Security Engine

From Nintendo Switch Brew
Jump to: navigation, search

The Nintendo Switch uses Tegra's Security Engine (SE) for handling cryptographic opearations at the system's lowest level.

The SE driver is mapped to physical address 0x70012000 with a total size of 0x2000 bytes and exposes several registers for programming the Security Engine.

Registers

Name Address
SE_SECURITY 0x70012000
SE_TZRAM_SECURITY 0x70012004
SE_OPERATION 0x70012008
SE_INT_ENABLE 0x7001200C
SE_INT_STATUS 0x70012010
SE_CONFIG 0x70012014
SE_IN_LL_ADDR 0x70012018
SE_OUT_LL_ADDR 0x70012024
SE_HASH_RESULT0_0 0x70012030
SE_HASH_RESULT0_1 0x70012034
SE_HASH_RESULT0_2 0x70012038
SE_HASH_RESULT0_3 0x7001203C
SE_HASH_RESULT1_0 0x70012040
SE_HASH_RESULT1_1 0x70012044
SE_HASH_RESULT1_2 0x70012048
SE_HASH_RESULT1_3 0x7001204C
SE_HASH_RESULT2_0 0x70012050
SE_HASH_RESULT2_1 0x70012054
SE_HASH_RESULT2_2 0x70012058
SE_HASH_RESULT2_3 0x7001205C
SE_HASH_RESULT3_0 0x70012060
SE_HASH_RESULT3_1 0x70012064
SE_HASH_RESULT3_2 0x70012068
SE_HASH_RESULT3_3 0x7001206C
SE_CTX_SAVE_CONFIG 0x70012070
SE_CTX_SAVE_AUTO 0x70012074
SE_SHA_CONFIG 0x70012200
SE_SHA_MSG_LENGTH0 0x70012204
SE_SHA_MSG_LENGTH1 0x70012208
SE_SHA_MSG_LENGTH2 0x7001220C
SE_SHA_MSG_LENGTH3 0x70012210
SE_SHA_MSG_LEFT0 0x70012214
SE_SHA_MSG_LEFT1 0x70012218
SE_SHA_MSG_LEFT2 0x7001221C
SE_SHA_MSG_LEFT3 0x70012220
SE_CRYPTO_KEY_READ_DISABLE 0x70012280
SE_CRYPTO_KEYTABLE_ACCESS 0x70012284
SE_CRYPTO_CONFIG 0x70012304
SE_CRYPTO_CTR 0x70012308
SE_CRYPTO_BLOCK_COUNT 0x70012318
SE_CRYPTO_KEYTABLE_ADDR 0x7001231C
SE_CRYPTO_KEYTABLE_DATA 0x70012320
SE_CRYPTO_KEYTABLE_DST 0x70012330
SE_RNG_CONFIG 0x70012340
SE_RNG_SRC_CONFIG 0x70012344
SE_RNG_RESEED_INTERVAL 0x70012348
SE_RSA_CONFIG 0x70012400
SE_RSA_KEY_SIZE 0x70012404
SE_RSA_EXP_SIZE 0x70012408
SE_RSA_KEY_READ_DISABLE 0x7001240C
SE_RSA_KEYTABLE_ACCESS 0x70012410
SE_RSA_KEYTABLE_ADDR 0x70012420
SE_RSA_KEYTABLE_DATA 0x70012424
SE_RSA_OUTPUT 0x70012428
SE_STATUS 0x70012800
SE_ERR_STATUS 0x70012804
SE_SPARE 0x7001280C