SPL services: Difference between revisions
No edit summary |
|||
Line 37: | Line 37: | ||
| 7 || [[#GetRandomBytes]] || Uses [[SMC#GetRandomBytes|GetRandomBytes SMC]]. | | 7 || [[#GetRandomBytes]] || Uses [[SMC#GetRandomBytes|GetRandomBytes SMC]]. | ||
|- | |- | ||
| 9 || [[# | | 9 || [[#LoadSecureExpModKey]] || Speculative name. Wrapper for [[SMC#LoadSecureExpModKey|LoadSecureExpModKey SMC]]. | ||
|- | |- | ||
| 10 || [[# | | 10 || [[#SecureExpMod]] || Speculative name. Uses [[SMC#SecureExpMod|SecureExpModSMC]]. | ||
|- | |- | ||
| 11 || [[#IsDevelopment]] || | | 11 || [[#IsDevelopment]] || | ||
Line 53: | Line 53: | ||
| 16 || [[#ComputeCmac]] || Wrapper for [[SMC#ComputeCmac|ComputeCmac SMC]]. | | 16 || [[#ComputeCmac]] || Wrapper for [[SMC#ComputeCmac|ComputeCmac SMC]]. | ||
|- | |- | ||
| 17 || [[# | | 17 || [[#LoadRsaOaepKey]] || Speculative name. Wrapper for [[SMC#LoadRsaOaepKey|LoadRsaOaepKey SMC]]. | ||
|- | |- | ||
| 18 || [[# | | 18 || [[#UnwrapRsaOaepWrappedTitleKey]] || Speculative name. Wrapper for [[SMC#UnwrapRsaOaepWrappedTitleKey|UnwrapRsaOaepWrappedTitleKey SMC]]. | ||
|- | |- | ||
| 19 || [[#LoadTitleKey]] || Wrapper for [[SMC#LoadTitleKey|LoadTitleKey SMC]]. | | 19 || [[#LoadTitleKey]] || Wrapper for [[SMC#LoadTitleKey|LoadTitleKey SMC]]. | ||
Line 203: | Line 203: | ||
Any other '''ConfigItem''', besides 13, can't be set. | Any other '''ConfigItem''', besides 13, can't be set. | ||
== | == LoadRsaOaepKey == | ||
Takes one type-9 (X descriptor) buffer ('''enc_privk_in_buf'''), a 16-byte KEK ('''key_x'''), a 16-byte key ('''key_y''') and a u32 ('''version'''). | Takes one type-9 (X descriptor) buffer ('''enc_privk_in_buf'''), a 16-byte KEK ('''key_x'''), a 16-byte key ('''key_y''') and a u32 ('''version'''). | ||
'''version''' is 0 for normal keys or 1 for extended keys. | '''version''' is 0 for normal keys or 1 for extended keys. | ||
Line 209: | Line 209: | ||
Decrypts '''enc_privk_in_buf''' with a key generated from '''key_x''' and '''key_y''' and imports it for later usage. | Decrypts '''enc_privk_in_buf''' with a key generated from '''key_x''' and '''key_y''' and imports it for later usage. | ||
== | == UnwrapRsaOaepWrappedTitleKey == | ||
Takes one type-10 (C descriptor) buffer ('''data_out_buf''') and 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''mod_in_buf''' and '''label_hash_in_buf'''). | Takes one type-10 (C descriptor) buffer ('''data_out_buf''') and 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''mod_in_buf''' and '''label_hash_in_buf'''). | ||
Decrypts '''data_in_buf''' into '''data_out_buf''' using the private key imported with [[# | Decrypts '''data_in_buf''' into '''data_out_buf''' using the private key imported with [[#UnwrapRsaOaepWrappedTitleKey]] and the supplied '''mod_in_buf'''. Afterwards, verifies RSA-OAEP encoding using '''label_hash_in_buf'''. | ||
Returns an u32 ('''dec_data_size'''). | Returns an u32 ('''dec_data_size'''). | ||
Line 259: | Line 259: | ||
[2.0.0+] Verifies the engine is locked by current session. | [2.0.0+] Verifies the engine is locked by current session. | ||
== | == LoadSecureExpModKey == | ||
Takes one type-9 (X descriptor) buffer ('''enc_privk_in_buf'''), a 16-byte KEK ('''key_x'''), a 16-byte key ('''key_y''') and a u32 ('''version'''). | Takes one type-9 (X descriptor) buffer ('''enc_privk_in_buf'''), a 16-byte KEK ('''key_x'''), a 16-byte key ('''key_y''') and a u32 ('''version'''). | ||
'''version''' is 0 for normal keys or 1 for extended keys. | '''version''' is 0 for normal keys or 1 for extended keys. | ||
Line 265: | Line 265: | ||
Decrypts '''enc_privk_in_buf''' with a key generated from '''key_x''' and '''key_y''' and imports it for later usage. | Decrypts '''enc_privk_in_buf''' with a key generated from '''key_x''' and '''key_y''' and imports it for later usage. | ||
== | == SecureExpMod == | ||
Takes 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''mod_in_buf''' and '''param0_in_buf'''). | Takes 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''mod_in_buf''' and '''param0_in_buf'''). | ||
Decrypts '''data_in_buf''' using the private key imported with [[# | Decrypts '''data_in_buf''' using the private key imported with [[#LoadSecureExpModKey]] and the supplied '''mod_in_buf''' and '''param0_in_buf'''. | ||
Generates and returns a 16-byte sealed titlekey. | Generates and returns a 16-byte sealed titlekey. |