PSPXI:EncryptDecryptAes

PSPXI:EncryptDecryptAes

Request #

Index Word	Description
0	Header code [0x000401C4]
1	Size in bytes
2-5	IV / CTR
6	u8 Algorithm Type (0..5)
7	u8 Key Type (0..7)
8	(size<<8) \| 0x4
9	Source pointer
10	(size<<8) \| 0x14
11	Destination pointer

Response #

Index Word	Description
0	Header code [0x00040140]
1	Result code
2-5	Output IV / CTR: this is the IV/CTR which would be used if the crypto operation were to continue.

Algorithm Types #

Type	Description
0	CBC Encrypt
1	CBC Decrypt
2	CTR Encrypt
3	CTR Decrypt
4	CCM Encrypt
5	CCM Decrypt

Key Types #

Type	AES Engine Keyslot	Description
0	0x0D	Used to decrypt the SSL client cert/private-key stored in ClCertA.
1	0x2D	Used to generate the UDS local-WLAN CCMP key.
2	0x31	This is used by NS for the APT AES-CCM Wrap/Unwrap commands. These two NS commands are used by the Mii Maker application for the encrypted Mii data in the Mii QR codes.
3	0x38	BOSS
4	0x32	?
5	0x39	This is used by the Download Play module for calculating a 32bit checksum over the entire UDS application data-fames, stored in the DLP data-frame header.
6	0x2E	This is used by the StreetPass CECD module to generate the CCMP key passed to nwm::CEC commands, when beginning StreetPass communications.
7		Invalid
8	0x36	This is used by the friends module. Support for this keytype was added with the NATIVE_FIRM updated with 2.2.0-X. When the running NATIVE_FIRM doesn't support this keytype, the result is the same as using keytype7.
9	0x39	This is used by the NFC module. Support for this keytype was added with the NATIVE_FIRM updated with 9.3.0-X. When the running NATIVE_FIRM doesn't support this keytype, the result is the same as using keytype7. Before selecting this keyslot, Process9 writes a keyY from the Process9 .(ro)data section(keydata is different for retail/dev units) to this keyslot. Once finished with crypto, Process9 restores the original keyY to this keyslot.
>=10		Invalid, same as keytype7.

Description #

This is used to encrypt/decrypt data via the AES engine. AES-CCM is not supported by this command, PSPXI:EncryptSignDecryptVerifyAesCcm must be used for AES-CCM instead.