SceSblAuthMgr: Difference between revisions

From Vita Development Wiki
Jump to navigation Jump to search
Line 253: Line 253:
     char reserved[0x1C0];
     char reserved[0x1C0];
} SceSpsfoHeader;
} SceSpsfoHeader;
Note : SceSpsfoHeader and spsfo_ctx may be different
</source>
</source>



Revision as of 14:07, 29 March 2020

Secure Boot Loader Authentication Manager

Module

Known NIDs

Version Name World Privilege NID
1.69 SceSblAuthMgr Non-secure Kernel 0xEA5DFC93
3.57 SceSblAuthMgr Non-secure Kernel 0xA1BFE33C
3.60 SceSblAuthMgr Non-secure Kernel 0x1773372D

Libraries

Known NIDs

Version Name World Visibility NID
1.69-3.60 SceSblAuthMgrForKernel Non-secure Kernel 0x7ABF5135
1.69-3.60 SceSblAuthMgrForDriver Non-secure Kernel 0x4EB2B1BB

SceSblAuthMgrForKernel

These functions are used for SELF decryption.

sceSblAuthMgrOpenForKernel

Version NID
0.931-3.60 0xA9CD2A09

Previous name was sceSblAuthMgrInvokeSMForKernel, sceSblAuthMgrSmStartForKernel

// if initialization is successful - ctx will be initialized to 1
int sceSblAuthMgrOpenForKernel(int* ctx);

sceSblAuthMgrCloseForKernel

Version NID
0.931-3.60 0x026ACBAD

Previous name was sceSblAuthMgrStopSMForKernel, sceSblAuthMgrSmStopForKernel

Issues F00D command -1

// ctx - obtained with sceSblAuthMgrOpenForKernel. ctx must equal 1 for successful deinit.
int sceSblAuthMgrCloseForKernel(int ctx);

sceSblAuthMgrStartForKernel

Version NID
0.931-0.990 0xCAA38DF7

Create SceSblAuthMgrZlibHeap.

int sceSblAuthMgrStartForKernel(void);

sceSblAuthMgrStopForKernel

Version NID
0.931-0.990 0x6C1F5048

Delete SceSblAuthMgrZlibHeap.

int sceSblAuthMgrStopForKernel(void);

sceSblAuthMgrAuthHeaderForKernel

Version NID
0.931-3.60 0xF3411881

Issues F00D command 0x10001

SceSblSmCommContext130 type is defined in SceKernelModulemgr.

?Read caller SELF Info using sceKernelGetSelfAuthInfoForKernel? then writes it to context_130->caller_self_auth_info.

Calls smc_137 and smc_134 that interact with F00D. F00D set context_130->called_self_auth_info.

//ctx - obtained with sceSblAuthMgrOpenForKernel
int sceSblAuthMgrAuthHeaderForKernel(int ctx, const void *pSelfHeader, SceSize SelfHeaderSize, SceSblSmCommContext130 *ctx130);

sceSblAuthMgrSetupAuthSegmentForKernel

Version NID
0.931-3.60 0x89CCDA2C

Temp name was sceSblAuthMgrLoadSelfSegmentForKernel, sceSblAuthMgrLoadSegmentForKernel.

Issues F00D command 0x20001

// ctx - obtained with sceSblAuthMgrOpenForKernel

0.931-1.50
int sceSblAuthMgrSetupAuthSegmentForKernel(int ctx, int segment_number, int segment_size, void output_buffer, int program_size);

3.60
int sceSblAuthMgrSetupAuthSegmentForKernel(int ctx, int segment_number);

sceSblAuthMgrAuthSegmentForKernel

Version NID
0.931-3.60 0xBC422443

Temp name was sceSblAuthMgrLoadSelfBlockForKernel, sceSblAuthMgrLoadBlockForKernel.

Issues F00D command 0x30001

// ctx - obtained with sceSblAuthMgrOpenForKernel
int sceSblAuthMgrAuthSegmentForKernel(int ctx, void *buffer, SceSize len);

sceSblAuthMgrLoadSegmentInternalForKernel

Version NID
0.990 0x15248FB4
// ctx - obtained with sceSblAuthMgrOpenForKernel
int sceSblAuthMgrLoadSegmentInternalForKernel(int ctx, int a2, unsigned int a3);

sceSblAuthMgrSetDmac5KeyForKernel

Version NID
1.05-3.60 0x122ACDEA

Issues F00D command 0x50001

// key_size - in bytes
int sceSblAuthMgrSetDmac5KeyForKernel(const void *key, SceSize key_size, int slot_id, int key_id);

sceSblAuthMgrClearDmac5KeyForKernel

Version NID
0.990-3.60 0xF2BB723E

Issues F00D command 0x60001

int sceSblAuthMgrClearDmac5KeyForKernel(int unk0, int unk1);

SceSblAuthMgrForKernel_2A83A012

Version NID
3.60 0x2A83A012

Returns 0. May be an old function kept for compatibility.

int SceSblAuthMgrForKernel_2A83A012(void);

sceSblAuthMgrCompareSwVersionForKernel

Version NID
3.60 0xABAB8466

Aligns version on 12 bits then compares to the hardcoded current firmware version (example: 0x03600000 on FW 3.60).

int sceSblAuthMgrCompareSwVersionForKernel(int version);

SceSblAuthMgrForDriver

sceSblAuthMgrGetEKcForDriver

Version NID
0.990-3.60 0x868B9E9A

EKc means Encrypted Klicense (also called Key License).

Issues F00D command 0x40001

int sceSblAuthMgrGetEKcForDriver(void *data, SceSize size, int key_id);

sceSblAuthMgrDecBindDataForDriver

Version NID
1.05-3.60 0x41DAEA12

Issues F00D command 0x70001

// request should contain pair of keys and rif data

int sceSblAuthMgrDecBindDataForDriver(char* klicensee, int klicensee_len, char* request, int request_len, int zero);

sceSblAuthMgrVerifySpsfoForDriver

Version NID
1.03-3.60 0x24C4CE64

Used by sceSblSpsfoMgrVerifyForDriver.

Issues F00D command 0x80001.

Spsfo (signed param.sfo) file is located in game cartridge at path gro0:gc/param.sfo. It has 3 parts: CF header and certification, plain SceSpsfoHeader and plain SFO (maybe reduced).

typedef struct SceSpsfoHeader { // size is 0x200 usually
    int version;                  // ex: 1
    SceSize size;                 // header size
    uint64_t system_version;      // ex: 0x0330000000000110
    char titleid[0x20];
    uint64_t parent_authority_id; // ex: 0x2800000000000030
    uint64_t process_authority_id;
    char reserved[0x1C0];
} SceSpsfoHeader;

Note : SceSpsfoHeader and spsfo_ctx may be different
int sceSblAuthMgrVerifySpsfoForDriver(spsfo_ctx *ctx);