Nintendo Switch Brew

SPL services: Difference between revisions

← Older editNewer edit →
From "nn::spl::DecryptAesKey"
No edit summary
Line 19: Line 19:
! Cmd || Name || Notes
! Cmd || Name || Notes
|-
|-
| 0 || [[#GetConfig]] || wrapper for [[SMC#GetConfig|GetConfig]]
| 0 || [[#GetConfig]] || Wrapper for [[SMC#GetConfig|GetConfig]].
|-
|-
| 1 || || user supplied modulus and exponent
| 1 || [[#UserExpMod]] || User supplied modulus and exponent.
|-
|-
| 2 || [[#GenerateAesKek]] || wrapper for [[SMC#KeygenAndSealX|KeygenAndSealX]]
| 2 || [[#GenerateAesKek]] || Wrapper for [[SMC#KeygenAndSealX|KeygenAndSealX]].
|-
|-
| 3 || [[#LoadAesKey]] || wrapper for [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]]
| 3 || [[#LoadAesKey]] || Wrapper for [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]].
|-
|-
| 4 || [[#GenerateAesKey]] || decrypts 0x10 bytes using AES ECB, uses [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]] with a fixed Y
| 4 || [[#GenerateAesKey]] || Decrypts 0x10 bytes using AES ECB and uses [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]] with a fixed Y.
|-
|-
| 5 || [[#SetConfig]] || wrapper for [[SMC#SetConfig|SetConfig]]
| 5 || [[#SetConfig]] || Wrapper for [[SMC#SetConfig|SetConfig]].
|-
|-
| 7 || [[#GetRandomBytes]] || uses [[SMC#PrngX931|PrngX931]]
| 7 || [[#GetRandomBytes]] || Uses [[SMC#PrngX931|PrngX931]].
|-
|-
| 9 || || wrapper for [[SMC#ImportParamsForFWithXY|ImportParamsForFWithXY]]
| 9 || [[#DecryptImportPrivkForExpMod0]] || Wrapper for [[SMC#ImportParamsForFWithXY|ImportParamsForFWithXY]].
|-
|-
| 10 || || wrapper for [[SMC#ExpMod|ExpMod]]
| 10 || [[#ExpMod0]] || Wrapper for [[SMC#ExpMod|ExpMod]].
|-
|-
| 11 || [[#IsDevelopment]] ||
| 11 || [[#IsDevelopment]] ||
|-
|-
| 12 || GenerateSpecificAesKey || wrapper for [[SMC#KeygenA|KeygenA]]
| 12 || [[#GenerateSpecificAesKey]] || Wrapper for [[SMC#KeygenA|KeygenA]].
|-
|-
| 13 || [[#DecryptExpModParamsWithXY]] || wrapper for [[SMC#DecryptExpModParamsWithXY|DecryptExpModParamsWithXY]]
| 13 || [[#DecryptPrivk]] || Wrapper for [[SMC#DecryptExpModParamsWithXY|DecryptExpModParamsWithXY]].
|-
|-
| 14 || [[#DecryptAesKey]] || decrypts 0x10 bytes using AES ECB, uses [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]] with fixed X and Y
| 14 || [[#DecryptAesKey]] || Decrypts 0x10 bytes using AES ECB and uses [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]] with fixed X and Y.
|-
|-
| 15 || [[#DecryptAesCtr]] || wrapper for [[SMC#SymmetricCrypto|SymmetricCrypto]]
| 15 || [[#DecryptAesCtr]] || Wrapper for [[SMC#SymmetricCrypto|SymmetricCrypto]].
|-
|-
| 16 || [[#ComputeCmac]] || wrapper for [[SMC#CMAC|CMAC]]
| 16 || [[#ComputeCmac]] || Wrapper for [[SMC#CMAC|CMAC]].
|-
|-
| 17 || || wrapper for [[SMC#ImportParamsFor10WithXY|ImportParamsFor10WithXY]]
| 17 || [[#DecryptImportPrivkForExpMod1]] || Wrapper for [[SMC#ImportParamsFor10WithXY|ImportParamsFor10WithXY]].
|-
|-
| 18 || || wrapper for [[SMC#ExpModAndKeygenAndSealZ|ExpModAndKeygenAndSealZ]]
| 18 || [[#ExpMod1]] || Wrapper for [[SMC#ExpModAndKeygenAndSealZ|ExpModAndKeygenAndSealZ]].
|-
|-
| 19 || [[#SetKeyslotFromZ]] || wrapper for [[SMC#SetKeyslotFromZ|SetKeyslotFromZ]]
| 19 || [[#LoadRsaKey]] || Wrapper for [[SMC#SetKeyslotFromZ|SetKeyslotFromZ]].
|-
|-
| 20 || [2.0.0+] || wrapper for [[SMC#KeygenAndSealZ|KeygenAndSealZ]]
| 20 || [[#GenerateRsaKek]] || Wrapper for [[SMC#KeygenAndSealZ|KeygenAndSealZ]]. [2.0.0+] only.
|-
|-
| 21 || [2.0.0+] [[#LockAesEngine]] ||
| 21 || [[#LockAesEngine]] || [2.0.0+] only.
|-
|-
| 22 || [2.0.0+] [[#UnlockAesEngine]] ||
| 22 || [[#UnlockAesEngine]] || [2.0.0+] only.
|-
|-
| 23 || [2.0.0+] GetSplWaitEvent ||
| 23 || [[#GetSplWaitEvent]] || [2.0.0+] only.
|}
|}


== GetConfig ==
== GetConfig ==
Takes an input word (ConfigItem), and returns a u64 with the config params.
Takes a u32 ('''ConfigItem'''), and returns a u64 ('''ConfigVal''').


{| class="wikitable" border="1"
{| class="wikitable" border="1"
Line 149: Line 149:


Kernel reads id12 when setting up memory-related code. If bit0 is set, it will memset various allocated memory-regions with 0x58, 0x59, 0x5A ('X', 'Y', 'Z') instead of zero. This allows Nintendo devs to find uninitialized memory bugs. If bit17-16 is 0b01, the kernel assumes 6GB of DRAM instead of 4GB.
Kernel reads id12 when setting up memory-related code. If bit0 is set, it will memset various allocated memory-regions with 0x58, 0x59, 0x5A ('X', 'Y', 'Z') instead of zero. This allows Nintendo devs to find uninitialized memory bugs. If bit17-16 is 0b01, the kernel assumes 6GB of DRAM instead of 4GB.
== UserExpMod ==
Takes one type-10 (C descriptor) buffer ('''data_out_buf''') and 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''exp_in_buf''' and '''mod_in_buf''').
Performs asymmetric crypto with user supplied modulus and exponent.


== GenerateAesKek ==
== GenerateAesKek ==
Takes a 16-byte seed ("BisEncryptionKeySourceForKek") and two words ("KeyGeneration" and "option") as input.
Takes a 16-byte EKS ('''Encryption Key Source''') and two words ('''KeyGeneration''' and '''option''') as input.
KeyGeneration ranges from 0 to 2.
'''KeyGeneration''' ranges from 0 to 2.


Same input gives same output. Output changes when system is rebooted.
Returns an hardware scrambled sealed KEK ('''Key Encryption Key''' used as '''key_x''').


== LoadAesKey ==
== LoadAesKey ==
[2.0.0+] Now verifies that the engine used (0..3) is locked/owned by the current spl session, otherwise errors with 0xD21A. Previously engine was hardcoded to 0.
Takes a u32 ('''keyslot''') and two 16-byte keys ('''key_x''' and '''key_y''').
 
Sets the specified '''keyslot''' with a key generated from '''key_x''' and '''key_y'''.
 
[2.0.0+] Now verifies that the engine in use (0..3) is locked/owned by the current spl session, otherwise errors with 0xD21A. Previously engine was hardcoded to 0.


== GenerateAesKey ==
== GenerateAesKey ==
[2.0.0+] Previously it used engine 0 always. Now it tries to allocate an engine to be used, returns 0xD01A if they're all busy. After command is done, the engine is released.
Takes a 16-byte KEK ('''key_x''') and a 16-byte encrypted key ('''enc_key''').
 
Generates a new key by decrypting '''enc_key''' with a key generated from the supplied '''key_x''' and a fixed '''key_y'''.
 
[2.0.0+] Previously, it always used engine 0. Now it tries to allocate an engine to be used and returns 0xD01A if they're all busy. When the command is done, the engine is released.


== SetConfig ==
== SetConfig ==
Takes two input words, a ConfigItem and the value to set.
Takes a u32 ('''ConfigItem''') and a u64 ('''ConfigVal''').


{| class="wikitable" border="1"
{| class="wikitable" border="1"
Line 171: Line 184:
| 13 || BatteryProfile
| 13 || BatteryProfile
|}
|}
Any other '''ConfigItem''', besides 13, can't be set.
== DecryptImportPrivkForExpMod0 ==
Takes one type-9 (X descriptor) buffer ('''enc_privk_in_buf'''), a 16-byte KEK ('''key_x'''), a 16-byte key ('''key_y''') and a u32 ('''version''').
'''version''' is 0 or 1.
Decrypts '''enc_privk_in_buf''' with a key generated from '''key_x''' and '''key_y''' and imports it for later usage.
== ExpMod0 ==
Takes one type-10 (C descriptor) buffer ('''data_out_buf''') and 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''param0_in_buf''' and '''param1_in_buf''').
Decrypts '''data_in_buf''' into '''data_out_buf''' using the private key imported with [[#DecryptImportPrivkForExpMod0]] and the supplied buffers '''param0_in_buf''' and '''param1_in_buf'''.
Returns and unknown u32.


== IsDevelopment ==
== IsDevelopment ==
Line 179: Line 207:
Returns an u8 flag for whether the system is devunit. Output flag is 0 on retail.
Returns an u8 flag for whether the system is devunit. Output flag is 0 on retail.


== DecryptExpModParamsWithXY ==
== GenerateSpecificAesKey ==
Last SPL cmd used by [[SSL_services|SSL]]-sysmodule for TLS client-privk.
Takes a 16-byte seed ('''key_seed''') and two words ('''KeyGeneration''' and '''option''') as input.
'''KeyGeneration''' ranges from 0 to 2.
 
Returns an hardware scrambled (unsealed?) key ('''key_a''').
 
== DecryptPrivk ==
Takes one type-10 (C descriptor) buffer ('''dec_privk_out_buf'''), one type-9 (X descriptor) buffer ('''enc_privk_in_buf'''), a 16-byte KEK ('''key_x'''), a 16-byte key ('''key_y''') and a u32 ('''version''').
'''version''' is 0 or 1.
 
Decrypts '''enc_privk_in_buf''' into '''dec_privk_out_buf''' with a key generated from '''key_x''' and '''key_y'''.
 
Used by [[SSL_services|SSL]]-sysmodule for TLS client-privk.


== DecryptAesKey ==
== DecryptAesKey ==
Scrambles with a different constant than non-"other" version.
Takes a 16-byte encrypted key ('''enc_key''') and two words ('''KeyGeneration''' and '''option''') as input.
'''KeyGeneration''' ranges from 0 to 2.
 
Decrypts '''enc_key''' with a key generated from fixed '''key_x''' and '''key_y''' and returns a 16-byte decrypted key ('''dec_key''').


[2.0.0+] Introduced same engine allocation code as for [[#GenerateAesKey]].
[2.0.0+] Introduced same engine allocation code as for [[#GenerateAesKey]].


== DecryptAesCtr ==
== DecryptAesCtr ==
[2.0.0+] Verifies the engine is locked by current session, same change as [[#LoadAesKey]].
Takes a type-0x46 (B descriptor) buffer ('''data_out_buf'''), a u32 ('''keyslot'''), a type-0x45 (A descriptor) buffer ('''data_in_buf''') and a 16-byte CTR ('''aes_ctr''').
 
Decrypts '''data_in_buf''' into '''data_out_buf''' using the key set in the specified '''keyslot'''.
 
[2.0.0+] Verifies the engine is locked by current session.


== ComputeCmac ==
== ComputeCmac ==
[2.0.0+] Verifies the engine is locked by current session, same change as [[#LoadAesKey]].
Takes one type-9 (X descriptor) buffer ('''data_in_buf''') and a u32 ('''type?''').
 
Returns a 16-byte CMAC calculated over '''data_in_buf'''.
 
[2.0.0+] Verifies the engine is locked by current session.
 
== DecryptImportPrivkForExpMod1 ==
Takes one type-9 (X descriptor) buffer ('''enc_privk_in_buf'''), a 16-byte KEK ('''key_x'''), a 16-byte key ('''key_y''') and a u32 ('''version''').
'''version''' is 0 or 1.
 
Decrypts '''enc_privk_in_buf''' with a key generated from '''key_x''' and '''key_y''' and imports it for later usage.


== SetKeyslotFromZ ==
== ExpMod1 ==
[2.0.0+] Verifies the engine is locked by current session, same change as [[#LoadAesKey]].
Takes 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''param0_in_buf''' and '''param1_in_buf''').
 
Decrypts '''data_in_buf''' using the private key imported with [[#DecryptImportPrivkForExpMod1]] and the supplied buffers '''param0_in_buf''' and '''param1_in_buf'''.
 
Generates and returns a 16-byte key ('''key_z''').
 
== LoadRsaKey ==
Takes a u32 ('''keyslot''') and a 16-byte key ('''key_z''').
 
Sets the specified '''keyslot''' with a key generated from '''key_z'''.
 
[2.0.0+] Verifies the engine is locked by current session.
 
== GenerateRsaKek ==
Takes a 16-byte EKS ('''Encryption Key Source''').
 
Returns an hardware scrambled sealed KEK ('''Key Encryption Key''' used as '''key_z''').


== LockAesEngine ==
== LockAesEngine ==
Line 201: Line 273:
== UnlockAesEngine ==
== UnlockAesEngine ==
Takes a single u32 and unlocks the engine with that id. It must be owned by current session otherwise 0xD21A will be returned.
Takes a single u32 and unlocks the engine with that id. It must be owned by current session otherwise 0xD21A will be returned.
== GetSplWaitEvent ==
Returns an event handle for synchronizing with the locked AES engine.
Retrieved from "https://switchbrew.org/wiki/SPL_services"