Difference between revisions of "APT:Unwrap"

From 3dbrew
Jump to navigation Jump to search
(Created page with "=Request= {| class="wikitable" border="1" |- ! Index Word ! Description |- | 0 | Header code [0x00470104] |- | 1 | Output buffer size |- | 2 | Input buffer size |- | 3 | Block ...")
 
(rename a param and make a more intuitive description)
 
(2 intermediate revisions by 2 users not shown)
Line 9: Line 9:
 
|-
 
|-
 
| 1
 
| 1
| Output buffer size
+
| Output Size
 
|-
 
|-
 
| 2
 
| 2
| Input buffer size
+
| Input Size
 
|-
 
|-
 
| 3
 
| 3
| Block size
+
| Nonce offset in the output buffer
 
|-
 
|-
 
| 4
 
| 4
| Nonce size, size 12 is used if this is >12.
+
| Nonce Size (capped to 12)
 
|-
 
|-
 
| 5
 
| 5
| (inputbufsize<<4) <nowiki>|</nowiki> 10
+
| (Input Size << 4) <nowiki>|</nowiki> 0xA
 
|-
 
|-
 
| 6
 
| 6
| Input encrypted data buffer ptr
+
| void*, Input
 
|-
 
|-
 
| 7
 
| 7
| (outputbufsize<<4) <nowiki>|</nowiki> 12
+
| (Output Size << 4) <nowiki>|</nowiki> 0xC
 
|-
 
|-
 
| 8
 
| 8
| Output cleartext data buffer ptr
+
| void*, Output
 
|}
 
|}
  
Line 47: Line 47:
  
 
=Description=
 
=Description=
This decrypts the input data with [[PS:EncryptSignDecryptVerifyAesCcm|AES-CCM]] using keytype2. The 12-byte nonce buffer used by NS is cleared to all-zero, then the nonce from inputbuf+0 with the noncesize is copied to this nonce buffer. NS then uses [[PS:EncryptSignDecryptVerifyAesCcm]] with keytype2 and with the above nonce buffer, where the inputptr is inputbuf+noncesize, outputptr is outputbuf+0, and size is inputbuffersize - noncesize - 16.
+
This decrypts the input data with [[PS:EncryptSignDecryptVerifyAesCcm|AES-CCM]] using keytype2, when the input noncesize is <12 the low 2-bits are cleared in the noncesize. The 12-byte nonce buffer used by NS is cleared to all-zero, then the nonce from inputbuf+0 with the noncesize is copied to this nonce buffer. NS then uses [[PS:EncryptSignDecryptVerifyAesCcm]] with keytype2 and with the above nonce buffer, where the inputptr is inputbuf+noncesize, outputptr is outputbuf+0, and size is inputbuffersize - noncesize - 16.
  
After decryption, NS copies the data at outbuf+blocksize to outbuf+blocksize+noncesize, with size inputbuffersize-blocksize-16. NS then copies the nonce from inputbuf+0 with the noncesize, to outbuf+blocksize.
+
After decryption, NS copies the data at outbuf+nonceoffset to outbuf+nonceoffset+noncesize, with size inputbuffersize-nonceoffset-16. NS then copies the nonce from inputbuf+0 with the noncesize, to outbuf+nonceoffset.
 +
 
 +
In other words, the data begin from inputbuffer+noncesize is decrypted via [[PS:EncryptSignDecryptVerifyAesCcm]] using the nonce located at the beginning of the input buffer (with the size padded or capped to 12). Then the decrypted data is split into two parts, of which the first one is with size nonceoffset. The nonce is then inserted between the two parts, and written to the output buffer together with decrypted data.

Latest revision as of 11:12, 30 December 2016

Request[edit]

Index Word Description
0 Header code [0x00470104]
1 Output Size
2 Input Size
3 Nonce offset in the output buffer
4 Nonce Size (capped to 12)
5 (Input Size << 4) | 0xA
6 void*, Input
7 (Output Size << 4) | 0xC
8 void*, Output

Response[edit]

Index Word Description
0 Header code
1 Result code

Description[edit]

This decrypts the input data with AES-CCM using keytype2, when the input noncesize is <12 the low 2-bits are cleared in the noncesize. The 12-byte nonce buffer used by NS is cleared to all-zero, then the nonce from inputbuf+0 with the noncesize is copied to this nonce buffer. NS then uses PS:EncryptSignDecryptVerifyAesCcm with keytype2 and with the above nonce buffer, where the inputptr is inputbuf+noncesize, outputptr is outputbuf+0, and size is inputbuffersize - noncesize - 16.

After decryption, NS copies the data at outbuf+nonceoffset to outbuf+nonceoffset+noncesize, with size inputbuffersize-nonceoffset-16. NS then copies the nonce from inputbuf+0 with the noncesize, to outbuf+nonceoffset.

In other words, the data begin from inputbuffer+noncesize is decrypted via PS:EncryptSignDecryptVerifyAesCcm using the nonce located at the beginning of the input buffer (with the size padded or capped to 12). Then the decrypted data is split into two parts, of which the first one is with size nonceoffset. The nonce is then inserted between the two parts, and written to the output buffer together with decrypted data.