Difference between revisions of "Baseband TEA Keys"

From The iPhone Wiki
Jump to: navigation, search
(link)
(Hardware Thumbprint Generation)
 
(11 intermediate revisions by 3 users not shown)
Line 2: Line 2:
   
 
==Key A Generation==
 
==Key A Generation==
//return unique phone key (key A), this key is used for security zone encryption/decryption
+
// return unique phone key (key A), this key is used for security zone encryption/decryption
void get_keyA(u8 *A){
+
void get_keyA(u8 *A) {
 
SHA1Context ctx;
 
SHA1Context ctx;
 
SHA1Reset(&ctx);
 
SHA1Reset(&ctx);
SHA1Input(&ctx,dep1_norid,0x10);
+
SHA1Input(&ctx, [[NORID|dep1_norid]], 0x10);
SHA1Input(&ctx,dep2_chipid,0x10);
+
SHA1Input(&ctx, [[CHIPID|dep2_chipid]], 0x10);
 
SHA1Result(&ctx);
 
SHA1Result(&ctx);
memcpy(A,(u8*)ctx.Message_Digest,0x14);
+
memcpy(A, (u8*)ctx.Message_Digest, 0x14);
 
}
 
}
   
 
==NCK Key Generation==
 
==NCK Key Generation==
 
//ulc_mix_lock_unlock_key((u8*)A,(u8*)ctx.Message_Digest,dep1_norid,dep2_chipid,(u8*)B);
 
//ulc_mix_lock_unlock_key((u8*)A,(u8*)ctx.Message_Digest,dep1_norid,dep2_chipid,(u8*)B);
void ulc_mix_lock_unlock_key(u8 *keyA, u8 *keyNCK,u8 *norid,u8 *chipid,u8 *keyB){
+
void ulc_mix_lock_unlock_key(u8 *keyA, u8 *keyNCK, u8 *norid, u8 *chipid, u8 *keyB) {
 
u8 out_iv[8];
 
u8 out_iv[8];
 
tea_3_round_encipher(norid,keyNCK,keyA,keyB,out_iv); //norid, keyNCK, SP+4, SP+0x14, SP+0x34
 
tea_3_round_encipher(norid,keyNCK,keyA,keyB,out_iv); //norid, keyNCK, SP+4, SP+0x14, SP+0x34
 
tea_3_round_encipher(chipid,keyNCK,out_iv,keyB+8,out_iv); //chipid, keyNCK, SP+4, SP+0x14, SP+0x34
 
tea_3_round_encipher(chipid,keyNCK,out_iv,keyB+8,out_iv); //chipid, keyNCK, SP+4, SP+0x14, SP+0x34
 
}
 
}
  +
 
// auxilary function for nck key generation
 
// auxilary function for nck key generation
void tea_3_round_encipher(u8 *in,u8 *key,u8 *iv,u8 *out,u8 *out_iv){
+
void tea_3_round_encipher(u8 *in, u8 *key, u8 *iv, u8 *out, u8 *out_iv){
u32 tmpin[2],nexttea[2];
+
u32 tmpin[2], nexttea[2];
tea_encipher((u32*)in,tmpin,(u32*)key);
+
tea_encipher((u32*)in, tmpin, (u32*)key);
 
nexttea[0] = tmpin[0]^((u32*)iv)[0];
 
nexttea[0] = tmpin[0]^((u32*)iv)[0];
 
nexttea[1] = tmpin[1]^((u32*)iv)[1];
 
nexttea[1] = tmpin[1]^((u32*)iv)[1];
tea_encipher(nexttea,(u32*)out,(u32*)key);
+
tea_encipher(nexttea, (u32*)out, (u32*)key);
 
nexttea[0] = tmpin[0]^((u32*)out)[0];
 
nexttea[0] = tmpin[0]^((u32*)out)[0];
 
nexttea[1] = tmpin[1]^((u32*)out)[1];
 
nexttea[1] = tmpin[1]^((u32*)out)[1];
tea_encipher(nexttea,(u32*)out_iv,(u32*)key);
+
tea_encipher(nexttea, (u32*)out_iv, (u32*)key);
 
}
 
}
  +
  +
==Hardware Thumbprint Generation==
  +
u8 salt[20] = {
  +
0x03, 0x5E, 0x20, 0x03,
  +
0xA9, 0x74, 0xFC, 0x57,
  +
0xBB, 0x2D, 0x59, 0x28,
  +
0xBF, 0x10, 0xAE, 0xB9,
  +
0x00, 0x00, 0x00, 0x00
  +
};
  +
  +
void getHardwareThumbPrint(u8 *hwTP){
  +
SHA1Context ctx;
  +
SHA1Reset(&ctx);
  +
SHA1Input(&ctx, [[CHIPID|chipid]], 16);
  +
SHA1Input(&ctx, [[NORID|norid]], 16);
  +
SHA1Input(&ctx, imei, 16); //nibble encoded
  +
SHA1Input(&ctx, salt, 20);
  +
SHA1Result(&ctx);
  +
memcpy(hwTP, (u8*)ctx.Message_Digest, 0x14);
  +
}
  +
  +
Apple calls this "BasebandThumbprint". It can be obtained from the baseband serial port with [[Baseband Commands|at+xthumb?]].
  +
  +
==[[Wildcard Ticket]] Key Generation==
  +
void getWildcardKey(u8 *wKey) {
  +
u8 hwTP[20];
  +
getHardwareThumbPrint(&hwTP);
  +
SHA1Context ctx;
  +
SHA1Reset(&ctx);
  +
SHA1Input(&ctx, hwTP, 20);
  +
SHA1Input(&ctx, salt, 20);
  +
SHA1Result(&ctx);
  +
memcpy(wKey, (u8*)ctx.Message_Digest, 0x14);
  +
}
  +
This generates the key which can be used to encrypt/decrypt the wildcard ticket - the [[CHIPID|chipID]]/[[NORID|norID]] are NOT required.
   
 
[[Category:Baseband]]
 
[[Category:Baseband]]

Latest revision as of 19:51, 29 April 2012

The baseband generates TEA keys based of the CHIPID and NORID.

Key A Generation

// return unique phone key (key A), this key is used for security zone encryption/decryption
void get_keyA(u8 *A) {
	SHA1Context ctx;
	SHA1Reset(&ctx);
	SHA1Input(&ctx, dep1_norid, 0x10);
	SHA1Input(&ctx, dep2_chipid, 0x10);
	SHA1Result(&ctx);
	memcpy(A, (u8*)ctx.Message_Digest, 0x14);
}

NCK Key Generation

//ulc_mix_lock_unlock_key((u8*)A,(u8*)ctx.Message_Digest,dep1_norid,dep2_chipid,(u8*)B);
void ulc_mix_lock_unlock_key(u8 *keyA, u8 *keyNCK, u8 *norid, u8 *chipid, u8 *keyB) {
	u8 out_iv[8];
	tea_3_round_encipher(norid,keyNCK,keyA,keyB,out_iv);		//norid, keyNCK, SP+4, SP+0x14, SP+0x34
	tea_3_round_encipher(chipid,keyNCK,out_iv,keyB+8,out_iv); //chipid, keyNCK, SP+4, SP+0x14, SP+0x34
}

// auxilary function for nck key generation
void tea_3_round_encipher(u8 *in, u8 *key, u8 *iv, u8 *out, u8 *out_iv){
	u32 tmpin[2], nexttea[2];
	tea_encipher((u32*)in, tmpin, (u32*)key);
 	nexttea[0] = tmpin[0]^((u32*)iv)[0];
	nexttea[1] = tmpin[1]^((u32*)iv)[1];
	tea_encipher(nexttea, (u32*)out, (u32*)key);
	nexttea[0] = tmpin[0]^((u32*)out)[0];
	nexttea[1] = tmpin[1]^((u32*)out)[1];
	tea_encipher(nexttea, (u32*)out_iv, (u32*)key);
}

Hardware Thumbprint Generation

u8 salt[20] = {
	0x03, 0x5E, 0x20, 0x03,
	0xA9, 0x74, 0xFC, 0x57,
	0xBB, 0x2D, 0x59, 0x28,
	0xBF, 0x10, 0xAE, 0xB9,
	0x00, 0x00, 0x00, 0x00
};
void getHardwareThumbPrint(u8 *hwTP){
	SHA1Context ctx;
	SHA1Reset(&ctx);
	SHA1Input(&ctx, chipid, 16);
	SHA1Input(&ctx, norid, 16);
	SHA1Input(&ctx, imei, 16); //nibble encoded
	SHA1Input(&ctx, salt, 20);
	SHA1Result(&ctx);
	memcpy(hwTP, (u8*)ctx.Message_Digest, 0x14);
}

Apple calls this "BasebandThumbprint". It can be obtained from the baseband serial port with at+xthumb?.

Wildcard Ticket Key Generation

void getWildcardKey(u8 *wKey) {
       u8 hwTP[20];
       getHardwareThumbPrint(&hwTP);
       SHA1Context ctx;
       SHA1Reset(&ctx);
       SHA1Input(&ctx, hwTP, 20);
       SHA1Input(&ctx, salt, 20);
       SHA1Result(&ctx);
       memcpy(wKey, (u8*)ctx.Message_Digest, 0x14);
}

This generates the key which can be used to encrypt/decrypt the wildcard ticket - the chipID/norID are NOT required.