Difference between revisions of "SSL Services"
Jump to navigation
Jump to search
| Line 9: | Line 9: | ||
|- | |- | ||
| 0x00010002 | | 0x00010002 | ||
| − | | | + | | [[1.0.0-0]] |
| Basically main-only | | Basically main-only | ||
| [[SSLC:Initialize|Initialize]] | | [[SSLC:Initialize|Initialize]] | ||
|- | |- | ||
| 0x000200C2 | | 0x000200C2 | ||
| − | | | + | | [[1.0.0-0]] |
| | | | ||
| [[SSLC:CreateContext|CreateContext]] | | [[SSLC:CreateContext|CreateContext]] | ||
|- | |- | ||
| 0x00030000 | | 0x00030000 | ||
| − | | | + | | [[1.0.0-0]] |
| | | | ||
| [[SSLC:CreateRootCertChain|CreateRootCertChain]] | | [[SSLC:CreateRootCertChain|CreateRootCertChain]] | ||
|- | |- | ||
| 0x00040040 | | 0x00040040 | ||
| − | | | + | | [[1.0.0-0]] |
| | | | ||
| [[SSLC:DestroyRootCertChain|DestroyRootCertChain]] | | [[SSLC:DestroyRootCertChain|DestroyRootCertChain]] | ||
|- | |- | ||
| 0x00050082 | | 0x00050082 | ||
| − | | | + | | [[1.0.0-0]] |
| Main-only | | Main-only | ||
| [[SSLC:AddTrustedRootCA|AddTrustedRootCA]] | | [[SSLC:AddTrustedRootCA|AddTrustedRootCA]] | ||
|- | |- | ||
| 0x00060080 | | 0x00060080 | ||
| − | | | + | | [[1.0.0-0]] |
| Main-only | | Main-only | ||
| [[SSLC:RootCertChainAddDefaultCert|RootCertChainAddDefaultCert]] | | [[SSLC:RootCertChainAddDefaultCert|RootCertChainAddDefaultCert]] | ||
|- | |- | ||
| 0x00070080 | | 0x00070080 | ||
| − | | | + | | [[1.0.0-0]] |
| Main-only | | Main-only | ||
| [[SSLC:RootCertChainRemoveCert|RootCertChainRemoveCert]] | | [[SSLC:RootCertChainRemoveCert|RootCertChainRemoveCert]] | ||
|- | |- | ||
| 0x00080000 | | 0x00080000 | ||
| − | | | + | | [[1.0.0-0]] |
| | | | ||
| This writes an output u32 to cmdreply[2](created context handle). | | This writes an output u32 to cmdreply[2](created context handle). | ||
|- | |- | ||
| 0x00090040 | | 0x00090040 | ||
| − | | | + | | [[1.0.0-0]] |
| | | | ||
| (u32 handle for a context) This is used for destroying a context created by command 0x00080000. | | (u32 handle for a context) This is used for destroying a context created by command 0x00080000. | ||
|- | |- | ||
| 0x000A0082 | | 0x000A0082 | ||
| − | | | + | | [[1.0.0-0]] |
| Main-only | | Main-only | ||
| (u32 contexthandle, u32 size, ((Size<<4) <nowiki>|</nowiki> 10), inbufptr) Writes the output cert-context-handle to cmdreply[2]. This uses a context created by command 0x00080000. This adds the specified cert to this context. | | (u32 contexthandle, u32 size, ((Size<<4) <nowiki>|</nowiki> 10), inbufptr) Writes the output cert-context-handle to cmdreply[2]. This uses a context created by command 0x00080000. This adds the specified cert to this context. | ||
|- | |- | ||
| 0x000B0080 | | 0x000B0080 | ||
| − | | | + | | [[1.0.0-0]] |
| Main-only | | Main-only | ||
| (u32 contexthandle, u8 inval2) Writes an output cert-context-handle to cmdreply[2]. This uses a context created by command 0x00080000. This just returns error 0xD8A0B83D eventually. | | (u32 contexthandle, u8 inval2) Writes an output cert-context-handle to cmdreply[2]. This uses a context created by command 0x00080000. This just returns error 0xD8A0B83D eventually. | ||
|- | |- | ||
| 0x000C0080 | | 0x000C0080 | ||
| − | | | + | | [[1.0.0-0]] |
| Main-only | | Main-only | ||
| (u32 contexthandle, u32 certcontexthandle) This uses a context created by command 0x00080000. This removes the specified cert from the context. | | (u32 contexthandle, u32 certcontexthandle) This uses a context created by command 0x00080000. This removes the specified cert from the context. | ||
|- | |- | ||
| 0x000D0084 | | 0x000D0084 | ||
| − | | | + | | [[1.0.0-0]] |
| Main-only | | Main-only | ||
| [[SSLC:OpenClientCertContext|OpenClientCertContext]] | | [[SSLC:OpenClientCertContext|OpenClientCertContext]] | ||
|- | |- | ||
| 0x000E0040 | | 0x000E0040 | ||
| − | | | + | | [[1.0.0-0]] |
| Main-only | | Main-only | ||
| [[SSLC:OpenDefaultClientCertContext|OpenDefaultClientCertContext]] | | [[SSLC:OpenDefaultClientCertContext|OpenDefaultClientCertContext]] | ||
|- | |- | ||
| 0x000F0040 | | 0x000F0040 | ||
| − | | | + | | [[1.0.0-0]] |
| Main-only | | Main-only | ||
| [[SSLC:CloseClientCertContext|CloseClientCertContext]] | | [[SSLC:CloseClientCertContext|CloseClientCertContext]] | ||
|- | |- | ||
| 0x00100000 | | 0x00100000 | ||
| − | | | + | | [[1.0.0-0]] |
| All | | All | ||
| [[SSLC:GatherEntropy|GatherEntropy]] | | [[SSLC:GatherEntropy|GatherEntropy]] | ||
|- | |- | ||
| 0x00110042 | | 0x00110042 | ||
| − | | | + | | [[1.0.0-0]] |
| All | | All | ||
| [[SSLC:GenerateRandomData|GenerateRandomData]] | | [[SSLC:GenerateRandomData|GenerateRandomData]] | ||
|- | |- | ||
| 0x00120042 | | 0x00120042 | ||
| − | | | + | | [[1.0.0-0]] |
| | | | ||
| [[SSLC:InitializeConnectionSession|InitializeConnectionSession]] | | [[SSLC:InitializeConnectionSession|InitializeConnectionSession]] | ||
|- | |- | ||
| 0x00130040 | | 0x00130040 | ||
| − | | | + | | [[1.0.0-0]] |
| Context-only | | Context-only | ||
| [[SSLC:StartConnection|StartConnection]] | | [[SSLC:StartConnection|StartConnection]] | ||
|- | |- | ||
| 0x00140040 | | 0x00140040 | ||
| − | | | + | | [[1.0.0-0]] |
| Context-only | | Context-only | ||
| [[SSLC:StartConnectionGetOut|StartConnectionGetOut]] | | [[SSLC:StartConnectionGetOut|StartConnectionGetOut]] | ||
|- | |- | ||
| 0x00150082 | | 0x00150082 | ||
| − | | | + | | [[1.0.0-0]] |
| Context-only | | Context-only | ||
| [[SSLC:Read|Read]] | | [[SSLC:Read|Read]] | ||
|- | |- | ||
| 0x00160082 | | 0x00160082 | ||
| − | | | + | | [[1.0.0-0]] |
| Context-only | | Context-only | ||
| (u32 [[SSLC:CreateContext|contexthandle]], u32 size, ((Size<<4) <nowiki>|</nowiki> 12), outbufptr) Writes an output u32 to cmdreply[2]. | | (u32 [[SSLC:CreateContext|contexthandle]], u32 size, ((Size<<4) <nowiki>|</nowiki> 12), outbufptr) Writes an output u32 to cmdreply[2]. | ||
|- | |- | ||
| 0x00170082 | | 0x00170082 | ||
| − | | | + | | [[1.0.0-0]] |
| | | | ||
| [[SSLC:Write|Write]] | | [[SSLC:Write|Write]] | ||
|- | |- | ||
| 0x00180080 | | 0x00180080 | ||
| − | | | + | | [[1.0.0-0]] |
| | | | ||
| [[SSLC:ContextSetRootCertChain|ContextSetRootCertChain]] | | [[SSLC:ContextSetRootCertChain|ContextSetRootCertChain]] | ||
|- | |- | ||
| 0x00190080 | | 0x00190080 | ||
| − | | | + | | [[1.0.0-0]] |
| Context-only | | Context-only | ||
| [[SSLC:ContextSetClientCert|ContextSetClientCert]] | | [[SSLC:ContextSetClientCert|ContextSetClientCert]] | ||
|- | |- | ||
| 0x001A0080 | | 0x001A0080 | ||
| − | | | + | | [[1.0.0-0]] |
| Context-only | | Context-only | ||
| (u32 [[SSLC:CreateContext|contexthandle]], u32 handle) This writes a context handle created by command 0x00080000 into the session context. | | (u32 [[SSLC:CreateContext|contexthandle]], u32 handle) This writes a context handle created by command 0x00080000 into the session context. | ||
|- | |- | ||
| 0x001B0080 | | 0x001B0080 | ||
| − | | | + | | [[1.0.0-0]] |
| Context-only | | Context-only | ||
| [[SSLC:ContextClearOpt|ContextClearOpt]] | | [[SSLC:ContextClearOpt|ContextClearOpt]] | ||
|- | |- | ||
| 0x001C00C4 | | 0x001C00C4 | ||
| − | | | + | | [[1.0.0-0]] |
| Context-only | | Context-only | ||
| (u32 [[SSLC:CreateContext|contexthandle]], u32 size0, u32 size1, ((Size0<<4) <nowiki>|</nowiki> 12), outbufptr0, ((Size1<<4) <nowiki>|</nowiki> 12), outbufptr1) This copies two strings to the specified output buffers, each string is only copied if it was successfully loaded. The out sizes include the nul-terminator. | | (u32 [[SSLC:CreateContext|contexthandle]], u32 size0, u32 size1, ((Size0<<4) <nowiki>|</nowiki> 12), outbufptr0, ((Size1<<4) <nowiki>|</nowiki> 12), outbufptr1) This copies two strings to the specified output buffers, each string is only copied if it was successfully loaded. The out sizes include the nul-terminator. | ||
|- | |- | ||
| 0x001D0040 | | 0x001D0040 | ||
| − | | | + | | [[1.0.0-0]] |
| Context-only | | Context-only | ||
| (u32 [[SSLC:CreateContext|contexthandle]]) Writes an output u32 from the context state to cmdreply[2]. | | (u32 [[SSLC:CreateContext|contexthandle]]) Writes an output u32 from the context state to cmdreply[2]. | ||
|- | |- | ||
| 0x001E0040 | | 0x001E0040 | ||
| − | | | + | | [[1.0.0-0]] |
| All | | All | ||
| [[SSLC:DestroyContext|DestroyContext]] | | [[SSLC:DestroyContext|DestroyContext]] | ||
|- | |- | ||
| 0x001F0082 | | 0x001F0082 | ||
| − | | | + | | [[1.0.0-0]] |
| Context-only | | Context-only | ||
| [[SSLC:ContextInitSharedmem|ContextInitSharedmem]] | | [[SSLC:ContextInitSharedmem|ContextInitSharedmem]] | ||
|- | |- | ||
| 0x00200082 | | 0x00200082 | ||
| − | | | + | | [[1.0.0-0]] |
| Context-only | | Context-only | ||
| ([[SSLC:CreateContext|contexthandle]], u32 size, ((Size<<4) <nowiki>|</nowiki> 10), inbufptr) Inbuf seems to be a cert? | | ([[SSLC:CreateContext|contexthandle]], u32 size, ((Size<<4) <nowiki>|</nowiki> 10), inbufptr) Inbuf seems to be a cert? | ||
Revision as of 17:37, 29 March 2016
SSL service "ssl:C"
| Command Header | Available since system-version | Available from service-sessions | Description |
|---|---|---|---|
| 0x00010002 | 1.0.0-0 | Basically main-only | Initialize |
| 0x000200C2 | 1.0.0-0 | CreateContext | |
| 0x00030000 | 1.0.0-0 | CreateRootCertChain | |
| 0x00040040 | 1.0.0-0 | DestroyRootCertChain | |
| 0x00050082 | 1.0.0-0 | Main-only | AddTrustedRootCA |
| 0x00060080 | 1.0.0-0 | Main-only | RootCertChainAddDefaultCert |
| 0x00070080 | 1.0.0-0 | Main-only | RootCertChainRemoveCert |
| 0x00080000 | 1.0.0-0 | This writes an output u32 to cmdreply[2](created context handle). | |
| 0x00090040 | 1.0.0-0 | (u32 handle for a context) This is used for destroying a context created by command 0x00080000. | |
| 0x000A0082 | 1.0.0-0 | Main-only | (u32 contexthandle, u32 size, ((Size<<4) | 10), inbufptr) Writes the output cert-context-handle to cmdreply[2]. This uses a context created by command 0x00080000. This adds the specified cert to this context. |
| 0x000B0080 | 1.0.0-0 | Main-only | (u32 contexthandle, u8 inval2) Writes an output cert-context-handle to cmdreply[2]. This uses a context created by command 0x00080000. This just returns error 0xD8A0B83D eventually. |
| 0x000C0080 | 1.0.0-0 | Main-only | (u32 contexthandle, u32 certcontexthandle) This uses a context created by command 0x00080000. This removes the specified cert from the context. |
| 0x000D0084 | 1.0.0-0 | Main-only | OpenClientCertContext |
| 0x000E0040 | 1.0.0-0 | Main-only | OpenDefaultClientCertContext |
| 0x000F0040 | 1.0.0-0 | Main-only | CloseClientCertContext |
| 0x00100000 | 1.0.0-0 | All | GatherEntropy |
| 0x00110042 | 1.0.0-0 | All | GenerateRandomData |
| 0x00120042 | 1.0.0-0 | InitializeConnectionSession | |
| 0x00130040 | 1.0.0-0 | Context-only | StartConnection |
| 0x00140040 | 1.0.0-0 | Context-only | StartConnectionGetOut |
| 0x00150082 | 1.0.0-0 | Context-only | Read |
| 0x00160082 | 1.0.0-0 | Context-only | (u32 contexthandle, u32 size, ((Size<<4) | 12), outbufptr) Writes an output u32 to cmdreply[2]. |
| 0x00170082 | 1.0.0-0 | Write | |
| 0x00180080 | 1.0.0-0 | ContextSetRootCertChain | |
| 0x00190080 | 1.0.0-0 | Context-only | ContextSetClientCert |
| 0x001A0080 | 1.0.0-0 | Context-only | (u32 contexthandle, u32 handle) This writes a context handle created by command 0x00080000 into the session context. |
| 0x001B0080 | 1.0.0-0 | Context-only | ContextClearOpt |
| 0x001C00C4 | 1.0.0-0 | Context-only | (u32 contexthandle, u32 size0, u32 size1, ((Size0<<4) | 12), outbufptr0, ((Size1<<4) | 12), outbufptr1) This copies two strings to the specified output buffers, each string is only copied if it was successfully loaded. The out sizes include the nul-terminator. |
| 0x001D0040 | 1.0.0-0 | Context-only | (u32 contexthandle) Writes an output u32 from the context state to cmdreply[2]. |
| 0x001E0040 | 1.0.0-0 | All | DestroyContext |
| 0x001F0082 | 1.0.0-0 | Context-only | ContextInitSharedmem |
| 0x00200082 | 1.0.0-0 | Context-only | (contexthandle, u32 size, ((Size<<4) | 10), inbufptr) Inbuf seems to be a cert? |
Going by strings in the SSL sysmodule it appears the sysmodule uses RSA BSAFE(like certain other 3DS software), this is also likely where the "ssl:C" name comes from(RSA BSAFE "SSL-C").
Similar to HTTPC, each SSL context is used with a dedicated service session which gets opened after creating that context. Following creating the context + opening the service session, SSLC:InitializeConnectionSession is used from that service session for that context. Afterwards, all commands which require a handle for this context are done with this dedicated service session.
Internally there's a separate object vtable used with the above SSLC commands, for the main session(where SSLC:InitializeConnectionSession wasn't used), and context sessions where SSLC:InitializeConnectionSession was used. Error 0xD960BBF4 will be returned if a command was used with the wrong session type.
Like some other commands, 0x001F0082 and 0x00200082 are not used by HTTP-sysmodule.
Among commands 0x00180080..0x001B0080 none of them are completely mandatory. However, with the default settings at bare minimum a RootCertChain needs selected otherwise an untrusted-RootCA error will trigger eventually.
It's unknown whether TLS server->client connections are supported.
Commands 0x00080000..0x000C0080
These appear to be basically the same as the RootCertChain 0x00030000..0x00070080 commands, except with a different context. The equivalent of RootCertChainAddDefaultCert in this set(0x000B0080) is not usable however.
It's unknown what this context is actually used for.
Error codes
| Error code | Description |
|---|---|
| 0xd8a0b836 | The specified RootCertChain handle was not found in the linked-list. |