Nintendo Switch Brew

Changes

Secure Monitor (view source)

Revision as of 02:32, 21 February 2018

169 bytes added ,  02:32, 21 February 2018
whoops
Line 52: Line 52:  
| 0xC300040B || [[#ComputeCmac]] || ||
 
| 0xC300040B || [[#ComputeCmac]] || ||
 
|-
 
|-
| 0xC300100C || [[#LoadRsaPrivateKey]] || ||
+
| 0xC300100C || [[#LoadRsaOaepKey]] || ||
 
|-
 
|-
 
| 0xC300100D || [[#DecryptRsaPrivateKey]] || ||
 
| 0xC300100D || [[#DecryptRsaPrivateKey]] || ||
 
|-
 
|-
| 0xC300100E || [[#LoadRsaPublicKey]] || ||
+
| 0xC300100E || [[#LoadSecureExpModKey]] || ||
 
|-
 
|-
| 0xC300060F || [[#PublicRsa]] || ||
+
| 0xC300060F || [[#SecureExpMod]] || ||
 
|-
 
|-
| 0xC3000610 || [[#UnwrapRsaWrappedTitleKey]] || ||
+
| 0xC3000610 || [[#UnwrapRsaOaepWrappedTitleKey]] || ||
 
|-
 
|-
 
| 0xC3000011 || [[#LoadTitleKey]] || ||
 
| 0xC3000011 || [[#LoadTitleKey]] || ||
Line 98: Line 98:  
Todo: This one seems unrelated to [[#CryptoUsecase]].
 
Todo: This one seems unrelated to [[#CryptoUsecase]].
   −
=== LoadRsaPrivateKey ===
+
=== LoadRsaOaepKey ===
 
Takes a session kek created with [[#GenerateAesKek]], a wrapped AES key, and a wrapped RSA private key.
 
Takes a session kek created with [[#GenerateAesKek]], a wrapped AES key, and a wrapped RSA private key.
   −
The session kek must have been created with CryptoUsecase_TitleKey.
+
The session kek must have been created with CryptoUsecase_RsaOaep.
    
=== DecryptRsaPrivateKey ===
 
=== DecryptRsaPrivateKey ===
 
Takes a session kek created with [[#GenerateAesKek]], a wrapped AES key, and a wrapped RSA private key.
 
Takes a session kek created with [[#GenerateAesKek]], a wrapped AES key, and a wrapped RSA private key.
   −
The session kek must have been created with CryptoUsecase_PrivateRsa.
+
The session kek must have been created with CryptoUsecase_RsaPrivate.
    
[{Unknown version}+] The SMC handler when certain conditions pass and SMC_ID==0xC300100D now returns error 0x6 instead of calling the handler funcptr.
 
[{Unknown version}+] The SMC handler when certain conditions pass and SMC_ID==0xC300100D now returns error 0x6 instead of calling the handler funcptr.
   −
=== LoadRsaPublicKey ===
+
=== LoadSecureExpModKey ===
Takes a session kek created with [[#GenerateAesKek]], and a wrapped RSA public key.
+
Takes a session kek created with [[#GenerateAesKek]], and a wrapped RSA key.
   −
The session kek must have been created with CryptoUsecase_PublicRsa.
+
The session kek must have been created with CryptoUsecase_RsaSecureExpMod.
   −
=== PublicRsa ===
+
=== SecureExpMod ===
Encrypts using Rsa public key.
+
Performs an Exp Mod operation using an exponent previously loaded with the [[#LoadSecureExpModKey]] command.
   −
Key must be set prior using the [[#LoadRsaPublicKey]] command.
+
=== UnwrapRsaOaepWrappedTitleKey ===
 +
Takes an Rsa-Oaep-wrapped TitleKey, an RSA Public Key, and a label hash.
   −
=== UnwrapRsaWrappedTitleKey ===
+
Performs an Exp Mod operation using an exponent previously loaded with the [[#LoadRsaOaepKey]] command, and then validates/extracts a Titlekey from the resulting message.
Takes a session kek created with [[#GenerateAesKek]], and a wrapped RSA public key.
      
Returns a session-unique AES key especially for use in [[#LoadTitleKey]].
 
Returns a session-unique AES key especially for use in [[#LoadTitleKey]].
  −
The session kek must have been created with CryptoUsecase_TitleKey.
      
=== LoadTitleKey ===
 
=== LoadTitleKey ===
Takes a session-unique AES key from [[#UnwrapTitleKey]].
+
Takes a session-unique AES key from [[#UnwrapAesWrappedTitleKey]] or [[#UnwrapRsaOaepWrappedTitleKey]].
    
=== enum CryptoUsecase ===
 
=== enum CryptoUsecase ===
Line 138: Line 136:  
| 1 || CryptoUsecase_RsaPrivate
 
| 1 || CryptoUsecase_RsaPrivate
 
|-
 
|-
| 2 || CryptoUsecase_RsaOaep
+
| 2 || CryptoUsecase_RsaSecureExpMod
 
|-
 
|-
| 3 || CryptoUsecase_RsaTitlekey
+
| 3 || CryptoUsecase_RsaOaep
 
|}
 
|}
  
Retrieved from "https://switchbrew.org/wiki/Special:MobileDiff/3815"