libnx  v4.8.0
spl.h
Go to the documentation of this file.
1 /**
2  * @file spl.h
3  * @brief Security Processor Liaison (spl*) service IPC wrapper.
4  * @author SciresM
5  * @copyright libnx Authors
6  */
7 #pragma once
8 #include "../types.h"
9 #include "../kernel/event.h"
10 #include "../sf/service.h"
11 
12 #define SPL_RSA_BUFFER_SIZE (0x100)
13 
14 typedef enum {
15  SplConfigItem_DisableProgramVerification = 1,
16  SplConfigItem_DramId = 2,
17  SplConfigItem_SecurityEngineIrqNumber = 3,
18  SplConfigItem_Version = 4,
19  SplConfigItem_HardwareType = 5,
20  SplConfigItem_IsRetail = 6,
21  SplConfigItem_IsRecoveryBoot = 7,
22  SplConfigItem_DeviceId = 8,
23  SplConfigItem_BootReason = 9,
24  SplConfigItem_MemoryArrange = 10,
25  SplConfigItem_IsDebugMode = 11,
26  SplConfigItem_KernelMemoryConfiguration = 12,
27  SplConfigItem_IsChargerHiZModeEnabled = 13,
28  SplConfigItem_IsKiosk = 14,
29  SplConfigItem_NewHardwareType = 15,
30  SplConfigItem_NewKeyGeneration = 16,
31  SplConfigItem_Package2Hash = 17,
32 } SplConfigItem;
33 
34 typedef enum {
35  RsaKeyVersion_Deprecated = 0,
36  RsaKeyVersion_Extended = 1,
37 } RsaKeyVersion;
38 
39 /// Initialize 'spl:'.
41 
42 /// Exit 'spl:'.
43 void splExit(void);
44 
45 /// Gets the Service object for the IGeneralInterface usable with spl*().
47 
48 /// Initialize spl:mig. On pre-4.0.0 this just calls \ref splInitialize.
50 
51 /// Exit spl:mig. On pre-4.0.0 this just calls \ref splExit.
52 void splCryptoExit(void);
53 
54 /// Gets the Service object for the IGeneralInterface usable with splCrypto*().
56 
57 /// Initialize spl:ssl. On pre-4.0.0 this just calls \ref splInitialize.
59 
60 /// Exit spl:ssl. On pre-4.0.0 this just calls \ref splExit.
61 void splSslExit(void);
62 
63 /// Gets the Service object for the IGeneralInterface usable with splSsl*().
65 
66 /// Initialize spl:es. On pre-4.0.0 this just calls \ref splInitialize.
68 
69 /// Exit spl:es. On pre-4.0.0 this just calls \ref splExit.
70 void splEsExit(void);
71 
72 /// Gets the Service object for the IGeneralInterface usable with splEs*().
74 
75 /// Initialize spl:fs. On pre-4.0.0 this just calls \ref splInitialize.
77 
78 /// Exit spl:fs. On pre-4.0.0 this just calls \ref splExit.
79 void splFsExit(void);
80 
81 /// Gets the Service object for the IGeneralInterface usable with splFs*().
83 
84 /// Initialize spl:manu. On pre-4.0.0 this just calls \ref splInitialize.
86 
87 /// Exit spl:manu. On pre-4.0.0 this just calls \ref splExit.
88 void splManuExit(void);
89 
90 /// Gets the Service object for the IGeneralInterface usable with splManu*().
92 
93 Result splGetConfig(SplConfigItem config_item, u64 *out_config);
94 Result splUserExpMod(const void *input, const void *modulus, const void *exp, size_t exp_size, void *dst);
95 Result splSetConfig(SplConfigItem config_item, u64 value);
96 Result splGetRandomBytes(void *out, size_t out_size);
97 Result splIsDevelopment(bool *out_is_development);
98 Result splSetBootReason(u32 value);
99 Result splGetBootReason(u32 *out_value);
100 
101 Result splCryptoGenerateAesKek(const void *wrapped_kek, u32 key_generation, u32 option, void *out_sealed_kek);
102 Result splCryptoLoadAesKey(const void *sealed_kek, const void *wrapped_key, u32 keyslot);
103 Result splCryptoGenerateAesKey(const void *sealed_kek, const void *wrapped_key, void *out_sealed_key);
104 Result splCryptoDecryptAesKey(const void *wrapped_key, u32 key_generation, u32 option, void *out_sealed_key);
105 Result splCryptoCryptAesCtr(const void *input, void *output, size_t size, u32 keyslot, const void *ctr);
106 Result splCryptoComputeCmac(const void *input, size_t size, u32 keyslot, void *out_cmac);
107 Result splCryptoLockAesEngine(u32 *out_keyslot);
108 Result splCryptoUnlockAesEngine(u32 keyslot);
109 Result splCryptoGetSecurityEngineEvent(Event *out_event);
110 
111 Result splRsaDecryptPrivateKey(const void *sealed_kek, const void *wrapped_key, const void *wrapped_rsa_key, size_t wrapped_rsa_key_size, RsaKeyVersion version, void *dst, size_t dst_size);
112 
113 Result splSslLoadSecureExpModKey(const void *sealed_kek, const void *wrapped_key, const void *wrapped_rsa_key, size_t wrapped_rsa_key_size);
114 Result splSslSecureExpMod(const void *input, const void *modulus, void *dst);
115 
116 Result splEsLoadRsaOaepKey(const void *sealed_kek, const void *wrapped_key, const void *wrapped_rsa_key, size_t wrapped_rsa_key_size, RsaKeyVersion version);
117 Result splEsUnwrapRsaOaepWrappedTitlekey(const void *rsa_wrapped_titlekey, const void *modulus, const void *label_hash, size_t label_hash_size, u32 key_generation, void *out_sealed_titlekey);
118 Result splEsUnwrapAesWrappedTitlekey(const void *aes_wrapped_titlekey, u32 key_generation, void *out_sealed_titlekey);
119 Result splEsLoadSecureExpModKey(const void *sealed_kek, const void *wrapped_key, const void *wrapped_rsa_key, size_t wrapped_rsa_key_size);
120 Result splEsSecureExpMod(const void *input, const void *modulus, void *dst);
121 Result splEsUnwrapElicenseKey(const void *rsa_wrapped_elicense_key, const void *modulus, const void *label_hash, size_t label_hash_size, u32 key_generation, void *out_sealed_elicense_key);
122 Result splEsLoadElicenseKey(const void *sealed_elicense_key, u32 keyslot);
123 
124 Result splFsLoadSecureExpModKey(const void *sealed_kek, const void *wrapped_key, const void *wrapped_rsa_key, size_t wrapped_rsa_key_size, RsaKeyVersion version);
125 Result splFsSecureExpMod(const void *input, const void *modulus, void *dst);
126 Result splFsGenerateSpecificAesKey(const void *wrapped_key, u32 key_generation, u32 option, void *out_sealed_key);
127 Result splFsLoadTitlekey(const void *sealed_titlekey, u32 keyslot);
128 Result splFsGetPackage2Hash(void *out_hash);
129 
130 Result splManuEncryptRsaKeyForImport(const void *sealed_kek_pre, const void *wrapped_key_pre, const void *sealed_kek_post, const void *wrapped_kek_post, u32 option, const void *wrapped_rsa_key, void *out_wrapped_rsa_key, size_t rsa_key_size);
Result splCryptoInitialize(void)
Initialize spl:mig. On pre-4.0.0 this just calls splInitialize.
Service * splSslGetServiceSession(void)
Gets the Service object for the IGeneralInterface usable with splSsl*().
Result splInitialize(void)
Initialize 'spl:'.
void splCryptoExit(void)
Exit spl:mig. On pre-4.0.0 this just calls splExit.
Service * splEsGetServiceSession(void)
Gets the Service object for the IGeneralInterface usable with splEs*().
Result splManuInitialize(void)
Initialize spl:manu. On pre-4.0.0 this just calls splInitialize.
Result splSslInitialize(void)
Initialize spl:ssl. On pre-4.0.0 this just calls splInitialize.
Service * splManuGetServiceSession(void)
Gets the Service object for the IGeneralInterface usable with splManu*().
void splExit(void)
Exit 'spl:'.
void splSslExit(void)
Exit spl:ssl. On pre-4.0.0 this just calls splExit.
Result splEsInitialize(void)
Initialize spl:es. On pre-4.0.0 this just calls splInitialize.
void splManuExit(void)
Exit spl:manu. On pre-4.0.0 this just calls splExit.
Service * splGetServiceSession(void)
Gets the Service object for the IGeneralInterface usable with spl*().
void splFsExit(void)
Exit spl:fs. On pre-4.0.0 this just calls splExit.
Result splFsInitialize(void)
Initialize spl:fs. On pre-4.0.0 this just calls splInitialize.
Service * splFsGetServiceSession(void)
Gets the Service object for the IGeneralInterface usable with splFs*().
Service * splCryptoGetServiceSession(void)
Gets the Service object for the IGeneralInterface usable with splCrypto*().
void splEsExit(void)
Exit spl:es. On pre-4.0.0 this just calls splExit.
Kernel-mode event structure.
Definition: event.h:13
Service object structure.
Definition: service.h:14
uint64_t u64
64-bit unsigned integer.
Definition: types.h:22
u32 Result
Function error code result type.
Definition: types.h:44
uint32_t u32
32-bit unsigned integer.
Definition: types.h:21