SPL services

Revision as of 23:17, 20 July 2017 by Qlutoo (talk | contribs)

spl:

Cmd Name Notes
0 #GetConfig wrapper for GetConfig
1 user supplied modulus and exponent
2 #GenerateAesKek wrapper for KeygenAndSealX
3 LoadAesKey wrapper for SetKeyslotFromXY
4 GenerateAesKey decrypts 0x10 bytes using AES ECB, uses SetKeyslotFromXY with a fixed Y
5 #SetConfig wrapper for SetConfig
7 GetRandom uses PrngX931
9 wrapper for ImportParamsForFWithXY
10 wrapper for ExpMod
11 #IsDevUnit
12 GenerateSpecificAesKey wrapper for KeygenA
13 #DecryptExpModParamsWithXY wrapper for DecryptExpModParamsWithXY
14 decrypts 0x10 bytes using AES ECB, uses SetKeyslotFromXY with fixed X and Y
15 wrapper for SymmetricCrypto
16 ComputeCmac wrapper for CMAC
17 wrapper for ImportParamsFor10WithXY
18 wrapper for ExpModAndKeygenAndSealZ
19 wrapper for SetKeyslotFromZ
20 wrapper for KeygenAndSealZ
21
22
23 GetSplWaitEvent

GetConfig

Takes an input word (ConfigItem), and returns a u64 with the config params.

ConfigItem Name
1 DisableProgramVerification
2 MemoryConfiguration
5 HardwareType (0=Icosa, 1=Copper)
6 IsRetail
7 IsRecoveryBoot
8 DeviceId (byte7 clear).
9 BootReason
10 MemoryArrange
11 AllowSkippingNrrSignatures
13 BatteryProfile?

Output from this when used by NIM must match the set:cal DeviceId with byte7 cleared, otherwise NIM will panic.

RO checks id11, if set then skipping NRR rsa signatures is allowed.

GenerateAesKek

Takes 16-bytes as input and two u32s. Outputs random-looking 16-bytes.

Same input gives same output. Output changes when system is rebooted.

SetConfig

Takes two input words, a ConfigItem and the value to set.

ConfigItem Name
13 Battery profile?

IsDevUnit

No input params.

Uses #GetConfig internally with id=6. Returns true if output from that is 0, or if the SMC returned error 2.

Returns an u8 flag for whether the system is devunit. Output flag is 0 on retail.

DecryptExpModParamsWithXY

Last SPL cmd used by SSL-sysmodule for TLS client-privk.