SPL services: Difference between revisions

Line 51:

| 17 || [[#DecryptImportPrivkForExpMod1]] || Speculative name. Wrapper for [[SMC#LoadRsaPrivateKey|LoadRsaPrivateKey SMC]].

|-

| 18 || [[#~~ExpMod1~~]] || Speculative name. Wrapper for [[SMC#UnwrapPreparedAesKey|UnwrapPreparedAesKey SMC]].

| 18 || [[#UnwrapRsaWrappedPreparedAesKey ]] || Speculative name. Wrapper for [[SMC#UnwrapPreparedAesKey|UnwrapPreparedAesKey SMC]].

|-

| 19 || [[#LoadPreparedAesKey]] || Wrapper for [[SMC#LoadPreparedAesKey|LoadPreparedAesKey SMC]].

|-

| 20 || [2.0.0+] [[#~~GeneratePreparedAesKek~~]] || Wrapper for [[SMC#GeneratePreparedAesKek|GeneratePreparedAesKek SMC]].

| 20 || [2.0.0+] [[#UnwrapAesWrappedPreparedAesKey ]] || Wrapper for [[SMC#GeneratePreparedAesKek|GeneratePreparedAesKek SMC]].

|-

| 21 || [2.0.0+] [[#LockAesEngine]] ||

Line 249:

Decrypts '''enc_privk_in_buf''' with a key generated from '''key_x''' and '''key_y''' and imports it for later usage.

== ~~ExpMod1~~ ==

== UnwrapRsaWrappedPreparedAesKey ==

Takes 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''mod_in_buf''' and '''param0_in_buf''').

Decrypts '''data_in_buf''' using the private key imported with [[#DecryptImportPrivkForExpMod1]] and the supplied '''mod_in_buf''' and '''param0_in_buf'''.

Generates and returns a 16-byte key ('''key_z''').

Generates and returns a 16-byte sealed prepared key ('''key_z''').

== LoadPreparedAesKey ==

Takes a u32 ('''keyslot''') and a 16-byte key ('''key_z''').

Takes a u32 ('''keyslot''') and a 16-byte sealed prepared key ('''key_z''').

Sets the specified '''keyslot''' with a key generated from '''key_z'''.

Line 263:

[2.0.0+] Verifies the engine is locked by current session.

== ~~GeneratePreparedAesKek~~ ==

== UnwrapAesWrappedPreparedAesKey ==

Takes a 16-byte EKS ('''Encryption Key Source''').

Returns a ~~scrambled~~ sealed ~~KEK ('''Key Encryption Key''' used as '''key_z''')~~.

Returns a sealed prepared AES key.

== LockAesEngine ==

@@ Line 51: / Line 51: @@
 | 17 || [[#DecryptImportPrivkForExpMod1]] || Speculative name. Wrapper for [[SMC#LoadRsaPrivateKey|LoadRsaPrivateKey SMC]].
 |-
-| 18 || [[#ExpMod1]] || Speculative name. Wrapper for [[SMC#UnwrapPreparedAesKey|UnwrapPreparedAesKey SMC]].
+| 18 || [[#UnwrapRsaWrappedPreparedAesKey ]] || Speculative name. Wrapper for [[SMC#UnwrapPreparedAesKey|UnwrapPreparedAesKey SMC]].
 |-
 | 19 || [[#LoadPreparedAesKey]] || Wrapper for [[SMC#LoadPreparedAesKey|LoadPreparedAesKey SMC]].
 |-
-| 20 || [2.0.0+] [[#GeneratePreparedAesKek]] || Wrapper for [[SMC#GeneratePreparedAesKek|GeneratePreparedAesKek SMC]].
+| 20 || [2.0.0+] [[#UnwrapAesWrappedPreparedAesKey ]] || Wrapper for [[SMC#GeneratePreparedAesKek|GeneratePreparedAesKek SMC]].
 |-
 | 21 || [2.0.0+] [[#LockAesEngine]] ||
@@ Line 249: / Line 249: @@
 Decrypts '''enc_privk_in_buf''' with a key generated from '''key_x''' and '''key_y''' and imports it for later usage.
-== ExpMod1 ==
+== UnwrapRsaWrappedPreparedAesKey ==
 Takes 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''mod_in_buf''' and '''param0_in_buf''').
 Decrypts '''data_in_buf''' using the private key imported with [[#DecryptImportPrivkForExpMod1]] and the supplied '''mod_in_buf''' and '''param0_in_buf'''.
-Generates and returns a 16-byte key ('''key_z''').
+Generates and returns a 16-byte sealed prepared key ('''key_z''').
 == LoadPreparedAesKey ==
-Takes a u32 ('''keyslot''') and a 16-byte key ('''key_z''').
+Takes a u32 ('''keyslot''') and a 16-byte sealed prepared key ('''key_z''').
 Sets the specified '''keyslot''' with a key generated from '''key_z'''.
@@ Line 263: / Line 263: @@
 [2.0.0+] Verifies the engine is locked by current session.
-== GeneratePreparedAesKek ==
+== UnwrapAesWrappedPreparedAesKey ==
 Takes a 16-byte EKS ('''Encryption Key Source''').
-Returns a scrambled sealed KEK ('''Key Encryption Key''' used as '''key_z''').
+Returns a sealed prepared AES key.
 == LockAesEngine ==