From Vita Development Wiki
Jump to navigation
Jump to search
Key Ring Slots 0xE0058000
Slot |
Protection |
Per-console |
Description
|
0-1 |
0x0442 |
? |
?
|
2-7 |
0x0040 |
? |
?
|
8 |
0x0081 |
Yes. |
enp per-console key
|
9-0xF |
0x0080 |
? |
?
|
0x10 |
0x0502 |
? |
?
|
0x11 |
0x0100 |
? |
?
|
0x20 |
0x0200 |
? |
?
|
0x21-0x24 |
0x061F |
? |
?
|
0x25-0x2F |
0x0200 |
? |
?
|
0x30-0x34 |
0x041F |
? |
?
|
0x35-0x7F |
0x0000 |
? |
?
|
0x80-0xFF |
0x0000 |
? |
?
|
0x100 |
0x041F |
? |
?
|
0x101-0x17F |
0x0000 |
? |
?
|
0x180-0x1FF |
0x0000 |
? |
?
|
0x200-0x203 |
0x0000 |
? |
?
|
0x204-0x205 |
0x006F |
? |
?
|
0x206-0x20D |
0x00A0 |
? |
?
|
0x20E-0x20F |
0x0010 |
? |
Maybe per-console emmc crypto keys?
|
0x210-0x211 |
0x0000 |
? |
?
|
0x212-0x213 |
0x001F |
? |
?
|
0x214-0x215 |
0x0000 |
? |
?
|
0x216 |
0x001F |
? |
?
|
0x217 |
0x0000 |
? |
?
|
0x218-0x2FF |
0x0000 |
? |
?
|
0x300-0x33F |
0x0000 |
? |
?
|
0x340 |
0x012F |
? |
?
|
0x341-0x343 |
0x0120 |
? |
?
|
0x344 |
0x0220 |
? |
?
|
0x345-0x348 |
0x022F |
? |
?
|
0x349-0x353 |
0x0220 |
? |
?
|
0x354-0x4FF |
0x0000 |
? |
?
|
0x500 |
0x1800 |
? |
?
|
0x501 |
0x1000 |
? |
Downgrade protection? Set to 4 on 1.692, 0 on 1.05.
|
0x502-0x504 |
0x1800 |
Yes |
?
|
0x505 |
0x0000 |
? |
?
|
0x506 |
0x1800 |
? |
?
|
0x507 |
0x1800 |
No |
?
|
0x508 |
0x1800 |
No |
Revocation related. Set to 0x1060D on 1.692, 0x1010A on 1.05.
|
0x509 |
0x1800 |
? |
?
|
0x50A |
0x1800 |
? |
Byte15bit0,byte14bit0,byte14bit1,byte11bit4: Revocation related. Byte13bit0: Enable F00D debug prints.
|
0x50B |
0x1800 |
? |
?
|
0x50C |
0x1800 |
No |
?
|
0x50D |
0x1800 |
No |
Flags. Set to 1 on 1.692, 0 on 1.05.
|
0x50E |
0x1800 |
Yes |
?
|
0x50F |
0x1800 |
Yes |
Current firmware version.
|
0x510 |
0x1800 |
Yes |
Factory firmware version.
|
0x511 |
0x1800 |
? |
Disabled on 1.05?
|
0x512 |
0x1800 |
Yes |
?
|
0x513 |
0x1800 |
No |
DRAM size. Set to 0x20000000 on retail, 0x40000000 on devkit.
|
0x514 |
0x1800 |
No? |
F00d-cmd F01 AES-256-CMAC key. Protected on 1.05.
|
0x515 |
0x1800 |
No? |
F00d-cmd F01 AES-256-CBC key. Protected on 1.05.
|
0x516 |
0x1800 |
? |
F00d-cmd F01 writes (u32)1 here when exporting the infoblk. Next time main() executes this flag is cleared.
|
0x517 |
0x1800 |
|
When initializing the EEPROM, this is zeroed if 0x50D has bit8 clear (on 1.692).
|
0x518-0x57F |
0x0000 |
? |
?
|
0x580-0x5FF |
0x0000 |
? |
?
|
0x600-0x602 |
0x1000 |
Yes |
?
|
0x603 |
0x1000 |
No |
?
|
0x604 |
0x1000 |
No |
?
|
0x605-0x607 |
0x0000 |
? |
?
|
0x608-0x6FF |
0x0000 |
? |
?
|
0x700-0x7FF |
0x0000 |
? |
?
|