OTP Registers: Difference between revisions
Wrong size fixed |
|||
| (12 intermediate revisions by 4 users not shown) | |||
| Line 22: | Line 22: | ||
| 0x0 | | 0x0 | ||
| 0x100 | | 0x100 | ||
| Console-unique data encrypted with AES-CBC. The normalkey and IV are stored in Boot9. The last 0x20-bytes of plaintext are a SHA256 hash over the first 0xE0-bytes of plaintext. | | Console-unique data encrypted with AES-CBC. The normalkey and IV are stored in Boot9(retail/devunit have seperate normalkey+IV for this). The last 0x20-bytes of plaintext are a SHA256 hash over the first 0xE0-bytes of plaintext. | ||
|- | |- | ||
| 0x100 | | 0x100 | ||
| Line 36: | Line 36: | ||
|- | |- | ||
| 0x0 | | 0x0 | ||
| 0x4 | |||
| This is always 0xDEADB00F. | |||
|- | |||
| 0x4 | |||
| 0x4 | |||
| This is the u32 DeviceId. | |||
|- | |||
| 0x8 | |||
| 0x10 | |||
| This is the fall-back keyY used for movable.sed keyY when movable.sed doesn't exist in NAND(the first two words here are used on retail for generating console-unique TWL keydata/etc). This is also used for "LocalFriendCodeSeed", etc. | |||
|- | |||
| 0x18 | |||
| 0x1 | |||
| OTP version | |||
|- | |||
| 0x19 | |||
| 0x1 | |||
| This determines if the OTP is for a dev system; it indicates the [[CTCert]] issuer type: 0 = retail "Nintendo CA - G3_NintendoCTR2prod", non-zero = dev "Nintendo CA - G3_NintendoCTR2dev". | |||
|- | |||
| 0x1A | |||
| 0x6 | |||
| Manufacturing date (of the SoC?). Usually month(s) before the dates in the logs stored in [[Flash_Filesystem|TWLNAND]]. Each byte is one field: year, month, day, hour, minute, second. Year is encoded as year-1900 so that it fits in one byte. This order matches up with the layout of a <code>struct tm</code>. | |||
|- | |||
| 0x20 | |||
| 0x4 | |||
| This is the CTCert expiry time as UNIX timestamp, this is specified in big endian if the OTP version is <5. | |||
|- | |||
| 0x24 | |||
| 0x20 | |||
| This is the CTCert ECDSA privk. | |||
|- | |||
| 0x44 | |||
| 0x3C | |||
| This is the CTCert ECDSA signature (sect233r1?/SHA-256). | |||
|- | |||
| 0x80 | |||
| 0x10 | |||
| This is all-zero. | |||
|- | |||
| 0x90 | | 0x90 | ||
| | | 0x50 | ||
| Used by Boot9 for generating the console-unique AES [[AES_Registers|keyXs]]. However, due to a bug(?) in Boot9, only the first 0x1C-bytes here actually affect console-unique key generation. The rest of the data is used for hashing, but that output hash only gets overwritten without being used afterwards. | |||
Note that the size passed to the Boot9 keyinit code for console-unique-buffer-size is 0x70, hence this includes the below OTP hash. | |||
|- | |- | ||
| | | 0xE0 | ||
| | | 0x20 | ||
| | | SHA256 hash over the previous 0xE0-bytes. | ||
|} | |} | ||