Changes

22 bytes removed , 24 August

no edit summary

Line 60: Line 60:

Wrapper for [[SMC#LoadAesKey|LoadAesKey SMC]].

−

Takes an input u32 '''~~Keyslot~~''' , an input 16-byte '''AccessKey''' and an input 16-byte '''KeySource'''.

+

Takes an input u32 '''KeySlot''' , an input 16-byte '''AccessKey''' and an input 16-byte '''KeySource'''.

−

Sets the specified '''~~Keyslot~~''' with a key generated from '''AccessKey''' and '''KeySource'''.

+

Sets the specified '''KeySlot''' with a key generated from '''AccessKey''' and '''KeySource'''.

[2.0.0+] Now verifies that the keyslot in use (0..3) is allocated by the current spl session, otherwise errors with 0xD21A. Previously, keyslot was hardcoded to 0.

Line 80: Line 80:

Only '''ConfigItem''' 13 (IsChargerHiZModeEnabled) can be set.

−

== ~~ImportLotusKey~~ ==

+

== DecryptAndStoreGcKey ==

Wrapper for [[SMC#DecryptAndImportLotusKey|DecryptAndImportLotusKey SMC]].

Line 89: Line 89:

[5.0.0+] The '''Version''' argument was removed and this now calls the [[SMC#ReencryptDeviceUniqueData|ReencryptDeviceUniqueData SMC]] instead.

−

== ~~DecryptLotusMessage~~ ==

+

== DecryptGcMessage ==

Takes 3 input type-0x9 buffers '''DataIn''', '''ModIn''' and '''LabelHashIn'''.

−

Uses the [[SMC#ModularExponentiateByStorageKey|ModularExponentiateByStorageKey SMC]] to decrypt '''DataIn''' using the private key imported with [[#~~ImportLotusKey~~]] and the supplied '''ModIn''' and '''LabelHashIn'''.

+

Uses the [[SMC#ModularExponentiateByStorageKey|ModularExponentiateByStorageKey SMC]] to decrypt '''DataIn''' using the private key imported with [[#DecryptAndStoreGcKey]] and the supplied '''ModIn''' and '''LabelHashIn'''.

== IsDevelopment ==

Line 122: Line 122:

[2.0.0+] Introduced same keyslot allocation code as for [[#GenerateAesKey]].

−

== ~~CryptAesCtr~~ ==

+

== ComputeCtr ==

−

Takes an output type-0x46 buffer '''DataOut''', an input u32 '''~~Keyslot~~''', an input type-0x45 buffer '''DataIn''' and an input 16-byte '''IvCtr'''.

+

Takes an output type-0x46 buffer '''DataOut''', an input u32 '''KeySlot''', an input type-0x45 buffer '''DataIn''' and an input 16-byte '''IvCtr'''.

−

Uses [[SMC#ComputeAes|ComputeAes SMC]] to decrypt '''DataIn''' into '''DataOut''' using the key set in the specified '''~~Keyslot~~'''.

+

Uses [[SMC#ComputeAes|ComputeAes SMC]] to decrypt '''DataIn''' into '''DataOut''' using the key set in the specified '''KeySlot'''.

[2.0.0+] Verifies the keyslot was allocated by the current session.

Line 132: Line 132:

Wrapper for [[SMC#ComputeCmac|ComputeCmac SMC]].

−

Takes an input type-0x9 buffer '''DataIn''' and an input u32 '''~~Keyslot~~'''. Returns an output 16-byte '''Cmac'''.

+

Takes an input type-0x9 buffer '''DataIn''' and an input u32 '''KeySlot'''. Returns an output 16-byte '''Cmac'''.

[2.0.0+] Verifies the keyslot was allocated by the current session.

−

== ~~ImportEsKey~~ ==

+

== LoadEsDeviceKey ==

Wrapper for [[SMC#DecryptAndImportEsDeviceKey|DecryptAndImportEsDeviceKey SMC]].

Line 145: Line 145:

[5.0.0+] The '''Version''' argument was removed and this now calls the [[SMC#ReencryptDeviceUniqueData|ReencryptDeviceUniqueData SMC]] instead.

−

== ~~UnwrapTitleKey~~ ==

+

== PrepareEsTitleKey ==

Wrapper for [[SMC#PrepareEsDeviceUniqueKey|PrepareEsDeviceUniqueKey SMC]].

Line 152: Line 152:

[3.0.0+] Now takes an input u32 '''Generation'''.

−

Decrypts '''DataIn''' into '''DataOut''' using the private key imported with [[#~~ImportEsKey~~]] and the supplied '''ModIn'''. Afterwards, verifies RSA-OAEP encoding using '''LabelHashIn'''.

+

Decrypts '''DataIn''' into '''DataOut''' using the private key imported with [[#LoadEsDeviceKey]] and the supplied '''ModIn'''. Afterwards, verifies RSA-OAEP encoding using '''LabelHashIn'''.

−

== ~~LoadTitleKey~~ ==

+

== LoadPreparedAesKey ==

Wrapper for [[SMC#LoadPreparedAesKey|LoadPreparedAesKey SMC]].

−

Takes an input u32 '''~~Keyslot~~''' and an input 16-byte '''AccessKey'''.

+

Takes an input u32 '''KeySlot''' and an input 16-byte '''AccessKey'''.

[2.0.0+] Verifies the keyslot was allocated in the current session.

−

== ~~UnwrapCommonTitleKey~~ ==

+

== PrepareCommonEsTitleKey ==

Wrapper for [[SMC#PrepareEsCommonKey|PrepareEsCommonKey SMC]].

Line 168: Line 168:

[3.0.0+] Now takes an input u32 '''Generation'''.

−

== ~~AllocateAesKeyslot~~ ==

+

== AllocateAesKeySlot ==

−

Returns an output u32 '''~~Keyslot~~'''.

+

Returns an output u32 '''KeySlot'''.

Returns error 0xD01A if all keyslots are taken.

== DeallocateAesKeySlot ==

−

Takes an input u32 '''~~Keyslot~~'''.

+

Takes an input u32 '''KeySlot'''.

Returns error 0xD21A if the keyslot wasn't allocated by current session.

−

== ~~GetAesKeyslotAvailableEvent~~ ==

+

== GetAesKeySlotAvailableEvent ==

Returns an output event handle for synchronizing with the AES keyslots.

Line 190: Line 190:

[4.0.0+] Returns 0xD61A if a value has not previously been set and unsets the value after getting it.

−

~~== LoadPreparedAesKey ==~~

−

~~Same as [[#LoadTitleKey|LoadTitleKey]].~~

= spl:mig =

Line 223: Line 220:

| 14 || [[#DecryptAesKey]]

|-

−

| 15 || [[#~~CryptAesCtr~~]]

+

| 15 || [[#ComputeCtr]]

|-

| 16 || [[#ComputeCmac]]

|-

−

| 21 || [2.0.0+] [[#~~AllocateAesKeyslot~~]]

+

| 21 || [2.0.0+] [[#AllocateAesKeySlot]]

|-

| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]

|-

−

| 23 || [2.0.0+] [[#~~GetAesKeyslotAvailableEvent~~]]

+

| 23 || [2.0.0+] [[#GetAesKeySlotAvailableEvent]]

|}

Line 263: Line 260:

| 14 || [[#DecryptAesKey]]

|-

−

| 15 || [[#~~CryptAesCtr~~]]

+

| 15 || [[#ComputeCtr]]

|-

| 16 || [[#ComputeCmac]]

|-

−

| 21 || [2.0.0+] [[#~~AllocateAesKeyslot~~]]

+

| 21 || [2.0.0+] [[#AllocateAesKeySlot]]

|-

| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]

|-

−

| 23 || [2.0.0+] [[#~~GetAesKeyslotAvailableEvent~~]]

+

| 23 || [2.0.0+] [[#GetAesKeySlotAvailableEvent]]

|-

−

| 9 || [[#~~ImportLotusKey~~]]

+

| 9 || [[#DecryptAndStoreGcKey]]

|-

−

| 10 || [[#~~DecryptLotusMessage~~]]

+

| 10 || [[#DecryptGcMessage]]

|-

| 12 || [[#GenerateSpecificAesKey]]

|-

−

| 19 || [[#~~LoadTitleKey~~]]

+

| 19 || [[#LoadPreparedAesKey]]

|-

| 31 || [5.0.0+] GetPackage2Hash

Line 313: Line 310:

| 14 || [[#DecryptAesKey]]

|-

−

| 15 || [[#~~CryptAesCtr~~]]

+

| 15 || [[#ComputeCtr]]

|-

| 16 || [[#ComputeCmac]]

|-

−

| 21 || [2.0.0+] [[#~~AllocateAesKeyslot~~]]

+

| 21 || [2.0.0+] [[#AllocateAesKeySlot]]

|-

| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]

|-

−

| 23 || [2.0.0+] [[#~~GetAesKeyslotAvailableEvent~~]]

+

| 23 || [2.0.0+] [[#GetAesKeySlotAvailableEvent]]

|-

| 13 || [[#DecryptDeviceUniqueData]]

Line 359: Line 356:

| 14 || [[#DecryptAesKey]]

|-

−

| 15 || [[#~~CryptAesCtr~~]]

+

| 15 || [[#ComputeCtr]]

|-

| 16 || [[#ComputeCmac]]

|-

−

| 21 || [2.0.0+] [[#~~AllocateAesKeyslot~~]]

+

| 21 || [2.0.0+] [[#AllocateAesKeySlot]]

|-

| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]

|-

−

| 23 || [2.0.0+] [[#~~GetAesKeyslotAvailableEvent~~]]

+

| 23 || [2.0.0+] [[#GetAesKeySlotAvailableEvent]]

|-

| 13 || [[#DecryptDeviceUniqueData]]

|-

−

| 17 || [[#~~ImportEsKey~~]]

+

| 17 || [[#LoadEsDeviceKey]]

|-

−

| 18 || [[#~~UnwrapTitleKey~~]]

+

| 18 || [[#PrepareEsTitleKey]]

|-

−

| 20 || [2.0.0+] [[#~~PrepareEsCommonKey~~]]

+

| 20 || [2.0.0+] [[#PrepareCommonEsTitleKey]]

|-

| 28 || [5.0.0+] DecryptAndStoreDrmDeviceCertKey

Line 417: Line 414:

| 14 || [[#DecryptAesKey]]

|-

−

| 15 || [[#~~CryptAesCtr~~]]

+

| 15 || [[#ComputeCtr]]

|-

| 16 || [[#ComputeCmac]]

|-

−

| 21 || [2.0.0+] [[#~~AllocateAesKeyslot~~]]

+

| 21 || [2.0.0+] [[#AllocateAesKeySlot]]

|-

| 22 || [2.0.0+] [[#DeallocateAesKeySlot]]

|-

−

| 23 || [2.0.0+] [[#~~GetAesKeyslotAvailableEvent~~]]

+

| 23 || [2.0.0+] [[#GetAesKeySlotAvailableEvent]]

|-

| 13 || [[#DecryptDeviceUniqueData]]

Hexkyz

Bureaucrats, Administrators

2,845

edits

Changes

SPL services (view source)

Revision as of 22:19, 24 August 2024