SPL services

Revision as of 22:51, 18 July 2017 by Qlutoo (talk | contribs)
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

spl:

Cmd Name Notes
0 #GetConfig wrapper for GetConfig
1 ExpMod user supplied modulus and exponent
2 #KeygenAndSealX wrapper for KeygenAndSealX
3 SetKeyslotFromXY wrapper for SetKeyslotFromXY
4 DecryptAESCBCWithX decrypts 16 bytes, uses SetKeyslotFromXY with a fixed Y and a fixed CBC IV
5 #SetConfig wrapper for SetConfig
7 Prng uses PrngX931
9 ImportExpModParams wrapper for ImportParamsForFWithXY
10 ExpMod wrapper for ExpMod
11 #IsDevUnit uses GetConfig
12 KeygenA wrapper for KeygenA
13 #DecryptExpModParamsWithXY wrapper for DecryptExpModParamsWithXY
14 DecryptAESCBC decrypts 16 bytes, uses SetKeyslotFromXY with fixed X, Y and a fixed CBC IV
15 SymmetricCrypto wrapper for SymmetricCrypto
16 CMAC wrapper for CMAC
17 ImportExpModParams wrapper for ImportParamsFor10WithXY
18 ExpModAndKeygenAndSealZ wrapper for ExpModAndKeygenAndSealZ
19 SetKeyslotFromZ wrapper for SetKeyslotFromZ
20 KeygenAndSealZ wrapper for KeygenAndSealZ
21
22
23 GetSplWaitEvent

GetConfig

Takes an input word (ConfigItem), and returns a u64 with the config params.

ConfigItem Name
1 DisableProgramVerification
2 MemoryConfiguration
5 HardwareType (0=Icosa, 1=Copper)
7 IsRecoveryBoot
8 DeviceId (byte7 clear).
9 BootReason
11 AllowSkippingNrrSignatures
13 BatteryProfile?

Output from this when used by NIM must match the set:cal DeviceId with byte7 cleared, otherwise NIM will panic.

RO checks id11, if set then skipping NRR rsa signatures is allowed.

KeygenAndSealX

Takes 16-bytes as input and two u32s. Outputs random-looking 16-bytes.

Same input gives same output. Output changes when system is rebooted.

SetConfig

Takes two input words, a ConfigItem and the value to set.

ConfigItem Name
13 Battery profile?

IsDevUnit

No input params.

Returns an u8 flag for whether the system is devunit. Output flag is 0 on retail.

DecryptExpModParamsWithXY

Last SPL cmd used by SSL-sysmodule for TLS client-privk.