spl:
Cmd | Name | Notes |
---|---|---|
0 | #GetConfig | wrapper for GetConfig |
1 | user supplied modulus and exponent | |
2 | #GenerateAesKek | wrapper for KeygenAndSealX |
3 | LoadAesKey | wrapper for SetKeyslotFromXY |
4 | GenerateAesKey | decrypts 0x10 bytes using AES ECB, uses SetKeyslotFromXY with a fixed Y |
5 | #SetConfig | wrapper for SetConfig |
7 | GetRandom | uses PrngX931 |
9 | wrapper for ImportParamsForFWithXY | |
10 | wrapper for ExpMod | |
11 | #IsDevUnit | |
12 | GenerateSpecificAesKey | wrapper for KeygenA |
13 | #DecryptExpModParamsWithXY | wrapper for DecryptExpModParamsWithXY |
14 | decrypts 0x10 bytes using AES ECB, uses SetKeyslotFromXY with fixed X and Y | |
15 | wrapper for SymmetricCrypto | |
16 | ComputeCmac | wrapper for CMAC |
17 | wrapper for ImportParamsFor10WithXY | |
18 | wrapper for ExpModAndKeygenAndSealZ | |
19 | wrapper for SetKeyslotFromZ | |
20 | wrapper for KeygenAndSealZ | |
21 | ||
22 | ||
23 | GetSplWaitEvent |
GetConfig
Takes an input word (ConfigItem), and returns a u64 with the config params.
ConfigItem | Name |
---|---|
1 | DisableProgramVerification |
2 | MemoryConfiguration |
5 | HardwareType (0=Icosa, 1=Copper) |
6 | IsRetail |
7 | IsRecoveryBoot |
8 | DeviceId (byte7 clear). |
9 | BootReason |
10 | MemoryArrange |
11 | AllowSkippingNrrSignatures |
13 | BatteryProfile? |
Output from this when used by NIM must match the set:cal DeviceId with byte7 cleared, otherwise NIM will panic.
RO checks id11, if set then skipping NRR rsa signatures is allowed.
GenerateAesKek
Takes 16-bytes as input and two u32s. Outputs random-looking 16-bytes.
Same input gives same output. Output changes when system is rebooted.
SetConfig
Takes two input words, a ConfigItem and the value to set.
ConfigItem | Name |
---|---|
13 | Battery profile? |
IsDevUnit
No input params.
Uses #GetConfig internally with id=6. Returns true if output from that is 0, or if the SMC returned error 2.
Returns an u8 flag for whether the system is devunit. Output flag is 0 on retail.
DecryptExpModParamsWithXY
Last SPL cmd used by SSL-sysmodule for TLS client-privk.