Lotus3

From Nintendo Switch Brew
Revision as of 00:18, 29 January 2021 by Tatsuko (talk | contribs) (Lotus3 bootrom info)
Jump to navigation Jump to search

The Gamecard ASIC (known internally as the LOTUS3) is a separate chip on the motherboard responsible for communicating with the Gamecard.

It is the Tegra's SDMMC2 device on the Switch and FS communicates with it using a custom protocol based on vendor specific MMC commands.

Bootrom

SHA256(lotus3_brom[0..0xFFF]) = b7d4cfb22c25c80cca6c55473b4f7730e675143321ba38f11727c99f787a8acf

Protocol

All communication is done using the following MMC_SEND_MANUFACTURER commands.

Command Name
60 #WriteOperation
61 #FinishOperation
62 #Sleep
63 #UpdateKey

WriteOperation

Submits a Gamecard ASIC operation using a 0x40 byte sized buffer as follows.

OperationBuffer

Offset Size Description
0x0 0x1 Gamecard ASIC operation command
0x1 0x1F Operation specific data
0x20 0x20 Command verification value (secure mode only)

FinishOperation

Returns the status of a completed operation.

Sleep

Puts the Gamecard ASIC in sleep mode.

UpdateKey

Tells the Gamecard ASIC to generate new random key data.

ASIC commands

The Gamecard ASIC supports a total of 20 operation commands. These commands are passed to the ASIC using the #WriteOperation MMC command.

Additional data buffers are then read/written using standard MMC read/write commands.

Command Name
0x01 #SendFirmware
0x02 #ReceiveCertificate
0x03 #SendSocCertificate
0x04 #ReceiveRandomValue
0x05 #SendRandomValue
0x06 #ReceiveDeviceChallenge
0x07 #RespondDeviceChallenge
0x08 #SendHostChallenge
0x09 #ReceiveChallengeResponse
0x0A #ChangeModeToSecure
0x0B #WriteRegister
0x0C #ReadRegister
0x0D #ChangeGcModeToDebug
0x0E #GetCardHeader
0x0F #ChangeGcModeToSecure
0x10 #SendCardCommand
0x11 #EnableCardBus
0x12 #ExchangeRandomValuesInSecureMode
0x13 #ReadRmaInformation
0x14 [9.0.0+] #ChallengeCardExistence

SendFirmware

Signals the Gamecard ASIC to receive a 0x7800 byte sized buffer containing the ASIC's user firmware.

ReceiveCertificate

Signals the Gamecard ASIC to send a 0x400 byte sized buffer containing the ASIC's certificate.

SendSocCertificate

Signals the Gamecard ASIC to receive a 0x400 byte sized buffer containing the certificate from GetGameCardCertificate.

ReceiveRandomValue

Signals the Gamecard ASIC to send a 0x100 byte sized buffer containing a RSA-OAEP encrypted message to be decrypted by the host library. The decrypted message will be used to generate a common AES-128 (CBC and CTR) key and IV/CTR shared between the ASIC and the host library.

SendRandomValue

Signals the Gamecard ASIC to receive a 0x100 byte sized buffer containing a RSA-OAEP encrypted message to be decrypted by the ASIC. The decrypted message will be used to generate a common AES-128 (CBC and CTR) key and IV/CTR shared between the ASIC and the host library.

ReceiveDeviceChallenge

Signals the Gamecard ASIC to send a 0x20 byte sized buffer containing AES-128-CBC encrypted authentication data to be decrypted and hashed by the host library.

RespondDeviceChallenge

Signals the Gamecard ASIC to receive a 0x20 byte sized buffer containing the AES-128-CBC encrypted hash of the ASIC authentication data.

SendHostChallenge

Signals the Gamecard ASIC to receive a 0x20 byte sized buffer containing AES-128-CBC encrypted authentication data to be decrypted and hashed by the ASIC.

ReceiveChallengeResponse

Signals the Gamecard ASIC to send a 0x20 byte sized buffer containing the AES-128-CBC encrypted hash of the library authentication data.

ChangeModeToSecure

Signals the Gamecard ASIC to enter secure mode. In secure mode, all communication with the Gamecard ASIC must be AES-128-CTR encrypted.

WriteRegister

Signals the Gamecard ASIC to write an internal register. The register value is passed in the first word of a 0x200 byte sized buffer while the register index is passed in the actual #OperationBuffer as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x0B)
0x1 0x3 Padding
0x4 0x4 Gamecard ASIC register index
0x8 0x18 Empty
0x20 0x20 Command verification value

ReadRegister

Signals the Gamecard ASIC to send a 0x30 byte sized buffer containing the values of all ASIC registers as follows.

Offset Size Description
0x0 0x4 Status
0x4 0x4 Access Control
0x8 0x4
0xC 0x4
0x10 0x4
0x14 0x4
0x18 0x4
0x1C 0x4
0x20 0x4
0x24 0x4
0x28 0x4
0x2C 0x4

ChangeGcModeToDebug

Signals the Gamecard ASIC to change into debug mode and send a 0x200 byte sized buffer containing information on the current Gamecard.

GetCardHeader

Signals the Gamecard ASIC to send a 0x108 byte sized buffer containing the current Gamecard's header data as follows.

Offset Size Description
0x0 0x4 CUP Version
0x4 0x4 Gamecard ID1
0x8 0x100 Gamecard Header (without the signature)

ChangeGcModeToSecure

Signals the Gamecard ASIC to send a 0x800 byte sized buffer containing the current Gamecard's key area sectors as follows.

Sector Size Description
0 0x200 Gamecard specific data
1 0x200 Gamecard Certificate
2 0x200 Empty sector (all 0xFF)
3 0x200 Gamecard Initial Data

SendCardCommand

Signals the Gamecard ASIC to relay a specific command to the Gamecard. The command is sent to the Gamecard using the #OperationBuffer as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x10)
0x1 0x1 Page size
0x2 0x1 Direction (0 = read, 1 = write)
0x3 0x1 Padding
0x4 0x4 Page count
0x8 0x1 Gamecard command
0x9 0x17 Command specific data
0x20 0x20 Command verification value

EnableCardBus

Signals the Gamecard ASIC to enable the current Gamecard's bus line.

ExchangeRandomValuesInSecureMode

Signals the Gamecard ASIC to exchange random authentication values with the current Gamecard. The Gamecard response values are returned in a 0x20 sized buffer while the host values are passed in the actual #OperationBuffer as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x12)
0x1 0x1F Random value from host
0x20 0x20 Command verification value

ReadRmaInformation

Signals the Gamecard ASIC to send a 0x200 byte sized buffer containing information on the Gamecard ASIC. This is called by GetGameCardAsicInfo.

ChallengeCardExistence

Signals the Gamecard ASIC to exchange random values with the current Gamecard. The Gamecard response values are returned in a 0x58 sized buffer while the host values are passed in the actual #OperationBuffer as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x14)
0x1 0x1F Random value from host
0x20 0x20 Command verification value

Gamecard commands

These commands are issued by the Gamecard ASIC to the actual Gamecard using the #OperationBuffer passed to #SendCardCommand.

Additional data buffers are then read/written using standard MMC read/write commands.

Command Name
0x10 ReadId1Write
0x11 ReadId2Write
0x12 ReadId3Write
0x15 ReadCrc
0x16 WritePage
0x18 Erase
0x19 ReadParameter
0x20 WriteParameter
0x21 ReadPageSecure
0x28 ReadId2
0x2E [2.0.0+] ChangeDebugDirect
0x30 ReadId3Secure
0x39 SetKey
0x56 ReadId1
0x83 WritePageSecure
0x5B ReadPage
0x67 ReadId1Secure
0xA5 ReadId3
0xB8 Refresh
0xC4 ReadId2Secure
0xE0 ReadInitialData
0xE2 ChangeInitialData

ReadId1

Returns the Gamecard ID1 under one of the valid Gamecard modes.

The #OperationBuffer is as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x10)
0x1 0x1 Set to 1
0x2 0x1 Set to 0
0x3 0x1 Padding
0x4 0x4 Set to 0
0x8 0x1 Gamecard command (0x10, 0x56 or 0x67)
0x9 0x4 Set to 0
0xD 0x2 Set to 0
0xF 0x1 Set to 0
0x10 0x10 Empty
0x20 0x20 Command verification value

ReadId2

Returns the Gamecard ID2 under one of the valid Gamecard modes.

The #OperationBuffer is as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x10)
0x1 0x1 Set to 1
0x2 0x1 Set to 0
0x3 0x1 Padding
0x4 0x4 Set to 0
0x8 0x1 Gamecard command (0x11, 0x28 or 0xC4)
0x9 0x4 Set to 0
0xD 0x2 Set to 0
0xF 0x1 Set to 0
0x10 0x10 Empty
0x20 0x20 Command verification value

ReadId3

Returns the Gamecard ID3 under one of the valid Gamecard modes.

The #OperationBuffer is as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x10)
0x1 0x1 Set to 1
0x2 0x1 Set to 0
0x3 0x1 Padding
0x4 0x4 Set to 0
0x8 0x1 Gamecard command (0x12, 0x30 or 0xA5)
0x9 0x4 Set to 0
0xD 0x2 Set to 0
0xF 0x1 Set to 0
0x10 0x10 Empty
0x20 0x20 Command verification value

ReadCrc

Reads pages from the Gamecard, calculates their CRC and returns it. This command is only available in Write mode.

The #OperationBuffer is as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x10)
0x1 0x1 Set to 1
0x2 0x1 Set to 0
0x3 0x1 Padding
0x4 0x4 Set to 0
0x8 0x1 Gamecard command (0x15)
0x9 0x4 Gamecard page offset
0xD 0x3 Gamecard page count
0x10 0x10 Empty
0x20 0x20 Command verification value

WritePage

Writes Gamecard pages. This command is only available in Write and Secure modes.

The #OperationBuffer is as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x10)
0x1 0x1 Set to 3
0x2 0x1 Set to 1
0x3 0x1 Padding
0x4 0x4 Gamecard page count (duplicate)
0x8 0x1 Gamecard command (0x16 or 0x83)
0x9 0x4 Gamecard page offset
0xD 0x3 Gamecard page count
0x10 0x10 Empty
0x20 0x20 Command verification value

ReadPage

Reads Gamecard pages. This command is only available in Normal and Secure modes.

The #OperationBuffer is as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x10)
0x1 0x1 Set to 3
0x2 0x1 Set to 0
0x3 0x1 Padding
0x4 0x4 Gamecard page count (duplicate)
0x8 0x1 Gamecard command (0x21 or 0x5B)
0x9 0x4 Gamecard page offset
0xD 0x3 Gamecard page count
0x10 0x10 Empty
0x20 0x20 Command verification value

Erase

Fully erases a Gamecard's contents. This command is only available in Write mode.

The #OperationBuffer is as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x10)
0x1 0x1 Set to 1
0x2 0x1 Set to 0
0x3 0x1 Padding
0x4 0x4 Set to 0
0x8 0x1 Gamecard command (0x18)
0x9 0x4 Set to 0
0xD 0x2 Set to 0
0xF 0x1 Set to 0
0x10 0x10 Empty
0x20 0x20 Command verification value

ReadParameter

Reads a development Gamecard's parameters. This command is only available in Write mode.

The #OperationBuffer is as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x10)
0x1 0x1 Set to 3
0x2 0x1 Set to 0
0x3 0x1 Padding
0x4 0x4 Set to 1
0x8 0x1 Gamecard command (0x19)
0x9 0x4 Set to 0
0xD 0x2 Set to 0
0xF 0x1 Set to 0
0x10 0x10 Empty
0x20 0x20 Command verification value

WriteParameter

Writes a development Gamecard's parameters. This command is only available in Write mode.

The #OperationBuffer is as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x10)
0x1 0x1 Set to 3
0x2 0x1 Set to 1
0x3 0x1 Padding
0x4 0x4 Set to 1
0x8 0x1 Gamecard command (0x20)
0x9 0x4 Set to 0
0xD 0x2 Set to 0
0xF 0x1 Set to 0
0x10 0x10 Empty
0x20 0x20 Command verification value

SetKey

Sets the Gamecard's internal key data. This command is only available in Secure mode.

The #OperationBuffer is as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x10)
0x1 0x1 Set to 0
0x2 0x1 Set to 0
0x3 0x1 Padding
0x4 0x4 Set to 0
0x8 0x1 Gamecard command (0x39)
0x9 0x4 Set to 0
0xD 0x2 Set to 0
0xF 0x1 Set to 0
0x10 0x10 Empty
0x20 0x20 Command verification value

Refresh

Resets the Gamecard's internal status. This command is only available in Secure mode.

The #OperationBuffer is as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x10)
0x1 0x1 Set to 2
0x2 0x1 Set to 0
0x3 0x1 Padding
0x4 0x4 Set to 0
0x8 0x1 Gamecard command (0xB8)
0x9 0x4 Set to 0
0xD 0x2 Set to 0
0xF 0x1 Set to 0
0x10 0x10 Empty
0x20 0x20 Command verification value

ChangeDebugDirect

Used by OpenGameCardStorage. This command is only available in Normal mode.

The #OperationBuffer is as follows.

Offset Size Description
0x0 0x1 Gamecard ASIC operation command (0x10)
0x1 0x1 Set to 1
0x2 0x1 Set to 0
0x3 0x1 Padding
0x4 0x4 Set to 0
0x8 0x1 Gamecard command (0x2E)
0x9 0xF Unlock password
0x18 0x8 Empty
0x20 0x20 Command verification value

Modes

Both the Gamecard ASIC and the actual Gamecard can operate in different modes.

ASIC modes

Mode Name
0x00 Initial
0x01 Secure

Gamecard modes

Mode Name
0x00 Initial
0x01 Normal
0x02 Secure
0x03 Write

User firmware

FS provides the appropriate Gamecard ASIC's user firmware (Lotus ASIC Firmware or LAFW) which is encrypted, signed and follows the format below.

Offset Size Description
0x0 0x100 RSA-2048 PKCS #1 signature over the firmware (data from 0x100 to 0x7800)
0x100 0x4 Magic ("LAFW")
0x104 0x4 Unknown (0xFF000000, 0xFFFF0000 or 0xFFFFFF00)
0x108 0x4 Empty
0x10C 0x4 Empty
0x110 0x4 Version (0, 0x1, [4.0.0+] 0x3, [9.0.0+] 0x7, [11.0.0+] 0xF)
0x114 0x4 Unknown (0x80000000)
0x118 0x4 Data size
0x11C 0x4 Empty
0x120 0x10 Encrypted data IV/CTR
0x130 0x10 Placeholder string ("IDIDIDIDIDIDIDID")
0x140 0x40 Empty
0x180 0x7680 Encrypted data

Types

Depending on it's purpose, multiple user firmware blobs exist.

ReadFw

Code for reading retail Gamecards. Only the normal and secure Gamecard modes are supported.

Found inside FS.

[4.0.0+] This firmware blob was updated to provide support for new Gamecards.

[9.0.0+] This firmware blob was updated.

[11.0.0+] This firmware blob was updated.

WriterFw

Code for writing development Gamecards. Only the normal and write Gamecard modes are supported.

Found inside FS.

ReadDevFw

Code for reading development Gamecards. Development Gamecards use common initial data which justifies the need for a specialized read firmware.

Found inside FS.

RmaFw

Code for calling #ReadRmaInformation. Must be passed as an argument for GetGameCardAsicInfo.

Never observed (possibly factory only).

Anti-downgrade

Loading an user firmware blob with a certain version field will lock the Gamecard ASIC to only allow running firmware blobs with the same or higher version number. Therefore, it is speculated that the Gamecard ASIC contains some sort of non-volatile memory bank which could be used for this purpose (among others).