Difference between revisions of "SPL services"

From Nintendo Switch Brew
Jump to navigation Jump to search
Line 4: Line 4:
 
! Cmd || Name || Notes
 
! Cmd || Name || Notes
 
|-
 
|-
| 0 || [[#GetConfig]] ||  
+
| 0 || [[#GetConfig]] || wrapper for [[SMC#GetConfig|GetConfig]]
 
|-
 
|-
| 1 || ||
+
| 1 || ExpMod || user supplied modulus and exponent
 
|-
 
|-
| 2 || [[#KeyGen0]] ||
+
| 2 || [[#KeygenAndSealX]] || wrapper for [[SMC#KeygenAndSealX|KeygenAndSealX]]
 
|-
 
|-
| 3 || ||
+
| 3 || SetKeyslotFromXY || wrapper for [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]]
 
|-
 
|-
| 4 || Aes128Ctr ||
+
| 4 || DecryptAESCBCWithX || decrypts 16 bytes, uses [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]] with a fixed Y and a fixed CBC IV
 
|-
 
|-
| 5 || [[#SetConfig]] ||
+
| 5 || [[#SetConfig]] || wrapper for [[SMC#SetConfig|SetConfig]]
 
|-
 
|-
| 7 || ||  
+
| 7 || Prng || uses [[SMC#PrngX931|PrngX931]]
 
|-
 
|-
| 9 || ||  
+
| 9 || ImportExpModParams || wrapper for [[SMC#ImportParamsForFWithXY|ImportParamsForFWithXY]]
 
|-
 
|-
| 10 || ||  
+
| 10 || ExpMod || wrapper for [[SMC#ExpMod|ExpMod]]
 
|-
 
|-
| 11 || [[#GetDevunitFlag]] ||  
+
| 11 || [[#GetDevunitFlag]] || uses [[SMC#GetConfig|GetConfig]]
 
|-
 
|-
| 12 || KeyGen1 ||  
+
| 12 || KeygenA || wrapper for [[SMC#KeygenA|KeygenA]]
 
|-
 
|-
| 13 || [[#EncDec0]] ||  
+
| 13 || [[#DecryptExpModParamsWithXY]] || wrapper for [[SMC#DecryptExpModParamsWithXY|DecryptExpModParamsWithXY]]
 
|-
 
|-
| 14 || KeyGen2 ||  
+
| 14 || DecryptAESCBC || decrypts 16 bytes, uses [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]] with fixed X, Y and a fixed CBC IV
 
|-
 
|-
| 15 || ||  
+
| 15 || SymmetricCrypto || wrapper for [[SMC#SymmetricCrypto|SymmetricCrypto]]
 
|-
 
|-
| 16 || ||  
+
| 16 || CMAC || wrapper for [[SMC#CMAC|CMAC]]
 
|-
 
|-
| 17 || EncDec1 ||  
+
| 17 || ImportExpModParams || wrapper for [[SMC#ImportParamsFor10WithXY|ImportParamsFor10WithXY]]
 
|-
 
|-
| 18 || EncDec2 ||  
+
| 18 || ExpModAndKeygenAndSealZ || wrapper for [[SMC#ExpModAndKeygenAndSealZ|ExpModAndKeygenAndSealZ]]
 
|-
 
|-
| 19 || ||  
+
| 19 || SetKeyslotFromZ || wrapper for [[SMC#SetKeyslotFromZ|SetKeyslotFromZ]]
 
|-
 
|-
| 20 || ||  
+
| 20 || KeygenAndSealZ || wrapper for [[SMC#KeygenAndSealZ|KeygenAndSealZ]]
 
|-
 
|-
 
| 21 || ||  
 
| 21 || ||  
Line 75: Line 75:
 
[[Loader services|RO]] checks id11, if set then skipping NRR rsa signatures is allowed.
 
[[Loader services|RO]] checks id11, if set then skipping NRR rsa signatures is allowed.
  
== KeyGen0 ==
+
== KeygenAndSealX ==
 
Takes 16-bytes as input and two u32s. Outputs random-looking 16-bytes.
 
Takes 16-bytes as input and two u32s. Outputs random-looking 16-bytes.
  
Line 95: Line 95:
 
Returns an u8 flag for whether the system is devunit. Output flag is 0 on retail.
 
Returns an u8 flag for whether the system is devunit. Output flag is 0 on retail.
  
== EncDec0 ==
+
== DecryptExpModParamsWithXY ==
 
Last SPL cmd used by [[SSL_services|SSL]]-sysmodule for TLS client-privk.
 
Last SPL cmd used by [[SSL_services|SSL]]-sysmodule for TLS client-privk.

Revision as of 00:46, 19 July 2017

spl:

Cmd Name Notes
0 #GetConfig wrapper for GetConfig
1 ExpMod user supplied modulus and exponent
2 #KeygenAndSealX wrapper for KeygenAndSealX
3 SetKeyslotFromXY wrapper for SetKeyslotFromXY
4 DecryptAESCBCWithX decrypts 16 bytes, uses SetKeyslotFromXY with a fixed Y and a fixed CBC IV
5 #SetConfig wrapper for SetConfig
7 Prng uses PrngX931
9 ImportExpModParams wrapper for ImportParamsForFWithXY
10 ExpMod wrapper for ExpMod
11 #GetDevunitFlag uses GetConfig
12 KeygenA wrapper for KeygenA
13 #DecryptExpModParamsWithXY wrapper for DecryptExpModParamsWithXY
14 DecryptAESCBC decrypts 16 bytes, uses SetKeyslotFromXY with fixed X, Y and a fixed CBC IV
15 SymmetricCrypto wrapper for SymmetricCrypto
16 CMAC wrapper for CMAC
17 ImportExpModParams wrapper for ImportParamsFor10WithXY
18 ExpModAndKeygenAndSealZ wrapper for ExpModAndKeygenAndSealZ
19 SetKeyslotFromZ wrapper for SetKeyslotFromZ
20 KeygenAndSealZ wrapper for KeygenAndSealZ
21
22
23 GetSplWaitEvent

GetConfig

Takes an input word (ConfigItem), and returns a u64 with the config params.

ConfigItem Name
2 MemoryConfiguration
5 HardwareType (0=Icosa, 1=Copper)
7 IsRecoveryBoot
8 DeviceId (byte7 clear).
9 BootReason
11 AllowSkippingNrrSignatures
13 BatteryProfile?

Output from this when used by NIM must match the set:cal DeviceId with byte7 cleared, otherwise NIM will panic.

RO checks id11, if set then skipping NRR rsa signatures is allowed.

KeygenAndSealX

Takes 16-bytes as input and two u32s. Outputs random-looking 16-bytes.

Same input gives same output. Output changes when system is rebooted.

SetConfig

Takes two input words, a ConfigItem and the value to set.

ConfigItem Name
13 Battery profile?

GetDevunitFlag

No input params.

Returns an u8 flag for whether the system is devunit. Output flag is 0 on retail.

DecryptExpModParamsWithXY

Last SPL cmd used by SSL-sysmodule for TLS client-privk.