SceSblPostSsMgr: Difference between revisions
CelesteBlue (talk | contribs) |
CelesteBlue (talk | contribs) |
||
Line 491: | Line 491: | ||
| 3.60 || 0xD8A2D465 | | 3.60 || 0xD8A2D465 | ||
|} | |} | ||
=== SceSblPostSsMgrForDriver_2C463AF1 === | |||
{| class="wikitable" | |||
|- | |||
! Version !! NID | |||
|- | |||
| 3.60 || 0x2C463AF1 | |||
|} | |||
Used just before SceSblPostSsMgrForDriver_CB5436BD. | |||
<source lang="C">int SceSblPostSsMgrForDriver_2C463AF1(int maybe_keyset, SceSize size, void *buf);</source> | |||
=== SceSblPostSsMgrForDriver_CB5436BD === | === SceSblPostSsMgrForDriver_CB5436BD === | ||
Line 500: | Line 512: | ||
|} | |} | ||
Transforms? coredump key. | |||
<source lang="C">int SceSblPostSsMgrForDriver_CB5436BD(int maybe_keyset, SceSize size, void * | <source lang="C">int SceSblPostSsMgrForDriver_CB5436BD(int maybe_keyset, SceSize size, void *buf);</source> | ||
== SceZlibForDriver == | == SceZlibForDriver == |
Revision as of 17:53, 25 January 2020
Module
Known NIDs
Version | Name | World | Privilege | NID |
---|---|---|---|---|
3.60 | SceSblPostSsMgr | Non-secure | Kernel | 0xB6C941F2 |
Libraries
Known NIDs
Version | Name | World | Visibility | NID |
---|---|---|---|---|
1.03-3.60 | SceSblPostSsMgrForDriver | Non-secure | Kernel | 0x2254E1B2 |
3.60 | SceZlibForDriver | Non-secure | Kernel | 0xE241534E |
3.60 | SceSblFwLoaderForDriver | Non-secure | Kernel | 0x6FE424E4 |
1.03-3.60 | SceSblPmMgr | Non-secure | User | 0xA9CE5795 |
1.03-3.60 | SceSblRtcMgr | Non-secure | User | 0x44C5F209 |
1.03-3.60 | SceSblLicMgr | Non-secure | User | 0x62083C72 |
1.03-3.60 | SceSblUtMgr | Non-secure | User | 0x000DF81A |
1.03 | SceSblSpsfoMgr | Non-secure | User | 0x7959298B |
Types
typedef struct spsfo_ctx { SceUID mem_uid; // SceSblSpsfoMgr void* mem_block_base; uint32_t unk_8; } spsfo_ctx; typedef struct SceUtoken { // size is 0x800 char unk_data[0x800]; } SceUtoken; // Reversed by CelesteBlue typedef struct SceUtokenDecrypted { // size is 0x58 char unk_data[0x30]; char utoken_flags[0x8]; char unk_data_2[0x20]; } SceUtokenDecrypted; /* Reversed by PrincessOfSleeping. To be checked. typedef struct SceUtokenDecrypted { // size is 0x58 uint64_t program_authority_id; SceSelfCapability capability; SceSelfAttribute attribute; char unk_0x48[0x10]; } SceUtokenDecrypted;*/
Not exported
module_start
Calls 2 subroutines:
- init_qaftoken
- init_utoken
init utoken
Reads tm0:utoken.dat.
Calls utoken_sm.self service 2 to decrypt SceUtoken buffer. The output is a 0x58 bytes buffer.
SceSblPostSsMgrForDriver
sceSblSpsfoMgrOpenForDriver
Version | NID |
---|---|
3.60 | 0xBDF18922 |
int sceSblSpsfoMgrOpenForDriver(char *path, spsfo_ctx *result);
sceSblSpsfoMgrVerifyForDriver
Version | NID |
---|---|
3.60 | 0x686B9461 |
Derived from _vshSblAuthMgrVerifySpsfo.
int sceSblSpsfoMgrVerifyForDriver(spsfo_ctx *ctx, int *res, int *size);
sceSblSpsfoMgrCloseForDriver
Version | NID |
---|---|
3.60 | 0xAD3B0078 |
int sceSblSpsfoMgrCloseForDriver(spsfo_ctx *ctx);
sceSblLicMgrGetActivationKeyForDriver
Version | NID |
---|---|
3.60 | 0xF7F1015B |
typedef struct activation_key // size is 0x14 { char open_psid[0x10]; // obtained with sceSblSsMgrGetOpenPsIdForDriver uint32_t vadd_hash; // result of vector add operation applied to open_psid } activation_key; int sceSblLicMgrGetActivationKeyForDriver(activation_key* key);
sceSblLicMgrActivateDevkitForDriver
Version | NID |
---|---|
0.990-3.60 | 0x0298382B |
int sceSblLicMgrActivateDevkitForDriver(char *afv_path);
sceSblLicMgrGetLicenseStatusForDriver
Version | NID |
---|---|
3.60 | 0x15F37282 |
// values: -1 = not initialized, 0 = activated, 1 = expired, 2 = RTC backup battery failure int sceSblLicMgrGetLicenseStatusForDriver(void);
sceSblLicMgrGetExpireDateForDriver
Version | NID |
---|---|
1.03-3.60 | 0x4FF2682F |
Get activation data expire date.
If sceSblAIMgrIsToolRev3ForDriver, 30/10/2011 8:00:00.
If sceSblAIMgrIsToolRev5ForDriver, 30/6/2012 8:00:00.
If sceSblAIMgrIsNonCEXForDriver and product_sub_code = 0xA, 0xB or 0xC, 31/3/2012 14:59:00.
// if read_from_nvs is false, it reads expire_date from SceSblPostSsMgr memory. int sceSblLicMgrGetExpireDateForDriver(int *expire_date, int read_from_nvs);
sceSblPmMgrSetProductModeForDriver
Version | NID |
---|---|
0.990-3.60 | 0xADF92824 |
executes pm_sm.self commands 2, 3, 4, 5, 6, 7, 8, 9, 0xA
int sceSblPmMgrSetProductModeForDriver(int product_mode);
sceSblPmMgrSetProductModeUnkForDriver
Version | NID |
---|---|
1.03-3.60 | 0xFE92A318 |
Executes pm_sm.self commands 2, 3, 4, 5, 6, 7, 8, 9, 0xA.
int sceSblPmMgrSetProductModeUnkForDriver(int product_mode);
sceSblPmMgrGetProductModeFromNVSForDriver
Version | NID |
---|---|
0.990-3.60 | 0x4663C195 |
Executes pm_sm.self command 1.
int sceSblPmMgrGetProductModeFromNVSForDriver(int *product_mode);
sceSblPmMgrAuthEtoIForDriver
Version | NID |
---|---|
0.990-3.60 | 0x19B63D65 |
Returns jig_auth(12). Returns an integer on success.
jig_auth:
- On 0.990: executes pm_sm_sd.self commands 3 (gen_req_hello), 4 (gen_challenge), 5 (check_response), 6 (gen_req_result), 7 (check_result).
- On 1.03-3.60: executes pm_sm_sd.self commands 9, 0xA.
int sceSblPmMgrAuthEtoIForDriver(void);
sceSblPostSsMgrDecryptSealedkeyForDriver
Version | NID |
---|---|
3.60 | 0x33275F95 |
data
is 0x50 bytes of data from sealedkey
this function:
verifies pfsSKKey header
decrypts aes_key(pfsSKKey__EncKey) and hmac_key(pfsSKKey__Secret) using sceSblSsEncryptWithPortabilityForDriver
verifies hmac256 value in HMAC Value
decrypts Encrypted key
into dst_secret
//data - size 0x50 //dst_secret - size 0x10 int sceSblPostSsMgrDecryptSealedkeyForDriver(char* data, char* dst_secret);
sceSblPostSsMgrEncryptSealedkeyForDriver
Version | NID |
---|---|
3.60 | 0x08525D8D |
data
is 0x50 bytes of data like in sealedkey
this function:
writes pfsSKKey header
decrypts aes_key(pfsSKKey__EncKey) and hmac_key(pfsSKKey__Secret) using sceSblSsEncryptWithPortabilityForDriver
randomly generates 0x10 bytes of IV with sceSblRngPseudoRandomNumberForDriver
randomly generates 0x10 bytes of secret with sceSblRngPseudoRandomNumberForDriver
encrypts the secret into Encrypted key
calculates hmac256 value into HMAC Value
// dest_data - size 0x50 int sceSblPostSsMgrEncryptSealedkeyForDriver (char* dest_data);
sceSblPostSsMgrVerifyKeystoneForDriver
Version | NID |
---|---|
3.60 | 0xDDA6FA6D |
This function verifies magic in the header and HMAC of the keystone file
int sceSblPostSsMgrVerifyKeystoneForDriver(char* data, int version);
sceSblPostSsMgrVerifyKeystoneWithPasscodeForDriver
Version | NID |
---|---|
3.60 | 0xF86F1452 |
This function calls sceSblPostSsMgrVerifyKeystoneForDriver. Then also verifies HMAC of passcode.
int sceSblPostSsMgrVerifyKeystoneWithPasscodeForDriver(char* keystone_data, char* passcode);
sceSblPostSsMgrDebugEncryptKeystoneForDriver
Version | NID |
---|---|
3.60 | 0x42474C8B |
int sceSblPostSsMgrDebugEncryptKeystoneForDriver(char* src_secret, char* dest_data);
sceSblPostSsMgrDebugDecryptKeystoneForDriver
Version | NID |
---|---|
3.60 | 0xCC5AA5A5 |
int sceSblPostSsMgrDebugDecryptKeystoneForDriver(char* keystone_data, char* dst_secret);
sceSblUtMgrIsUtokenProgramForDriver
Version | NID |
---|---|
1.03-3.60 | 0x128FB35A |
pseudo-code:
bool sceSblUtMgrIsUtokenProgramForDriver(SceUID pid) { SceUInt64 authid; if (!is_utoken_flags_set_in_mem) return 0; if (sceSblACMgrGetProcessSelfAuthInfoForKernel(pid, &authid)) return 0; return authid == utoken_flags_or_authid_in_mem; }
int sceSblUtMgrIsUtokenProgramForDriver(SceUID pid);
sceSblUtMgrUpdateUtokenForDriver
Version | NID |
---|---|
1.03-3.60 | 0xC2E58CE3 |
Executes utoken_sm command 1 to verify buffer, then writes the 0x800 bytes buffer to tm0:utoken/utoken.dat.
// size = 0x800 int sceSblUtMgrExecuteUtokenSmCommand1ForDriver(char* buf, SceSize size);
sceSblUtMgrResetUtokenFileForDriver
Version | NID |
---|---|
3.60 | 0x1FF699DD |
Writes 0x800 blank tm0:utoken/utoken.dat or removes it.
Exported to userland by sceSblUtMgrResetUtokenFile.
int sceSblUtMgrResetUtokenFileForDriver(void);
sceSblUtMgrHasComTestFlagForDriver
Version | NID |
---|---|
1.03-3.60 | 0x7ACCAA50 |
Derived from vshSblUtMgrHasComTestFlag.
int sceSblUtMgrHasComTestFlagForDriver(void);
sceSblUtMgrHasStoreFlagForDriver
Version | NID |
---|---|
1.03-3.60 | 0x9D2E2D39 |
Derived from vshSblUtMgrHasStoreFlag.
int sceSblUtMgrHasStoreFlagForDriver(void);
sceSblUtMgrHasNpTestFlagForDriver
Version | NID |
---|---|
1.03-3.60 | 0x9FD835B0 |
Derived from vshSblUtMgrHasNpTestFlag.
int sceSblUtMgrHasNpTestFlagForDriver(void);
sceSblUtMgrHasUNK1FlagForDriver
Version | NID |
---|---|
1.03-3.60 | 0x22599675 |
int sceSblUtMgrHasUNK1FlagForDriver(void);
sceSblUtMgrHasUNK2FlagForDriver
Version | NID |
---|---|
1.03-3.60 | 0x9B49C249 |
int sceSblUtMgrHasUNK2FlagForDriver(void);
sceSblUtMgrHasUNK3FlagForDriver
Version | NID |
---|---|
1.03-3.60 | 0x1923D80D |
int sceSblUtMgrHasUNK3FlagForDriver(void);
sceSblUtMgrGetTrilithiumBufferForDriver
Version | NID |
---|---|
3.60 | 0xABDD68CD |
int sceSblUtMgrGetTrilithiumBufferForDriver(SceUtokenDecrypted *buffer);
sceSblRtcMgrSetCpRtcForDriver
Version | NID |
---|---|
3.60 | 0x3F9BDEDF |
Set RTC in DevKit CP.
int sceSblRtcMgrSetCpRtcForDriver(int rtc);
sceSblRtcMgrGetCpRtcPhysicalForDriver
Version | NID |
---|---|
1.03-3.60 | 0x942010A0 |
int sceSblRtcMgrGetCpRtcPhysicalForDriver(int *rtc);
sceSblRtcMgrGetCpRtcLogicalForDriver
Version | NID |
---|---|
1.03-3.60 | 0xDE5150FE |
int sceSblRtcMgrGetCpRtcLogicalForDriver(int *rtc);
SceSblPostSsMgrForDriver_D8A2D465
Version | NID |
---|---|
3.60 | 0xD8A2D465 |
SceSblPostSsMgrForDriver_2C463AF1
Version | NID |
---|---|
3.60 | 0x2C463AF1 |
Used just before SceSblPostSsMgrForDriver_CB5436BD.
int SceSblPostSsMgrForDriver_2C463AF1(int maybe_keyset, SceSize size, void *buf);
SceSblPostSsMgrForDriver_CB5436BD
Version | NID |
---|---|
3.60 | 0xCB5436BD |
Transforms? coredump key.
int SceSblPostSsMgrForDriver_CB5436BD(int maybe_keyset, SceSize size, void *buf);
SceZlibForDriver
init
Version | NID |
---|---|
0.940-3.60 | 0x723495A5 |
SceZlibForDriver_00561385: 0x00561385 SceZlibForDriver_05F712FE: 0x05F712FE SceZlibForDriver_0BDDF66A: 0x0BDDF66A SceZlibForDriver_0FA805A3: 0x0FA805A3 SceZlibForDriver_134E91EA: 0x134E91EA SceZlibForDriver_1C344E27: 0x1C344E27 SceZlibForDriver_1E135CC1: 0x1E135CC1 SceZlibForDriver_20A122F8: 0x20A122F8 SceZlibForDriver_211D25F5: 0x211D25F5 SceZlibForDriver_21A03034: 0x21A03034 SceZlibForDriver_25F28DA7: 0x25F28DA7 SceZlibForDriver_3252D28C: 0x3252D28C SceZlibForDriver_3370B9AD: 0x3370B9AD SceZlibForDriver_35E0108C: 0x35E0108C SceZlibForDriver_3B4466F4: 0x3B4466F4 SceZlibForDriver_3F33F55F: 0x3F33F55F SceZlibForDriver_408311E8: 0x408311E8 SceZlibForDriver_44DA19D2: 0x44DA19D2 SceZlibForDriver_4C27A382: 0x4C27A382 SceZlibForDriver_4CB63BCD: 0x4CB63BCD SceZlibForDriver_4EE6C080: 0x4EE6C080 SceZlibForDriver_517BC5F7: 0x517BC5F7 SceZlibForDriver_520CAA7F: 0x520CAA7F SceZlibForDriver_5377643A: 0x5377643A SceZlibForDriver_5492B3F2: 0x5492B3F2 SceZlibForDriver_5A0078D6: 0x5A0078D6 SceZlibForDriver_5B718E55: 0x5B718E55 SceZlibForDriver_67A085C4: 0x67A085C4 SceZlibForDriver_68CFEA45: 0x68CFEA45 SceZlibForDriver_6ED5B677: 0x6ED5B677 SceZlibForDriver_7048F14C: 0x7048F14C SceZlibForDriver_7993ADAB: 0x7993ADAB SceZlibForDriver_7B16DBD6: 0x7B16DBD6 SceZlibForDriver_7C40CC39: 0x7C40CC39 SceZlibForDriver_7E823337: 0x7E823337 SceZlibForDriver_81D0667B: 0x81D0667B SceZlibForDriver_82167CD9: 0x82167CD9 SceZlibForDriver_834CC4A2: 0x834CC4A2 SceZlibForDriver_86FF6C8B: 0x86FF6C8B SceZlibForDriver_89A13883: 0x89A13883 SceZlibForDriver_89B30588: 0x89B30588 SceZlibForDriver_9030BAE4: 0x9030BAE4 SceZlibForDriver_904AA7AE: 0x904AA7AE SceZlibForDriver_93168F72: 0x93168F72 SceZlibForDriver_938F34FA: 0x938F34FA SceZlibForDriver_98619620: 0x98619620 SceZlibForDriver_A1E7E8B3: 0xA1E7E8B3 SceZlibForDriver_A5D70E95: 0xA5D70E95 SceZlibForDriver_AC2F8437: 0xAC2F8437 SceZlibForDriver_AD23EEBB: 0xAD23EEBB SceZlibForDriver_B03E109B: 0xB03E109B SceZlibForDriver_BC022D38: 0xBC022D38 SceZlibForDriver_BE5CE88A: 0xBE5CE88A SceZlibForDriver_D4A85178: 0xD4A85178 SceZlibForDriver_D9BDC778: 0xD9BDC778 SceZlibForDriver_E0CE06C0: 0xE0CE06C0 SceZlibForDriver_E2DF5A8B: 0xE2DF5A8B SceZlibForDriver_E323828B: 0xE323828B SceZlibForDriver_E4F34A68: 0xE4F34A68 SceZlibForDriver_E6EB524C: 0xE6EB524C SceZlibForDriver_E859D60F: 0xE859D60F SceZlibForDriver_E94663DD: 0xE94663DD SceZlibForDriver_EEC6D267: 0xEEC6D267 SceZlibForDriver_F2D8FC1A: 0xF2D8FC1A
SceSblFwLoaderForDriver
See SceSblFwLoader#SceSblFwLoaderForDriver.
SceSblPmMgr
sceSblPmMgrSetProductModeOffForUser
Version | NID |
---|---|
3.60 | 0x41FE8A37 |
Calls internally sceSblPmMgrSetProductModeForDriver(0).
int sceSblPmMgrSetProductModeOffForUser(void);
sceSblPmMgrGetProductModeForUser
Version | NID |
---|---|
3.60 | 0x46EA9FDB |
Returns 0 on success.
Gets sysroot_buffer using sceKernelGetSysrootBufferForDriver.
result = ((int *)(sysroot_buffer->boot_type_indicator_1) >> 2) & 1; // manufacturing mode flag
int sceSblPmMgrGetProductModeForUser(int* result);
sceSblPmMgrGetProductModeFromNVS
Version | NID |
---|---|
3.60 | 0x49CE0DDF |
Calls sceSblPmMgrGetProductModeFromNVSForDriver.
sceSblPmMgrAuthEtoI
Version | NID |
---|---|
0.990-3.60 | 0xBD38B141 |
Calls sceSblPmMgrAuthEtoIForDriver().
Returns an integer on success.
int sceSblPmMgrAuthEtoI(void);
sceSblPmMgrGetCurrentMode
Version | NID |
---|---|
3.60 | 0xDA4EDEBF |
Returns 0 on success.
Gets sysroot_buffer using sceKernelSysrootGetKblParamForKernel.
result = ((int *)(sysroot_buffer->boot_type_indicator_1) >> 2) & 1; // manufacturing mode flag
int sceSblPmMgrGetCurrentMode(int* result);
SceSblRtcMgr
sceSblRtcMgrGetCpRtcPhysicalForUser
Version | NID |
---|---|
3.60 | 0x1614302B |
sceSblRtcMgrSetCpActivationKey
Version | NID |
---|---|
3.60 | 0x298AE544 |
sceSblRtcMgrSetCpRtcPhysicalAndKey
Version | NID |
---|---|
3.60 | 0x3C0EEC69 |
sceSblRtcMgrSetCpRtcLogical
Version | NID |
---|---|
3.60 | 0x9DFB118B |
sceSblRtcMgrSetCpRtcPhysicalForUser
Version | NID |
---|---|
3.60 | 0xA990BC44 |
sceSblRtcMgrGetCpRtcLogical
Version | NID |
---|---|
3.60 | 0xDD44D726 |
sceSblRtcMgrGetCpSerialId
Version | NID |
---|---|
3.60 | 0xE162A827 |
Calls sceDeci4pCpupGetCpSerialIdForDriver.
SceSblLicMgr
Functions related to afv file.
sceSblLicMgrGetIssueNo
Version | NID |
---|---|
3.60 | 0x0E0691A1 |
// if request_data_flag is 0 then some cached value is used // if request_data_flag is 1 then data is requested from syscon int sceSblLicMgrGetIssueNo(int *issue_number, int request_data_flag);
sceSblLicMgrGetLicenseStatus
Version | NID |
---|---|
3.60 | 0x0EA6A30C |
int sceSblLicMgrGetLicenseStatus();
sceSblLicMgrGetActivationKey
Version | NID |
---|---|
3.60 | 0x2A437187 |
typedef struct activation_key // size is 0x14 { char open_psid[0x10]; // obtained with sceSblSsMgrGetOpenPsIdForDriver uint32_t vadd_hash; // result of vector add operation applied to openPSID } activation_key; int sceSblLicMgrGetActivationKey(activation_key* key);
sceSblLicMgrActivateFromFs
Version | NID |
---|---|
3.60 | 0x6E56EA0A |
Activates from ux0:/data/activate/.
int sceSblLicMgrActivateFromFs(void);
sceSblLicMgrGetUsageTimeLimit
Version | NID |
---|---|
3.60 | 0x774EBBA2 |
int sceSblLicMgrGetUsageTimeLimit(int *time_limit);
Uses sceSblSsMgrGetQAFlagsForKernel.
sceSblLicMgrClearActivationData
Version | NID |
---|---|
3.60 | 0x9B749D1D |
int sceSblLicMgrClearActivationData();
sceSblLicMgrGetExpireDate
Version | NID |
---|---|
0.940-3.60 | 0xE9FA0FE5 |
// if request_data_flag is 0 then some cached value is used // if request_data_flag is 1 then data is requested from syscon int sceSblLicMgrGetExpireDate(int *expire_date, int request_data_flag);
sceSblLicMgrActivateDevkit
Version | NID |
---|---|
3.60 | 0xEB21DD39 |
// afv_path is of size 0x100 int sceSblLicMgrActivateDevkit(char* afv_path);
SceSblUtMgr
sceSblUtMgrUpdateUtoken
Version | NID |
---|---|
3.60 | 0xBDE74645 |
Calls sceSblUtMgrUpdateUtokenForDriver(buf, 0x800);.
// size = 0x800 int sceSblUtMgrUpdateUtoken(char* buf, SceSize size);
sceSblUtMgrReadUtoken
Version | NID |
---|---|
3.60 | 0xD2836E0D |
// size = 0x800 int sceSblUtMgrReadUtoken(char *buf, int SceSize size);
sceSblUtMgrResetUtokenFile
Version | NID |
---|---|
3.60 | 0x1CD57182 |
Calls sceSblUtMgrResetUtokenFileForDriver.
int sceSblUtMgrResetUtokenFile(void);
sceSblUtMgrGetCurrentSecureTick
Version | NID |
---|---|
3.60 | 0xCFCB1355 |
Calls sceRtcGetCurrentSecureTickForDriver then uses sceKernelMemcpyKernelToUserForDriver.
int sceSblUtMgrGetCurrentSecureTick(int* secure_tick);
sceSblUtMgrIsTrilithiumFlagEnabled
Version | NID |
---|---|
3.60 | 0x04CA1311 |
// size = sizeof("UT_TRILITHIUM_FLAG") = 18 int sceSblUtMgrIsTrilithiumFlagEnabled(char* buf, SceSize size);
buf takes value "UT_TRILITHIUM_FLAG" if a flag is enabled.
SceSblSpsfoMgr
sceSblSpsfoMgrOpen
Version | NID |
---|---|
1.03 | 0x64B45B53 |
int sceSblSpsfoMgrOpen(char *path, spsfo_ctx *result);
sceSblSpsfoMgrVerify
Version | NID |
---|---|
1.03 | 0x517CAF25 |
int sceSblSpsfoMgrVerify(spsfo_ctx *ctx, int *res, int *size);
sceSblSpsfoMgrClose
Version | NID |
---|---|
1.03 | 0x3533B542 |
int sceSblSpsfoMgrClose(spsfo_ctx *ctx);