Cryptosystem: Difference between revisions
naming |
New update + clarifications |
||
| Line 124: | Line 124: | ||
|- | |- | ||
| 13 | | 13 | ||
| | | PerConsoleKeyForFirmwareSpecificPerConsoleKeyGen | ||
| [[Package1#Package1ldr|Package1ldr]] | | [[Package1#Package1ldr|Package1ldr]] | ||
| Yes | | Yes | ||
| Line 130: | Line 130: | ||
|- | |- | ||
| 14 | | 14 | ||
| | | StaticKeyForFirmwareSpecificPerConsoleKeyGen | ||
| [[Package1#Package1ldr|Package1ldr]] | | [[Package1#Package1ldr|Package1ldr]] | ||
| No | | No | ||
| Line 159: | Line 159: | ||
|- | |- | ||
| 13 | | 13 | ||
| | | FirmwareSpecificPerConsoleKey | ||
| Secure Monitor init | | Secure Monitor init | ||
| Yes | | Yes | ||
| Line 292: | Line 292: | ||
| 1 | | 1 | ||
|- | |- | ||
| 4.0.0 | | 4.0.0-4.1.0 | ||
| 4 | | 4 | ||
| 1 | |||
|- | |||
| 5.0.0 | |||
| 5 | |||
| 1 | | 1 | ||
|} | |} | ||
| Line 300: | Line 304: | ||
On all versions, the key to decrypt [[Package2]] is generated by decrypting a constant seed with the master key. The key is erased after use. | On all versions, the key to decrypt [[Package2]] is generated by decrypting a constant seed with the master key. The key is erased after use. | ||
Additionally, starting from 4.0.0, the Secure Monitor init will decrypt another constant seed successively with a special per console key and a special static key passed by package1loader, to generate | Additionally, starting from 4.0.0, the Secure Monitor init will decrypt another constant seed successively with a special per console key and a special static key passed by package1loader, to generate the firmware specific per-console key. The operation will erase these special keys passed by package1loader. | ||
== Secure Monitor == | == Secure Monitor == | ||
The secure monitor performs some runtime cryptographic operations. See [[SMC]] for what operations it provides. | The secure monitor performs some runtime cryptographic operations. See [[SMC]] for what operations it provides. | ||