Changes

Jump to navigation Jump to search
3,762 bytes added ,  16:24, 2 September 2017
no edit summary
! Cmd || Name || Notes
|-
| 0 || [[#GetConfig]] || wrapper Wrapper for [[SMC#GetConfig|GetConfig]].
|-
| 1 || [[#UserExpMod]] || user User supplied modulus and exponent.
|-
| 2 || [[#GenerateAesKek]] || wrapper Wrapper for [[SMC#KeygenAndSealX|KeygenAndSealX]].
|-
| 3 || [[#LoadAesKey]] || wrapper Wrapper for [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]].
|-
| 4 || [[#GenerateAesKey]] || decrypts Decrypts 0x10 bytes using AES ECB, and uses [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]] with a fixed Y.
|-
| 5 || [[#SetConfig]] || wrapper Wrapper for [[SMC#SetConfig|SetConfig]].
|-
| 7 || [[#GetRandomBytes]] || uses Uses [[SMC#PrngX931|PrngX931]].
|-
| 9 || [[#DecryptImportPrivkForExpMod0]] || wrapper Wrapper for [[SMC#ImportParamsForFWithXY|ImportParamsForFWithXY]].
|-
| 10 || [[#ExpMod0]] || wrapper Wrapper for [[SMC#ExpMod|ExpMod]].
|-
| 11 || [[#IsDevelopment]] ||
|-
| 12 || [[#GenerateSpecificAesKey ]] || wrapper Wrapper for [[SMC#KeygenA|KeygenA]].
|-
| 13 || [[#DecryptExpModParamsWithXYDecryptPrivk]] || wrapper Wrapper for [[SMC#DecryptExpModParamsWithXY|DecryptExpModParamsWithXY]].
|-
| 14 || [[#DecryptAesKey]] || decrypts Decrypts 0x10 bytes using AES ECB, and uses [[SMC#SetKeyslotFromXY|SetKeyslotFromXY]] with fixed X and Y.
|-
| 15 || [[#DecryptAesCtr]] || wrapper Wrapper for [[SMC#SymmetricCrypto|SymmetricCrypto]].
|-
| 16 || [[#ComputeCmac]] || wrapper Wrapper for [[SMC#CMAC|CMAC]].
|-
| 17 || [[#DecryptImportPrivkForExpMod1]] || wrapper Wrapper for [[SMC#ImportParamsFor10WithXY|ImportParamsFor10WithXY]].
|-
| 18 || [[#ExpMod1]] || wrapper Wrapper for [[SMC#ExpModAndKeygenAndSealZ|ExpModAndKeygenAndSealZ]].
|-
| 19 || [[#SetKeyslotFromZLoadRsaKey]] || wrapper Wrapper for [[SMC#SetKeyslotFromZ|SetKeyslotFromZ]].
|-
| 20 || [2.0.0+[#GenerateRsaKek]] || wrapper Wrapper for [[SMC#KeygenAndSealZ|KeygenAndSealZ]]. [2.0.0+] only.
|-
| 21 || [[#LockAesEngine]] || [2.0.0+] [[#LockAesEngine]] || only.
|-
| 22 || [[#UnlockAesEngine]] || [2.0.0+] [[#UnlockAesEngine]] || only.
|-
| 23 || [[#GetSplWaitEvent]] || [2.0.0+] GetSplWaitEvent || only.
|}
== GetConfig ==
Takes an input word a u32 ('''ConfigItem'''), and returns a u64 with the config params('''ConfigVal''').
{| class="wikitable" border="1"
Kernel reads id12 when setting up memory-related code. If bit0 is set, it will memset various allocated memory-regions with 0x58, 0x59, 0x5A ('X', 'Y', 'Z') instead of zero. This allows Nintendo devs to find uninitialized memory bugs. If bit17-16 is 0b01, the kernel assumes 6GB of DRAM instead of 4GB.
 
== UserExpMod ==
Takes one type-10 (C descriptor) buffer ('''data_out_buf''') and 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''exp_in_buf''' and '''mod_in_buf''').
 
Performs asymmetric crypto with user supplied modulus and exponent.
== GenerateAesKek ==
Takes a 16-byte seed EKS ("BisEncryptionKeySourceForKek"'''Encryption Key Source''') and two words ("'''KeyGeneration" ''' and "'''option"''') as input.'''KeyGeneration ''' ranges from 0 to 2.
Same input gives same output. Output changes when system is rebootedReturns an hardware scrambled sealed KEK ('''Key Encryption Key''' used as '''key_x''').
== LoadAesKey ==
Takes a u32 ('''keyslot''') and two 16-byte keys ('''key_x''' and '''key_y'''). Sets the specified '''keyslot''' with a key generated from '''key_x''' and '''key_y'''. [2.0.0+] Now verifies that the engine used in use (0..3) is locked/owned by the current spl session, otherwise errors with 0xD21A. Previously engine was hardcoded to 0.
== GenerateAesKey ==
Takes a 16-byte KEK ('''key_x''') and a 16-byte encrypted key ('''enc_key'''). Generates a new key by decrypting '''enc_key''' with a key generated from the supplied '''key_x''' and a fixed '''key_y'''. [2.0.0+] Previously , it always used engine 0 always. Now it tries to allocate an engine to be used, and returns 0xD01A if they're all busy. After When the command is done, the engine is released.
== SetConfig ==
Takes two input words, a u32 ('''ConfigItem ''') and the value to seta u64 ('''ConfigVal''').
{| class="wikitable" border="1"
| 13 || BatteryProfile
|}
 
Any other '''ConfigItem''', besides 13, can't be set.
 
== DecryptImportPrivkForExpMod0 ==
Takes one type-9 (X descriptor) buffer ('''enc_privk_in_buf'''), a 16-byte KEK ('''key_x'''), a 16-byte key ('''key_y''') and a u32 ('''version''').
'''version''' is 0 or 1.
 
Decrypts '''enc_privk_in_buf''' with a key generated from '''key_x''' and '''key_y''' and imports it for later usage.
 
== ExpMod0 ==
Takes one type-10 (C descriptor) buffer ('''data_out_buf''') and 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''param0_in_buf''' and '''param1_in_buf''').
 
Decrypts '''data_in_buf''' into '''data_out_buf''' using the private key imported with [[#DecryptImportPrivkForExpMod0]] and the supplied buffers '''param0_in_buf''' and '''param1_in_buf'''.
 
Returns and unknown u32.
== IsDevelopment ==
Returns an u8 flag for whether the system is devunit. Output flag is 0 on retail.
== DecryptExpModParamsWithXY GenerateSpecificAesKey ==Last SPL cmd used Takes a 16-byte seed ('''key_seed''') and two words ('''KeyGeneration''' and '''option''') as input.'''KeyGeneration''' ranges from 0 to 2. Returns an hardware scrambled (unsealed?) key ('''key_a'''). == DecryptPrivk ==Takes one type-10 (C descriptor) buffer ('''dec_privk_out_buf'''), one type-9 (X descriptor) buffer ('''enc_privk_in_buf'''), a 16-byte KEK ('''key_x'''), a 16-byte key ('''key_y''') and a u32 ('''version''').'''version''' is 0 or 1. Decrypts '''enc_privk_in_buf''' into '''dec_privk_out_buf''' with a key generated from '''key_x''' and '''key_y'''. Used by [[SSL_services|SSL]]-sysmodule for TLS client-privk.
== DecryptAesKey ==
Scrambles Takes a 16-byte encrypted key ('''enc_key''') and two words ('''KeyGeneration''' and '''option''') as input.'''KeyGeneration''' ranges from 0 to 2. Decrypts '''enc_key''' with a different constant than nonkey generated from fixed '''key_x''' and '''key_y''' and returns a 16-"other" versionbyte decrypted key ('''dec_key''').
[2.0.0+] Introduced same engine allocation code as for [[#GenerateAesKey]].
== DecryptAesCtr ==
Takes a type-0x46 (B descriptor) buffer ('''data_out_buf'''), a u32 ('''keyslot'''), a type-0x45 (A descriptor) buffer ('''data_in_buf''') and a 16-byte CTR ('''aes_ctr'''). Decrypts '''data_in_buf''' into '''data_out_buf''' using the key set in the specified '''keyslot'''. [2.0.0+] Verifies the engine is locked by current session, same change as [[#LoadAesKey]].
== ComputeCmac ==
Takes one type-9 (X descriptor) buffer ('''data_in_buf''') and a u32 ('''type?'''). Returns a 16-byte CMAC calculated over '''data_in_buf'''. [2.0.0+] Verifies the engine is locked by current session. == DecryptImportPrivkForExpMod1 ==Takes one type-9 (X descriptor) buffer ('''enc_privk_in_buf'''), a 16-byte KEK ('''key_x'''), same change as [[#LoadAesKey]]a 16-byte key ('''key_y''') and a u32 ('''version''').'''version''' is 0 or 1. Decrypts '''enc_privk_in_buf''' with a key generated from '''key_x''' and '''key_y''' and imports it for later usage.
== SetKeyslotFromZ ExpMod1 ==Takes 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''param0_in_buf''' and '''param1_in_buf'''). Decrypts '''data_in_buf''' using the private key imported with [[#DecryptImportPrivkForExpMod1]] and the supplied buffers '''param0_in_buf''' and '''param1_in_buf'''. Generates and returns a 16-byte key ('''key_z'''). == LoadRsaKey ==Takes a u32 ('''keyslot''') and a 16-byte key ('''key_z'''). Sets the specified '''keyslot''' with a key generated from '''key_z'''. [2.0.0+] Verifies the engine is locked by current session, same change . == GenerateRsaKek ==Takes a 16-byte EKS ('''Encryption Key Source'''). Returns an hardware scrambled sealed KEK ('''Key Encryption Key''' used as [[#LoadAesKey]]'''key_z''').
== LockAesEngine ==
== UnlockAesEngine ==
Takes a single u32 and unlocks the engine with that id. It must be owned by current session otherwise 0xD21A will be returned.
 
== GetSplWaitEvent ==
Returns an event handle for synchronizing with the locked AES engine.

Navigation menu