Process Services PXI

From 3dbrew
Revision as of 16:52, 11 April 2015 by Yellows8 (talk | contribs)
Jump to navigation Jump to search
Command Header Available since system version Description
0x000100C6 1.0.0-0 This crypts a raw message with RSA.
0x00020284 1.0.0-0 SignRsaSha256
0x00030284 1.0.0-0 VerifyRsaSha256
0x000401C4 1.0.0-0 EncryptDecryptAes
0x00050284 1.0.0-0 EncryptSignDecryptVerifyAesCcm
0x00060000 1.0.0-0 GetRomId. This reads 0x40-bytes from gamecard command 0xC6 (gamecard-uniqueID), and returns the first 0x10-bytes from that since the rest of the command reply is all 0xFF-bytes.
0x00070000 1.0.0-0 GetRomId2. The first u8 this returns is from GetRomMakerCode, the following 0x10-bytes are from encrypting the 0x10-bytes which GetRomId also returns. This is encrypted with AES-CBC, the regular normal-key and IV set by Process9 for this are loaded from the Process9 .rodata section.
0x00080000 1.0.0-0 GetCTRCardAutoStartupBit
0x00090000 1.0.0-0 GetRomMakerCode
0x000A0000 1.0.0-0 GetLocalFriendCodeSeed
0x000B0000 1.0.0-0 GetDeviceId
0x000C0042 1.0.0-0 GatherEntropy
0x000D0042 1.0.0-0 GenerateRandomBytes
0x000E0042 1.0.0-0, removed with 2.0.0-2 With 2.0.0-2 the system no longer handles this command at all. This was mostly the same as GenerateRandomBytes.
0x04010084 8.1.0-0_New3DS New_3DS-only. cmd[1] = insize, cmd[2] = outsize, cmd[3] = (insize<<8) | 0x4, cmd[4] = inbufptr, cmd[5] = (outsize<<8) | 0x14, and cmd[6] = outbufptr.
0x04020082 8.1.0-0_New3DS New_3DS-only. cmd[1] = insize, cmd[2] = u8 flag, cmd[3] = (insize<<8) | 0x4, cmd[4] = inbufptr.
0x04030044 8.1.0-0_New3DS New_3DS-only.
0x04040044 8.1.0-0_New3DS New_3DS-only.

These RSA commands are an interface for using the RSA engine. The system will hang when it attempts to use a >RSA-2048 RSA bit-size with the RSA engine, since the RSA engine does not support >RSA-2048. These RSA commands have an input field specifying what RSA bit-size to use, but the RSA padding code is hard-coded to use RSA-2048.

The New3DS 0x040X commands(used for Amiibo crypto) were removed with 9.3.0-21, the code for that was moved into NFC-module.

Command 0x04010084

The input buffer size must be <=0x1E0-bytes, and the out buffer size must be >0 and <=0x20-bytes. This calculates a SHA256-HMAC over the input buffer using the current already-generated Amiibo HMAC key(generated_amiibodata+0x20), the output hash is then written to the out buffer.

Command 0x04020082

This is used for Amiibo key generation. 0x30-bytes are generated.

Command 0x04030044

This is used for the actual Amiibo AES crypto, max input buffer size is same as command 0x04010084. The AES mode used for this is the same as for Amiibo key generation. Normal-key = generated_amiibodata+0x0, IV/whatever = generated_amiibodata+0x10(see command 0x04010084 regarding generated_amiibodata).

Command 0x04040044

Similar to 0x04030044, except this is devunit-only with dev-only keys.