IOCryptoAcceleratorFamily

From iPhone Development Wiki
Revision as of 23:46, 8 April 2011 by KennyTM~ (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

IOCryptoAcceleratorFamily is a collection of kernel extensions that provide hardware-accelerated cryptographic functions, e.g. SHA1, AES, pseudo-random number generator (PRNG), etc.

You can use the well-documented OpenSSL or CommonCrypto to do the same job if acceleration is not essential. Hardware acceleration will be used automatically with CommonCrypto when the input text is long enough (1 to 2 KB).

Contents

PRNG

The IOPRNGAccelerator service provides a psuedo-random number generator. Its user client seems not usable in the userland.

Methods

Selector Action Input Output
0 info - struct IOPRNGAcceleratorInfo (12 bytes)
1 perform struct IOPRNGAcceleratorArg (8 bytes) struct IOPRNGAcceleratorArg (8 bytes)

where

struct IOPRNGAcceleratorInfo {
  uint32_t type;  // ='RND0'
  uint8_t  x78x50[4];
  void*    reserved;
};
 
struct IOPRNGAcceleratorArg {
  void* data;
  size_t length;
};

SHA-1

The IOSHA1Accelerator service provides a hardware-accelerated SHA-1 hashing.

Methods

Selector Action Input Output
0 info - struct IOSHA1AcceleratorInfo (24 bytes)
1 perform 40 bytes of stuff 40 bytes of stuff

where

struct IOSHA1AcceleratorInfo {
  uint32_t type;  // ='SHA0'
  uint8_t  x78x50[8];
  int      zero;
  uint32_t x78x5c_maybe_plus_0x100000;
  uint32_t x78x58;
};

AES

The IOAESAccelerator service provides hardware-accelerated AES encryption/decryption functions in CBC mode. It also provides access to the secure UID (2000) and GID (1000) keys, and the generated securityd (2101/0x835) and various firmware encryption keys (0x836 – 0x838)[1].

The UID and GID are not privileged to be used by the kernel, and the "securityd key" must be used from a user with ID of _securityd (uid=40).

Methods

Selector Action Input Output
0 info - struct IOAESAcceleratorInfo (36 bytes)
1 perform struct IOAESAcceleratorArg (72 bytes) struct IOAESAcceleratorArg (72 bytes)
2 test - -

where[2]

struct IOAESAcceleratorInfo {
  uint32_t type;  // ='AES0'
  int      seven;
  uint8_t  x78x50[16];
  int      one_or_three;
  void*    reserved;
  unsigned x78x70;
};
 
struct IOAESAcceleratorArg {
  const void* in_data;
  void*       out_data;
  size_t      data_length;
  uint8_t     iv[16];
  bool        is_decrypt;
  int         aes_bits;  // 128, 224, 256
  uint8_t     key[32];
  int         special_keys;  // 1000 = gid-key, 2000 = uid-key, 2101 = securityd-key
};

PKE (Public key encryption)

The IOPKEAccelerator service provides hardware-accelerated public key encryption/decryption functions.

Methods

Selector Action Input Output
0 info - 20 bytes of stuff
1  ? 44 bytes of stuff 44 bytes of stuff
2  ? 60 bytes of stuff 60 bytes of stuff

References

  1. http://wikee.iphwn.org/s5l8900:encryption_keys
  2. http://github.com/planetbeing/xpwn/blob/master/crypto/aes.c