|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "AES Keys"
ChronicDev (talk | contribs) |
ChronicDev (talk | contribs) |
||
| Line 1: | Line 1: | ||
| − | The |
+ | The SoC in each device have an AES coprocessor with the [[GID-key]] and [[UID-key]] built in. |
==Running The Engine== |
==Running The Engine== |
||
| + | Currently, there are three ways to run the hardware AES engine: |
||
| − | Currently, there are two ways to run the hardware AES engine. One, patch iBoot. Two, use [http://github.com/planetbeing/iphonelinux/tree/master OpenIBoot]. If you want to decrypt img3 files you need to use this. The GID-key currently has not been extracted from the phone, so the only way to use it is on the phone itself. |
||
| + | * Patch iBoot to jump to aes_decrypt. |
||
| + | * Use [http://github.com/planetbeing/iphonelinux/tree/master OpenIBoot]. |
||
| + | * Use the crypto bundle provided in xpwn to utilize it via userland. This method requires a kernel patch. |
||
| + | |||
| + | If you want to decrypt [[IMG3]] files you need to use this. The [[GID-key]] currently has not been extracted from the phone, so the only way to use it is on the phone itself. |
||
See [[Easier method of getting Img3 Key / IV]] for an iBoot patch. |
See [[Easier method of getting Img3 Key / IV]] for an iBoot patch. |
||
==Key 0x837== |
==Key 0x837== |
||
| − | Generated by encrypting 345A2D6C5050D058780DA431F0710E15 with [[GID-key]] to get 188458A6D15034DFE386F23B61D43774 |
+ | Generated by encrypting 345A2D6C5050D058780DA431F0710E15 with the [[S5L8900]] [[GID-key]] to get 188458A6D15034DFE386F23B61D43774 |
| − | |||
| − | It is used as the encryption key in the [[IMG2 File Format]]. |
||
| + | It is used as the encryption key in the [[IMG2 File Format]]. With the introduction of [[IMG3]] in 2.0, [[KBAG]]s are now used instead of the 0x837 key. |
||
| − | [[Zibri]] leaked this without giving an explanation of what it does. |
||
==Resources== |
==Resources== |
||
Revision as of 14:20, 12 August 2009
The SoC in each device have an AES coprocessor with the GID-key and UID-key built in.
Running The Engine
Currently, there are three ways to run the hardware AES engine:
- Patch iBoot to jump to aes_decrypt.
- Use OpenIBoot.
- Use the crypto bundle provided in xpwn to utilize it via userland. This method requires a kernel patch.
If you want to decrypt IMG3 files you need to use this. The GID-key currently has not been extracted from the phone, so the only way to use it is on the phone itself.
See Easier method of getting Img3 Key / IV for an iBoot patch.
Key 0x837
Generated by encrypting 345A2D6C5050D058780DA431F0710E15 with the S5L8900 GID-key to get 188458A6D15034DFE386F23B61D43774
It is used as the encryption key in the IMG2 File Format. With the introduction of IMG3 in 2.0, KBAGs are now used instead of the 0x837 key.
