Difference between revisions of "Security Engine"

From Nintendo Switch Brew
Jump to navigation Jump to search
Line 9: Line 9:
 
! Address
 
! Address
 
|-
 
|-
| SE_OPERATION_UNK0
+
| SE_SECURITY
 
| 0x70012000
 
| 0x70012000
 
|-
 
|-
| SE_OPERATION_UNK1
+
| SE_TZRAM_SEC
 
| 0x70012004
 
| 0x70012004
 
|-
 
|-
Line 38: Line 38:
 
| SE_CONTEXT_SAVE_CONFIG
 
| SE_CONTEXT_SAVE_CONFIG
 
| 0x70012070
 
| 0x70012070
 +
|-
 +
| SE_CONTEXT_SAVE_AUTO
 +
| 0x70012074
 
|-
 
|-
 
| SE_SHA_CONFIG
 
| SE_SHA_CONFIG

Revision as of 18:44, 7 February 2019

The Nintendo Switch uses Tegra's Security Engine (SE) for handling cryptographic opearations at the system's lowest level.

The SE driver is mapped to physical address 0x70012000 with a total size of 0x2000 bytes and exposes several registers for programming the Security Engine.

Registers

Name Address
SE_SECURITY 0x70012000
SE_TZRAM_SEC 0x70012004
SE_OPERATION 0x70012008
SE_INT_ENABLE 0x7001200C
SE_INT_STATUS 0x70012010
SE_CONFIG 0x70012014
SE_IN_LL_ADDR 0x70012018
SE_OUT_LL_ADDR 0x70012024
SE_HASH_RESULT 0x70012030
SE_CONTEXT_SAVE_CONFIG 0x70012070
SE_CONTEXT_SAVE_AUTO 0x70012074
SE_SHA_CONFIG 0x70012200
SE_SHA_MSG_LENGTH 0x70012204
SE_SHA_MSG_UNK0 0x70012208
SE_SHA_MSG_UNK1 0x7001220C
SE_SHA_MSG_UNK2 0x70012210
SE_SHA_MSG_LEFT 0x70012214
SE_SHA_MSG_UNK3 0x70012218
SE_SHA_MSG_UNK4 0x7001221C
SE_SHA_MSG_UNK5 0x70012220
SE_AES_KEY_READ_DISABLE 0x70012280
SE_AES_KEYTABLE_ACCESS 0x70012284
SE_CRYPTO 0x70012304
SE_CRYPTO_CTR 0x70012308
SE_BLOCK_COUNT 0x70012318
SE_AES_KEYTABLE_ADDR 0x7001231C
SE_AES_KEYTABLE_DATA 0x70012320
SE_CRYPTO_KEYTABLE_DST 0x70012330
SE_RNG_CONFIG 0x70012340
SE_RNG_SRC_CONFIG 0x70012344
SE_RNG_RESEED_INTERVAL 0x70012348
SE_RSA_CONFIG 0x70012400
SE_RSA_KEY_SIZE 0x70012404
SE_RSA_EXP_SIZE 0x70012408
SE_RSA_KEY_READ_DISABLE 0x7001240C
SE_RSA_KEYTABLE_ACCESS 0x70012410
SE_RSA_KEYTABLE_ADDR 0x70012420
SE_RSA_KEYTABLE_DATA 0x70012424
SE_RSA_OUTPUT 0x70012428
SE_STATUS 0x70012800
SE_ERR_STATUS 0x70012804
SE_SPARE_0 0x7001280C