5,579
edits
Changes
Corrected information about why boot0 and boot1 are separate; I highly doubt that the initialization wouldn’t fit in the ROM. It’s literally like 3 lines of code to do RSA.
Line 5:
Line 5:
It contains code to read the first 48 pages of the attached [[Hardware/NAND|NAND flash]], reserved for [[boot1]], decrypt them with a fixed AES key, hash them with {{hw|SHA-1 Engine}}, and compare the hash with a value read from {{hw|OTP}} memory. If the hashes do not match, the system will refuse to proceed to boot1, causing a brick. However, if the hash in OTP is all zeroes, then the system will always boot — this is true of development consoles and probably also during the manufacturing process. For more discussion on this subject, see [http://hackmii.com/2008/05/boot0/ bushing's HackMii post].
It contains code to read the first 48 pages of the attached [[Hardware/NAND|NAND flash]], reserved for [[boot1]], decrypt them with a fixed AES key, hash them with {{hw|SHA-1 Engine}}, and compare the hash with a value read from {{hw|OTP}} memory. If the hashes do not match, the system will refuse to proceed to boot1, causing a brick. However, if the hash in OTP is all zeroes, then the system will always boot — this is true of development consoles and probably also during the manufacturing process. For more discussion on this subject, see [http://hackmii.com/2008/05/boot0/ bushing's HackMii post].
−The division between boot0/boot1 allows the RSA signature verification to be done using trusted code loaded from flash. It would not have fit into the 4K of space available. It is coded in a mixture of C and assembly.
+The division between boot0/boot1 allows the RSA signature initialization and verification to be updated at the factory without rebuilding the Starlet core.
The assembly code of boot0 can be found [[/Code dump|here]].
The assembly code of boot0 can be found [[/Code dump|here]].
[[Category:Official software]]
[[Category:Official software]]