Changes

* The titlekey is decrypted by using the [[AES]] engine with the ticket common-key keyslot. The keyY is selected through an index (ticket offset 0xB1) into a plaintext array of 6 keys ("common keyYs") stored in the data section of Process9. AES-CBC mode is used where the IV is the big-endian titleID. Note that on a retail unit index0 is a retail keyY, while on a dev-unit index0 is the dev common-key which is a normal-key. (On retail for these keyYs, the hardware key-scrambler is used)

* The titlekey is decrypted by using the [[AES]] engine with the ticket common-key keyslot. The keyY is selected through an index (ticket offset 0xB1) into a plaintext array of 6 keys ("common keyYs") stored in the data section of Process9. AES-CBC mode is used where the IV is the big-endian titleID. Note that on a retail unit index0 is a retail keyY, while on a dev-unit index0 is the dev common-key which is a normal-key. (On retail for these keyYs, the hardware key-scrambler is used)

* The titlekey is used to decrypt content downloaded from the CDN using AES-CBC with the content ID as the IV.  

* The titlekey is used to decrypt content downloaded from the CDN using 128-bit AES-CBC with the content index (padded with trailing zeroes) as the IV.  

* In demos, the first u32 in the "Limits" section is 0x4, then the second u32 is the max-playcount.

* In demos, the first u32 in the "Limits" section is 0x4, then the second u32 is the max-playcount.