869
edits
Changes
Jump to navigation
Jump to search
Line 294:
Line 294: − + Line 301:
Line 301: − + − + − | Bootrom.+ − | Bootrom. − | - − | Yes − |- − | 0x08..0x0B − | These keyslots use the same console-unique keyX. Each keyslot has a separate keyY. Line 316:
Line 310: − + + + − | Yes − |- − | 0x0C..0x0F − | All of these keyslots are set to the same key-data, which is a regular normal-key. The keyX written before the normal-key is console-unique, this keyX is the same for all of these keyslots. − | Bootrom. − | Bootrom? − | Bootrom. − + + + − | Bootrom. − | Yes − |- − | 0x10 − | The console-unique keyX is set before the normal-key. − | Bootrom. − | Bootrom? − + + + − |- − | 0x12 − | Unused − | - − | - − | - − | - − |- − | 0x13 − | Unused − | - − | - − | - − | - Line 369:
Line 341: − | Yes − |- − | 0x15..0x16 − | The console-unique keyX is set before the normal-key. − | Bootrom. − | Bootrom? − | Bootrom. Line 391:
Line 356: − |- − | 0x17 − | The console-unique keyX is set before the normal-key. − | Bootrom. − | Bootrom? − | Bootrom. − | Yes − |- − | 0x18..0x1B − | All of these keyslots are set to the same key-data, which is a regular normal-key. The console-unique keyX is set before the normal-key, this keyX is the same for all of these keyslots. − | Bootrom. − | Bootrom? − | Bootrom. − | Yes − |- − | 0x1C..0x1F − | All of these keyslots are set to the same key-data, which is a regular normal-key. The console-unique keyX is set before the normal-key, this keyX is the same for all of these keyslots. − | Bootrom. − | Bootrom? − | Bootrom. − | Yes Line 421:
Line 365: − + − + + + − + − + − + + + − + − + − + + + − + − |- − | 0x20..0x23 − | All of these keyslots are set to the same key-data, which is a regular normal-key. The keyX written to these keyslots before writing the normal-key by the bootrom, is console-unique. − | Bootrom. − | - − | Bootrom. − | Yes − |- − | 0x24 − | This is set to a normal-key by bootrom. The keyX written to this keyslot before writing the normal-key by the bootrom, is console-unique. − | Bootrom. − | Bootrom? − | Bootrom. − | Yes − <!-- − The keyX and keyY initialized by bootrom for this keyslot are console-unique. − --> − | - − | Yes − |- − | 0x26 − | Unused − | - − | - − | - − | Yes − |- − | 0x27 − | Unused − | - − | - − | - − | Yes − |- − | 0x28 − | Unknown. The normal-key for this is the same as keyslot 0x24, the console-unique keyX written before the normal-key is different from keyslot 0x24. − | Bootrom. − | Bootrom? − | Bootrom. − | Yes − |- − | 0x29 − | Unknown. The keyX written before the normal-key is console-unique. − | Bootrom. − | Bootrom? − | Bootrom. − | Yes − |- − | 0x2A − | Unknown. The keyX written before the normal-key is console-unique. − | Bootrom. − | Bootrom? − | Bootrom. − | Yes − |- − | 0x2B − | Unknown. The keyX written before the normal-key is console-unique. − | Bootrom. − | Bootrom? − | Bootrom. − | Yes − |- − | 0x2C..0x2F − | All of these keyslots use the same keyX initialized by bootrom. During key-init in arm9 bootrom, keyslots 0x2D and 0x2F are set to the same keyY. − | Bootrom. − | Bootrom, then NATIVE_FIRM for keyslots 0x2C and 0x2F on >=v6.0 FIRM. − + Line 522:
Line 406: − + + + Line 529:
Line 415: − + + + Line 538:
Line 426: − + − | - − | Yes − |- − | 0x30-0x33 − | All of these keyslots use the same keyX. The keyY for keyslots 0x32 and 0x33 are set to the same keyY by bootrom. − | Bootrom. − | Bootrom, then later NATIVE_FIRM except for keyslot 0x32. − + + + − + − + − + Line 566:
Line 449: − + + + Line 573:
Line 458: − + − + − | - − | Yes − |- − | 0x34-0x37 − | All four of these keyslots use the same keyX. Keyslots 0x35, 0x36, and 0x37 use the same bootrom keyY. See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]] for keyslot 0x36. − | Bootrom. − | Bootrom, then NATIVE_FIRM for keyslot 0x37. − + + + − + − + + + Line 602:
Line 484: + + Line 608:
Line 492: − + − + − | - − | Yes − |- − | 0x38-0x3B − | All of these keyslots use the same keyX. Keyslot 0x3B uses an unique keyY initialized by bootrom. − | Bootrom. − | Bootrom, then NATIVE_FIRM for keyslot 0x3A. − + + + Line 629:
Line 508: − + + + − + − + − | Bootrom.+ − | Bootrom(?), then later NATIVE_FIRM.+ − | - − | Yes − |- − | 0x3B − | Unknown. − | Bootrom. − | Bootrom. − | - − | Yes − |- − | 0x3C − | Unknown. The keyX for this is unique for this keyslot. The keyY for this initialized by bootrom is the same as keyslot 0x38. − | Bootrom. + − + + + − | - − | Yes − |- − | 0x3E − | Unknown. This keyslot uses an unique keyX/keyY. − | Bootrom. − | Bootrom. − | - − | Yes − |- − | 0x3F − | Unknown. This keyslot uses an unique keyX/keyY. − | Bootrom. − | Bootrom.
→Keyslots
|-
|-
| 0x00-0x03
| 0x00-0x03
| TWL keyslots.
| TWL keys.
| NATIVE_FIRM hard-boot.
| NATIVE_FIRM hard-boot.
| NATIVE_FIRM hard-boot.
| NATIVE_FIRM hard-boot.
|-
|-
| 0x04..0x07
| 0x04..0x07
| These are the [[Flash_Filesystem|NAND]] encryption keyslots, which keyslot gets used is determined by the [[NCSD]] partition FS type and the partition encryption type.
| [[Flash_Filesystem|NAND]] partition keys.
The New3DS Process9 sets the keyY for keyslot 0x05(New3DS CTRNAND) to a key from .(ro)data.
Keyslot is determined by [[NCSD]] partition FS type and encryption type. The New3DS Process9 sets the keyY for keyslot 0x05 (New3DS CTRNAND) to a key from .(ro)data.
| Bootrom.
| Bootrom.
| Bootrom.
| Bootrom.
|-
|-
| 0x0A
| 0x0A
| This is the console-unique keyslot used for encrypting the all-zero 0x10-byte block in the [[DSiWare_Exports|DSiWare_Exports]] header.
| DSiWare export key.
Used for encrypting the all-zero 0x10-byte block in the [[DSiWare_Exports|DSiWare_Exports]] header. Console-unique.
| See above keyslot info.
| See above keyslot info.
| See above keyslot info.
| See above keyslot info.
| -
| -
| Yes
| Yes
|-
|-
| 0x0D
| 0x0D
| SSL-certificate key. See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]].
| SSL-certificate key.
See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]].
| -
| -
| -
| -
| Bootrom.
| Bootrom.
| Yes
| Yes
|-
|-
| 0x11
| 0x11
| This is used for general normal-key crypto, where the normal-key is set by FIRM. This keyslot is also used by the New3DS [[FIRM]] arm9 binary loader.
| Temporary keyslot.
Used by FIRM for general normal-key crypto. Also used by the New3DS [[FIRM]] arm9 binary loader.
| Arm9Loader.
| Arm9Loader.
| Arm9Loader.
| Arm9Loader.
| NATIVE_FIRM.
| NATIVE_FIRM.
| Yes
| Yes
|-
|-
| 0x14
| 0x14
| NATIVE_FIRM boot.
| NATIVE_FIRM boot.
| -
| -
| Yes
| Yes
|-
|-
| See previous info for this keyslot.
| See previous info for this keyslot.
| No
| No
|-
|-
| 0x18..0x1F
| 0x18..0x1F
|-
|-
| 0x18
| 0x18
| New3DS [[NCCH]] keyslot, starting with [[9.3.0-21|9.3.0-X]].
| New3DS [[NCCH]] key.
| See above keyslot info.
Starting with [[9.3.0-21|9.3.0-X]].
| Arm9Loader.
| NATIVE_FIRM
| NATIVE_FIRM
| -
| -
| Yes
| No
|-
|-
| 0x19
| 0x19
| New3DS gamecard [[Savegames|savedata]] keyslot equalivant of keyslot 0x33, used when a [[NCSD]] flag is set to a certain value(implemented with [[9.3.0-21|9.3.0-X]]).
| New3DS gamecard [[Savegames|savedata]] AES-MAC key.
| See above keyslot info.
Equivalent of keyslot 0x33, used when a [[NCSD]] flag is set to a certain value (implemented with [[9.3.0-21|9.3.0-X]]).
| Arm9Loader.
| NATIVE_FIRM
| NATIVE_FIRM
| -
| -
| Yes
| No
|-
|-
| 0x1A
| 0x1A
| New3DS gamecard [[Savegames|savedata]] keyslot equalivant of keyslot 0x37, used when a [[NCSD]] flag is set to a certain value(implemented with [[9.3.0-21|9.3.0-X]]).
| New3DS gamecard [[Savegames|savedata]] actual key.
| See above keyslot info.
Equivalent of keyslot 0x37, used when a [[NCSD]] flag is set to a certain value (implemented with [[9.3.0-21|9.3.0-X]]).
| Arm9Loader.
| NATIVE_FIRM
| NATIVE_FIRM
| -
| -
| Yes
| No
|-
|-
| 0x25
| 0x25
| [[7.0.0-13|v7.0]] [[NCCH]] key.
| [[7.0.0-13|v7.0]] [[NCCH]] key.
| NATIVE_FIRM [[Savegames#6.0.0-11_Savegame_keyY|boot]].
| NATIVE_FIRM [[Savegames#6.0.0-11_Savegame_keyY|boot]].
| NATIVE_FIRM.
| NATIVE_FIRM.
| -
| -
| Yes
| Yes
|-
|-
| 0x2C
| 0x2C
| [[NCCH|NCCH]] key. Keyslots 0x2C..0x2F all use the same keyX, set by bootrom.
| [[NCCH|NCCH]] key.
| Bootrom.
| Bootrom.
| Process9.
| Process9.
|-
|-
| 0x2D
| 0x2D
| UDS local-WLAN CCMP key. See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]].
| UDS local-WLAN CCMP key.
See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]].
| Bootrom.
| Bootrom.
| Bootrom.
| Bootrom.
|-
|-
| 0x2E
| 0x2E
| See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]].
| Unknown key.
See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]].
| Bootrom.
| Bootrom.
| NATIVE_FIRM.
| NATIVE_FIRM.
| [[Savegames#6.0.0-11_Savegame_keyY|v6.0]] save key.
| [[Savegames#6.0.0-11_Savegame_keyY|v6.0]] save key.
| Bootrom.
| Bootrom.
| Bootrom, then later NATIVE_FIRM.
| NATIVE_FIRM.
| -
| -
| Yes
| Yes
|-
|-
| 0x30
| 0x30
| This keyY is initialized via [[Nand/private/movable.sed|movable.sed]]. This is used for calculating the AESMACs under SD [[SD_Filesystem|/Nintendo 3DS/<ID0>/<ID1>/]](except [[DSiWare_Exports]]) and [[Flash_Filesystem|NAND]] /data/.
| SD/NAND AES-MAC key.
This keyY is initialized via [[Nand/private/movable.sed|movable.sed]]. This is used for calculating the AESMACs under SD [[SD_Filesystem|/Nintendo 3DS/<ID0>/<ID1>/]] (except [[DSiWare_Exports]]) and [[Flash_Filesystem|NAND]] /data/.
| Bootrom.
| Bootrom.
| Bootrom(?), then later NATIVE_FIRM.
| NATIVE_FIRM.
| -
| -
| Yes
| Yes
|-
|-
| 0x31
| 0x31
| APT wrap key. See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]]
| APT wrap key.
NATIVE_FIRM sets this keyY to the same one used for keyslot 0x2E.
See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]]. NATIVE_FIRM sets this keyY to the same one used for keyslot 0x2E.
| Bootrom.
| Bootrom.
| Bootrom(?), then later NATIVE_FIRM.
| Bootrom(?), then later NATIVE_FIRM.
|-
|-
| 0x32
| 0x32
| See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]].
| Unknown.
See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]].
| Bootrom.
| Bootrom.
| Bootrom.
| Bootrom.
|-
|-
| 0x33
| 0x33
| This is the keyslot for the gamecard [[Savegames|savedata]] AESMAC.
| Gamecard [[Savegames|savedata]] AES-MAC.
| Bootrom.
| Bootrom.
| Bootrom, then later NATIVE_FIRM.
| NATIVE_FIRM.
| -
| -
| Yes
| Yes
|-
|-
| 0x34
| 0x34
| This keyY is initialized via [[Nand/private/movable.sed|movable.sed]]. This is used for encrypting *all* SD card data under [[SD_Filesystem|/Nintendo 3DS/<ID0>/<ID1>/]].
| SD key.
This keyY is initialized via [[Nand/private/movable.sed|movable.sed]]. This is used for encrypting *all* SD card data under [[SD_Filesystem|/Nintendo 3DS/<ID0>/<ID1>/]].
| Bootrom.
| Bootrom.
| Bootrom(?), then later NATIVE_FIRM.
| NATIVE_FIRM.
| -
| -
| Yes
| Yes
|-
|-
| 0x35
| 0x35
| This is the keyslot used for movable.sed encryption + AESMAC with the import/export [[FSPXI:ImportIntegrityVerificationSeed|commands]].
| Movable.sed key.
This is the keyslot used for movable.sed encryption + AES-MAC with the import/export [[FSPXI:ImportIntegrityVerificationSeed|commands]].
| Bootrom.
| Bootrom.
| Bootrom.
| Bootrom.
| 0x36
| 0x36
| Unknown.
| Unknown.
See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]].
| Bootrom.
| Bootrom.
| Bootrom.
| Bootrom.
|-
|-
| 0x37
| 0x37
| This is the keyslot for the actual gamecard [[Savegames|savedata]] encryption.
| Gamecard [[Savegames|savedata]] actual key.
| Bootrom.
| Bootrom.
| Bootrom, then later NATIVE_FIRM.
| NATIVE_FIRM.
| -
| -
| Yes
| Yes
|-
|-
| 0x38
| 0x38
| See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]].
| Unknown.
See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]].
| Bootrom.
| Bootrom.
| Bootrom.
| Bootrom.
|-
|-
| 0x39
| 0x39
| See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]]. NATIVE_FIRM sets this keyY to the same one used for keyslot 0x2E.
| Unknown.
See [[PSPXI:EncryptDecryptAes|EncryptDecryptAes]]. NATIVE_FIRM sets this keyY to the same one used for keyslot 0x2E.
| Bootrom.
| Bootrom.
| Bootrom, then NATIVE_FIRM.
| NATIVE_FIRM.
| -
| -
| Yes
| Yes
|-
|-
| 0x3A
| 0x3A
| This keyY is initialized via [[Nand/private/movable.sed|movable.sed]]. This is used for calculating the AESMACs for SD [[DSiWare_Exports]].
| DSiWare export key.
This keyY is initialized via [[Nand/private/movable.sed|movable.sed]]. This is used for calculating the AESMACs for SD [[DSiWare_Exports]].
| Bootrom.
| Bootrom.
| NATIVE_FIRM.
| -
| -
| Yes
| Yes
|-
|-
| 0x3D
| 0x3D
| Common key. Used to decrypt title keys in [[Ticket]]. Used by Gateway.
| Common key.
Used to decrypt title keys in [[Ticket]]. Used by Gateway.
| Bootrom.
| Bootrom.
| NATIVE_FIRM.
| NATIVE_FIRM.
| -
| -
| Yes
| Yes