Security Engine: Difference between revisions

← Older edit Newer edit →

@@ Line 1: / Line 1: @@
-The security engine (SE) is responsible for the crypto done on the switch. SE is mapped to physical address 0x70012000.
+The Nintendo Switch uses Tegra's Security Engine (SE) for handling cryptographic opearations at the system's lowest level.
-= SE registers =
+The SE driver is mapped to physical address 0x70012000 with a total size of 0x2000 bytes and exposes several registers for programming the Security Engine.
+= Registers =
 {| class="wikitable" border="1"
 |-
-! Register
+! Name
-! Offset
+! Address
-|-
-| OPERATION_REG_OFFSET
-| 0x008
-|-
-| INT_ENABLE_REG_OFFSET
-| 0x00C
-|-
-| INT_STATUS_REG_OFFSET
-| 0x010
-|-
-| CONFIG_REG_OFFSET
-| 0x014
 |-
-| IN_LL_ADDR_REG_OFFSET
+| SE_OPERATION_UNK0
-| 0x018
+| 0x70012000
 |-
-| OUT_LL_ADDR_REG_OFFSET
+| SE_OPERATION_UNK1
-| 0x024
+| 0x70012004
 |-
-| HASH_RESULT_REG_OFFSET
+| SE_OPERATION
-| 0x030
+| 0x70012008
 |-
-| CONTEXT_SAVE_CONFIG_REG_OFFSET
+| SE_INT_ENABLE
-| 0x070
+| 0x7001200C
 |-
-| SHA_CONFIG_REG
+| SE_INT_STATUS
-| 0x200
+| 0x70012010
 |-
-| SHA_MSG_LENGTH_REG
+| SE_CONFIG
-| 0x204
+| 0x70012014
 |-
-| SHA_MSG_LEFT_REG
+| SE_IN_LL_ADDR
-| 0x214
+| 0x70012018
 |-
-| KEYSLOT_1
+| SE_OUT_LL_ADDR
-| 0x284
+| 0x70012024
 |-
-| KEYSLOT_2
+| SE_HASH_RESULT
-| 0x288
+| 0x70012030
 |-
-| KEYSLOT_3
+| SE_CONTEXT_SAVE_CONFIG
-| 0x28C
+| 0x70012070
 |-
-| KEYSLOT_4
+| SE_SHA_CONFIG
-| 0x290
+| 0x70012200
 |-
-| KEYSLOT_5
+| SE_SHA_MSG_LENGTH
-| 0x294
+| 0x70012204
 |-
-| KEYSLOT_6
+| SE_SHA_MSG_UNK0
-| 0x298
+| 0x70012208
 |-
-| KEYSLOT_7
+| SE_SHA_MSG_UNK1
-| 0x29C
+| 0x7001220C
 |-
-| KEYSLOT_8
+| SE_SHA_MSG_UNK2
-| 0x2A0
+| 0x70012210
 |-
-| KEYSLOT_9
+| SE_SHA_MSG_LEFT
-| 0x2A4
+| 0x70012214
 |-
-| KEYSLOT_10
+| SE_SHA_MSG_UNK3
-| 0x2A8
+| 0x70012218
 |-
-| KEYSLOT_11
+| SE_SHA_MSG_UNK4
-| 0x2AC
+| 0x7001221C
 |-
-| KEYSLOT_12
+| SE_SHA_MSG_UNK5
-| 0x2B0
+| 0x70012220
 |-
-| KEYSLOT_13
+| SE_AES_KEY_READ_DISABLE
-| 0x2B4
+| 0x70012280
 |-
-| KEYSLOT_14
+| SE_AES_KEYTABLE_ACCESS
-| 0x2B8
+| 0x70012284
 |-
-| KEYSLOT_15
+| SE_CRYPTO
-| 0x2BC
+| 0x70012304
 |-
-| KEYSLOT_16
+| SE_CRYPTO_CTR
-| 0x2C0
+| 0x70012308
 |-
-| CRYPTO_REG
+| SE_BLOCK_COUNT
-| 0x304
+| 0x70012318
 |-
-| CRYPTO_CTR_REG
+| SE_AES_KEYTABLE_ADDR
-| 0x308
+| 0x7001231C
 |-
-| BLOCK_COUNT_REG
+| SE_AES_KEYTABLE_DATA
-| 0x318
+| 0x70012320
 |-
-| KEYTABLE_REG
+| SE_CRYPTO_KEYTABLE_DST
-| 0x31C
+| 0x70012330
 |-
-| KEYTABLE_DATA0_REG
+| SE_RNG_CONFIG
-| 0x320
+| 0x70012340
 |-
-| CRYPTO_KEYTABLE_DST_REG
+| SE_RNG_SRC_CONFIG
-| 0x330
+| 0x70012344
 |-
-| RNG_CONFIG_REG
+| SE_RNG_RESEED_INTERVAL
-| 0x340
+| 0x70012348
 |-
-| RNG_SRC_CONFIG_REG
+| SE_RSA_CONFIG
-| 0x344
+| 0x70012400
 |-
-| RNG_RESEED_INTERVAL_REG
+| SE_RSA_KEY_SIZE
-| 0x348
+| 0x70012404
 |-
-| RSA_CONFIG
+| SE_RSA_EXP_SIZE
-| 0x400
+| 0x70012408
 |-
-| RSA_KEY_SIZE_REG_OFFSET
+| SE_RSA_KEY_READ_DISABLE
-| 0x404
+| 0x7001240C
 |-
-| RSA_EXP_SIZE_REG_OFFSET
+| SE_RSA_KEYTABLE_ACCESS
-| 0x408
+| 0x70012410
 |-
-| RSA_KEYSLOT_1
+| SE_RSA_KEYTABLE_ADDR
-| 0x410
+| 0x70012420
 |-
-| RSA_KEYSLOT_2
+| SE_RSA_KEYTABLE_DATA
-| 0x414
+| 0x70012424
 |-
-| RSA_KEYTABLE_ADDR
+| SE_RSA_OUTPUT
-| 0x420
+| 0x70012428
 |-
-| RSA_KEYTABLE_DATA
+| SE_STATUS_FLAGS
-| 0x424
+| 0x70012800
 |-
-| RSA_OUTPUT
+| SE_ERR_STATUS
-| 0x428
+| 0x70012804
 |-
-| SPARE_0_REG_OFFSET
+| SE_SPARE_0
-| 0x80C
+| 0x7001280C
 |}