Saying 01 is incorrect, its not always 1 that's loaded off dev OTP
Line 16:
Line 16:
| 0x04
| 0x04
| 0x3C
| 0x3C
−
| ECDSA Signature
+
| ECDSA Signature using Nintendo's private key, in big-endian. The first 0x1E bytes are "r"; the second 0x1E bytes are "s". The hash is SHA-256 computed over this certificate, starting at byte 0x80 ("Cert Issue ID") to the end.
|-
|-
| 0x40
| 0x40
Line 32:
Line 32:
| 0xC4
| 0xC4
| 0x40
| 0x40
−
| Key ID: "CT<DeviceId>-<ConsoleType>", where DeviceId is the hex [[PSPXI:GetDeviceId|DeviceId]], and ConsoleType is 00 for retail, 01 for dev
+
| Key ID: "CT<DeviceId>-<ConsoleType>", where DeviceId is the hex [[PSPXI:GetDeviceId|DeviceId]], and ConsoleType is 00 for retail, any other single byte hex value for dev
|-
|-
| 0x104
| 0x104
| 0x04
| 0x04
−
| ?
+
| Expiration time as UNIX Timestamp in big endian.
|-
|-
| 0x108
| 0x108
| 0x3C
| 0x3C
−
| ECDSA Public Key. This is two consecutive u8 arrays (each one of length 0x1E), where the first one corresponds to the ECDSA R coordinate, and the second to ECDSA S coordinate. These are in '''big''' endian.
+
| ECDSA Public Key of this console as a curve point in big-endian. The first 0x1E bytes are "x" of this point; the second 0x1E bytes are "y".
|-
|-
| 0x144
| 0x144
Line 47:
Line 47:
|}
|}
−
The ECDSA public key for this cert is converted from the ECDSA private key initialized by bootrom.
+
Boot ROM decrypts [[OTP Registers]] and writes the private key and Nintendo's signature of CTCert to [[Memory_layout#ARM9_ITCM|ARM9 ITCM]]; the public key is computed from the private key.