(Created page with ''''IOCryptoAcceleratorFamily''' is a collection of kernel extensions that provide hardware-accelerated cryptographic functions, e.g. SHA1, AES, pseudo-random number generator (PR…') |
No edit summary |
||
Line 1: | Line 1: | ||
'''IOCryptoAcceleratorFamily''' is a collection of kernel extensions that provide hardware-accelerated cryptographic functions, e.g. SHA1, AES, pseudo-random number generator (PRNG), etc. | '''IOCryptoAcceleratorFamily''' is a collection of kernel extensions that provide hardware-accelerated cryptographic functions, e.g. SHA1, AES, pseudo-random number generator (PRNG), etc. | ||
You can use OpenSSL or CommonCrypto to do the same job | You can use the well-documented OpenSSL or CommonCrypto to do the same job if acceleration is not essential. | ||
== PRNG == | == PRNG == | ||
The '''IOPRNGAccelerator''' service provides a psuedo-random number generator. Its user client seems not usable in the userland. | |||
=== Methods === | === Methods === | ||
{| class="wikitable" | {| class="wikitable" | ||
Line 16: | Line 17: | ||
<source lang="c"> | <source lang="c"> | ||
struct IOPRNGAcceleratorInfo { | struct IOPRNGAcceleratorInfo { | ||
uint32_t type; // ='RND0' | |||
uint8_t x78x50[4]; | uint8_t x78x50[4]; | ||
void* reserved; | void* reserved; | ||
Line 28: | Line 29: | ||
== SHA-1 == | == SHA-1 == | ||
The '''IOSHA1Accelerator''' service provides a hardware-accelerated SHA-1 hashing. | |||
=== Methods === | === Methods === | ||
{| class="wikitable" | {| class="wikitable" | ||
Line 33: | Line 35: | ||
! Selector !! Action !! Input !! Output | ! Selector !! Action !! Input !! Output | ||
|- | |- | ||
| 0 || info || - || 24 bytes | | 0 || info || - || struct IOSHA1AcceleratorInfo (24 bytes) | ||
|- | |- | ||
| 1 || perform || 40 bytes of stuff || 40 bytes of stuff | | 1 || perform || 40 bytes of stuff || 40 bytes of stuff | ||
|} | |} | ||
where | |||
<source lang="c"> | |||
struct IOSHA1AcceleratorInfo { | |||
uint32_t type; // ='SHA0' | |||
uint8_t x78x50[8]; | |||
int zero; | |||
uint32_t x78x5c_maybe_plus_0x100000; | |||
uint32_t x78x58; | |||
}; | |||
</source> | |||
== AES == | == AES == | ||
The '''IOAESAccelerator''' service provides hardware-accelerated AES encryption/decryption functions. It also provides access to the secure UID (2000) and GID (1000) keys, and the generated securityd (2101/0x835) and various firmware encryption keys (0x836 – 0x838)<ref>http://wikee.iphwn.org/s5l8900:encryption_keys</ref>. | |||
The UID and GID are not privileged to be used by the kernel, and the "securityd key" must be used from a user with ID of _securityd (uid=40). | |||
=== Methods === | === Methods === | ||
{| class="wikitable" | {| class="wikitable" | ||
Line 50: | Line 65: | ||
| 2 || test || - || - | | 2 || test || - || - | ||
|} | |} | ||
where | where<ref>http://github.com/planetbeing/xpwn/blob/master/crypto/aes.c</ref> | ||
<source lang="c"> | <source lang="c"> | ||
struct IOAESAcceleratorInfo { | struct IOAESAcceleratorInfo { | ||
uint32_t type; // ='AES0' | |||
int seven; | int seven; | ||
uint8_t x78x50[16]; | uint8_t x78x50[16]; | ||
Line 74: | Line 89: | ||
== PKE (Public key encryption) == | == PKE (Public key encryption) == | ||
The '''IOPKEAccelerator''' service provides hardware-accelerated public key encryption/decryption functions. | |||
=== Methods === | === Methods === | ||
{| class="wikitable" | {| class="wikitable" | ||
Line 86: | Line 102: | ||
|} | |} | ||
== References == | |||
<references/> | |||
{{occlass|library=IOKit.framework|navbox=1}} | {{occlass|library=IOKit.framework|navbox=1}} |
Revision as of 15:48, 3 January 2010
IOCryptoAcceleratorFamily is a collection of kernel extensions that provide hardware-accelerated cryptographic functions, e.g. SHA1, AES, pseudo-random number generator (PRNG), etc.
You can use the well-documented OpenSSL or CommonCrypto to do the same job if acceleration is not essential.
PRNG
The IOPRNGAccelerator service provides a psuedo-random number generator. Its user client seems not usable in the userland.
Methods
Selector | Action | Input | Output |
---|---|---|---|
0 | info | - | struct IOPRNGAcceleratorInfo (12 bytes) |
1 | perform | struct IOPRNGAcceleratorArg (8 bytes) | struct IOPRNGAcceleratorArg (8 bytes) |
where
struct IOPRNGAcceleratorInfo {
uint32_t type; // ='RND0'
uint8_t x78x50[4];
void* reserved;
};
struct IOPRNGAcceleratorArg {
void* data;
size_t length;
};
SHA-1
The IOSHA1Accelerator service provides a hardware-accelerated SHA-1 hashing.
Methods
Selector | Action | Input | Output |
---|---|---|---|
0 | info | - | struct IOSHA1AcceleratorInfo (24 bytes) |
1 | perform | 40 bytes of stuff | 40 bytes of stuff |
where
struct IOSHA1AcceleratorInfo {
uint32_t type; // ='SHA0'
uint8_t x78x50[8];
int zero;
uint32_t x78x5c_maybe_plus_0x100000;
uint32_t x78x58;
};
AES
The IOAESAccelerator service provides hardware-accelerated AES encryption/decryption functions. It also provides access to the secure UID (2000) and GID (1000) keys, and the generated securityd (2101/0x835) and various firmware encryption keys (0x836 – 0x838)[1].
The UID and GID are not privileged to be used by the kernel, and the "securityd key" must be used from a user with ID of _securityd (uid=40).
Methods
Selector | Action | Input | Output |
---|---|---|---|
0 | info | - | struct IOAESAcceleratorInfo (36 bytes) |
1 | perform | struct IOAESAcceleratorArg (72 bytes) | struct IOAESAcceleratorArg (72 bytes) |
2 | test | - | - |
where[2]
struct IOAESAcceleratorInfo {
uint32_t type; // ='AES0'
int seven;
uint8_t x78x50[16];
int one_or_three;
void* reserved;
unsigned x78x70;
};
struct IOAESAcceleratorArg {
const void* in_data;
void* out_data;
size_t data_length;
uint8_t iv[16];
bool is_decrypt;
int aes_bits; // 128, 224, 256
uint8_t key[32];
int special_keys; // 1000 = gid-key, 2000 = uid-key, 2101 = securityd-key
};
PKE (Public key encryption)
The IOPKEAccelerator service provides hardware-accelerated public key encryption/decryption functions.
Methods
Selector | Action | Input | Output |
---|---|---|---|
0 | info | - | 20 bytes of stuff |
1 | ? | 44 bytes of stuff | 44 bytes of stuff |
2 | ? | 60 bytes of stuff | 60 bytes of stuff |
References
|