301
edits
Changes
Espresso uses ECDSA
Line 10:
Line 10:
== ARM ancast image ==
== ARM ancast image ==
−=== Header ===
=== Header ===
{| class="wikitable"
{| class="wikitable"
Line 68:
Line 67:
| 0x1A8
| 0x1A8
| 0x04
| 0x04
−| Console type (0x01 for debug, 0x02 for retail)
+| Console type (0x01 for Development, 0x02 for Production)
|-
|-
| 0x1AC
| 0x1AC
Line 86:
Line 85:
| Padding (must be NULL)
| Padding (must be NULL)
|}
|}
+
+Signature type 0x02 is RSA.
=== Body ===
=== Body ===
The image's body is composed of AES-128-CBC encrypted (with the Starbuck WiiU, vWii or boot1 ancast keys) data.
The image's body is composed of AES-128-CBC encrypted (with the Starbuck WiiU, vWii or boot1 ancast keys) data.
−== PPC ancast image ==
== PPC ancast image ==
−=== Header ===
=== Header ===
{| class="wikitable"
{| class="wikitable"
Line 146:
Line 145:
| 0xA4
| 0xA4
| 0x04
| 0x04
−| Unknown (0x11 on Wii U images, 0x13 on vWii images, 0x12 on an unknown vWii image, 0x14 see below)
+| Target device (0x11 on Wii U images, 0x13 on vWii images, 0x12 on an unknown vWii image, 0x14 see below)
|-
|-
| 0xA8
| 0xA8
| 0x04
| 0x04
−| Console type (0x01 for debug, 0x02 for retail)
+| Console type (0x01 for Development, 0x02 for Production)
|-
|-
| 0xAC
| 0xAC
Line 164:
Line 163:
| Padding (must be NULL)
| Padding (must be NULL)
|}
|}
+
+Signature type 0x01 is ECDSA. The Espresso boot ROM uses SHA-1 as the cryptographic hash function and hardcoded ECC-P224 public keys for signature verification.
Ancast type 0x12 is dependent on the Espresso's HID1 special-purpose register having bit28 set, as well as the PPC being in vWii mode.
Ancast type 0x12 is dependent on the Espresso's HID1 special-purpose register having bit28 set, as well as the PPC being in vWii mode.
−Ancast type 0x14 is implied to only able to be used on Wii Us with a [[Hardware/SEEPROM#EspressoPackageInfo|PpcPvr]] value where the upper u16 != 0x7001, and the lower u16 >0x100. The prerequisite flags can be triggered on retail units by first writing 0x2 to the lower nibble of [[Hardware/Latte_Registers|LT_MEMCMPT]], and then asserting SRESET just after a normal (0x11) Ancast image has finished verifying on the Espresso. A second uploaded Ancast image (written to RAM while SRESET is held asserted) will only verify if the type is 0x14. 0x14-type Ancast images will always use retail RSA keys to verify, even on unfused units.
+Ancast type 0x14 is implied to only able to be used on Wii Us with a [[Hardware/SEEPROM#EspressoPackageInfo|PpcPvr]] value where the upper u16 != 0x7001, and the lower u16 >0x100. The prerequisite flags can be triggered on retail units by first writing 0x2 to the lower nibble of [[Hardware/Latte_Registers|LT_PIMEMCOMPAT]], and then asserting SRESET just after a normal (0x11) Ancast image has finished verifying on the Espresso. A second uploaded Ancast image (written to RAM while SRESET is held asserted) will only verify if the type is 0x14. 0x14-type Ancast images will always use retail ECC keys to verify, even on unfused units.
=== Body ===
=== Body ===
The image's body is composed of AES-128-CBC encrypted (with the Espresso WiiU or vWii ancast keys) data. It starts 0x100 bytes after the start of the header.
The image's body is composed of AES-128-CBC encrypted (with the Espresso WiiU or vWii ancast keys) data. It starts 0x100 bytes after the start of the header.