Secure Monitor: Difference between revisions

Line 82:

Note:

The [[#~~CryptoUsecase~~|CryptoUsecase_TitleKey]] represents a RSA wrapped AES key.

The [[#enum_CryptoUsecase|CryptoUsecase_TitleKey]] represents a RSA wrapped AES key.

=== GenerateAesKek ===

Takes an "access key" as input, an [[#~~CryptoUsecase~~]].

Takes an "access key" as input, an [[#enum_CryptoUsecase]].

Returns a session-unique kek for said usecase.

Line 92:

Takes a session kek created with [[#GenerateAesKek]], and a wrapped AES key.

The session kek must have been created with CryptoUsecase_Aes.

The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_Aes]].

=== CryptAes ===

Line 100:

=== GenerateSpecificAesKey ===

Todo: This one seems unrelated to [[#~~CryptoUsecase~~]].

Todo: This one seems unrelated to [[#enum_CryptoUsecase]].

=== LoadRsaOaepKey ===

Takes a session kek created with [[#GenerateAesKek]], a wrapped AES key, and a wrapped RSA private key.

The session kek must have been created with CryptoUsecase_RsaOaep.

The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_RsaOaep]].

This function was removed in [[5.0.0]], and replaced with [[#EncryptRsaKeyForImport]].

Line 119:

Takes a session kek created with [[#GenerateAesKek]], a wrapped AES key, an enum member, and a wrapped RSA private key.

The session kek must have been created with CryptoUsecase_RsaPrivate.

The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_RsaPrivate]].

[4.0.0+] The SMC handler when certain conditions pass and SMC_ID==0xC300100D now returns error 0x6 instead of calling the handler funcptr.

Line 132:

Takes a session kek created with [[#GenerateAesKek]], and a wrapped RSA key.

The session kek must have been created with CryptoUsecase_RsaSecureExpMod.

The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_RsaSecureExpMod]].

This function was removed in [[5.0.0]], and replaced with [[#EncryptRsaKeyForImport]].

@@ Line 82: / Line 82: @@
 Note:
-The [[#CryptoUsecase|CryptoUsecase_TitleKey]] represents a RSA wrapped AES key.
+The [[#enum_CryptoUsecase|CryptoUsecase_TitleKey]] represents a RSA wrapped AES key.
 === GenerateAesKek ===
-Takes an "access key" as input, an [[#CryptoUsecase]].
+Takes an "access key" as input, an [[#enum_CryptoUsecase]].
 Returns a session-unique kek for said usecase.
@@ Line 92: / Line 92: @@
 Takes a session kek created with [[#GenerateAesKek]], and a wrapped AES key.
-The session kek must have been created with CryptoUsecase_Aes.
+The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_Aes]].
 === CryptAes ===
@@ Line 100: / Line 100: @@
 === GenerateSpecificAesKey ===
-Todo: This one seems unrelated to [[#CryptoUsecase]].
+Todo: This one seems unrelated to [[#enum_CryptoUsecase]].
 === LoadRsaOaepKey ===
 Takes a session kek created with [[#GenerateAesKek]], a wrapped AES key, and a wrapped RSA private key.
-The session kek must have been created with CryptoUsecase_RsaOaep.
+The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_RsaOaep]].
 This function was removed in [[5.0.0]], and replaced with [[#EncryptRsaKeyForImport]].
@@ Line 119: / Line 119: @@
 Takes a session kek created with [[#GenerateAesKek]], a wrapped AES key, an enum member, and a wrapped RSA private key.
-The session kek must have been created with CryptoUsecase_RsaPrivate.
+The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_RsaPrivate]].
 [4.0.0+] The SMC handler when certain conditions pass and SMC_ID==0xC300100D now returns error 0x6 instead of calling the handler funcptr.
@@ Line 132: / Line 132: @@
 Takes a session kek created with [[#GenerateAesKek]], and a wrapped RSA key.
-The session kek must have been created with CryptoUsecase_RsaSecureExpMod.
+The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_RsaSecureExpMod]].
 This function was removed in [[5.0.0]], and replaced with [[#EncryptRsaKeyForImport]].