Difference between revisions of "Security Engine"

From Nintendo Switch Brew
Jump to navigation Jump to search
(consistent names)
Line 29: Line 29:
 
| SE_IN_LL_ADDR
 
| SE_IN_LL_ADDR
 
| 0x70012018
 
| 0x70012018
 +
|-
 +
| SE_IN_CUR_BYTE_ADDR
 +
| 0x7001201C
 +
|-
 +
| SE_IN_CUR_LL_ID
 +
| 0x70012020
 
|-
 
|-
 
| SE_OUT_LL_ADDR
 
| SE_OUT_LL_ADDR
 
| 0x70012024
 
| 0x70012024
 
|-
 
|-
| SE_HASH_RESULT0_0
+
| SE_OUT_CUR_BYTE_ADDR
 +
| 0x70012028
 +
|-
 +
| SE_OUT_CUR_LL_ID
 +
| 0x7001202C
 +
|-
 +
| SE_HASH_RESULT_0
 
| 0x70012030
 
| 0x70012030
 
|-
 
|-
| SE_HASH_RESULT0_1
+
| SE_HASH_RESULT_1
 
| 0x70012034
 
| 0x70012034
 
|-
 
|-
| SE_HASH_RESULT0_2
+
| SE_HASH_RESULT_2
 
| 0x70012038
 
| 0x70012038
 
|-
 
|-
| SE_HASH_RESULT0_3
+
| SE_HASH_RESULT_3
 
| 0x7001203C
 
| 0x7001203C
 
|-
 
|-
| SE_HASH_RESULT1_0
+
| SE_HASH_RESULT_4
 
| 0x70012040
 
| 0x70012040
 
|-
 
|-
| SE_HASH_RESULT1_1
+
| SE_HASH_RESULT_5
 
| 0x70012044
 
| 0x70012044
 
|-
 
|-
| SE_HASH_RESULT1_2
+
| SE_HASH_RESULT_6
 
| 0x70012048
 
| 0x70012048
 
|-
 
|-
| SE_HASH_RESULT1_3
+
| SE_HASH_RESULT_7
 
| 0x7001204C
 
| 0x7001204C
 
|-
 
|-
| SE_HASH_RESULT2_0
+
| SE_HASH_RESULT_8
 
| 0x70012050
 
| 0x70012050
 
|-
 
|-
| SE_HASH_RESULT2_1
+
| SE_HASH_RESULT_9
 
| 0x70012054
 
| 0x70012054
 
|-
 
|-
| SE_HASH_RESULT2_2
+
| SE_HASH_RESULT_10
 
| 0x70012058
 
| 0x70012058
 
|-
 
|-
| SE_HASH_RESULT2_3
+
| SE_HASH_RESULT_11
 
| 0x7001205C
 
| 0x7001205C
 
|-
 
|-
| SE_HASH_RESULT3_0
+
| SE_HASH_RESULT_12
 
| 0x70012060
 
| 0x70012060
 
|-
 
|-
| SE_HASH_RESULT3_1
+
| SE_HASH_RESULT_13
 
| 0x70012064
 
| 0x70012064
 
|-
 
|-
| SE_HASH_RESULT3_2
+
| SE_HASH_RESULT_14
 
| 0x70012068
 
| 0x70012068
 
|-
 
|-
| SE_HASH_RESULT3_3
+
| SE_HASH_RESULT_15
 
| 0x7001206C
 
| 0x7001206C
 
|-
 
|-
 
| SE_CTX_SAVE_CONFIG
 
| SE_CTX_SAVE_CONFIG
 
| 0x70012070
 
| 0x70012070
|-
 
| SE_CTX_SAVE_AUTO
 
| 0x70012074
 
 
|-
 
|-
 
| SE_SHA_CONFIG
 
| SE_SHA_CONFIG
 
| 0x70012200
 
| 0x70012200
 
|-
 
|-
| SE_SHA_MSG_LENGTH0
+
| SE_SHA_MSG_LENGTH_0
 
| 0x70012204
 
| 0x70012204
 
|-
 
|-
| SE_SHA_MSG_LENGTH1
+
| SE_SHA_MSG_LENGTH_1
 
| 0x70012208
 
| 0x70012208
 
|-
 
|-
| SE_SHA_MSG_LENGTH2
+
| SE_SHA_MSG_LENGTH_2
 
| 0x7001220C
 
| 0x7001220C
 
|-
 
|-
| SE_SHA_MSG_LENGTH3
+
| SE_SHA_MSG_LENGTH_3
 
| 0x70012210
 
| 0x70012210
 
|-
 
|-
| SE_SHA_MSG_LEFT0
+
| SE_SHA_MSG_LEFT_0
 
| 0x70012214
 
| 0x70012214
 
|-
 
|-
| SE_SHA_MSG_LEFT1
+
| SE_SHA_MSG_LEFT_1
 
| 0x70012218
 
| 0x70012218
 
|-
 
|-
| SE_SHA_MSG_LEFT2
+
| SE_SHA_MSG_LEFT_2
 
| 0x7001221C
 
| 0x7001221C
 
|-
 
|-
| SE_SHA_MSG_LEFT3
+
| SE_SHA_MSG_LEFT_3
 
| 0x70012220
 
| 0x70012220
 
|-
 
|-
| SE_CRYPTO_KEY_READ_DISABLE
+
| SE_CRYPTO_SECURITY_PERKEY
 
| 0x70012280
 
| 0x70012280
 
|-
 
|-
| SE_CRYPTO_KEYTABLE_ACCESS
+
| SE_CRYPTO_KEYTABLE_ACCESS_0
 
| 0x70012284
 
| 0x70012284
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_1
 +
| 0x70012288
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_2
 +
| 0x7001228C
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_3
 +
| 0x70012290
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_4
 +
| 0x70012294
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_5
 +
| 0x70012298
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_6
 +
| 0x7001229C
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_7
 +
| 0x700122A0
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_8
 +
| 0x700122A4
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_9
 +
| 0x700122A8
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_10
 +
| 0x700122AC
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_11
 +
| 0x700122B0
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_12
 +
| 0x700122B4
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_13
 +
| 0x700122B8
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_14
 +
| 0x700122BC
 +
|-
 +
| SE_CRYPTO_KEYTABLE_ACCESS_15
 +
| 0x700122C0
 
|-
 
|-
 
| SE_CRYPTO_CONFIG
 
| SE_CRYPTO_CONFIG
 
| 0x70012304
 
| 0x70012304
 
|-
 
|-
| SE_CRYPTO_CTR
+
| SE_CRYPTO_LINEAR_CTR_0
 
| 0x70012308
 
| 0x70012308
 
|-
 
|-
| SE_CRYPTO_BLOCK_COUNT
+
| SE_CRYPTO_LINEAR_CTR_1
 +
| 0x7001230C
 +
|-
 +
| SE_CRYPTO_LINEAR_CTR_2
 +
| 0x70012310
 +
|-
 +
| SE_CRYPTO_LINEAR_CTR_3
 +
| 0x70012314
 +
|-
 +
| SE_CRYPTO_LAST_BLOCK
 
| 0x70012318
 
| 0x70012318
 
|-
 
|-
Line 132: Line 195:
 
| 0x7001231C
 
| 0x7001231C
 
|-
 
|-
| SE_CRYPTO_KEYTABLE_DATA
+
| SE_CRYPTO_KEYTABLE_DATA_0
 
| 0x70012320
 
| 0x70012320
 +
|-
 +
| SE_CRYPTO_KEYTABLE_DATA_1
 +
| 0x70012324
 +
|-
 +
| SE_CRYPTO_KEYTABLE_DATA_2
 +
| 0x70012328
 +
|-
 +
| SE_CRYPTO_KEYTABLE_DATA_3
 +
| 0x7001232C
 
|-
 
|-
 
| SE_CRYPTO_KEYTABLE_DST
 
| SE_CRYPTO_KEYTABLE_DST
Line 156: Line 228:
 
| 0x70012408
 
| 0x70012408
 
|-
 
|-
| SE_RSA_KEY_READ_DISABLE
+
| SE_RSA_SECURITY_PERKEY
 
| 0x7001240C
 
| 0x7001240C
 
|-
 
|-
| SE_RSA_KEYTABLE_ACCESS
+
| SE_RSA_KEYTABLE_ACCESS_0
 
| 0x70012410
 
| 0x70012410
 +
|-
 +
| SE_RSA_KEYTABLE_ACCESS_1
 +
| 0x70012414
 
|-
 
|-
 
| SE_RSA_KEYTABLE_ADDR
 
| SE_RSA_KEYTABLE_ADDR
Line 168: Line 243:
 
| 0x70012424
 
| 0x70012424
 
|-
 
|-
| SE_RSA_OUTPUT
+
| SE_RSA_OUTPUT_0
 
| 0x70012428
 
| 0x70012428
 +
|-
 +
| SE_RSA_OUTPUT_1
 +
| 0x7001242C
 +
|-
 +
| SE_RSA_OUTPUT_2
 +
| 0x70012430
 +
|-
 +
| SE_RSA_OUTPUT_3
 +
| 0x70012434
 +
|-
 +
| SE_RSA_OUTPUT_4
 +
| 0x70012438
 +
|-
 +
| SE_RSA_OUTPUT_5
 +
| 0x7001243C
 +
|-
 +
| SE_RSA_OUTPUT_6
 +
| 0x70012440
 +
|-
 +
| SE_RSA_OUTPUT_7
 +
| 0x70012444
 +
|-
 +
| SE_RSA_OUTPUT_8
 +
| 0x70012448
 +
|-
 +
| SE_RSA_OUTPUT_9
 +
| 0x7001244C
 +
|-
 +
| SE_RSA_OUTPUT_10
 +
| 0x70012450
 +
|-
 +
| SE_RSA_OUTPUT_11
 +
| 0x70012454
 +
|-
 +
| SE_RSA_OUTPUT_12
 +
| 0x70012458
 +
|-
 +
| SE_RSA_OUTPUT_13
 +
| 0x7001245C
 +
|-
 +
| SE_RSA_OUTPUT_14
 +
| 0x70012460
 +
|-
 +
| SE_RSA_OUTPUT_15
 +
| 0x70012464
 +
|-
 +
| SE_RSA_OUTPUT_16
 +
| 0x70012468
 +
|-
 +
| SE_RSA_OUTPUT_17
 +
| 0x7001246C
 +
|-
 +
| SE_RSA_OUTPUT_18
 +
| 0x70012470
 +
|-
 +
| SE_RSA_OUTPUT_19
 +
| 0x70012474
 +
|-
 +
| SE_RSA_OUTPUT_20
 +
| 0x70012478
 +
|-
 +
| SE_RSA_OUTPUT_21
 +
| 0x7001247C
 +
|-
 +
| SE_RSA_OUTPUT_22
 +
| 0x70012480
 +
|-
 +
| SE_RSA_OUTPUT_23
 +
| 0x70012484
 +
|-
 +
| SE_RSA_OUTPUT_24
 +
| 0x70012488
 +
|-
 +
| SE_RSA_OUTPUT_25
 +
| 0x7001248C
 +
|-
 +
| SE_RSA_OUTPUT_26
 +
| 0x70012490
 +
|-
 +
| SE_RSA_OUTPUT_27
 +
| 0x70012494
 +
|-
 +
| SE_RSA_OUTPUT_28
 +
| 0x70012498
 +
|-
 +
| SE_RSA_OUTPUT_29
 +
| 0x7001249C
 +
|-
 +
| SE_RSA_OUTPUT_30
 +
| 0x700124A0
 +
|-
 +
| SE_RSA_OUTPUT_31
 +
| 0x700124A4
 +
|-
 +
| SE_RSA_OUTPUT_32
 +
| 0x700124A8
 +
|-
 +
| SE_RSA_OUTPUT_33
 +
| 0x700124AC
 +
|-
 +
| SE_RSA_OUTPUT_34
 +
| 0x700124B0
 +
|-
 +
| SE_RSA_OUTPUT_35
 +
| 0x700124B4
 +
|-
 +
| SE_RSA_OUTPUT_36
 +
| 0x700124B8
 +
|-
 +
| SE_RSA_OUTPUT_37
 +
| 0x700124BC
 +
|-
 +
| SE_RSA_OUTPUT_38
 +
| 0x700124C0
 +
|-
 +
| SE_RSA_OUTPUT_39
 +
| 0x700124C4
 +
|-
 +
| SE_RSA_OUTPUT_40
 +
| 0x700124C8
 +
|-
 +
| SE_RSA_OUTPUT_41
 +
| 0x700124CC
 +
|-
 +
| SE_RSA_OUTPUT_42
 +
| 0x700124D0
 +
|-
 +
| SE_RSA_OUTPUT_43
 +
| 0x700124D4
 +
|-
 +
| SE_RSA_OUTPUT_44
 +
| 0x700124D8
 +
|-
 +
| SE_RSA_OUTPUT_45
 +
| 0x700124DC
 +
|-
 +
| SE_RSA_OUTPUT_46
 +
| 0x700124E0
 +
|-
 +
| SE_RSA_OUTPUT_47
 +
| 0x700124E4
 +
|-
 +
| SE_RSA_OUTPUT_48
 +
| 0x700124E8
 +
|-
 +
| SE_RSA_OUTPUT_49
 +
| 0x700124EC
 +
|-
 +
| SE_RSA_OUTPUT_50
 +
| 0x700124F0
 +
|-
 +
| SE_RSA_OUTPUT_51
 +
| 0x700124F4
 +
|-
 +
| SE_RSA_OUTPUT_52
 +
| 0x700124F8
 +
|-
 +
| SE_RSA_OUTPUT_53
 +
| 0x700124FC
 +
|-
 +
| SE_RSA_OUTPUT_54
 +
| 0x70012500
 +
|-
 +
| SE_RSA_OUTPUT_55
 +
| 0x70012504
 +
|-
 +
| SE_RSA_OUTPUT_56
 +
| 0x70012508
 +
|-
 +
| SE_RSA_OUTPUT_57
 +
| 0x7001250C
 +
|-
 +
| SE_RSA_OUTPUT_58
 +
| 0x70012510
 +
|-
 +
| SE_RSA_OUTPUT_59
 +
| 0x70012514
 +
|-
 +
| SE_RSA_OUTPUT_60
 +
| 0x70012518
 +
|-
 +
| SE_RSA_OUTPUT_61
 +
| 0x7001251C
 +
|-
 +
| SE_RSA_OUTPUT_62
 +
| 0x70012520
 +
|-
 +
| SE_RSA_OUTPUT_63
 +
| 0x70012524
 
|-
 
|-
 
| SE_STATUS
 
| SE_STATUS
Line 176: Line 440:
 
| SE_ERR_STATUS
 
| SE_ERR_STATUS
 
| 0x70012804
 
| 0x70012804
 +
|-
 +
| SE_MISC
 +
| 0x70012808
 
|-
 
|-
 
| SE_SPARE
 
| SE_SPARE
 
| 0x7001280C
 
| 0x7001280C
 +
|-
 +
| SE_ENTROPY_DEBUG_COUNTER
 +
| 0x70012810
 
|}
 
|}

Revision as of 17:41, 21 July 2019

The Nintendo Switch uses Tegra's Security Engine (SE) for handling cryptographic opearations at the system's lowest level.

The SE driver is mapped to physical address 0x70012000 with a total size of 0x2000 bytes and exposes several registers for programming the Security Engine.

Registers

Name Address
SE_SECURITY 0x70012000
SE_TZRAM_SECURITY 0x70012004
SE_OPERATION 0x70012008
SE_INT_ENABLE 0x7001200C
SE_INT_STATUS 0x70012010
SE_CONFIG 0x70012014
SE_IN_LL_ADDR 0x70012018
SE_IN_CUR_BYTE_ADDR 0x7001201C
SE_IN_CUR_LL_ID 0x70012020
SE_OUT_LL_ADDR 0x70012024
SE_OUT_CUR_BYTE_ADDR 0x70012028
SE_OUT_CUR_LL_ID 0x7001202C
SE_HASH_RESULT_0 0x70012030
SE_HASH_RESULT_1 0x70012034
SE_HASH_RESULT_2 0x70012038
SE_HASH_RESULT_3 0x7001203C
SE_HASH_RESULT_4 0x70012040
SE_HASH_RESULT_5 0x70012044
SE_HASH_RESULT_6 0x70012048
SE_HASH_RESULT_7 0x7001204C
SE_HASH_RESULT_8 0x70012050
SE_HASH_RESULT_9 0x70012054
SE_HASH_RESULT_10 0x70012058
SE_HASH_RESULT_11 0x7001205C
SE_HASH_RESULT_12 0x70012060
SE_HASH_RESULT_13 0x70012064
SE_HASH_RESULT_14 0x70012068
SE_HASH_RESULT_15 0x7001206C
SE_CTX_SAVE_CONFIG 0x70012070
SE_SHA_CONFIG 0x70012200
SE_SHA_MSG_LENGTH_0 0x70012204
SE_SHA_MSG_LENGTH_1 0x70012208
SE_SHA_MSG_LENGTH_2 0x7001220C
SE_SHA_MSG_LENGTH_3 0x70012210
SE_SHA_MSG_LEFT_0 0x70012214
SE_SHA_MSG_LEFT_1 0x70012218
SE_SHA_MSG_LEFT_2 0x7001221C
SE_SHA_MSG_LEFT_3 0x70012220
SE_CRYPTO_SECURITY_PERKEY 0x70012280
SE_CRYPTO_KEYTABLE_ACCESS_0 0x70012284
SE_CRYPTO_KEYTABLE_ACCESS_1 0x70012288
SE_CRYPTO_KEYTABLE_ACCESS_2 0x7001228C
SE_CRYPTO_KEYTABLE_ACCESS_3 0x70012290
SE_CRYPTO_KEYTABLE_ACCESS_4 0x70012294
SE_CRYPTO_KEYTABLE_ACCESS_5 0x70012298
SE_CRYPTO_KEYTABLE_ACCESS_6 0x7001229C
SE_CRYPTO_KEYTABLE_ACCESS_7 0x700122A0
SE_CRYPTO_KEYTABLE_ACCESS_8 0x700122A4
SE_CRYPTO_KEYTABLE_ACCESS_9 0x700122A8
SE_CRYPTO_KEYTABLE_ACCESS_10 0x700122AC
SE_CRYPTO_KEYTABLE_ACCESS_11 0x700122B0
SE_CRYPTO_KEYTABLE_ACCESS_12 0x700122B4
SE_CRYPTO_KEYTABLE_ACCESS_13 0x700122B8
SE_CRYPTO_KEYTABLE_ACCESS_14 0x700122BC
SE_CRYPTO_KEYTABLE_ACCESS_15 0x700122C0
SE_CRYPTO_CONFIG 0x70012304
SE_CRYPTO_LINEAR_CTR_0 0x70012308
SE_CRYPTO_LINEAR_CTR_1 0x7001230C
SE_CRYPTO_LINEAR_CTR_2 0x70012310
SE_CRYPTO_LINEAR_CTR_3 0x70012314
SE_CRYPTO_LAST_BLOCK 0x70012318
SE_CRYPTO_KEYTABLE_ADDR 0x7001231C
SE_CRYPTO_KEYTABLE_DATA_0 0x70012320
SE_CRYPTO_KEYTABLE_DATA_1 0x70012324
SE_CRYPTO_KEYTABLE_DATA_2 0x70012328
SE_CRYPTO_KEYTABLE_DATA_3 0x7001232C
SE_CRYPTO_KEYTABLE_DST 0x70012330
SE_RNG_CONFIG 0x70012340
SE_RNG_SRC_CONFIG 0x70012344
SE_RNG_RESEED_INTERVAL 0x70012348
SE_RSA_CONFIG 0x70012400
SE_RSA_KEY_SIZE 0x70012404
SE_RSA_EXP_SIZE 0x70012408
SE_RSA_SECURITY_PERKEY 0x7001240C
SE_RSA_KEYTABLE_ACCESS_0 0x70012410
SE_RSA_KEYTABLE_ACCESS_1 0x70012414
SE_RSA_KEYTABLE_ADDR 0x70012420
SE_RSA_KEYTABLE_DATA 0x70012424
SE_RSA_OUTPUT_0 0x70012428
SE_RSA_OUTPUT_1 0x7001242C
SE_RSA_OUTPUT_2 0x70012430
SE_RSA_OUTPUT_3 0x70012434
SE_RSA_OUTPUT_4 0x70012438
SE_RSA_OUTPUT_5 0x7001243C
SE_RSA_OUTPUT_6 0x70012440
SE_RSA_OUTPUT_7 0x70012444
SE_RSA_OUTPUT_8 0x70012448
SE_RSA_OUTPUT_9 0x7001244C
SE_RSA_OUTPUT_10 0x70012450
SE_RSA_OUTPUT_11 0x70012454
SE_RSA_OUTPUT_12 0x70012458
SE_RSA_OUTPUT_13 0x7001245C
SE_RSA_OUTPUT_14 0x70012460
SE_RSA_OUTPUT_15 0x70012464
SE_RSA_OUTPUT_16 0x70012468
SE_RSA_OUTPUT_17 0x7001246C
SE_RSA_OUTPUT_18 0x70012470
SE_RSA_OUTPUT_19 0x70012474
SE_RSA_OUTPUT_20 0x70012478
SE_RSA_OUTPUT_21 0x7001247C
SE_RSA_OUTPUT_22 0x70012480
SE_RSA_OUTPUT_23 0x70012484
SE_RSA_OUTPUT_24 0x70012488
SE_RSA_OUTPUT_25 0x7001248C
SE_RSA_OUTPUT_26 0x70012490
SE_RSA_OUTPUT_27 0x70012494
SE_RSA_OUTPUT_28 0x70012498
SE_RSA_OUTPUT_29 0x7001249C
SE_RSA_OUTPUT_30 0x700124A0
SE_RSA_OUTPUT_31 0x700124A4
SE_RSA_OUTPUT_32 0x700124A8
SE_RSA_OUTPUT_33 0x700124AC
SE_RSA_OUTPUT_34 0x700124B0
SE_RSA_OUTPUT_35 0x700124B4
SE_RSA_OUTPUT_36 0x700124B8
SE_RSA_OUTPUT_37 0x700124BC
SE_RSA_OUTPUT_38 0x700124C0
SE_RSA_OUTPUT_39 0x700124C4
SE_RSA_OUTPUT_40 0x700124C8
SE_RSA_OUTPUT_41 0x700124CC
SE_RSA_OUTPUT_42 0x700124D0
SE_RSA_OUTPUT_43 0x700124D4
SE_RSA_OUTPUT_44 0x700124D8
SE_RSA_OUTPUT_45 0x700124DC
SE_RSA_OUTPUT_46 0x700124E0
SE_RSA_OUTPUT_47 0x700124E4
SE_RSA_OUTPUT_48 0x700124E8
SE_RSA_OUTPUT_49 0x700124EC
SE_RSA_OUTPUT_50 0x700124F0
SE_RSA_OUTPUT_51 0x700124F4
SE_RSA_OUTPUT_52 0x700124F8
SE_RSA_OUTPUT_53 0x700124FC
SE_RSA_OUTPUT_54 0x70012500
SE_RSA_OUTPUT_55 0x70012504
SE_RSA_OUTPUT_56 0x70012508
SE_RSA_OUTPUT_57 0x7001250C
SE_RSA_OUTPUT_58 0x70012510
SE_RSA_OUTPUT_59 0x70012514
SE_RSA_OUTPUT_60 0x70012518
SE_RSA_OUTPUT_61 0x7001251C
SE_RSA_OUTPUT_62 0x70012520
SE_RSA_OUTPUT_63 0x70012524
SE_STATUS 0x70012800
SE_ERR_STATUS 0x70012804
SE_MISC 0x70012808
SE_SPARE 0x7001280C
SE_ENTROPY_DEBUG_COUNTER 0x70012810