diff --git a/bootloader/sec/se.c b/bootloader/sec/se.c
index f767bb1..57c0958 100644
--- a/bootloader/sec/se.c
+++ b/bootloader/sec/se.c
@@ -195,6 +195,24 @@ int se_aes_crypt_ecb(u32 ks, u32 enc, void *dst, u32 dst_size, const void *src,
 	return _se_execute(OP_START, dst, dst_size, src, src_size);
 }
 
+int se_aes_crypt_cbc(u32 ks, u32 enc, void *dst, u32 dst_size, const void *src, u32 src_size)
+{
+	if (enc)
+	{
+		SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_ALG(ALG_AES_ENC) | SE_CONFIG_DST(DST_MEMORY);
+		SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_KEY_INDEX(ks) | SE_CRYPTO_VCTRAM_SEL(VCTRAM_PREVAHB) |
+			SE_CRYPTO_CORE_SEL(CORE_ENCRYPT) | SE_CRYPTO_XOR_POS(XOR_BOTTOM);
+	}
+	else
+	{
+		SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_DEC_ALG(ALG_AES_DEC) | SE_CONFIG_DST(DST_MEMORY);
+		SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_KEY_INDEX(ks) | SE_CRYPTO_VCTRAM_SEL(VCTRAM_PREVAHB) |
+			SE_CRYPTO_CORE_SEL(CORE_DECRYPT) | SE_CRYPTO_XOR_POS(XOR_BOTTOM);
+	}
+	SE(SE_BLOCK_COUNT_REG_OFFSET) = (src_size >> 4) - 1;
+	return _se_execute(OP_START, dst, dst_size, src, src_size);
+}
+
 int se_aes_crypt_block_ecb(u32 ks, u32 enc, void *dst, const void *src)
 {
 	return se_aes_crypt_ecb(ks, enc, dst, 0x10, src, 0x10);
@@ -301,3 +319,76 @@ int se_calc_sha256(void *dst, const void *src, u32 src_size)
 	return res;
 }
 
+int se_gen_prng128(void *dst)
+{
+	// Setup config for X931 PRNG.
+	SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_MODE(MODE_KEY128) | SE_CONFIG_ENC_ALG(ALG_RNG) | SE_CONFIG_DST(DST_MEMORY);
+	SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_HASH(HASH_DISABLE) | SE_CRYPTO_XOR_POS(XOR_BYPASS) | SE_CRYPTO_INPUT_SEL(INPUT_RANDOM);
+
+	SE(SE_RNG_CONFIG_REG_OFFSET) = SE_RNG_CONFIG_SRC(RNG_SRC_ENTROPY) | SE_RNG_CONFIG_MODE(RNG_MODE_NORMAL);
+	//SE(SE_RNG_SRC_CONFIG_REG_OFFSET) =
+	//		SE_RNG_SRC_CONFIG_ENT_SRC(RNG_SRC_RO_ENT_ENABLE) | SE_RNG_SRC_CONFIG_ENT_SRC_LOCK(RNG_SRC_RO_ENT_LOCK_ENABLE);
+	SE(SE_RNG_RESEED_INTERVAL_REG_OFFSET) = 1;
+
+	SE(SE_BLOCK_COUNT_REG_OFFSET) = (16 >> 4) - 1;
+
+	// Trigger the operation.
+	return _se_execute(OP_START, dst, 16, NULL, 0);
+}
+
+void se_get_aes_keys(u8 *buf, u8 *keys, u32 keysize)
+{
+	u8 *aligned_buf = (u8 *)ALIGN((u32)buf, 0x40);
+
+	// Set Secure Random Key.
+	SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_MODE(MODE_KEY128) | SE_CONFIG_ENC_ALG(ALG_RNG) | SE_CONFIG_DST(DST_SRK);
+	SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_KEY_INDEX(0) | SE_CRYPTO_CORE_SEL(CORE_ENCRYPT) | SE_CRYPTO_INPUT_SEL(INPUT_RANDOM);
+	SE(SE_RNG_CONFIG_REG_OFFSET) = SE_RNG_CONFIG_SRC(RNG_SRC_ENTROPY) | SE_RNG_CONFIG_MODE(RNG_MODE_FORCE_RESEED);
+	SE(SE_CRYPTO_LAST_BLOCK) = 0;
+	_se_execute(OP_START, NULL, 0, NULL, 0);
+
+	// Save AES keys.
+	SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_MODE(MODE_KEY128) | SE_CONFIG_ENC_ALG(ALG_AES_ENC) | SE_CONFIG_DST(DST_MEMORY);
+
+	for (u32 i = 0; i < TEGRA_SE_KEYSLOT_COUNT; i++)
+	{
+		SE(SE_CONTEXT_SAVE_CONFIG_REG_OFFSET) = SE_CONTEXT_SAVE_SRC(AES_KEYTABLE) |
+			(i << SE_KEY_INDEX_SHIFT) | SE_CONTEXT_SAVE_WORD_QUAD(KEYS_0_3);
+
+		SE(SE_CRYPTO_LAST_BLOCK) = 0;
+		_se_execute(OP_CTX_SAVE, aligned_buf, 0x10, NULL, 0);
+		memcpy(keys + i * keysize, aligned_buf, 0x10);
+
+		if (keysize > 0x10)
+		{
+			SE(SE_CONTEXT_SAVE_CONFIG_REG_OFFSET) = SE_CONTEXT_SAVE_SRC(AES_KEYTABLE) |
+				(i << SE_KEY_INDEX_SHIFT) | SE_CONTEXT_SAVE_WORD_QUAD(KEYS_4_7);
+
+			SE(SE_CRYPTO_LAST_BLOCK) = 0;
+			_se_execute(OP_CTX_SAVE, aligned_buf, 0x10, NULL, 0);
+			memcpy(keys + i * keysize + 0x10, aligned_buf, 0x10);
+		}
+	}
+
+	// Save SRK to PMC secure scratches.
+	SE(SE_CONTEXT_SAVE_CONFIG_REG_OFFSET) = SE_CONTEXT_SAVE_SRC(SRK);
+	SE(0x80) = 0; // SE_CRYPTO_LAST_BLOCK
+	_se_execute(OP_CTX_SAVE, NULL, 0, NULL, 0);
+
+	// End context save.
+	SE(SE_CONFIG_REG_OFFSET) = 0;
+	_se_execute(OP_CTX_SAVE, NULL, 0, NULL, 0);
+
+	// Get SRK.
+	u32 srk[4];
+	srk[0] = PMC(0xC0);
+	srk[1] = PMC(0xC4);
+	srk[2] = PMC(0x224);
+	srk[3] = PMC(0x228);
+
+	// Decrypt context.
+	se_aes_key_clear(3);
+	se_aes_key_set(3, srk, 0x10);
+	se_aes_crypt_cbc(3, 0, keys, TEGRA_SE_KEYSLOT_COUNT * keysize, keys, TEGRA_SE_KEYSLOT_COUNT * keysize);
+	se_aes_key_clear(3);
+}
diff --git a/bootloader/sec/se.h b/bootloader/sec/se.h
index bd70b28..7d12207 100644
--- a/bootloader/sec/se.h
+++ b/bootloader/sec/se.h
@@ -21,6 +21,7 @@
 
 void se_rsa_acc_ctrl(u32 rs, u32 flags);
 void se_key_acc_ctrl(u32 ks, u32 flags);
+void se_get_aes_keys(u8 *buf, u8 *keys, u32 keysize);
 void se_aes_key_set(u32 ks, void *key, u32 size);
 void se_aes_key_clear(u32 ks);
 int se_aes_unwrap_key(u32 ks_dst, u32 ks_src, const void *input);
@@ -28,5 +29,6 @@ int se_aes_crypt_ecb(u32 ks, u32 enc, void *dst, u32 dst_size, const void *src,
 int se_aes_crypt_block_ecb(u32 ks, u32 enc, void *dst, const void *src);
 int se_aes_crypt_ctr(u32 ks, void *dst, u32 dst_size, const void *src, u32 src_size, void *ctr);
 int se_calc_sha256(void *dst, const void *src, u32 src_size);
+int se_gen_prng128(void *dst);
 
 #endif
diff --git a/bootloader/sec/se_t210.h b/bootloader/sec/se_t210.h
index 3b610bc..01828c7 100644
--- a/bootloader/sec/se_t210.h
+++ b/bootloader/sec/se_t210.h
@@ -70,27 +70,26 @@
 #define SE_CONFIG_DEC_MODE(x)		(x << SE_CONFIG_DEC_MODE_SHIFT)
 
 #define SE_RNG_CONFIG_REG_OFFSET		0x340
-#define DRBG_MODE_SHIFT	0
-#define DRBG_MODE_NORMAL	0
-#define DRBG_MODE_FORCE_INSTANTION	1
-#define DRBG_MODE_FORCE_RESEED		2
-#define SE_RNG_CONFIG_MODE(x)		(x << DRBG_MODE_SHIFT)
+#define RNG_MODE_SHIFT	0
+#define RNG_MODE_NORMAL	0
+#define RNG_MODE_FORCE_INSTANTION	1
+#define RNG_MODE_FORCE_RESEED		2
+#define SE_RNG_CONFIG_MODE(x)		(x << RNG_MODE_SHIFT)
+#define RNG_SRC_SHIFT	2
+#define RNG_SRC_NONE	0
+#define RNG_SRC_ENTROPY	1
+#define RNG_SRC_LFSR	2
+#define SE_RNG_CONFIG_SRC(x)		(x << RNG_SRC_SHIFT)
 
 #define SE_RNG_SRC_CONFIG_REG_OFFSET	0x344
-#define DRBG_RO_ENT_SRC_SHIFT	1
-#define DRBG_RO_ENT_SRC_ENABLE	1
-#define DRBG_RO_ENT_SRC_DISABLE	0
-#define SE_RNG_SRC_CONFIG_RO_ENT_SRC(x)	(x << DRBG_RO_ENT_SRC_SHIFT)
-#define DRBG_RO_ENT_SRC_LOCK_SHIFT	0
-#define DRBG_RO_ENT_SRC_LOCK_ENABLE	1
-#define DRBG_RO_ENT_SRC_LOCK_DISABLE	0
-#define SE_RNG_SRC_CONFIG_RO_ENT_SRC_LOCK(x) (x << DRBG_RO_ENT_SRC_LOCK_SHIFT)
-
-#define DRBG_SRC_SHIFT	2
-#define DRBG_SRC_NONE	0
-#define DRBG_SRC_ENTROPY	1
-#define DRBG_SRC_LFSR	2
-#define SE_RNG_CONFIG_SRC(x)		(x << DRBG_SRC_SHIFT)
+#define RNG_SRC_RO_ENT_SHIFT	1
+#define RNG_SRC_RO_ENT_ENABLE	1
+#define RNG_SRC_RO_ENT_DISABLE	0
+#define SE_RNG_SRC_CONFIG_ENT_SRC(x)	(x << RNG_SRC_RO_ENT_SHIFT)
+#define RNG_SRC_RO_ENT_LOCK_SHIFT	 0
+#define RNG_SRC_RO_ENT_LOCK_ENABLE	 1
+#define RNG_SRC_RO_ENT_LOCK_DISABLE 0
+#define SE_RNG_SRC_CONFIG_ENT_SRC_LOCK(x) (x << RNG_SRC_RO_ENT_LOCK_SHIFT)
 
 #define SE_RNG_RESEED_INTERVAL_REG_OFFSET		0x348
 
@@ -119,6 +118,8 @@
 #define OP_DONE	1
 #define SE_OP_DONE(x, y)	((x) && (y << SE_OP_DONE_SHIFT))
 
+#define SE_CRYPTO_LAST_BLOCK	0x080
+
 #define SE_CRYPTO_REG_OFFSET		0x304
 #define SE_CRYPTO_HASH_SHIFT		0
 #define HASH_DISABLE	0
@@ -191,6 +192,7 @@
 #define SRK		6
 
 #define RSA_KEYTABLE	1
+#define AES_KEYTABLE	2
 #define SE_CONTEXT_SAVE_SRC(x)		(x << SE_CONTEXT_SAVE_SRC_SHIFT)
 
 #define SE_CONTEXT_SAVE_RSA_KEY_INDEX_SHIFT	16
diff --git a/nyx/nyx_gui/sec/se.c b/nyx/nyx_gui/sec/se.c
index 36cc35f..9dc4a77 100644
--- a/nyx/nyx_gui/sec/se.c
+++ b/nyx/nyx_gui/sec/se.c
@@ -222,6 +222,24 @@ int se_aes_crypt_ecb(u32 ks, u32 enc, void *dst, u32 dst_size, const void *src,
 	return _se_execute(OP_START, dst, dst_size, src, src_size, true);
 }
 
+int se_aes_crypt_cbc(u32 ks, u32 enc, void *dst, u32 dst_size, const void *src, u32 src_size)
+{
+	if (enc)
+	{
+		SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_ALG(ALG_AES_ENC) | SE_CONFIG_DST(DST_MEMORY);
+		SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_KEY_INDEX(ks) | SE_CRYPTO_VCTRAM_SEL(VCTRAM_PREVAHB) |
+			SE_CRYPTO_CORE_SEL(CORE_ENCRYPT) | SE_CRYPTO_XOR_POS(XOR_BOTTOM);
+	}
+	else
+	{
+		SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_DEC_ALG(ALG_AES_DEC) | SE_CONFIG_DST(DST_MEMORY);
+		SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_KEY_INDEX(ks) | SE_CRYPTO_VCTRAM_SEL(VCTRAM_PREVAHB) |
+			SE_CRYPTO_CORE_SEL(CORE_DECRYPT) | SE_CRYPTO_XOR_POS(XOR_BOTTOM);
+	}
+	SE(SE_BLOCK_COUNT_REG_OFFSET) = (src_size >> 4) - 1;
+	return _se_execute(OP_START, dst, dst_size, src, src_size, true);
+}
+
 int se_aes_crypt_block_ecb(u32 ks, u32 enc, void *dst, const void *src)
 {
 	return se_aes_crypt_ecb(ks, enc, dst, 0x10, src, 0x10);
@@ -313,6 +331,7 @@ int se_calc_sha256(void *hash, u32 *msg_left, const void *src, u32 src_size, u64
 	// Setup config for SHA256.
 	SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_MODE(MODE_SHA256) | SE_CONFIG_ENC_ALG(ALG_SHA) | SE_CONFIG_DST(DST_HASHREG);
 	SE(SE_SHA_CONFIG_REG_OFFSET) = sha_cfg;
+	SE(SE_BLOCK_COUNT_REG_OFFSET) = 0;
 
 	// Set total size to current buffer size if empty.
 	if (!total_size)
@@ -383,3 +402,77 @@ int se_calc_sha256_finalize(void *hash, u32 *msg_left)
 
 	return res;
 }
+
+int se_gen_prng128(void *dst)
+{
+	// Setup config for X931 PRNG.
+	SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_MODE(MODE_KEY128) | SE_CONFIG_ENC_ALG(ALG_RNG) | SE_CONFIG_DST(DST_MEMORY);
+	SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_HASH(HASH_DISABLE) | SE_CRYPTO_XOR_POS(XOR_BYPASS) | SE_CRYPTO_INPUT_SEL(INPUT_RANDOM);
+
+	SE(SE_RNG_CONFIG_REG_OFFSET) = SE_RNG_CONFIG_SRC(RNG_SRC_ENTROPY) | SE_RNG_CONFIG_MODE(RNG_MODE_NORMAL);
+	//SE(SE_RNG_SRC_CONFIG_REG_OFFSET) =
+	//		SE_RNG_SRC_CONFIG_ENT_SRC(RNG_SRC_RO_ENT_ENABLE) | SE_RNG_SRC_CONFIG_ENT_SRC_LOCK(RNG_SRC_RO_ENT_LOCK_ENABLE);
+	SE(SE_RNG_RESEED_INTERVAL_REG_OFFSET) = 1;
+
+	SE(SE_BLOCK_COUNT_REG_OFFSET) = (16 >> 4) - 1;
+
+	// Trigger the operation.
+	return _se_execute(OP_START, dst, 16, NULL, 0, true);
+}
+
+void se_get_aes_keys(u8 *buf, u8 *keys, u32 keysize)
+{
+	u8 *aligned_buf = (u8 *)ALIGN((u32)buf, 0x40);
+
+	// Set Secure Random Key.
+	SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_MODE(MODE_KEY128) | SE_CONFIG_ENC_ALG(ALG_RNG) | SE_CONFIG_DST(DST_SRK);
+	SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_KEY_INDEX(0) | SE_CRYPTO_CORE_SEL(CORE_ENCRYPT) | SE_CRYPTO_INPUT_SEL(INPUT_RANDOM);
+	SE(SE_RNG_CONFIG_REG_OFFSET) = SE_RNG_CONFIG_SRC(RNG_SRC_ENTROPY) | SE_RNG_CONFIG_MODE(RNG_MODE_FORCE_RESEED);
+	SE(SE_CRYPTO_LAST_BLOCK) = 0;
+	_se_execute(OP_START, NULL, 0, NULL, 0, true);
+
+	// Save AES keys.
+	SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_MODE(MODE_KEY128) | SE_CONFIG_ENC_ALG(ALG_AES_ENC) | SE_CONFIG_DST(DST_MEMORY);
+
+	for (u32 i = 0; i < TEGRA_SE_KEYSLOT_COUNT; i++)
+	{
+		SE(SE_CONTEXT_SAVE_CONFIG_REG_OFFSET) = SE_CONTEXT_SAVE_SRC(AES_KEYTABLE) |
+			(i << SE_KEY_INDEX_SHIFT) | SE_CONTEXT_SAVE_WORD_QUAD(KEYS_0_3);
+
+		SE(SE_CRYPTO_LAST_BLOCK) = 0;
+		_se_execute(OP_CTX_SAVE, aligned_buf, 0x10, NULL, 0, true);
+		memcpy(keys + i * keysize, aligned_buf, 0x10);
+
+		if (keysize > 0x10)
+		{
+			SE(SE_CONTEXT_SAVE_CONFIG_REG_OFFSET) = SE_CONTEXT_SAVE_SRC(AES_KEYTABLE) |
+				(i << SE_KEY_INDEX_SHIFT) | SE_CONTEXT_SAVE_WORD_QUAD(KEYS_4_7);
+
+			SE(SE_CRYPTO_LAST_BLOCK) = 0;
+			_se_execute(OP_CTX_SAVE, aligned_buf, 0x10, NULL, 0, true);
+			memcpy(keys + i * keysize + 0x10, aligned_buf, 0x10);
+		}
+	}
+
+	// Save SRK to PMC secure scratches.
+	SE(SE_CONTEXT_SAVE_CONFIG_REG_OFFSET) = SE_CONTEXT_SAVE_SRC(SRK);
+	SE(0x80) = 0; // SE_CRYPTO_LAST_BLOCK
+	_se_execute(OP_CTX_SAVE, NULL, 0, NULL, 0, true);
+
+	// End context save.
+	SE(SE_CONFIG_REG_OFFSET) = 0;
+	_se_execute(OP_CTX_SAVE, NULL, 0, NULL, 0, true);
+
+	// Get SRK.
+	u32 srk[4];
+	srk[0] = PMC(0xC0);
+	srk[1] = PMC(0xC4);
+	srk[2] = PMC(0x224);
+	srk[3] = PMC(0x228);
+
+	// Decrypt context.
+	se_aes_key_clear(3);
+	se_aes_key_set(3, srk, 0x10);
+	se_aes_crypt_cbc(3, 0, keys, TEGRA_SE_KEYSLOT_COUNT * keysize, keys, TEGRA_SE_KEYSLOT_COUNT * keysize);
+	se_aes_key_clear(3);
+}
diff --git a/nyx/nyx_gui/sec/se.h b/nyx/nyx_gui/sec/se.h
index 8ff74c1..3a2b9f5 100644
--- a/nyx/nyx_gui/sec/se.h
+++ b/nyx/nyx_gui/sec/se.h
@@ -21,6 +21,7 @@
 
 void se_rsa_acc_ctrl(u32 rs, u32 flags);
 void se_key_acc_ctrl(u32 ks, u32 flags);
+void se_get_aes_keys(u8 *buf, u8 *keys, u32 keysize);
 void se_aes_key_set(u32 ks, void *key, u32 size);
 void se_aes_key_clear(u32 ks);
 int se_aes_unwrap_key(u32 ks_dst, u32 ks_src, const void *input);
@@ -29,5 +30,6 @@ int se_aes_crypt_block_ecb(u32 ks, u32 enc, void *dst, const void *src);
 int se_aes_crypt_ctr(u32 ks, void *dst, u32 dst_size, const void *src, u32 src_size, void *ctr);
 int se_calc_sha256(void *hash, u32 *msg_left, const void *src, u32 src_size, u64 total_size, u32 sha_cfg, bool is_oneshot);
 int se_calc_sha256_finalize(void *hash, u32 *msg_left);
+int se_gen_prng128(void *dst);
 
 #endif
diff --git a/nyx/nyx_gui/sec/se_t210.h b/nyx/nyx_gui/sec/se_t210.h
index 3b610bc..01828c7 100644
--- a/nyx/nyx_gui/sec/se_t210.h
+++ b/nyx/nyx_gui/sec/se_t210.h
@@ -70,27 +70,26 @@
 #define SE_CONFIG_DEC_MODE(x)		(x << SE_CONFIG_DEC_MODE_SHIFT)
 
 #define SE_RNG_CONFIG_REG_OFFSET		0x340
-#define DRBG_MODE_SHIFT	0
-#define DRBG_MODE_NORMAL	0
-#define DRBG_MODE_FORCE_INSTANTION	1
-#define DRBG_MODE_FORCE_RESEED		2
-#define SE_RNG_CONFIG_MODE(x)		(x << DRBG_MODE_SHIFT)
+#define RNG_MODE_SHIFT	0
+#define RNG_MODE_NORMAL	0
+#define RNG_MODE_FORCE_INSTANTION	1
+#define RNG_MODE_FORCE_RESEED		2
+#define SE_RNG_CONFIG_MODE(x)		(x << RNG_MODE_SHIFT)
+#define RNG_SRC_SHIFT	2
+#define RNG_SRC_NONE	0
+#define RNG_SRC_ENTROPY	1
+#define RNG_SRC_LFSR	2
+#define SE_RNG_CONFIG_SRC(x)		(x << RNG_SRC_SHIFT)
 
 #define SE_RNG_SRC_CONFIG_REG_OFFSET	0x344
-#define DRBG_RO_ENT_SRC_SHIFT	1
-#define DRBG_RO_ENT_SRC_ENABLE	1
-#define DRBG_RO_ENT_SRC_DISABLE	0
-#define SE_RNG_SRC_CONFIG_RO_ENT_SRC(x)	(x << DRBG_RO_ENT_SRC_SHIFT)
-#define DRBG_RO_ENT_SRC_LOCK_SHIFT	0
-#define DRBG_RO_ENT_SRC_LOCK_ENABLE	1
-#define DRBG_RO_ENT_SRC_LOCK_DISABLE	0
-#define SE_RNG_SRC_CONFIG_RO_ENT_SRC_LOCK(x) (x << DRBG_RO_ENT_SRC_LOCK_SHIFT)
-
-#define DRBG_SRC_SHIFT	2
-#define DRBG_SRC_NONE	0
-#define DRBG_SRC_ENTROPY	1
-#define DRBG_SRC_LFSR	2
-#define SE_RNG_CONFIG_SRC(x)		(x << DRBG_SRC_SHIFT)
+#define RNG_SRC_RO_ENT_SHIFT	1
+#define RNG_SRC_RO_ENT_ENABLE	1
+#define RNG_SRC_RO_ENT_DISABLE	0
+#define SE_RNG_SRC_CONFIG_ENT_SRC(x)	(x << RNG_SRC_RO_ENT_SHIFT)
+#define RNG_SRC_RO_ENT_LOCK_SHIFT	 0
+#define RNG_SRC_RO_ENT_LOCK_ENABLE	 1
+#define RNG_SRC_RO_ENT_LOCK_DISABLE 0
+#define SE_RNG_SRC_CONFIG_ENT_SRC_LOCK(x) (x << RNG_SRC_RO_ENT_LOCK_SHIFT)
 
 #define SE_RNG_RESEED_INTERVAL_REG_OFFSET		0x348
 
@@ -119,6 +118,8 @@
 #define OP_DONE	1
 #define SE_OP_DONE(x, y)	((x) && (y << SE_OP_DONE_SHIFT))
 
+#define SE_CRYPTO_LAST_BLOCK	0x080
+
 #define SE_CRYPTO_REG_OFFSET		0x304
 #define SE_CRYPTO_HASH_SHIFT		0
 #define HASH_DISABLE	0
@@ -191,6 +192,7 @@
 #define SRK		6
 
 #define RSA_KEYTABLE	1
+#define AES_KEYTABLE	2
 #define SE_CONTEXT_SAVE_SRC(x)		(x << SE_CONTEXT_SAVE_SRC_SHIFT)
 
 #define SE_CONTEXT_SAVE_RSA_KEY_INDEX_SHIFT	16