(Created page with ''''IOCryptoAcceleratorFamily''' is a collection of kernel extensions that provide hardware-accelerated cryptographic functions, e.g. SHA1, AES, pseudo-random number generator (PR…') |
mNo edit summary |
||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
'''IOCryptoAcceleratorFamily''' is a collection of kernel extensions that provide hardware-accelerated cryptographic functions, e.g. SHA1, AES, pseudo-random number generator (PRNG), etc. | '''IOCryptoAcceleratorFamily''' is a collection of kernel extensions that provide hardware-accelerated cryptographic functions, e.g. SHA1, AES, pseudo-random number generator (PRNG), etc. | ||
You can use OpenSSL or CommonCrypto to do the same job | You can use the well-documented OpenSSL or CommonCrypto to do the same job if acceleration is not essential. Hardware acceleration will be used automatically with CommonCrypto when the input text is long enough (1 to 2 KB). | ||
== PRNG == | == PRNG == | ||
The '''IOPRNGAccelerator''' service provides a psuedo-random number generator. Its user client seems not usable in the userland. | |||
=== Methods === | === Methods === | ||
{| class="wikitable" | {| class="wikitable" | ||
Line 16: | Line 17: | ||
<source lang="c"> | <source lang="c"> | ||
struct IOPRNGAcceleratorInfo { | struct IOPRNGAcceleratorInfo { | ||
uint32_t type; // ='RND0' | |||
uint8_t x78x50[4]; | uint8_t x78x50[4]; | ||
void* reserved; | void* reserved; | ||
Line 28: | Line 29: | ||
== SHA-1 == | == SHA-1 == | ||
The '''IOSHA1Accelerator''' service provides a hardware-accelerated SHA-1 hashing. | |||
=== Methods === | === Methods === | ||
{| class="wikitable" | {| class="wikitable" | ||
Line 33: | Line 35: | ||
! Selector !! Action !! Input !! Output | ! Selector !! Action !! Input !! Output | ||
|- | |- | ||
| 0 || info || - || 24 bytes | | 0 || info || - || struct IOSHA1AcceleratorInfo (24 bytes) | ||
|- | |- | ||
| 1 || perform || 40 bytes of stuff || 40 bytes of stuff | | 1 || perform || 40 bytes of stuff || 40 bytes of stuff | ||
|} | |} | ||
where | |||
<source lang="c"> | |||
struct IOSHA1AcceleratorInfo { | |||
uint32_t type; // ='SHA0' | |||
uint8_t x78x50[8]; | |||
int zero; | |||
uint32_t x78x5c_maybe_plus_0x100000; | |||
uint32_t x78x58; | |||
}; | |||
</source> | |||
== AES == | == AES == | ||
The '''IOAESAccelerator''' service provides hardware-accelerated AES encryption/decryption functions in CBC mode. It also provides access to the secure UID (2000) and GID (1000) keys, and the generated securityd (2101/0x835) and various firmware encryption keys (0x836 – 0x838)<ref>http://wikee.iphwn.org/s5l8900:encryption_keys</ref>. | |||
The UID and GID are not privileged to be used by the kernel, and the "securityd key" must be used from a user with ID of _securityd (uid=40). | |||
=== Methods === | === Methods === | ||
{| class="wikitable" | {| class="wikitable" | ||
Line 50: | Line 65: | ||
| 2 || test || - || - | | 2 || test || - || - | ||
|} | |} | ||
where | where<ref>http://github.com/planetbeing/xpwn/blob/master/crypto/aes.c</ref> | ||
<source lang="c"> | <source lang="c"> | ||
struct IOAESAcceleratorInfo { | struct IOAESAcceleratorInfo { | ||
uint32_t type; // ='AES0' | |||
int seven; | int seven; | ||
uint8_t x78x50[16]; | uint8_t x78x50[16]; | ||
Line 74: | Line 89: | ||
== PKE (Public key encryption) == | == PKE (Public key encryption) == | ||
The '''IOPKEAccelerator''' service provides hardware-accelerated public key encryption/decryption functions. | |||
=== Methods === | === Methods === | ||
{| class="wikitable" | {| class="wikitable" | ||
Line 86: | Line 102: | ||
|} | |} | ||
== References == | |||
<references/> | |||
{{occlass|library=IOKit.framework|navbox=1}} | {{occlass|library=IOKit.framework|navbox=1}} |
Latest revision as of 06:46, 9 April 2011
IOCryptoAcceleratorFamily is a collection of kernel extensions that provide hardware-accelerated cryptographic functions, e.g. SHA1, AES, pseudo-random number generator (PRNG), etc.
You can use the well-documented OpenSSL or CommonCrypto to do the same job if acceleration is not essential. Hardware acceleration will be used automatically with CommonCrypto when the input text is long enough (1 to 2 KB).
PRNG
The IOPRNGAccelerator service provides a psuedo-random number generator. Its user client seems not usable in the userland.
Methods
Selector | Action | Input | Output |
---|---|---|---|
0 | info | - | struct IOPRNGAcceleratorInfo (12 bytes) |
1 | perform | struct IOPRNGAcceleratorArg (8 bytes) | struct IOPRNGAcceleratorArg (8 bytes) |
where
struct IOPRNGAcceleratorInfo {
uint32_t type; // ='RND0'
uint8_t x78x50[4];
void* reserved;
};
struct IOPRNGAcceleratorArg {
void* data;
size_t length;
};
SHA-1
The IOSHA1Accelerator service provides a hardware-accelerated SHA-1 hashing.
Methods
Selector | Action | Input | Output |
---|---|---|---|
0 | info | - | struct IOSHA1AcceleratorInfo (24 bytes) |
1 | perform | 40 bytes of stuff | 40 bytes of stuff |
where
struct IOSHA1AcceleratorInfo {
uint32_t type; // ='SHA0'
uint8_t x78x50[8];
int zero;
uint32_t x78x5c_maybe_plus_0x100000;
uint32_t x78x58;
};
AES
The IOAESAccelerator service provides hardware-accelerated AES encryption/decryption functions in CBC mode. It also provides access to the secure UID (2000) and GID (1000) keys, and the generated securityd (2101/0x835) and various firmware encryption keys (0x836 – 0x838)[1].
The UID and GID are not privileged to be used by the kernel, and the "securityd key" must be used from a user with ID of _securityd (uid=40).
Methods
Selector | Action | Input | Output |
---|---|---|---|
0 | info | - | struct IOAESAcceleratorInfo (36 bytes) |
1 | perform | struct IOAESAcceleratorArg (72 bytes) | struct IOAESAcceleratorArg (72 bytes) |
2 | test | - | - |
where[2]
struct IOAESAcceleratorInfo {
uint32_t type; // ='AES0'
int seven;
uint8_t x78x50[16];
int one_or_three;
void* reserved;
unsigned x78x70;
};
struct IOAESAcceleratorArg {
const void* in_data;
void* out_data;
size_t data_length;
uint8_t iv[16];
bool is_decrypt;
int aes_bits; // 128, 224, 256
uint8_t key[32];
int special_keys; // 1000 = gid-key, 2000 = uid-key, 2101 = securityd-key
};
PKE (Public key encryption)
The IOPKEAccelerator service provides hardware-accelerated public key encryption/decryption functions.
Methods
Selector | Action | Input | Output |
---|---|---|---|
0 | info | - | 20 bytes of stuff |
1 | ? | 44 bytes of stuff | 44 bytes of stuff |
2 | ? | 60 bytes of stuff | 60 bytes of stuff |
References
|