SPL services: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 4: | Line 4: | ||
! Cmd || Name || Notes | ! Cmd || Name || Notes | ||
|- | |- | ||
| 0 || [[#GetConfig]] || | | 0 || [[#GetConfig]] || wrapper for [[SMC#GetConfig|GetConfig]] | ||
|- | |- | ||
| 1 || || | | 1 || ExpMod || user supplied modulus and exponent | ||
|- | |- | ||
| 2 || [[# | | 2 || [[#KeygenAndSealX]] || wrapper for [[SMC#KeygenAndSealX|KeygenAndSealX]] | ||
|- | |- | ||
| 3 || || | | 3 || SetKeyslotFromXY || wrapper for [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]] | ||
|- | |- | ||
| 4 || | | 4 || DecryptAESCBCWithX || decrypts 16 bytes, uses [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]] with a fixed Y and a fixed CBC IV | ||
|- | |- | ||
| 5 || [[#SetConfig]] || | | 5 || [[#SetConfig]] || wrapper for [[SMC#SetConfig|SetConfig]] | ||
|- | |- | ||
| 7 || || | | 7 || Prng || uses [[SMC#PrngX931|PrngX931]] | ||
|- | |- | ||
| 9 || || | | 9 || ImportExpModParams || wrapper for [[SMC#ImportParamsForFWithXY|ImportParamsForFWithXY]] | ||
|- | |- | ||
| 10 || || | | 10 || ExpMod || wrapper for [[SMC#ExpMod|ExpMod]] | ||
|- | |- | ||
| 11 || [[#GetDevunitFlag]] || | | 11 || [[#GetDevunitFlag]] || uses [[SMC#GetConfig|GetConfig]] | ||
|- | |- | ||
| 12 || | | 12 || KeygenA || wrapper for [[SMC#KeygenA|KeygenA]] | ||
|- | |- | ||
| 13 || [[# | | 13 || [[#DecryptExpModParamsWithXY]] || wrapper for [[SMC#DecryptExpModParamsWithXY|DecryptExpModParamsWithXY]] | ||
|- | |- | ||
| 14 || | | 14 || DecryptAESCBC || decrypts 16 bytes, uses [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]] with fixed X, Y and a fixed CBC IV | ||
|- | |- | ||
| 15 || || | | 15 || SymmetricCrypto || wrapper for [[SMC#SymmetricCrypto|SymmetricCrypto]] | ||
|- | |- | ||
| 16 || || | | 16 || CMAC || wrapper for [[SMC#CMAC|CMAC]] | ||
|- | |- | ||
| 17 || | | 17 || ImportExpModParams || wrapper for [[SMC#ImportParamsFor10WithXY|ImportParamsFor10WithXY]] | ||
|- | |- | ||
| 18 || | | 18 || ExpModAndKeygenAndSealZ || wrapper for [[SMC#ExpModAndKeygenAndSealZ|ExpModAndKeygenAndSealZ]] | ||
|- | |- | ||
| 19 || || | | 19 || SetKeyslotFromZ || wrapper for [[SMC#SetKeyslotFromZ|SetKeyslotFromZ]] | ||
|- | |- | ||
| 20 || || | | 20 || KeygenAndSealZ || wrapper for [[SMC#KeygenAndSealZ|KeygenAndSealZ]] | ||
|- | |- | ||
| 21 || || | | 21 || || | ||
| Line 75: | Line 75: | ||
[[Loader services|RO]] checks id11, if set then skipping NRR rsa signatures is allowed. | [[Loader services|RO]] checks id11, if set then skipping NRR rsa signatures is allowed. | ||
== | == KeygenAndSealX == | ||
Takes 16-bytes as input and two u32s. Outputs random-looking 16-bytes. | Takes 16-bytes as input and two u32s. Outputs random-looking 16-bytes. | ||
| Line 95: | Line 95: | ||
Returns an u8 flag for whether the system is devunit. Output flag is 0 on retail. | Returns an u8 flag for whether the system is devunit. Output flag is 0 on retail. | ||
== | == DecryptExpModParamsWithXY == | ||
Last SPL cmd used by [[SSL_services|SSL]]-sysmodule for TLS client-privk. | Last SPL cmd used by [[SSL_services|SSL]]-sysmodule for TLS client-privk. | ||
Revision as of 00:46, 19 July 2017
spl:
| Cmd | Name | Notes |
|---|---|---|
| 0 | #GetConfig | wrapper for GetConfig |
| 1 | ExpMod | user supplied modulus and exponent |
| 2 | #KeygenAndSealX | wrapper for KeygenAndSealX |
| 3 | SetKeyslotFromXY | wrapper for SetKeyslotFromXY |
| 4 | DecryptAESCBCWithX | decrypts 16 bytes, uses SetKeyslotFromXY with a fixed Y and a fixed CBC IV |
| 5 | #SetConfig | wrapper for SetConfig |
| 7 | Prng | uses PrngX931 |
| 9 | ImportExpModParams | wrapper for ImportParamsForFWithXY |
| 10 | ExpMod | wrapper for ExpMod |
| 11 | #GetDevunitFlag | uses GetConfig |
| 12 | KeygenA | wrapper for KeygenA |
| 13 | #DecryptExpModParamsWithXY | wrapper for DecryptExpModParamsWithXY |
| 14 | DecryptAESCBC | decrypts 16 bytes, uses SetKeyslotFromXY with fixed X, Y and a fixed CBC IV |
| 15 | SymmetricCrypto | wrapper for SymmetricCrypto |
| 16 | CMAC | wrapper for CMAC |
| 17 | ImportExpModParams | wrapper for ImportParamsFor10WithXY |
| 18 | ExpModAndKeygenAndSealZ | wrapper for ExpModAndKeygenAndSealZ |
| 19 | SetKeyslotFromZ | wrapper for SetKeyslotFromZ |
| 20 | KeygenAndSealZ | wrapper for KeygenAndSealZ |
| 21 | ||
| 22 | ||
| 23 | GetSplWaitEvent |
GetConfig
Takes an input word (ConfigItem), and returns a u64 with the config params.
| ConfigItem | Name |
|---|---|
| 2 | MemoryConfiguration |
| 5 | HardwareType (0=Icosa, 1=Copper) |
| 7 | IsRecoveryBoot |
| 8 | DeviceId (byte7 clear). |
| 9 | BootReason |
| 11 | AllowSkippingNrrSignatures |
| 13 | BatteryProfile? |
Output from this when used by NIM must match the set:cal DeviceId with byte7 cleared, otherwise NIM will panic.
RO checks id11, if set then skipping NRR rsa signatures is allowed.
KeygenAndSealX
Takes 16-bytes as input and two u32s. Outputs random-looking 16-bytes.
Same input gives same output. Output changes when system is rebooted.
SetConfig
Takes two input words, a ConfigItem and the value to set.
| ConfigItem | Name |
|---|---|
| 13 | Battery profile? |
GetDevunitFlag
No input params.
Returns an u8 flag for whether the system is devunit. Output flag is 0 on retail.
DecryptExpModParamsWithXY
Last SPL cmd used by SSL-sysmodule for TLS client-privk.