed
0x4 ? operation allowed
0x8 ? operation allowed
0x10 ??? Master Keyslot can target memory ???
0x20 Master Keyslot can target user keyslot (based on Mask Group below)
0x40 Keyslot Pairing Lock Mask Group 0 (Master slots 0x204-0x205 and user slots 0-7)
0x80 Keyslot Pairing Lock Mask Group 1 (Master slots 0x206-0x20D and user slots 8-0xF)
0x100 Keyslot Pairing Lock Mask Group 2 (Master slots 0x340-0x343 and user slots 0x10-0x1F)
0x200 Keyslot Pairing Lock Mask Group 3 (Master slots 0x344-0x353 and user slots 0x20-0x2F)
0x400 Locked Keyslot can target cmep memory
0x800 Can be written directly by cmep
0x1000 Can be read directly by cmep

Key Ring Slots 0xE0058000

Slot Initial Valid Initial Protection Protection (1.69) Ever Valid (1.69) Per Console (1.69) Set By Description
0 N 0x0442 0x0442 Y N Many sm General common slot
1 N 0x0442 0x0442 N ? ? ?
2-7 N 0x0442 0x0040 N ? ? ?
8 N 0x049F 0x0081 Y Y first_loader SLSK personalization key (encrypt). Derived from keyslots 0x206 or 0x207.
9 N 0x049F 0x0080 N ? first_loader SLSK personalization key (decrypt). Derived from keyslots 0x206 or 0x207.
0xA-0xF N 0x049F 0x0080 Y N first_loader 6 SLSK metadata decryption keys. Derived from keyslots 0x208-0x20D.
0x10 N 0x0502 0x0502 N ? ? Supports decryption only.
0x11-0x1F N 0x0502 0x0100 N ? ? ?
0x20 N 0x061F 0x0200 Y ? first_loader SLSK HMAC-SHA256 Key. Derived from keyslot 0x344.
0x21-0x24 N 0x061F 0x061F N ? ? Supports encryption and decryption.
0x25-0x2F N 0x061F 0x0200 N ? ? ?
0x30-0x34 N 0x041F 0x041F N ? ? ?
0x35-0x7F N 0x041F 0x0000 N ? ? ?
0x80-0xFF X 0x0000 0x0000 X ? ? Not used.
0x100 N 0x041F 0x041F N ? ? ?
0x101-0x17F N 0x041F 0x0000 N ? ? ?
0x180-0x1FF X 0x0000 0x0000 X ? ? Not used.
0x200-0x203 Y 0x0002 0x0000 Y ? ? ?
0x204 Y 0x006F 0x006F Y Y ? AES-256 master key for IdStorage Certificates AES-128-ECB keys derivation. Used by KIRK commands 0x10, 0x12, 0x17 and 0x19.
0x205 Y 0x006F 0x006F Y Y ? ?
0x206 Y 0x00AF 0x00A0 Y ? ? Master key used to derive key used to decrypt personalized layer over SLSK. Should be per-console.
0x207 Y 0x00AF 0x00A0 Y ? ? Master key used instead of keyslot 0x206 when first_loader secret debug mode is set. (Possibly non-per-console?)
0x208-0x20D Y 0x00AF 0x00A0 Y ? ? 6 master keys used to derive AES-128-CBC Key to decrypt SLSK metadata. Which one is used depends on encryption key revision in SLSK header.
0x20E-0x20F Y ? 0x0010 Y ? ? Maybe per-console eMMC crypto keys? Protected by second_loader.
0x210-0x211 Y 0x001F 0x0000 Y ? ? ?
0x212 Y 0x001F 0x001F Y Y ? AES-256-CMAC key used by KIRK commands 0x12 and 0x19.
0x213 Y 0x001F 0x001F Y Y ? AES-256-CBC key used to derive (by seed encryption) SMI keys in second_loader, which are used for minimum firmware version decryption.
0x214 Y 0x001F 0x0000 Y ? ? AES-256-CBC key used to derive (by seed encryption) keyslots 0x514 and 0x515 in second_loader. IVs and seeds hardcoded in second_loader.
0x215 Y 0x001F 0x0000 Y ? ? ?
0x216 Y 0x001F 0x001F Y Y ? AES-256-CBC key used to derive (by seed encryption) keyslots 0x502-0x504 in second_loader. IV hardcoded in second_loader. If SMI minimum FW < 0.996, this key is not used and keyslots 0x502-0x504 are set with hardcoded values from second_loader.
0x217 Y 0x001F 0x0000 Y ? ? ?
0x218-0x2FF X 0x0000 0x0000 X ? ? Not used.
0x300-0x33F Y 0x0002 0x0000 Y ? ? ?
0x340 Y 0x012F 0x012F Y ? ? Used to decrypt keys into the 0x10 keyslot.
0x341-0x343 Y 0x012F 0x0120 Y ? ? ?
0x344 Y 0x022F 0x0220 Y ? ? Master key used to derive the 0x20 keyslot in first_loader.
0x345-0x348 Y 0x022F 0x022F Y ? ? Used to decrypt keys into one of the 0x21-0x24 keyslots.
0x349-0x353 Y 0x022F 0x0220 Y ? ? ?
0x354-0x3FF Y 0x001F 0x0000 Y ? ? ?
0x400-0x47F N 0x1800 0x0000 N ? ? ?
0x480-0x4FF X 0x0000 0x0000 X ? ? Not used.
0x500 N 0x1800 0x1800 N ? ? ?
0x501 N 0x1800 0x1000 Y N first_loader Used by first_loader to figure out whether to load from eMMC or ARM comms after reset.
0x502 N 0x1800 0x1800 Y Y second_loader AES XTS Tweak for Ernie SNVS sectors.
0x503 N 0x1800 0x1800 Y Y second_loader AES XTS Decryption Key for Ernie SNVS sectors.
0x504 N 0x1800 0x1800 Y Y second_loader AES-128-CMAC Key for Ernie SNVS sectors.
0x505 N 0x1800 0x0000 N ? ? ?
0x506 N 0x1800 0x1800 Y N second_loader QAF Token AES-256-CBC and AES-256-CMAC key. Hardcoded in second_loader. Used with IV = keyslot 0x507.
0x507 N 0x1800 0x1800 Y N second_loader QAF Token AES-256-CBC IV. Hardcoded in second_loader.
0x508 N 0x1800 0x1800 Y Y second_loader Ernie version. Comes from Ernie Code Flash memory (Ernie command 1). 4 bytes. If lower (older) than 0x00090903, old Ernie protocols (unencrypted SNVS packets and maybe different SNVS keys) are used.
0x509 N 0x1800 0x1800 Y Y second_loader ConsoleId of unit. Comes from IdStorage (eMMC).
0x50A N 0x1800 0x1800 Y Y second_loader QA flags. 0x10 bytes. Comes from Ernie NVS (Ernie command 0x1082).
0x50B N 0x1800 0x1800 Y Y second_loader Mgmt Data. 8 bytes. Comes from Ernie SNVS block 0 (Ernie command 0xD2).
0x50C N 0x1800 0x1800 Y N second_loader Second_Loader#Boot_type_indicator_for_slsk
0x50D N 0x1800 0x1800 Y Y second_loader OpenPSID of unit. Comes from IdStorage (eMMC).
0x50E N 0x1800 0x1800 Y Y second_loader Current firmware version. Comes from Ernie SNVS (Ernie command 0xD0).
0x50F N 0x1800 0x1800 Y Y second_loader Minimum firmware version. Comes from IdStorage SMI leaf (eMMC). 4 bytes.
0x510 N 0x1800 0x1800 Y Y second_loader DIP Switches. 0x20 bytes. Comes from CP and Ernie VS (Ernie command 0x90 offset 0xE0).
0x511 N 0x1800 0x1800 Y N (random) second_loader Ernie communication session key. Unique per boot. It is generated by a handshake with Ernie through Ernie command 0xD0. AES-128-ECB key used to enc/dec the content of Ernie secure packets. If (baryonVersion < 0x90903 && (ernieDLVersion & 0xffffff) < 0x3600) it is zeroed by second_loader. Part of SKSO data. Used by SK command 0xF01.
0x512 N 0x1800 0x1800 Y N (counter) second_loader Ernie communication ticket count. Used as a challenge at the start of each secure Ernie encrypted communication, for example for SNVS read/write. On each boot it is set to a random value by second_loader. Incremented by 1 after each Ernie secure commmand usage. Part of SKSO data. Used by SK command 0xF01.
0x513 N 0x1800 0x1800 Y Y second_loader DRAM size. Set to 0x20000000 by default, 0x40000000 on DevKit in DevKit Memory Size mode. Determined by DIP Switches (CP).
0x514 N 0x1800 0x1800 Y see keyslot 0x214 second_loader SKSO AES-256-CMAC key. Protected on FW 1.05. Data size 0x90 bytes. Used to verify SKSO. Used by SK command 0xF01.
0x515 N 0x1800 0x1800 Y see keyslot 0x214 second_loader SKSO AES-128-CBC key. Protected on FW 1.05. Data size 0xA0 bytes. Hardcoded IV in second_loader and second_kernel. Used to encrypt/decrypt SKSO (the content written into keyslots 0x511, 0x512, 0x517 and 0x519). Used by SK command 0xF01.
0x516 N 0x1800 0x1800 Y N second_loader Some status. Set to 0 at the start of second_loader main(). Checked for 0 before initiating communication with Ernie. 4 bytes. Used by SK command 0xF01: writes (u32)1 here after having exported the SKSO to paddr 0x4001FF00.
0x517 N 0x1800 0x1800 Y Y second_loader, act_sm Kit Activation status. 4 bytes. Part of SKSO data. When initializing the keyslots, this is zeroed if keyslot ?0x50D? has bit8 clear (on FW 1.692). Used by SK command 0xF01.
0x518 N 0x1800 0x1800 Y Y second_loader Another current FW version (3.60+?). Comes from SNVS (Ernie command 0xD0).
0x519 N 0x1800 0x1800 Y Y? second_loader Part of SKSO data. Used by SK command 0xF01. Not used (maybe zeroed) on old FWs. Used on FW 3.60.
0x51A N 0x1800 0x1800 Y N (random) second_loader Coredump Encrypted Session Key (FW 2.12+). Randomized 0x20 byte key. Unique for every boot/reboot/resume. Used for Kernel coredump encryption. See KBL Param and SCECAF#Kernel_Coredump_Encrypted_ELF. Used by SK command 0x1001.
0x51B N 0x1800 0x1800 Y Y second_loader Hardware Info. 4 bytes. Comes from Ernie Code Flash memory (Ernie command 5).
0x51C-0x51D N 0x1800 0x0000 N ? ? Used in update_service_sm for NVS. 4 bytes for each keyslot.
0x51E-0x521 N 0x1800 0x0000 N ? ? Used in update_service_sm for NVS. 4 bytes for each keyslot.
0x522-0x57F N 0x1800 0x0000 N ? ? ?
0x580-0x5FF X 0x0000 0x0000 X ? ? Not used.
0x600 Y 0x1000 0x1000 Y Y ? VisibleId of unit.
0x601 Y 0x1000 0x1000 Y Y ? ?
0x602 Y 0x1000 0x1000 Y Y ? 256 bits copied to 0xE0020100 by second_loader.
0x603 Y 0x1000 0x1000 Y N ? ?
0x604 Y 0x1000 0x1000 Y N ? ?
0x605-0x607 Y 0x1000 0x0000 Y ? ? ?
0x608-0x6FF X 0x0000 0x0000 X X ? Not used.
0x700-0x7FF Y 0x1000 0x0000 Y N ? 16 RSA public keys for SLSK files. Which key is used depends on public key revision specified in SLSK header.

Protection on 3.60

After kernel boottime

Slot=0x000 Range=0x001 Protect=0x04420003
Slot=0x001 Range=0x001 Protect=0x04420001
Slot=0x002 Range=0x006 Protect=0x00400001
Slot=0x008 Range=0x001 Protect=0x00810003
Slot=0x009 Range=0x001 Protect=0x00800001
Slot=0x00A Range=0x006 Protect=0x00800003
Slot=0x010 Range=0x001 Protect=0x05020001
Slot=0x011 Range=0x00F Protect=0x01000001
Slot=0x020 Range=0x001 Protect=0x02000003
Slot=0x021 Range=0x004 Protect=0x061F0001
Slot=0x025 Range=0x00B Protect=0x02000001
Slot=0x030 Range=0x005 Protect=0x041F0001
Slot=0x035 Range=0x04B Protect=0x00000001
Slot=0x080 Range=0x080 Protect=0x00000000
Slot=0x100 Range=0x001 Protect=0x041F0001
Slot=0x101 Range=0x07F Protect=0x00000001
Slot=0x180 Range=0x080 Protect=0x00000000
Slot=0x200 Range=0x004 Protect=0x00000003
Slot=0x204 Range=0x002 Protect=0x006F0003
Slot=0x206 Range=0x008 Protect=0x00A00003
Slot=0x20E Range=0x002 Protect=0x00100003
Slot=0x210 Range=0x002 Protect=0x00000003
Slot=0x212 Range=0x002 Protect=0x001F0003
Slot=0x214 Range=0x002 Protect=0x00000003
Slot=0x216 Range=0x001 Protect=0x001F0003
Slot=0x217 Range=0x001 Protect=0x00000003
Slot=0x218 Range=0x0E8 Protect=0x00000000
Slot=0x300 Range=0x040 Protect=0x00000003
Slot=0x340 Range=0x001 Protect=0x012F0003
Slot=0x341 Range=0x003 Protect=0x01200003
Slot=0x344 Range=0x001 Protect=0x02200003
Slot=0x345 Range=0x004 Protect=0x022F0003
Slot=0x349 Range=0x00B Protect=0x02200003
Slot=0x354 Range=0x0AC Protect=0x00000003
Slot=0x400 Range=0x080 Protect=0x00000001
Slot=0x480 Range=0x080 Protect=0x00000000
Slot=0x500 Range=0x001 Protect=0x18000001
Slot=0x501 Range=0x001 Protect=0x10000007
Slot=0x502 Range=0x003 Protect=0x18000003
Slot=0x505 Range=0x001 Protect=0x00000001
Slot=0x506 Range=0x004 Protect=0x18000003
Slot=0x50A Range=0x001 Protect=0x18000007
Slot=0x50B Range=0x003 Protect=0x18000003
Slot=0x50E Range=0x001 Protect=0x10000003
Slot=0x50F Range=0x003 Protect=0x18000003
Slot=0x512 Range=0x001 Protect=0x18000007
Slot=0x513 Range=0x003 Protect=0x18000003
Slot=0x516 Range=0x001 Protect=0x18000007
Slot=0x517 Range=0x005 Protect=0x18000003
Slot=0x51C Range=0x064 Protect=0x00000001
Slot=0x580 Range=0x080 Protect=0x00000000
Slot=0x600 Range=0x005 Protect=0x10000003
Slot=0x605 Range=0x003 Protect=0x00000003
Slot=0x608 Range=0x0F8 Protect=0x00000000
Slot=0x700 Range=0x100 Protect=0x00000003