SPL services: Difference between revisions

Line 16:

== GenerateRandomBytes ==

Takes an output type-0xA buffer and fills it with random data from [[SMC#~~GetRandomBytes~~|~~GetRandomBytes~~ SMC]]. Same command for "spl:" and "csrng" services, except for buffer-type.

Takes an output type-0xA buffer and fills it with random data from [[SMC#GenerateRandomBytes|GenerateRandomBytes SMC]]. Same command for "spl:" and "csrng" services, except for buffer-type.

= spl: =

Line 27:

| 0 || [[#GetConfig]]

|-

| 1 || [[#~~ExpMod~~]]

| 1 || [[#ModularExponentiate]]

|-

| 5 || [[#SetConfig]]

Line 45:

Takes an input u32 '''ConfigItem'''. Returns one or more output u64s '''ConfigValue'''.

== ~~ExpMod~~ ==

== ModularExponentiate ==

Wrapper for [[SMC#~~ExpMod~~|~~ExpMod~~ SMC]].

Wrapper for [[SMC#ModularExponentiate|ModularExponentiate SMC]].

Takes an output type-0xA buffer '''DataOut''' and 3 input type-0x9 buffers '''DataIn''', '''ExpIn''' and '''ModIn'''.

Line 81:

== ImportLotusKey ==

Wrapper for [[SMC#~~ImportLotusKey~~|~~ImportLotusKey~~ SMC]].

Wrapper for [[SMC#DecryptAndImportLotusKey|DecryptAndImportLotusKey SMC]].

Takes an input type-0x9 buffer '''DataIn''', an input 16-byte '''AccessKey''', an input 16-byte '''KeySource''' and an input u32 '''Version''' (0 for normal keys or 1 for extended keys).

Line 87:

Decrypts '''DataIn''' with a key generated from '''AccessKey''' and '''KeySource''' and imports it for later usage.

[5.0.0+] The '''Version''' argument was removed and this now calls the [[SMC#~~ReEncryptRsaPrivateKey~~|~~ReEncryptRsaPrivateKey~~ SMC]] instead.

[5.0.0+] The '''Version''' argument was removed and this now calls the [[SMC#ReencryptDeviceUniqueData|ReencryptDeviceUniqueData SMC]] instead.

== DecryptLotusMessage ==

Takes 3 input type-0x9 buffers '''DataIn''', '''ModIn''' and '''LabelHashIn'''.

Uses the [[SMC#~~SecureExpMod~~|~~SecureExpMod~~ SMC]] to decrypt '''DataIn''' using the private key imported with [[#ImportLotusKey]] and the supplied '''ModIn''' and '''LabelHashIn'''.

Uses the [[SMC#ModularExponentiateByStorageKey|ModularExponentiateByStorageKey SMC]] to decrypt '''DataIn''' using the private key imported with [[#ImportLotusKey]] and the supplied '''ModIn''' and '''LabelHashIn'''.

== IsDevelopment ==

Line 104:

Takes an input 16-byte '''KeySource''' and two input u32s '''Generation''' and '''Option'''. Returns an output 16-byte '''AesKey'''.

== ~~DecryptRsaPrivateKey~~ ==

== DecryptDeviceUniqueData ==

Wrapper for [[SMC#~~DecryptRsaPrivateKey~~|~~DecryptRsaPrivateKey~~ SMC]].

Wrapper for [[SMC#DecryptDeviceUniqueData|DecryptDeviceUniqueData SMC]].

Takes an output type-0xA buffer '''DataOut''', an input type-0x9 '''DataIn''', an input 16-byte '''AccessKey''', an input 16-byte '''KeySource''' and an input u32 '''Version''' (0 for normal keys or 1 for extended keys).

Line 113:

Used by [[SSL_services|SSL]] for TLS client-privk.

[5.0.0+] The '''Version''' argument was removed ~~and this now calls [[SMC#DecryptOrImportRsaPrivateKey|DecryptOrImportRsaPrivateKey SMC]] instead~~.

[5.0.0+] The '''Version''' argument was removed.

== DecryptAesKey ==

Line 137:

== ImportEsKey ==

Wrapper for [[SMC#~~ImportEsKey~~|~~ImportEsKey~~ SMC]].

Wrapper for [[SMC#DecryptAndImportEsDeviceKey|DecryptAndImportEsDeviceKey SMC]].

Takes an input type-0x9 buffer '''DataIn''', an input 16-byte '''AccessKey''', an input 16-byte '''KeySource''' and an input u32 '''Version''' (0 for normal keys or 1 for extended keys).

Line 143:

Decrypts '''DataIn''' with a key generated from '''AccessKey''' and '''KeySource''' and imports it for later usage.

[5.0.0+] The '''Version''' argument was removed and this now calls the [[SMC#~~ReEncryptRsaPrivateKey~~|~~ReEncryptRsaPrivateKey~~ SMC]] instead.

[5.0.0+] The '''Version''' argument was removed and this now calls the [[SMC#ReencryptDeviceUniqueData|ReencryptDeviceUniqueData SMC]] instead.

== UnwrapTitleKey ==

Wrapper for [[SMC#~~UnwrapTitleKey~~|~~UnwrapTitleKey~~ SMC]].

Wrapper for [[SMC#PrepareEsDeviceUniqueKey|PrepareEsDeviceUniqueKey SMC]].

Takes an output type-0xA buffer '''DataOut''' and 3 input type-0x9 buffers '''DataIn''', '''ModIn''' and '''LabelHashIn'''. Returns an output u32 '''DataOutSize'''.

Line 155:

== LoadTitleKey ==

Wrapper for [[SMC#~~LoadTitleKey~~|~~LoadTitleKey~~ SMC]].

Wrapper for [[SMC#LoadPreparedAesKey|LoadPreparedAesKey SMC]].

Takes an input u32 '''Keyslot''' and an input 16-byte '''AccessKey'''.

Line 162:

== UnwrapCommonTitleKey ==

Wrapper for [[SMC#~~UnwrapCommonTitleKey~~|~~UnwrapCommonTitleKey~~ SMC]].

Wrapper for [[SMC#PrepareEsCommonKey|PrepareEsCommonKey SMC]].

Takes an input 16-byte '''KeySource'''. Returns an output 16-byte '''AccessKey'''.

Line 173:

Returns error 0xD01A if all keyslots are taken.

== ~~FreeAesKeyslot~~ ==

== DeallocateAesKeySlot ==

Takes an input u32 '''Keyslot'''.

Line 191:

[4.0.0+] Returns 0xD61A if a value has not previously been set and unsets the value after getting it.

== ~~LoadElicenseKey~~ ==

== LoadPreparedAesKey ==

Same as [[#LoadTitleKey|LoadTitleKey]].

Line 203:

| 0 || [[#GetConfig]]

|-

| 1 || [[#~~ExpMod~~]]

| 1 || [[#ModularExponentiate]]

|-

| 5 || [[#SetConfig]]

Line 229:

| 21 || [2.0.0+] [[#AllocateAesKeyslot]]

|-

| 22 || [2.0.0+] [[#~~FreeAesKeyslot~~]]

| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]

|-

| 23 || [2.0.0+] [[#GetAesKeyslotAvailableEvent]]

Line 243:

| 0 || [[#GetConfig]]

|-

| 1 || [[#~~ExpMod~~]]

| 1 || [[#ModularExponentiate]]

|-

| 5 || [[#SetConfig]]

Line 269:

| 21 || [2.0.0+] [[#AllocateAesKeyslot]]

|-

| 22 || [2.0.0+] [[#~~FreeAesKeyslot~~]]

| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]

|-

| 23 || [2.0.0+] [[#GetAesKeyslotAvailableEvent]]

Line 293:

| 0 || [[#GetConfig]]

|-

| 1 || [[#~~ExpMod~~]]

| 1 || [[#ModularExponentiate]]

|-

| 5 || [[#SetConfig]]

Line 319:

| 21 || [2.0.0+] [[#AllocateAesKeyslot]]

|-

| 22 || [2.0.0+] [[#~~FreeAesKeyslot~~]]

| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]

|-

| 23 || [2.0.0+] [[#GetAesKeyslotAvailableEvent]]

|-

| 13 || [[#~~DecryptRsaPrivateKey~~]]

| 13 || [[#DecryptDeviceUniqueData]]

|-

| 26 || [5.0.0+] ~~ImportSslKey~~

| 26 || [5.0.0+] DecryptAndStoreSslClientCertKey

|-

| 27 || [5.0.0+] ~~SslExpMod~~

| 27 || [5.0.0+] ModularExponentiateWithSslClientCertKey

|}

Line 339:

| 0 || [[#GetConfig]]

|-

| 1 || [[#~~ExpMod~~]]

| 1 || [[#ModularExponentiate]]

|-

| 5 || [[#SetConfig]]

Line 365:

| 21 || [2.0.0+] [[#AllocateAesKeyslot]]

|-

| 22 || [2.0.0+] [[#~~FreeAesKeyslot~~]]

| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]

|-

| 23 || [2.0.0+] [[#GetAesKeyslotAvailableEvent]]

|-

| 13 || [[#~~DecryptRsaPrivateKey~~]]

| 13 || [[#DecryptDeviceUniqueData]]

|-

| 17 || [[#ImportEsKey]]

Line 375:

| 18 || [[#UnwrapTitleKey]]

|-

| 20 || [2.0.0+] [[#~~UnwrapCommonTitleKey~~]]

| 20 || [2.0.0+] [[#PrepareEsCommonKey]]

|-

| 28 || [5.0.0+] ~~ImportDrmKey~~

| 28 || [5.0.0+] DecryptAndStoreDrmDeviceCertKey

|-

| 29 || [5.0.0+] ~~DrmExpMod~~

| 29 || [5.0.0+] ModularExponentiateWithDrmDeviceCertKey

|-

| 31 || [6.0.0+] ~~UnwrapElicenseKey~~

| 31 || [6.0.0+] PrepareEsArchiveKey

|-

| 32 || [6.0.0+] [[#~~LoadElicenseKey~~]]

| 32 || [6.0.0+] [[#LoadPreparedAesKey]]

|}

Line 395:

| 0 || [[#GetConfig]]

|-

| 1 || [[#~~ExpMod~~]]

| 1 || [[#ModularExponentiate]]

|-

| 5 || [[#SetConfig]]

Line 421:

| 21 || [2.0.0+] [[#AllocateAesKeyslot]]

|-

| 22 || [2.0.0+] [[#~~FreeAesKeyslot~~]]

| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]

|-

| 23 || [2.0.0+] [[#GetAesKeyslotAvailableEvent]]

|-

| 13 || [[#~~DecryptRsaPrivateKey~~]]

| 13 || [[#DecryptDeviceUniqueData]]

|-

| 30 || [5.0.0+] ~~ReEncryptRsaPrivateKey~~

| 30 || [5.0.0+] ReencryptDeviceUniqueData

|}

[[Category:Services]]

@@ Line 16: / Line 16: @@
 == GenerateRandomBytes ==
-Takes an output type-0xA buffer and fills it with random data from [[SMC#GetRandomBytes|GetRandomBytes SMC]]. Same command for "spl:" and "csrng" services, except for buffer-type.
+Takes an output type-0xA buffer and fills it with random data from [[SMC#GenerateRandomBytes|GenerateRandomBytes SMC]]. Same command for "spl:" and "csrng" services, except for buffer-type.
 = spl: =
@@ Line 27: / Line 27: @@
 | 0 || [[#GetConfig]]
 |-
-| 1 || [[#ExpMod]]
+| 1 || [[#ModularExponentiate]]
 |-
 | 5 || [[#SetConfig]]
@@ Line 45: / Line 45: @@
 Takes an input u32 '''ConfigItem'''. Returns one or more output u64s '''ConfigValue'''.
-== ExpMod ==
+== ModularExponentiate ==
-Wrapper for [[SMC#ExpMod|ExpMod SMC]].
+Wrapper for [[SMC#ModularExponentiate|ModularExponentiate SMC]].
 Takes an output type-0xA buffer '''DataOut''' and 3 input type-0x9 buffers '''DataIn''', '''ExpIn''' and '''ModIn'''.
@@ Line 81: / Line 81: @@
 == ImportLotusKey ==
-Wrapper for [[SMC#ImportLotusKey|ImportLotusKey SMC]].
+Wrapper for [[SMC#DecryptAndImportLotusKey|DecryptAndImportLotusKey SMC]].
 Takes an input type-0x9 buffer '''DataIn''', an input 16-byte '''AccessKey''', an input 16-byte '''KeySource''' and an input u32 '''Version''' (0 for normal keys or 1 for extended keys).
@@ Line 87: / Line 87: @@
 Decrypts '''DataIn''' with a key generated from '''AccessKey''' and '''KeySource''' and imports it for later usage.
-[5.0.0+] The '''Version''' argument was removed and this now calls the [[SMC#ReEncryptRsaPrivateKey|ReEncryptRsaPrivateKey SMC]] instead.
+[5.0.0+] The '''Version''' argument was removed and this now calls the [[SMC#ReencryptDeviceUniqueData|ReencryptDeviceUniqueData SMC]] instead.
 == DecryptLotusMessage ==
 Takes 3 input type-0x9 buffers '''DataIn''', '''ModIn''' and '''LabelHashIn'''.
-Uses the [[SMC#SecureExpMod|SecureExpMod SMC]] to decrypt '''DataIn''' using the private key imported with [[#ImportLotusKey]] and the supplied '''ModIn''' and '''LabelHashIn'''.
+Uses the [[SMC#ModularExponentiateByStorageKey|ModularExponentiateByStorageKey SMC]] to decrypt '''DataIn''' using the private key imported with [[#ImportLotusKey]] and the supplied '''ModIn''' and '''LabelHashIn'''.
 == IsDevelopment ==
@@ Line 104: / Line 104: @@
 Takes an input 16-byte '''KeySource''' and two input u32s '''Generation''' and '''Option'''. Returns an output 16-byte '''AesKey'''.
-== DecryptRsaPrivateKey ==
+== DecryptDeviceUniqueData ==
-Wrapper for [[SMC#DecryptRsaPrivateKey|DecryptRsaPrivateKey SMC]].
+Wrapper for [[SMC#DecryptDeviceUniqueData|DecryptDeviceUniqueData SMC]].
 Takes an output type-0xA buffer '''DataOut''', an input type-0x9 '''DataIn''', an input 16-byte '''AccessKey''', an input 16-byte '''KeySource''' and an input u32 '''Version''' (0 for normal keys or 1 for extended keys).
@@ Line 113: / Line 113: @@
 Used by [[SSL_services|SSL]] for TLS client-privk.
-[5.0.0+] The '''Version''' argument was removed and this now calls [[SMC#DecryptOrImportRsaPrivateKey|DecryptOrImportRsaPrivateKey SMC]] instead.
+[5.0.0+] The '''Version''' argument was removed.
 == DecryptAesKey ==
@@ Line 137: / Line 137: @@
 == ImportEsKey ==
-Wrapper for [[SMC#ImportEsKey|ImportEsKey SMC]].
+Wrapper for [[SMC#DecryptAndImportEsDeviceKey|DecryptAndImportEsDeviceKey SMC]].
 Takes an input type-0x9 buffer '''DataIn''', an input 16-byte '''AccessKey''', an input 16-byte '''KeySource''' and an input u32 '''Version''' (0 for normal keys or 1 for extended keys).
@@ Line 143: / Line 143: @@
 Decrypts '''DataIn''' with a key generated from '''AccessKey''' and '''KeySource''' and imports it for later usage.
-[5.0.0+] The '''Version''' argument was removed and this now calls the [[SMC#ReEncryptRsaPrivateKey|ReEncryptRsaPrivateKey SMC]] instead.
+[5.0.0+] The '''Version''' argument was removed and this now calls the [[SMC#ReencryptDeviceUniqueData|ReencryptDeviceUniqueData SMC]] instead.
 == UnwrapTitleKey ==
-Wrapper for [[SMC#UnwrapTitleKey|UnwrapTitleKey SMC]].
+Wrapper for [[SMC#PrepareEsDeviceUniqueKey|PrepareEsDeviceUniqueKey SMC]].
 Takes an output type-0xA buffer '''DataOut''' and 3 input type-0x9 buffers '''DataIn''', '''ModIn''' and '''LabelHashIn'''. Returns an output u32 '''DataOutSize'''.
@@ Line 155: / Line 155: @@
 == LoadTitleKey ==
-Wrapper for [[SMC#LoadTitleKey|LoadTitleKey SMC]].
+Wrapper for [[SMC#LoadPreparedAesKey|LoadPreparedAesKey SMC]].
 Takes an input u32 '''Keyslot''' and an input 16-byte '''AccessKey'''.
@@ Line 162: / Line 162: @@
 == UnwrapCommonTitleKey ==
-Wrapper for [[SMC#UnwrapCommonTitleKey|UnwrapCommonTitleKey SMC]].
+Wrapper for [[SMC#PrepareEsCommonKey|PrepareEsCommonKey SMC]].
 Takes an input 16-byte '''KeySource'''. Returns an output 16-byte '''AccessKey'''.
@@ Line 173: / Line 173: @@
 Returns error 0xD01A if all keyslots are taken.
-== FreeAesKeyslot ==
+== DeallocateAesKeySlot ==
 Takes an input u32 '''Keyslot'''.
@@ Line 191: / Line 191: @@
 [4.0.0+] Returns 0xD61A if a value has not previously been set and unsets the value after getting it.
-== LoadElicenseKey ==
+== LoadPreparedAesKey ==
 Same as [[#LoadTitleKey|LoadTitleKey]].
@@ Line 203: / Line 203: @@
 | 0 || [[#GetConfig]]
 |-
-| 1 || [[#ExpMod]]
+| 1 || [[#ModularExponentiate]]
 |-
 | 5 || [[#SetConfig]]
@@ Line 229: / Line 229: @@
 | 21 || [2.0.0+] [[#AllocateAesKeyslot]]
 |-
-| 22 || [2.0.0+] [[#FreeAesKeyslot]]
+| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]
 |-
 | 23 || [2.0.0+] [[#GetAesKeyslotAvailableEvent]]
@@ Line 243: / Line 243: @@
 | 0 || [[#GetConfig]]
 |-
-| 1 || [[#ExpMod]]
+| 1 || [[#ModularExponentiate]]
 |-
 | 5 || [[#SetConfig]]
@@ Line 269: / Line 269: @@
 | 21 || [2.0.0+] [[#AllocateAesKeyslot]]
 |-
-| 22 || [2.0.0+] [[#FreeAesKeyslot]]
+| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]
 |-
 | 23 || [2.0.0+] [[#GetAesKeyslotAvailableEvent]]
@@ Line 293: / Line 293: @@
 | 0 || [[#GetConfig]]
 |-
-| 1 || [[#ExpMod]]
+| 1 || [[#ModularExponentiate]]
 |-
 | 5 || [[#SetConfig]]
@@ Line 319: / Line 319: @@
 | 21 || [2.0.0+] [[#AllocateAesKeyslot]]
 |-
-| 22 || [2.0.0+] [[#FreeAesKeyslot]]
+| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]
 |-
 | 23 || [2.0.0+] [[#GetAesKeyslotAvailableEvent]]
 |-
-| 13 || [[#DecryptRsaPrivateKey]]
+| 13 || [[#DecryptDeviceUniqueData]]
 |-
-| 26 || [5.0.0+] ImportSslKey
+| 26 || [5.0.0+] DecryptAndStoreSslClientCertKey
 |-
-| 27 || [5.0.0+] SslExpMod
+| 27 || [5.0.0+] ModularExponentiateWithSslClientCertKey
 |}
@@ Line 339: / Line 339: @@
 | 0 || [[#GetConfig]]
 |-
-| 1 || [[#ExpMod]]
+| 1 || [[#ModularExponentiate]]
 |-
 | 5 || [[#SetConfig]]
@@ Line 365: / Line 365: @@
 | 21 || [2.0.0+] [[#AllocateAesKeyslot]]
 |-
-| 22 || [2.0.0+] [[#FreeAesKeyslot]]
+| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]
 |-
 | 23 || [2.0.0+] [[#GetAesKeyslotAvailableEvent]]
 |-
-| 13 || [[#DecryptRsaPrivateKey]]
+| 13 || [[#DecryptDeviceUniqueData]]
 |-
 | 17 || [[#ImportEsKey]]
@@ Line 375: / Line 375: @@
 | 18 || [[#UnwrapTitleKey]]
 |-
-| 20 || [2.0.0+] [[#UnwrapCommonTitleKey]]
+| 20 || [2.0.0+] [[#PrepareEsCommonKey]]
 |-
-| 28 || [5.0.0+] ImportDrmKey
+| 28 || [5.0.0+] DecryptAndStoreDrmDeviceCertKey
 |-
-| 29 || [5.0.0+] DrmExpMod
+| 29 || [5.0.0+] ModularExponentiateWithDrmDeviceCertKey
 |-
-| 31 || [6.0.0+] UnwrapElicenseKey
+| 31 || [6.0.0+] PrepareEsArchiveKey
 |-
-| 32 || [6.0.0+] [[#LoadElicenseKey]]
+| 32 || [6.0.0+] [[#LoadPreparedAesKey]]
 |}
@@ Line 395: / Line 395: @@
 | 0 || [[#GetConfig]]
 |-
-| 1 || [[#ExpMod]]
+| 1 || [[#ModularExponentiate]]
 |-
 | 5 || [[#SetConfig]]
@@ Line 421: / Line 421: @@
 | 21 || [2.0.0+] [[#AllocateAesKeyslot]]
 |-
-| 22 || [2.0.0+] [[#FreeAesKeyslot]]
+| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]
 |-
 | 23 || [2.0.0+] [[#GetAesKeyslotAvailableEvent]]
 |-
-| 13 || [[#DecryptRsaPrivateKey]]
+| 13 || [[#DecryptDeviceUniqueData]]
 |-
-| 30 || [5.0.0+] ReEncryptRsaPrivateKey
+| 30 || [5.0.0+] ReencryptDeviceUniqueData
 |}
 [[Category:Services]]