Changes

| 0x18

| 0x18

| 0x1

| 0x1

| ?

| OTP version

|-

|-

| 0x19

| 0x19

| 0x1

| 0x1

| This is the [[CTCert]] issuer type: 0 = retail "Nintendo CA - G3_NintendoCTR2prod", non-zero = dev "Nintendo CA - G3_NintendoCTR2dev".

| This determines if the OTP is for a dev system; it indicates the [[CTCert]] issuer type: 0 = retail "Nintendo CA - G3_NintendoCTR2prod", non-zero = dev "Nintendo CA - G3_NintendoCTR2dev".

|-

|-

| 0x1A

| 0x1A

| 0x6

| 0x6

| ?

| Manufacturing date (of the SoC?). Usually month(s) before the dates in the logs stored in [[Flash_Filesystem|TWLNAND]]. Each byte is one field: year, month, day, hour, minute, second. Year is encoded as year-1900 so that it fits in one byte. This order matches up with the layout of a <code>struct tm</code>.

|-

|-

| 0x20

| 0x20

| 0x4

| 0x4

| This is the CTCert ECDSA exponent, this is byte-swapped when plaintext_otp+0x18 is >=5.

| This is the CTCert expiry time as UNIX timestamp, this is specified in big endian if the OTP version is <5.

|-

|-

| 0x24

| 0x24

| 0x2

| 0x20

| This is the CTCert ECDSA privk.

| This is the CTCert ECDSA privk.

|-

|-

| 0x44

| 0x44

| 0x3C

| 0x3C

| This is the CTCert ECDSA signature.

| This is the CTCert ECDSA signature (sect233r1?/SHA-256).

|-

|-

| 0x80

| 0x80

| 0x90

| 0x90

| 0x70

| 0x70

| Used by Boot9 for generating the console-unique AES [[AES_Registers|keyXs]]. However, due to a bug(?) in Boot9, only the first 0x1C-bytes here actually affect console-unique key generation. The rest of the data is used for hashing, but that output hash only gets overwritten without being used afterwards.  

| Used by Boot9 for generating the console-unique AES [[AES_Registers|keyXs]]. However, due to a bug(?) in Boot9, only the first 0x1C-bytes here actually affect console-unique key generation. The rest of the data is used for hashing, but that output hash only gets overwritten without being used afterwards.

 

| SHA256 hash over the previous 0xE0-bytes.

|}

|}