F00D Keyring Regs

From Vita Development Wiki
Jump to navigation Jump to search


E0000000: MailboxFoodToArm

Response to ARM is written here.

E0000010: MailboxArmToFood

Request from ARM is written here.

E0000020: MailboxFoodToDebugger

Size: 2x u32.

E0000028: MailboxDebuggerToFood

Size: 2x u32.

E0000060: MailboxDebuggerToFood2

Size: 2x u32.

F00D controller

E0010000: FootReset

   Bit0: Hangs. ARM uses this to reset the F00D subsystem.

E0010004: FoodStatus

   Bit31:  IsFoodAlive
   Bit0-2: ?
   0xE0010000: 00 00 00 00 05 00 00 80 00 00 00 00 00 00 00 00
   0xE0010010: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00


Reads back 0x7FF. Then hangs after delay.

   Bit5: Disables Key* registers, and KeyRingDirectAccess

No bit appears to disable Rsa* registers, or Bigmac*.

   0xE0020000: 0F 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00
   0xE0020010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00



   Bit0: Reboot when cleared.
   Bit1: Hang when cleared. Unrecoverable
   Bit2: No hang when cleared.
   Bit3: No hang when cleared.
   Bit16: No hang when cleared.

E0020004: ?

second_loader writes 0x30003 followed by 0 here, after clearing keys.

E0020020: ?

rsa_expmod() reads and writes back this register before reading the result of the RSA operation.

Keyring controller

0xE0030000-0xE003001F: KeySetValue

Size: 8x u32.

E0030020: KeySetValueTrigger

Write keyslot here, and it will write value written above to it.

E0030024: KeySetProtect

   Bit0-15:  KeyslotNumber
   Bit16-31: KeyslotClearFlags

E0030028: KeyQueryProtect

   Bit0-15: KeyslotNumber

E003002C: KeyQueryProtectResult

   Bit0: SlotExists
   Bit1: HasBeenWrittenOnce. You cannot use a key if this is not set.
   Bit2: HasBeenWrittenMoreThanOnce
   Bit16:   Clearable   | AesEncryptAllowed (CTR+CBC+ECB, any key size)
   Bit17:   Clearable   | AesDecryptAllowed (CTR+CBC+ECB, any key size)
   Bit18:   Clearable   | ShaHmacAllowed (SHA1+SHA256)
   Bit19:   Clearable   | AesCmacAllowed
   Bit20:   Clearable   | EmmcCryptoAllowed (qualified guess!)
   Bit21:   Fixed       | IsMaster
   Bit22:   Fixed       | MemberOfGroup0
   Bit23:   Fixed       | MemberOfGroup1
   Bit24:   Fixed       | MemberOfGroup2
   Bit25:   Fixed       | MemberOfGroup3
   Bit26:   Clearable   | SetByBigmacAllowed
   Bit27:   Clearable   | SetByKeyringAllowed
   Bit28:   Clearable   | GetByKeyringAllowed

A master key can only write into a slave keyslot belonging to the same group(s) as itself.

A master key cannot write into a non-slave keyslot or external memory.

Normal keyslots are keyslots that don't belong to any group (bit21-25 are all zeroes). They can be written by slaves of groups, and also by normal non-keyslot operations.

A slave can write output to a normal keyslot or to external memory.

SceBignum controller

E0040108 RsaSignatureBuffer

Size: 0x100 bytes.

E0040400 RsaModulusBuffer

Size: 0x100 bytes.

E0040800 RsaControl

In u32's.

E0040800 RsaStatus

   Bit31: Busy

E0040808 RsaExponent

SceBigmac controller

// base:0xE0050000(channel0), 0xE0050080(channel1)
typedef struct SceBigmacOp {
	const void *src;
	union {
		void *dst;
		int slot_id;
	SceSize len;
	int func; // BigmacOp

	int key_slot;
	void *iv;
	void *next;
	int ready; // Writing 1 here starts bigmac operation.

	int status;
	int res; // Set when invalid keyslot (0xFFF). Bit18: Set when keyslot is not allowed to perform operation.
} SceBigmacOp;

E005000C BigmacOp

Unlike Dmac5, DES is not supported for Bigmac.

 Bit0-6: Algorithm
 0x00 = Zeroes?
 0x01 = AesEcbEncrypt
 0x02 = AesEcbDecrypt
 0x03 = Sha1
 0x04 = Rng
 0x05 = Zeroes
 0x06 = Zeroes
 0x07 = Zeroes
 0x09 = AesCbcEncrypt
 0x0A = AesCbcDecrypt
 0x0B = Sha224
 0x0C = Zeroes
 0x0D = Zeroes
 0x0E = Zeroes
 0x0F = Zeroes
 0x10 = AesCtr
 0x11 = AesCtrEncrypt
 0x12 = AesCtrDecrypt
 0x13 = Sha256
 0x1B = !!! HANG !!!
 0x23 = HmacSha1, keylength=32 bytes
 0x2B = !!! HANG !!!
 0x33 = HmacSha256, keylength=32 bytes
 0x3B = AesCmac
 0x41  = !!! HANG !!!
 0x43 = <0x03>
 0x4B = <0x0b>
 0x53 = <0x13>
 0x61  = !!! HANG !!!
 0x7B = <0x3b>
 0x141 = !!! HANG !!!
   Bit7:    UseExternalKey
   Bit8-10: KeySize (0=64bit, 1=128bit, 2=192bit, 3=256bit)
            (Applies only to AesEcb, AesCbc, AesCmac)
   Bit11:   Nothing noticable for AesEcbEncrypt
   Bit12:   Nothing noticable for AesEcbEncrypt
   Bit24:   Causes hang
   Bit25:   Causes hang
   Bit28:   IsDstKeyslot

The following are known to be able to write keyslots:

 * AesEcbEncrypt/Decrypt:
     Size is rounded up to multiple of 4.
     If size > 16, size = 16.
     Read |size| bytes from |src| into HW state.
     The remaining 16-|size| bytes of state *ARE KEPT FROM RESULT OF PREVIOUS AES OPERATION*.
     VULN! This allows key recovery of all slave keyslots during boot.
     The key written to keyslot is always 16 bytes long, padded with 00's.
 * AesCbcEncrypt/Decrypt: Size is rounded up to multiple of 4. 
 * AesCtrEncrypt/Decrypt: Size is rounded up to multiple of 4.
 * AesCmac                Puts the 16 byte hash into keyslot.
                          Bytes 16-31 are *FORCED* 0.
 * Sha1:                  Puts the 20 byte hash into keyslot.
                          Bytes 20-31 are *FORCED* 0.
 * Sha224:                Puts the 28 byte hash into keyslot.
                          Bytes 28-31 are *FORCED* 0.
 * Sha256:                Puts the 32 byte hash into keyslot.
 * HmacSha1               Probably same as Sha1.
 * HmacSha256             Probably same as Sha256.
 * Rng

AesCtrEncrypt when having a keyslot dst, still reads from src.

VULN! Any SHA with length==0 produces an output of all zeroes!

E005003C BigmacRng

Reads a random value.

E0050200 BigmacExternalKey

Size: 0x20 bytes

VULN! Allows partial overwrite. However when using keyslot crypto, this key remains unaffected. Thus it cannot be used to recover keyslot keys.

SceBigmac Keyring

E0058000 KeyRingDirectAccess

Size: 0x10000 bytes.

Key slots


   Initial state: Empty keyslots.
   0x000-0x007: Empty group0 slave keyslots, for AES decryption only.
   0x008-0x00F: Empty group1 slave keyslots, any algo.
   0x010-0x01F: Empty group2 slave keyslots, for AES decryption only.
   0x020-0x02F: Empty group3 slave keyslots, any algo.
   0x030-0x07F: Empty normal keyslots, any algo.


   Initial state: Empty keyslots.
   0x100-0x17F: Empty normal keyslots, any algo.


   Initial state: Filled in, key material.
   0x200-0x203: AES decryption-only keys (for memory buffers).
   0x204-0x205: Master keys (for group0), any algo.
   0x206-0x20D: Master keys (for group1), any algo.
   0x20E-0x20F: Emmc keys, fully protected.
   0x210-0x217: General purpose keys (for memory buffers).


   Initial state: Filled in, key material.
   0x300-0x33F: AES decryption-only keys (for memory buffers).
   0x340-0x343: Master keys (for group2), any algo.
   0x344-0x353: Master keys (for group3), any algo.
   0x354-0x3FF: General purpose keys (for memory buffers).


   Initial state: Empty data storage, read-write from keyring.


   Initial state: Empty data storage, read-write from keyring.


   Initial state: Filled in data, read-only. Keyring only.
   0x603: u32 BootromFlags.
     Bit0-15: HasRsaRevocationKey. This is set to 0xFFFF.
     Bit16:   UseAlternativeEmmcClock


   Initial state: Filled in data, read-only. Keyring only.
   0x700-0x708: RsaRevocationKey0
   0x708-0x710: RsaRevocationKey1
   0x710-0x718: RsaRevocationKey2
   0x718-0x720: RsaRevocationKey3
   0x720-0x728: RsaRevocationKey4
   0x728-0x730: RsaRevocationKey5
   0x778-0x780: RsaRevocationKey15


0xE0070000 EmmcCrypto Toggle/Status?

Toggle : Set to 1.

Status : enabled emmc encdec?

0xE0070004 EmmcCrypto avaliable status

bit0(& 1) : Not avaliable. -> second_loader throw error.

0xE0070008 EmmcCrypto keyset

1.69-3.73 : 0x20E and 0x20F.

write only.