Changes

47 bytes added ,  16:48, 27 April 2019
better names
Line 10: Line 10:  
! Cmd || Name
 
! Cmd || Name
 
|-
 
|-
| 0 || [[#GetRandomBytes]]
+
| 0 || [[#GenerateRandomBytes]]
 
|}
 
|}
   −
== GetRandomBytes ==
+
== GenerateRandomBytes ==
 
Takes a type-6 buffer and fills it with random data from [[SMC#GetRandomBytes|GetRandomBytes SMC]]. Same command for "spl:" and "csrng" services.
 
Takes a type-6 buffer and fills it with random data from [[SMC#GetRandomBytes|GetRandomBytes SMC]]. Same command for "spl:" and "csrng" services.
    
= spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu =
 
= spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu =
These are "nn::spl::detail::IGeneralInterface", "nn::spl::detail::ICryptoInterface", "nn::spl::detail::IFsInterface", "nn::spl::detail::ISslInterface", "nn::spl::detail::IEsInterface" and "nn::spl::detail::IManuInterface"(?).
+
These are "nn::spl::detail::IGeneralInterface", "nn::spl::detail::ICryptoInterface", "nn::spl::detail::IFsInterface", "nn::spl::detail::ISslInterface", "nn::spl::detail::IEsInterface" and "nn::spl::detail::IManuInterface".
   −
[2.0.0+] Where previously only one AES engine was utilized, there is now support for 4 of them.
+
[2.0.0+] Where previously only one AES keyslot was used, there is now support for 4 of them.
   −
[2.0.0+] When the session closes, all AES engines that were locked are automatically unlocked.
+
[2.0.0+] When the session closes, all allocated AES keyslots are automatically freed.
    
{| class="wikitable" border="1"
 
{| class="wikitable" border="1"
Line 29: Line 29:  
| 0 || [[#GetConfig]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
 
| 0 || [[#GetConfig]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
 
|-
 
|-
| 1 || [[#UserExpMod]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu  
+
| 1 || [[#ExpMod]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu  
 
|-
 
|-
 
| 2 || [[#GenerateAesKek]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu  
 
| 2 || [[#GenerateAesKek]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu  
Line 39: Line 39:  
| 5 || [[#SetConfig]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu  
 
| 5 || [[#SetConfig]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu  
 
|-
 
|-
| 7 || [[#GetRandomBytes]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
+
| 7 || [[#GenerateRandomBytes]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
 
|-
 
|-
| 9 || [[#LoadSecureExpModKey]] || spl:fs
+
| 9 || [[#ImportLotusKey]] || spl:fs
 
|-
 
|-
| 10 || [[#SecureExpMod]] || spl:fs
+
| 10 || [[#DecryptLotusMessage]] || spl:fs
 
|-
 
|-
 
| 11 || [[#IsDevelopment]] || spl:, spl:mig, spl:fs, spl:ssl spl:es, spl:manu
 
| 11 || [[#IsDevelopment]] || spl:, spl:mig, spl:fs, spl:ssl spl:es, spl:manu
Line 53: Line 53:  
| 14 || [[#DecryptAesKey]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
 
| 14 || [[#DecryptAesKey]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
 
|-
 
|-
| 15 || [[#DecryptAesCtr]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
+
| 15 || [[#CryptAesCtr]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
 
|-
 
|-
 
| 16 || [[#ComputeCmac]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu  
 
| 16 || [[#ComputeCmac]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu  
 
|-
 
|-
| 17 || [[#LoadRsaOaepKey]] || spl:es
+
| 17 || [[#ImportEsKey]] || spl:es
 
|-
 
|-
| 18 || [[#UnwrapRsaOaepWrappedTitleKey]] || spl:es
+
| 18 || [[#UnwrapTitleKey]] || spl:es
 
|-
 
|-
 
| 19 || [[#LoadTitleKey]] || spl:fs
 
| 19 || [[#LoadTitleKey]] || spl:fs
 
|-
 
|-
| 20 || [2.0.0+] [[#UnwrapAesWrappedTitleKey ]] || spl:es
+
| 20 || [2.0.0+] [[#UnwrapCommonTitleKey]] || spl:es
 
|-
 
|-
| 21 || [2.0.0+] [[#LockAesEngine]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
+
| 21 || [2.0.0+] [[#AllocateAesKeyslot]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
 
|-
 
|-
| 22 || [2.0.0+] [[#UnlockAesEngine]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
+
| 22 || [2.0.0+] [[#FreeAesKeyslot]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
 
|-
 
|-
| 23 || [2.0.0+] [[#GetSplWaitEvent]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
+
| 23 || [2.0.0+] [[#GetAesKeyslotAvailableEvent]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
 
|-
 
|-
 
| 24 || [3.0.0+] [[#SetBootReason]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
 
| 24 || [3.0.0+] [[#SetBootReason]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
Line 75: Line 75:  
| 25 || [3.0.0+] [[#GetBootReason]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
 
| 25 || [3.0.0+] [[#GetBootReason]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
 
|-
 
|-
| 26 || [5.0.0+] ImportSslRsaKey || spl:ssl
+
| 26 || [5.0.0+] ImportSslKey || spl:ssl
 
|-
 
|-
| 27 || [5.0.0+] SecureExpModWithSslKey || spl:ssl
+
| 27 || [5.0.0+] SslExpMod || spl:ssl
 
|-
 
|-
| 28 || [5.0.0+] ImportEsRsaKey || spl:es
+
| 28 || [5.0.0+] ImportDrmKey || spl:es
 
|-
 
|-
| 29 || [5.0.0+] SecureExpModWithEsKey || spl:es
+
| 29 || [5.0.0+] DrmExpMod || spl:es
 
|-
 
|-
| 30 || [5.0.0+] EncryptManuRsaKeyForImport || spl:manu
+
| 30 || [5.0.0+] ReEncryptRsaPrivateKey || spl:manu
 
|-
 
|-
 
| 31 || [5.0.0+] GetPackage2Hash || spl:fs
 
| 31 || [5.0.0+] GetPackage2Hash || spl:fs
 
|-
 
|-
| 31 || [6.0.0+] UnwrapRsaWrappedElicenseKey || spl:es
+
| 31 || [6.0.0+] UnwrapElicenseKey || spl:es
 
|-
 
|-
| 32 || [6.0.0+] [[#LoadTitleKey]] || spl:es
+
| 32 || [6.0.0+] [[#LoadElicenseKey]] || spl:es
 
|}
 
|}
   Line 97: Line 97:  
Takes a u32 ('''ConfigItem'''), and returns one or more u64s ('''ConfigVal''').
 
Takes a u32 ('''ConfigItem'''), and returns one or more u64s ('''ConfigVal''').
   −
== UserExpMod ==
+
== ExpMod ==
 
Wrapper for [[SMC#ExpMod|ExpMod SMC]].
 
Wrapper for [[SMC#ExpMod|ExpMod SMC]].
   Line 118: Line 118:  
Sets the specified '''keyslot''' with a key generated from '''key_x''' and '''key_y'''.
 
Sets the specified '''keyslot''' with a key generated from '''key_x''' and '''key_y'''.
   −
[2.0.0+] Now verifies that the engine in use (0..3) is locked/owned by the current spl session, otherwise errors with 0xD21A. Previously engine was hardcoded to 0.
+
[2.0.0+] Now verifies that the keyslot in use (0..3) is allocated by the current spl session, otherwise errors with 0xD21A. Previously, keyslot was hardcoded to 0.
    
== GenerateAesKey ==
 
== GenerateAesKey ==
Line 125: Line 125:  
Generates a new key by decrypting (AES-ECB) '''enc_key''' with a key generated from the supplied '''key_x''' and a fixed '''key_y''' set with [[SMC#LoadAesKey|LoadAesKey SMC]].
 
Generates a new key by decrypting (AES-ECB) '''enc_key''' with a key generated from the supplied '''key_x''' and a fixed '''key_y''' set with [[SMC#LoadAesKey|LoadAesKey SMC]].
   −
[2.0.0+] Previously, it always used engine 0. Now it tries to allocate an engine to be used and returns 0xD01A if they're all busy. When the command is done, the engine is released.
+
[2.0.0+] Previously, it always used keyslot 0. Now it tries to allocate a keyslot to be used and returns 0xD01A if they're all busy. When the command is done, the keyslot is released.
    
== SetConfig ==
 
== SetConfig ==
Line 136: Line 136:  
! ConfigItem || Name
 
! ConfigItem || Name
 
|-
 
|-
| 13 || BatteryProfile
+
| 13 || IsChargerHiZModeEnabled
 
|}
 
|}
    
Any other '''ConfigItem''', besides 13, can't be set.
 
Any other '''ConfigItem''', besides 13, can't be set.
   −
== LoadSecureExpModKey ==
+
== ImportLotusKey ==
 
Wrapper for [[SMC#LoadSecureExpModKey|LoadSecureExpModKey SMC]].
 
Wrapper for [[SMC#LoadSecureExpModKey|LoadSecureExpModKey SMC]].
   Line 151: Line 151:  
[5.0.0+] This now calls [[SMC#EncryptRsaKeyForImport|EncryptRsaKeyForImport SMC]] instead.
 
[5.0.0+] This now calls [[SMC#EncryptRsaKeyForImport|EncryptRsaKeyForImport SMC]] instead.
   −
== SecureExpMod ==
+
== DecryptLotusMessage ==
Takes 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''mod_in_buf''' and '''param0_in_buf''').
+
Takes 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''mod_in_buf''' and '''label_hash_in_buf''').
   −
Uses [[SMC#SecureExpMod|SecureExpMod SMC]] to decrypt '''data_in_buf''' using the private key imported with [[#LoadSecureExpModKey]] and the supplied '''mod_in_buf''' and '''param0_in_buf'''.
+
Uses [[SMC#SecureExpMod|SecureExpMod SMC]] to decrypt '''data_in_buf''' using the private key imported with [[#LoadSecureExpModKey]] and the supplied '''mod_in_buf''' and '''label_hash_in_buf'''.
    
Generates and returns a 16-byte sealed titlekey.
 
Generates and returns a 16-byte sealed titlekey.
Line 191: Line 191:  
[2.0.0+] Introduced same engine allocation code as for [[#GenerateAesKey]].
 
[2.0.0+] Introduced same engine allocation code as for [[#GenerateAesKey]].
   −
== DecryptAesCtr ==
+
== CryptAesCtr ==
 
Takes a type-0x46 (B descriptor) buffer ('''data_out_buf'''), a u32 ('''keyslot'''), a type-0x45 (A descriptor) buffer ('''data_in_buf''') and a 16-byte CTR ('''aes_ctr''').
 
Takes a type-0x46 (B descriptor) buffer ('''data_out_buf'''), a u32 ('''keyslot'''), a type-0x45 (A descriptor) buffer ('''data_in_buf''') and a 16-byte CTR ('''aes_ctr''').
    
Uses [[SMC#CryptAes|CryptAes SMC]] to decrypt '''data_in_buf''' into '''data_out_buf''', using the key set in the specified '''keyslot'''.
 
Uses [[SMC#CryptAes|CryptAes SMC]] to decrypt '''data_in_buf''' into '''data_out_buf''', using the key set in the specified '''keyslot'''.
   −
[2.0.0+] Verifies the engine is locked by current session.
+
[2.0.0+] Verifies the keyslot was allocated by current session.
    
== ComputeCmac ==
 
== ComputeCmac ==
Line 207: Line 207:  
[2.0.0+] Verifies the engine is locked by current session.
 
[2.0.0+] Verifies the engine is locked by current session.
   −
== LoadRsaOaepKey ==
+
== ImportEsKey ==
 
Wrapper for [[SMC#LoadRsaOaepKey|LoadRsaOaepKey SMC]].
 
Wrapper for [[SMC#LoadRsaOaepKey|LoadRsaOaepKey SMC]].
   Line 214: Line 214:  
Decrypts enc_privk_in_buf with a key generated from key_x and key_y and imports it for later usage.
 
Decrypts enc_privk_in_buf with a key generated from key_x and key_y and imports it for later usage.
   −
== UnwrapRsaOaepWrappedTitleKey ==
+
== UnwrapTitleKey ==
 
Wrapper for [[SMC#UnwrapRsaOaepWrappedTitleKey|UnwrapRsaOaepWrappedTitleKey SMC]].
 
Wrapper for [[SMC#UnwrapRsaOaepWrappedTitleKey|UnwrapRsaOaepWrappedTitleKey SMC]].
   Line 232: Line 232:  
[2.0.0+] Verifies the engine is locked by current session.
 
[2.0.0+] Verifies the engine is locked by current session.
   −
== UnwrapAesWrappedTitleKey ==
+
== UnwrapCommonTitleKey ==
 
Wrapper for [[SMC#UnwrapAesWrappedTitleKey|UnwrapAesWrappedTitleKey SMC]].
 
Wrapper for [[SMC#UnwrapAesWrappedTitleKey|UnwrapAesWrappedTitleKey SMC]].
   Line 239: Line 239:  
Returns a sealed titlekey.
 
Returns a sealed titlekey.
   −
== LockAesEngine ==
+
== AllocateAesKeyslot ==
Returns the id of the engine that was locked, or 0xD01A if all engines are busy. You need to lock an engine before using AES functions.
+
Returns an allocated keyslot, or 0xD01A if all keyslots are taken. You need to allocate a keyslot before using AES functions.
   −
== UnlockAesEngine ==
+
== FreeAesKeyslot ==
Takes a single u32 and unlocks the engine with that id. It must be owned by current session otherwise 0xD21A will be returned.
+
Takes a single u32 and frees the keyslot. The keyslot must have been allocated by current session otherwise 0xD21A will be returned.
   −
== GetSplWaitEvent ==
+
== GetAesKeyslotAvailableEvent ==
Returns an event handle for synchronizing with the locked AES engine.
+
Returns an event handle for synchronizing with the AES keyslots.
    
== SetBootReason ==
 
== SetBootReason ==
Sets a static dword in spl .bss to the user input u32.
+
Sets a static dword in spl .bss to the input u32 '''BootReason'''.
    
[4.0.0+] returns 0xD41A if a value has been previously set without being [[#GetBootReason|gotten]].
 
[4.0.0+] returns 0xD41A if a value has been previously set without being [[#GetBootReason|gotten]].
    
== GetBootReason ==
 
== GetBootReason ==
Returns the static dword in spl .bss that can be set via [[#SetBootReason]].
+
Returns the static dword '''BootReason''' in spl .bss that can be set via [[#SetBootReason]].
    
[4.0.0+] returns 0xD61A if a value has not previously been set, and unsets the value after getting it.
 
[4.0.0+] returns 0xD61A if a value has not previously been set, and unsets the value after getting it.
 +
 +
== LoadElicenseKey ==
 +
Same as [[#LoadTitleKey|LoadTitleKey]].
    
[[Category:Services]]
 
[[Category:Services]]