From iPhone Development Wiki
Revision as of 15:48, 3 January 2010 by KennyTM~ (talk | contribs)
Jump to: navigation, search

IOCryptoAcceleratorFamily is a collection of kernel extensions that provide hardware-accelerated cryptographic functions, e.g. SHA1, AES, pseudo-random number generator (PRNG), etc.

You can use the well-documented OpenSSL or CommonCrypto to do the same job if acceleration is not essential.


The IOPRNGAccelerator service provides a psuedo-random number generator. Its user client seems not usable in the userland.


Selector Action Input Output
0 info - struct IOPRNGAcceleratorInfo (12 bytes)
1 perform struct IOPRNGAcceleratorArg (8 bytes) struct IOPRNGAcceleratorArg (8 bytes)


struct IOPRNGAcceleratorInfo {
  uint32_t type;  // ='RND0'
  uint8_t  x78x50[4];
  void*    reserved;

struct IOPRNGAcceleratorArg {
  void* data;
  size_t length;


The IOSHA1Accelerator service provides a hardware-accelerated SHA-1 hashing.


Selector Action Input Output
0 info - struct IOSHA1AcceleratorInfo (24 bytes)
1 perform 40 bytes of stuff 40 bytes of stuff


struct IOSHA1AcceleratorInfo {
  uint32_t type;  // ='SHA0'
  uint8_t  x78x50[8];
  int      zero;
  uint32_t x78x5c_maybe_plus_0x100000;
  uint32_t x78x58;


The IOAESAccelerator service provides hardware-accelerated AES encryption/decryption functions. It also provides access to the secure UID (2000) and GID (1000) keys, and the generated securityd (2101/0x835) and various firmware encryption keys (0x836 – 0x838)[1].

The UID and GID are not privileged to be used by the kernel, and the "securityd key" must be used from a user with ID of _securityd (uid=40).


Selector Action Input Output
0 info - struct IOAESAcceleratorInfo (36 bytes)
1 perform struct IOAESAcceleratorArg (72 bytes) struct IOAESAcceleratorArg (72 bytes)
2 test - -


struct IOAESAcceleratorInfo {
  uint32_t type;  // ='AES0'
  int      seven;
  uint8_t  x78x50[16];
  int      one_or_three;
  void*    reserved;
  unsigned x78x70;

struct IOAESAcceleratorArg {
  const void* in_data;
  void*       out_data;
  size_t      data_length;
  uint8_t     iv[16];
  bool        is_decrypt;
  int         aes_bits;  // 128, 224, 256
  uint8_t     key[32];
  int         special_keys;  // 1000 = gid-key, 2000 = uid-key, 2101 = securityd-key

PKE (Public key encryption)

The IOPKEAccelerator service provides hardware-accelerated public key encryption/decryption functions.


Selector Action Input Output
0 info - 20 bytes of stuff
1 ? 44 bytes of stuff 44 bytes of stuff
2 ? 60 bytes of stuff 60 bytes of stuff