Changes

Jump to navigation Jump to search
47 bytes added ,  16:48, 27 April 2019
better names
! Cmd || Name
|-
| 0 || [[#GetRandomBytesGenerateRandomBytes]]
|}
== GetRandomBytes GenerateRandomBytes ==
Takes a type-6 buffer and fills it with random data from [[SMC#GetRandomBytes|GetRandomBytes SMC]]. Same command for "spl:" and "csrng" services.
= spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu =
These are "nn::spl::detail::IGeneralInterface", "nn::spl::detail::ICryptoInterface", "nn::spl::detail::IFsInterface", "nn::spl::detail::ISslInterface", "nn::spl::detail::IEsInterface" and "nn::spl::detail::IManuInterface"(?).
[2.0.0+] Where previously only one AES engine keyslot was utilizedused, there is now support for 4 of them.
[2.0.0+] When the session closes, all allocated AES engines that were locked keyslots are automatically unlockedfreed.
{| class="wikitable" border="1"
| 0 || [[#GetConfig]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
|-
| 1 || [[#UserExpModExpMod]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
|-
| 2 || [[#GenerateAesKek]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
| 5 || [[#SetConfig]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
|-
| 7 || [[#GetRandomBytesGenerateRandomBytes]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
|-
| 9 || [[#LoadSecureExpModKeyImportLotusKey]] || spl:fs
|-
| 10 || [[#SecureExpModDecryptLotusMessage]] || spl:fs
|-
| 11 || [[#IsDevelopment]] || spl:, spl:mig, spl:fs, spl:ssl spl:es, spl:manu
| 14 || [[#DecryptAesKey]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
|-
| 15 || [[#DecryptAesCtrCryptAesCtr]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
|-
| 16 || [[#ComputeCmac]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
|-
| 17 || [[#LoadRsaOaepKeyImportEsKey]] || spl:es
|-
| 18 || [[#UnwrapRsaOaepWrappedTitleKeyUnwrapTitleKey]] || spl:es
|-
| 19 || [[#LoadTitleKey]] || spl:fs
|-
| 20 || [2.0.0+] [[#UnwrapAesWrappedTitleKey UnwrapCommonTitleKey]] || spl:es
|-
| 21 || [2.0.0+] [[#LockAesEngineAllocateAesKeyslot]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
|-
| 22 || [2.0.0+] [[#UnlockAesEngineFreeAesKeyslot]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
|-
| 23 || [2.0.0+] [[#GetSplWaitEventGetAesKeyslotAvailableEvent]] || spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
|-
| 24 || [3.0.0+] [[#SetBootReason]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
| 25 || [3.0.0+] [[#GetBootReason]] || spl:, spl:mig, spl:fs, spl:ssl, spl:es, spl:manu
|-
| 26 || [5.0.0+] ImportSslRsaKey ImportSslKey || spl:ssl
|-
| 27 || [5.0.0+] SecureExpModWithSslKey SslExpMod || spl:ssl
|-
| 28 || [5.0.0+] ImportEsRsaKey ImportDrmKey || spl:es
|-
| 29 || [5.0.0+] SecureExpModWithEsKey DrmExpMod || spl:es
|-
| 30 || [5.0.0+] EncryptManuRsaKeyForImport ReEncryptRsaPrivateKey || spl:manu
|-
| 31 || [5.0.0+] GetPackage2Hash || spl:fs
|-
| 31 || [6.0.0+] UnwrapRsaWrappedElicenseKey UnwrapElicenseKey || spl:es
|-
| 32 || [6.0.0+] [[#LoadTitleKeyLoadElicenseKey]] || spl:es
|}
Takes a u32 ('''ConfigItem'''), and returns one or more u64s ('''ConfigVal''').
== UserExpMod ExpMod ==
Wrapper for [[SMC#ExpMod|ExpMod SMC]].
Sets the specified '''keyslot''' with a key generated from '''key_x''' and '''key_y'''.
[2.0.0+] Now verifies that the engine keyslot in use (0..3) is locked/owned allocated by the current spl session, otherwise errors with 0xD21A. Previously engine , keyslot was hardcoded to 0.
== GenerateAesKey ==
Generates a new key by decrypting (AES-ECB) '''enc_key''' with a key generated from the supplied '''key_x''' and a fixed '''key_y''' set with [[SMC#LoadAesKey|LoadAesKey SMC]].
[2.0.0+] Previously, it always used engine keyslot 0. Now it tries to allocate an engine a keyslot to be used and returns 0xD01A if they're all busy. When the command is done, the engine keyslot is released.
== SetConfig ==
! ConfigItem || Name
|-
| 13 || BatteryProfileIsChargerHiZModeEnabled
|}
Any other '''ConfigItem''', besides 13, can't be set.
== LoadSecureExpModKey ImportLotusKey ==
Wrapper for [[SMC#LoadSecureExpModKey|LoadSecureExpModKey SMC]].
[5.0.0+] This now calls [[SMC#EncryptRsaKeyForImport|EncryptRsaKeyForImport SMC]] instead.
== SecureExpMod DecryptLotusMessage ==Takes 3 type-9 (X descriptor) buffers ('''data_in_buf''', '''mod_in_buf''' and '''param0_in_buflabel_hash_in_buf''').
Uses [[SMC#SecureExpMod|SecureExpMod SMC]] to decrypt '''data_in_buf''' using the private key imported with [[#LoadSecureExpModKey]] and the supplied '''mod_in_buf''' and '''param0_in_buflabel_hash_in_buf'''.
Generates and returns a 16-byte sealed titlekey.
[2.0.0+] Introduced same engine allocation code as for [[#GenerateAesKey]].
== DecryptAesCtr CryptAesCtr ==
Takes a type-0x46 (B descriptor) buffer ('''data_out_buf'''), a u32 ('''keyslot'''), a type-0x45 (A descriptor) buffer ('''data_in_buf''') and a 16-byte CTR ('''aes_ctr''').
Uses [[SMC#CryptAes|CryptAes SMC]] to decrypt '''data_in_buf''' into '''data_out_buf''', using the key set in the specified '''keyslot'''.
[2.0.0+] Verifies the engine is locked keyslot was allocated by current session.
== ComputeCmac ==
[2.0.0+] Verifies the engine is locked by current session.
== LoadRsaOaepKey ImportEsKey ==
Wrapper for [[SMC#LoadRsaOaepKey|LoadRsaOaepKey SMC]].
Decrypts enc_privk_in_buf with a key generated from key_x and key_y and imports it for later usage.
== UnwrapRsaOaepWrappedTitleKey UnwrapTitleKey ==
Wrapper for [[SMC#UnwrapRsaOaepWrappedTitleKey|UnwrapRsaOaepWrappedTitleKey SMC]].
[2.0.0+] Verifies the engine is locked by current session.
== UnwrapAesWrappedTitleKey UnwrapCommonTitleKey ==
Wrapper for [[SMC#UnwrapAesWrappedTitleKey|UnwrapAesWrappedTitleKey SMC]].
Returns a sealed titlekey.
== LockAesEngine AllocateAesKeyslot ==Returns the id of the engine that was lockedan allocated keyslot, or 0xD01A if all engines keyslots are busytaken. You need to lock an engine allocate a keyslot before using AES functions.
== UnlockAesEngine FreeAesKeyslot ==Takes a single u32 and unlocks frees the engine with that idkeyslot. It The keyslot must be owned have been allocated by current session otherwise 0xD21A will be returned.
== GetSplWaitEvent GetAesKeyslotAvailableEvent ==Returns an event handle for synchronizing with the locked AES enginekeyslots.
== SetBootReason ==
Sets a static dword in spl .bss to the user input u32'''BootReason'''.
[4.0.0+] returns 0xD41A if a value has been previously set without being [[#GetBootReason|gotten]].
== GetBootReason ==
Returns the static dword '''BootReason''' in spl .bss that can be set via [[#SetBootReason]].
[4.0.0+] returns 0xD61A if a value has not previously been set, and unsets the value after getting it.
 
== LoadElicenseKey ==
Same as [[#LoadTitleKey|LoadTitleKey]].
[[Category:Services]]

Navigation menu