Secure Modules Functions

Depending on the F00D SELF that is currently loaded, different commands are handled.

Request Buffer
Each request that is made sends a page aligned buffer that has a max size of a page. After as 64 byte header common to all commands, the data afterwards is specific to each command. The documentation for each command below specifies the data that goes after the header. The special command id of -1 is used to shut down the currently loaded F00D SELF.

Physical Address List
A common format used in these requests is a list of physical address and size. This simple structure is defined below. See SceSysmem for information on creating this list.

This data format is used when passing large buffers of data to F00D. This is because the memory manager in kernel could allocate contiguous virtual addresses that corresponds to varying physical addresses.

kprx_auth_sm.self
This is a special SELF that is found in the boot SLB2 partition. The raw (encrypted) SELF is found in secure world memory (placed there by an early bootloader). It is used to decrypt SELFs for ARM. The SELF header is passed into a page aligned buffer and a paddr list is generated from it.

0x10001 sceSblAuthMgrAuthHeaderForKernel
Used by sceSblAuthMgrAuthHeaderForKernel.

Checks the SELF header for decryption. The header is copied to the F00D private memory region first (on 1.69 with 0x1000 sized header, it is at  in F00D memory space.

0x20001 sceSblAuthMgrLoadSelfSegmentForKernel
Used by sceSblAuthMgrLoadSelfSegmentForKernel.

Set the program segment to decrypt. This corresponds to the segment index in the ELF program headers in the SELF header passed in with the command above.

0x30001 sceSblAuthMgrLoadSelfBlockForKernel
Used by sceSblAuthMgrLoadSelfBlockForKernel.

Decrypt a buffer from the SELF corresponding to the program segment number passed in above. The segment is read in  chunks and is decrypted in place (the input buffer will contain the decrypted data). A paddr list is generated from the buffer. The input buffer and output buffer can be the same.

0x40001 sceSblAuthMgrGetEKcForDriver
Decrypts provided buffer in ECB mode using one of three keys (NPDRM keys ?).

Used by sceSblAuthMgrGetEKcForDriver for getting klicensee?

0x50001 sceSblAuthMgrSetDmac5KeyForKernel
Used by sceSblAuthMgrSetDmac5KeyForKernel to set key for decryption.

This uses an unknown secret to derive the final key, then writes it into dmac5 keyring.

0x60001 sceSblAuthMgrClearDmac5KeyForKernel
Used by sceSblAuthMgrClearDmac5KeyForKernel for clearing the Dmac5 Key.

This function writes zeroes into dmac5 keyring.

0x70001 sceSblAuthMgrDecBindDataForDriver
Used by sceSblAuthMgrDecBindDataForDriver and SceNpDrm for gamecard binding data used in conjunction with the RIF license file on the gamecard for deriving the klicensee.

0x80001 sceSblAuthMgrVerifySpfsoCtxForDriver
Used by sceSblAuthMgrVerifySpfsoCtxForDriver.

0x2
Verify afv data

0x4
Verify activation data

0x5
Get activation data. The returned data is sent to Syscon at offset 0x520.

0x7
Check if activation is valid. The activation data is read from Syscon at offset 0x520.

0xA
Introduced in 2.12. Check if new activation is valid. Extended activation check with a signature. This is ran when installing a new afv.

0xB
Introduced in 2.12. Check if current activation is valid. Extended activation check with signature. This is ran on boot.

0x1 ConsoleId
Returns the console's ConsoleId.

Used in sceSblSsMgrGetConsoleIdForDriver

0x2 OpenPsId
Returns the console's OpenPsId.

0x3 VisibleId/FuseId
Returns the console's VisibleId.

Used in sceSblSsMgrGetVisibleId

0x4 PsCode
Returns the console's PsCode.

Used in sceSblSsMgrGetPscode2ForDriver

0x5 PassPhrase
Used in sceSblSsMgrCreatePassPhraseForDriver

0x10006
Seems to be called on init and before resume of PSP

encdec_w_portability_sm.self
This seems to be used to do some kind of key derivation. May also be used as a general purpose encryption engine.

0x1000A
Encrypt data

0x2000A DecryptWithPortability
Used by sceSblSsMgrDecryptWithPortabilityForDriver.

Decrypt data

Return of 0x800f0002 means invalid service ID. For encdec_w_portability_sm, only 0x1000A and 0x2000A are supported.

Return of 0x800f1716 means invalid key slot. Valid key slots are only 1-10.

0x1000B
check sm_comm_context

Supported GC commands and structures

0x4
Original PSP Kirk 4 service for encrypting data

0x7
Original PSP Kirk 7 service for decrypting data

0xC
Original PSP Kirk 0xC service for Generating a 160bit ECC private/public keypair. Call with an empty buffer of length 0x3C. The structure below is the return structure.

0xD
Original PSP Kirk 0xD service for multiplying a 160bit ECC curve point with a value. Call with a multiplier, then a x and y point value.

Result

0xE
Original PSP Kirk 0xE service for 160bit Random number generation. Call with an empty buffer, the result structure is below.

0x10
Original PSP Kirk 0x10 service for 160bit ECC signing. Call and return structure below.

Result

0x11
Original PSP Kirk 0x11 service for 160bit ECC signature verification. Call with the below structure, then function will return pass or fail.

Result

0x14
New Vita Kirk 0x14 service for Generating a 224bit ECC private/public keypair. Call with an empty buffer of length 0x54. The structure below is the return structure.

0x15
New Vita Kirk 0x15 service for multiplying a 224bit ECC curve point with a value. Call with a multiplier, then a x and y point value.

Result

0x16
New Vita Kirk 0x16 service for 160bit Random number generation. Call with an empty buffer, the result structure is below.

0x17
New Vita Kirk 0x17 service. Unknown, but buffer length is 0x3C. Almost certainly a 224bit version of 0x10

0x18
New Vita Kirk 0x18 service. Unknown, but buffer length is 0x8C. Almost certainly a 224bit version of 0x11

0x19
New Vita Kirk 0x19 service. Unknown, but buffer length is 0xE8. Related to IdStorage somehow. Almost certainly a 224bit version of 0x12

0x1B
New Vita Kirk 0x1B service. This service is related to SceSdif and is used by SceSblGcAuthMgr. This service is part of SD MMC CMD56 custom initialization protocol. This is a data validation service with no response. Size of request is 0x53.

0x1C
New Vita Kirk 0x1C service. This service is related to SceSdif and is used by SceSblGcAuthMgr. This service is part of SD MMC CMD56 custom initialization protocol. This is a data generation service. Size of request is 0x40. Size of response is 0x33.

Request:

Response:

0x1D
New Vita Kirk 0x1D service. This service is related to SceSdif and is used by SceSblGcAuthMgr. This service is part of SD MMC CMD56 custom initialization protocol. This is a data validation service with no response. Size of request is 0xA3.

0x1E
New Vita Kirk 0x1E service. This service is related to SceSdif and is used by SceSblGcAuthMgr. This service is part of SD MMC CMD56 custom initialization protocol. This is a data generation service. Size of request is 0x51. Size of response is 0x33.

Request:

Response:

0x1F
New Vita Kirk 0x1F service. This service is related to SceSdif and is used by SceSblGcAuthMgr. This service is part of SD MMC CMD56 custom initialization protocol. This is a data validation service. Size of request is 0xB3. Size of response is 0x20.

Request:

Response:

0x20
New Vita Kirk 0x20 service. This service is related to SceSdif and is used by SceSblGcAuthMgr. This service is part of SD MMC CMD56 custom initialization protocol. This is a data generation service. Size of request is 0x116. Size of response is 0x34.

Generated data is used to obtain klicensee using sceSblAuthMgrDecBindData

Request:

Response:

0x21
New Vita Kirk 0x21 service. Unknown, but buffer length is 0x34.

0x22
New Vita Kirk 0x22 service. Unknown, but buffer length is 0x3C.

0x23
New Vita Kirk 0x23 service. Unknown, but buffer length is 0x20.

rmauth_sm.self
Removable Media (Memory Card) authentication. Used by SceMsif.

0x1
Response (size 0x20 bytes):

0x2
Scrambles and sets the DMAC5 keyslot 0x1C key.

Request (size 0x20 bytes):

0xE0002
Used to decrypt lists stored in updates. Same format as 0x40002.

update_service_sm.self
This is used by SceSblSsUpdateMgr to decrypt update packages extracted from PUP files. Both 0x40002 and 0x50002 reference buffers in the following way: an inner paddr list is generated for the buffer containing the data to encrypt/decrypt, then an outer paddr list is generated for the inner list. That means there's two levels of indirection in the paddr list.

0x10002
Verify PUP header.

0x20002
Verify PUP segment.

0x30002
Verify watermark.

0x40002
Decrypt package. Allocate a page aligned buffer and read the complete pkg file into the buffer. The buffer is decrypted in place.

0x50002
Re-encrypt enp files

0xA0002
Verify additional data.

0xD0002
Syscon update related. Usage is to proxy encrypted data F00D <=> Syscon.

0x1
Get utoken.

0x2
Decrypt utoken.

0x2
These commands seems to be used to set keys (on FW 1.50, there are debug strings referencing this part of code as "call_set_key_command") on Dmac5, this key seems to be used to do stuff with TripleDES and another unknown encrypt algorithm.