Difference between revisions of "PSPXI:EncryptDecryptAes"

From 3dbrew
Jump to navigation Jump to search
 
(19 intermediate revisions by 2 users not shown)
Line 15: Line 15:
 
|-
 
|-
 
| 6
 
| 6
| Algorithm Type (0..5)
+
| u8 Algorithm Type (0..5)
 
|-
 
|-
 
| 7
 
| 7
| Key Type (0..7)
+
| u8 Key Type (0..7)
 
|-
 
|-
 
| 8
 
| 8
Line 46: Line 46:
 
|-
 
|-
 
| 2-5
 
| 2-5
| MAC
+
| Output IV / CTR: this is the IV/CTR which would be used if the crypto operation were to continue.
 
|}
 
|}
 
==MAC==
 
For CBC mode, the output MAC is the last 16-bytes of the ciphertext. For the other modes, this field is the same as the input IV/CTR.
 
  
 
==Algorithm Types==
 
==Algorithm Types==
Line 81: Line 78:
 
|-
 
|-
 
!  Type
 
!  Type
 +
!  [[AES]] Engine Keyslot
 
!  Description
 
!  Description
 
|-
 
|-
 
| 0
 
| 0
| Used to decrypt the SSL client cert/client private key
+
| 0x0D
 +
| Used to decrypt the SSL client cert/private-key stored in [[ClCertA]].
 
|-
 
|-
 
| 1
 
| 1
| Used to crypt the local-WLAN WPA2 passphrase
+
| 0x2D
 +
| Used to generate the UDS [[NWM_Services|local-WLAN]] CCMP key.
 
|-
 
|-
 
| 2
 
| 2
| ?
+
| 0x31
 +
| This is used by [[NS]] for the APT AES-CCM Wrap/Unwrap commands. These two NS commands are used by the [[Mii Maker]] application for the encrypted Mii data in the Mii QR codes.
 
|-
 
|-
 
| 3
 
| 3
 +
| 0x38
 
| [[SpotPass|BOSS]]
 
| [[SpotPass|BOSS]]
 
|-
 
|-
 
| 4
 
| 4
 +
| 0x32
 
| ?
 
| ?
 
|-
 
|-
 
| 5
 
| 5
| ?
+
| 0x39
 +
| This is used by the [[Download Play]] module for calculating a 32bit checksum over the entire UDS application data-fames, stored in the DLP data-frame header.
 
|-
 
|-
 
| 6
 
| 6
| ?
+
| 0x2E
 +
| This is used by the [[StreetPass]] CECD module to generate the CCMP key passed to [[NWM_Services|nwm::CEC]] commands, when beginning StreetPass communications.
 +
|-
 +
| 7
 +
|
 +
| Invalid
 +
|-
 +
| 8
 +
| 0x36
 +
| This is used by the friends module.
 +
 
 +
Support for this keytype was added with the NATIVE_FIRM updated with [[2.2.0-X]]. When the running NATIVE_FIRM doesn't support this keytype, the result is the same as using keytype7.
 +
|-
 +
| 9
 +
| 0x39
 +
| This is used by the NFC module.
 +
 
 +
Support for this keytype was added with the NATIVE_FIRM updated with [[9.3.0-21|9.3.0-X]]. When the running NATIVE_FIRM doesn't support this keytype, the result is the same as using keytype7. Before selecting this keyslot, Process9 writes a keyY from the Process9 .(ro)data section(keydata is different for retail/dev units) to this keyslot. Once finished with crypto, Process9 restores the original keyY to this keyslot.
 +
|-
 +
| >=10
 +
|
 +
| Invalid, same as keytype7.
 
|}
 
|}
 +
 +
=Description=
 +
This is used to encrypt/decrypt data via the [[AES]] engine. AES-CCM is not supported by this command, [[PSPXI:EncryptSignDecryptVerifyAesCcm]] must be used for AES-CCM instead.

Latest revision as of 07:40, 9 April 2016

Request[edit]

Index Word Description
0 Header code [0x000401C4]
1 Size in bytes
2-5 IV / CTR
6 u8 Algorithm Type (0..5)
7 u8 Key Type (0..7)
8 (size<<8) | 0x4
9 Source pointer
10 (size<<8) | 0x14
11 Destination pointer

Response[edit]

Index Word Description
0 Header code [0x00040140]
1 Result code
2-5 Output IV / CTR: this is the IV/CTR which would be used if the crypto operation were to continue.

Algorithm Types[edit]

Type Description
0 CBC Encrypt
1 CBC Decrypt
2 CTR Encrypt
3 CTR Decrypt
4 CCM Encrypt
5 CCM Decrypt

Key Types[edit]

Type AES Engine Keyslot Description
0 0x0D Used to decrypt the SSL client cert/private-key stored in ClCertA.
1 0x2D Used to generate the UDS local-WLAN CCMP key.
2 0x31 This is used by NS for the APT AES-CCM Wrap/Unwrap commands. These two NS commands are used by the Mii Maker application for the encrypted Mii data in the Mii QR codes.
3 0x38 BOSS
4 0x32 ?
5 0x39 This is used by the Download Play module for calculating a 32bit checksum over the entire UDS application data-fames, stored in the DLP data-frame header.
6 0x2E This is used by the StreetPass CECD module to generate the CCMP key passed to nwm::CEC commands, when beginning StreetPass communications.
7 Invalid
8 0x36 This is used by the friends module.

Support for this keytype was added with the NATIVE_FIRM updated with 2.2.0-X. When the running NATIVE_FIRM doesn't support this keytype, the result is the same as using keytype7.

9 0x39 This is used by the NFC module.

Support for this keytype was added with the NATIVE_FIRM updated with 9.3.0-X. When the running NATIVE_FIRM doesn't support this keytype, the result is the same as using keytype7. Before selecting this keyslot, Process9 writes a keyY from the Process9 .(ro)data section(keydata is different for retail/dev units) to this keyslot. Once finished with crypto, Process9 restores the original keyY to this keyslot.

>=10 Invalid, same as keytype7.

Description[edit]

This is used to encrypt/decrypt data via the AES engine. AES-CCM is not supported by this command, PSPXI:EncryptSignDecryptVerifyAesCcm must be used for AES-CCM instead.