SceSblSsMgr: Difference between revisions

From Vita Development Wiki
Jump to navigation Jump to search
Line 388: Line 388:
no usages found  
no usages found  


<source lang="c">int execute_dmac5_command_0x4A(char *src, char *dst, int size, int key_slot, int key_size, int arg_4, int arg_8);</source>
<source lang="c">int execute_dmac5_command_0x4A(char *src, char *dst, int size, int key_slot, int key_size, int unk0, int unk1);</source>


=== execute_dmac5_command_0xA ===
=== execute_dmac5_command_0xA ===

Revision as of 23:40, 20 September 2017

Module

Known NIDs

Version Name World Privilege NID
1.69 SceSblSsMgr Non-secure Kernel 0xFDDD93FA
3.60 SceSblSsMgr ? Kernel 0x4E913538

Libraries

Known NIDs

Version Name World Visibility NID
1.69 SceSblSsMgrForKernel Non-secure Kernel 0x74580D9F
1.69 SceSblSsMgrForDriver Non-secure Kernel 0x61E9428D
3.60 SceSblSsMgrForDriver ? Kernel 0x61E9428D
1.69 SceSblSsMgr Non-secure Kernel 0xEC86E4B0
1.69 SceSblQafMgr Non-secure User 0x756B7E89
1.69 SceSblRng Non-secure User 0x1843F124
1.69 SceSblDmac5Mgr Non-secure User 0x437366A2
1.69 SceSblAimgr Non-secure User 0xD473F968

SceSblSsMgrForKernel

get_syscon_data

Version NID
3.60 0xC2EC8F5A

for example gets 0x20 bytes of data for act_sm.self command 0x4 call.

this is done by passing offset 0x520 as first argument.

int get_syscon_data(int offset, char *buffer, int size);

SceSblSsMgrForDriver

execute_dmac5_command_0x04

Version NID
3.60 0xAC57F4F0

Generates random data of length 0x40 by executing Dmac5 command

used in SceKrm, SceSblGcAuthMgr

int execute_dmac5_command_0x04(char* dest);

execute_dmac5_command_0x04

Version NID
3.60 0x4DD1B2E5

Generates random data of length 0x40 by executing Dmac5 command

Data is then cropped to fit the size in outputBuffer.

used by SceMsif

int execute_dmac5_command_0x04(char* outputBuffer, int size, int unk);

sceSblSsMgrAES128ECBEncryptForDriver

Version NID
3.60 0x01BE0374

Executes Dmac5 command 0x01

used in SceSblMgKeyMgr

//size - size of data in src
//key_slot - 0x1C, 0x1D, 0x1E, 0x1F
//key_size - 0x80 (size in bits)
int sceSblSsMgrAES128ECBEncryptForDriver(char *src, char *dst, int size, int key_slot, int key_size, int unk);

execute_dmac5_command_0x01

Version NID
3.60 0x0F7D28AF

Executes Dmac5 command

used in ScePfsMgr

int execute_dmac5_command_0x01(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4, int arg_8);

execute_dmac5_command_0x01

Version NID
3.60 0xC517770D

Executes Dmac5 command

used in ScePfsMgr

int execute_dmac5_command_0x01(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4);

execute_dmac5_command_0x02

Version NID
3.60 0x197ACF6F

Executes Dmac5 command

no usages found

int execute_dmac5_command_0x02(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4, int arg_8);

execute_dmac5_command_0x02

Version NID
3.60 0x7C978BE7

Executes Dmac5 command

used ScePfsMgr

int execute_dmac5_command_0x02(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4);

sceSblSsMgrAES128ECBDecryptForDriver

Version NID
3.60 0x8B4700CB

Executes Dmac5 command 0x02

used by SceSblMgKeyMgr

//size - size of data in src
//key_slot - ?
//key_size - 0x80 (size in bits)
int sceSblSsMgrAES128ECBDecryptForDriver(char *src, char *dst, int size, int key_slot, int key_size, int unk);

execute_dmac5_command_0x03

Version NID
3.60 0xEB3AF9B5

Executes Dmac5 command

used by ScePfsMgr

int execute_dmac5_command_0x03(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4);

execute_dmac5_command_0x09

Version NID
3.60 0x711C057A

Executes Dmac5 command

used by ScePfsMgr

int execute_dmac5_command_0x09(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4, int arg_8, int arg_C);

execute_dmac5_command_0x09

Version NID
3.60 0xE6E1AD15

Executes Dmac5 command

used by ScePfsMgr

int execute_dmac5_command_0x09(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4, int arg_8);

execute_dmac5_command_0x21

Version NID
3.60 0x82B5DCEF

Executes Dmac5 command

used by SceNpDrm

int execute_dmac5_command_0x21(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4, int arg_8);

execute_dmac5_command_0x22

Version NID
3.60 0x7D46768C

Executes Dmac5 command

no usages found

int execute_dmac5_command_0x22(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4, int arg_8);

execute_dmac5_command_0x23

Version NID
3.60 0x6704D985

Executes Dmac5 command

used by ScePfsMgr

int execute_dmac5_command_0x23(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4, int arg_8);

execute_dmac5_command_0x23

Version NID
3.60 0x92E37656

Executes Dmac5 command

no usages found

int execute_dmac5_command_0x23(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4, int arg_8, int arg_C);

execute_dmac5_command_0x33

Version NID
3.60 0x79F38554

Executes Dmac5 command

no usages found

int execute_dmac5_command_0x33(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4, int arg_8);

execute_dmac5_command_0x3B

Version NID
3.60 0x1B14658D

Executes Dmac5 command

used in ScePfsMgr

int execute_dmac5_command_0x3B(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4, int arg_8, int arg_C);

execute_dmac5_command_0x3B

Version NID
3.60 0x83B058F5

Executes Dmac5 command

used in ScePfsMgr

int execute_dmac5_command_0x3B(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4, int arg_8, int arg_C, int arg_10);

execute_dmac5_command_0x3B

Version NID
3.60 0xEA6ACB6D

Executes Dmac5 command

no usages found

int execute_dmac5_command_0x3B(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4, int arg_8, int arg_C);

execute_dmac5_command_0x41

Version NID
3.60 0x37DD5CBF

Executes Dmac5 command

used in SceMsif, SceSblMgKeyMgr

int execute_dmac5_command_0x41(char *src, char *dst, int size, int key_slot, int key_size, int unk);

execute_dmac5_command_0x42

Version NID
3.60 0x8EAFB18A

Executes Dmac5 command

used in SceSblMgKeyMgr

int execute_dmac5_command_0x42(char *src, char *dst, int size, int key_slot, int key_size, int unk);

execute_dmac5_command_0x49

Version NID
3.60 0x05B38698

Executes Dmac5 command

no usages found

int execute_dmac5_command_0x49(char *src, char *dst, int size, int key_slot, int key_size, int unk0, int unk1);

execute_dmac5_command_0x4A

Version NID
3.60 0x926BCCF0

Executes Dmac5 command

no usages found

int execute_dmac5_command_0x4A(char *src, char *dst, int size, int key_slot, int key_size, int unk0, int unk1);

execute_dmac5_command_0xA

Version NID
3.60 0x121FA69F

Executes Dmac5 command

used by ScePfsMgr

int execute_dmac5_command_0xA(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4, int arg_8);

execute_dmac5_command_0xA

Version NID
3.60 0x1901CB5E

Executes Dmac5 command

used by ScePfsMgr

int execute_dmac5_command_0xA(int unk0, int unk1, int unk2, int unk3, int arg_0, int arg_4, int arg_8, int arg_C);

execute_dmac5_command

Version NID
3.60 0x9641374E

Executes Dmac5 command

used by SceNpDrm

int execute_dmac5_command(int unk0, int unk1, int unk2, int unk3, int arg_0, int command, int arg_8);

sceSblSsMgrGetConsoleIdForDriver

Version NID
3.60 0xFC6CDD68
//buffer is of size 0x10
int sceSblSsMgrGetConsoleIdForDriver(void* cid);

sceSblSsMgrGetOpenPsIdForDriver

Version NID
3.60 0xA5B5D269
typedef struct SceKernelOpenPsId {
	char id[16];
} SceKernelOpenPsId;

//buffer is of size 0x10
int sceSblSsMgrGetOpenPsIdForDriver(SceKernelOpenPsId *id);

sceSblSsMgrGetFuseIdForDriver

Version NID
3.60 0x04843835
int sceSblSsMgrGetFuseIdForDriver(uint64_t *fuseid);

dec_aes_key_msif

Version NID
3.60 0x934db6b5

decrypts or derives aes key that is used in msif to decrypt static sha224 table

communication with F00D is done with command 0x2000A from encdec_w_portability_sm.self

typedef struct input_data //size is 0x24
{
  uint32_t size;
  uint8_t unk_4[0x20];
}input_data;

typedef struct output_data //size is 0x24
{
  uint32_t size;
  uint8_t unk_4[0x10];
  uint8_t aes_key_14[0x10];
}input_data;

//arg1 - size is 0x10
int dec_aes_key_msif(int num, char* arg1, input_data* in, output_data* out);

SceSblSsMgr

SceSblQafMgr

sceSblQafManagerGetQafNameForUser

Version NID
1.69 0xF7EA8C2

sceSblQafManagerIsAllowKernelDebugForUser

Version NID
1.69 0x11D30766

sceSblQafManagerSetQafTokenForUser

Version NID
1.69 0x56A16392

sceSblQafMgrIsAllowForceUpdate

Version NID
1.69 0x63F29BA0

sceSblQafMgrIsAllowAllDebugMenuDisplay

Version NID
1.69 0x66843305

sceSblQafMgrIsAllowNpTest

Version NID
1.69 0xA9EBCBAC

sceSblQafMgrIsAllowNonQAPup

Version NID
1.69 0xB5621615

sceSblQafMgrGetQafToken

Version NID
1.69 0xB6BAE81D

sceSblQafMgrIsAllowLimitedDebugMenuDisplay

Version NID
1.69 0xC456212D

sceSblQafMgrIsAllowScreenShotAlways

Version NID
1.69 0xD22A8731

sceSblQafManagerDeleteQafTokenForUser

Version NID
1.69 0xD542583F

sceSblQafMgrIsAllowRemoteSysmoduleLoad

Version NID
1.69 0xF45AA706

SceSblRng

_sceKernelGetRandomNumber

Version NID
1.69 0xC37E818C

SceSblDmac5Mgr

sceSblDmac5HashTransform

Version NID
1.69 0x09EBC6EF
3.60 0x09EBC6EF
int sceSblDmac5HashTransform (int unk0, int command, int unk1);

sceSblDmac5EncDecKeyGen

Version NID
1.69 0x5BF4F924
3.60 0x5BF4F924

This function is also called sceSblDmac5AesCbcDecKeyGen or sceSblDmac5AesCbcEncKeyGen in SceGameDataPlugin

typedef struct keygen_ctx //size is 0x18
{
   char *src; 
   char *dst; 
   int size; 
   char* key; 
   
   uint32_t key_size;  // (int bits)
   char* out; //hash ?
}keygen_ctx;

//command - 0xA (dmac5 command AES-192-CBC decrypt)
//command - 0x9 (dmac5 command AES-192-CBC encrypt)
int sceSblDmac5EncDecKeyGen(keygen_ctx* ctx, int key_id, int command);

sceSblDmac5EncDec

Version NID
1.69 0xD0B1F759
3.60 0xD0B1F759
int sceSblDmac5EncDec(void *args, int command);

sceSblDmac5HmacKeyGen

Version NID
3.60 0xCCE57D33

This function is also called sceSblDmac5Sha256HmacKeyGen in SceGameDataPlugin

//data is of size 0x18 (24 - 192 bits ?)
//unk1 - 0x20001
//command - 0x33 (dmac5 HMAC-SHA256 command)
//flags - 0x400, 0x800, 0xC00
int sceSblDmac5HmacKeyGen(char* data, int unk1, int command, int flags);

SceSblAimgr

_sceKernelGetOpenPsId

Version NID
1.69 0x6E283E2E