Difference between revisions of "Bootchain"

From The iPhone Wiki
Jump to: navigation, search
(adding introductory summary for context)
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
The '''bootchain''' (or '''secure boot chain''') is the system by which Apple tries to ensure that only signed/trusted code is loaded on an iOS device.
+
The '''bootchain''' (or '''secure boot chain''', also called '''chain of trust''') is the system by which Apple tries to ensure that only signed or trusted code is loaded on an iOS device.
   
The initial code ([[bootrom]]) is contained within the processor and cannot be changed. It decrypts the next stage and verifies integrity before it executes any code of the next stage. This continues for all stages until the execution of the [[kernel]] and applications. The integrity verification uses the keys on the device. To sign such code, you need the corresponding private key that only Apple holds. This way Apple has total control of any code that runs on your device. The idea of jailbreaking is to break this chain somewhere so that you can run any application or customize some firmware changes (unlock for example).
+
The initial code ([[bootrom]]) is contained within the processor and cannot be changed (due to it being read-only memory). It decrypts the next stage ([[LLB]]) and verifies the integrity before it executes any code of the next stage. This continues for all stages until the execution of the [[kernel]] and applications. The integrity verification uses the keys on the device. To sign such code, you need the corresponding private key that only Apple holds. This way Apple has total control of any code that runs on your device. The idea of jailbreaking is to break this chain somewhere so that you can run any application or customize some firmware changes (unlock for example).
   
 
==Application Processor==
 
==Application Processor==
Line 7: Line 7:
 
*[[LLB]]
 
*[[LLB]]
 
*[[iBoot]]
 
*[[iBoot]]
  +
*[[Secure Enclave|SEP]]
 
*[[Kernel]]
 
*[[Kernel]]
 
*Applications
 
*Applications

Latest revision as of 21:02, 21 January 2017

The bootchain (or secure boot chain, also called chain of trust) is the system by which Apple tries to ensure that only signed or trusted code is loaded on an iOS device.

The initial code (bootrom) is contained within the processor and cannot be changed (due to it being read-only memory). It decrypts the next stage (LLB) and verifies the integrity before it executes any code of the next stage. This continues for all stages until the execution of the kernel and applications. The integrity verification uses the keys on the device. To sign such code, you need the corresponding private key that only Apple holds. This way Apple has total control of any code that runs on your device. The idea of jailbreaking is to break this chain somewhere so that you can run any application or customize some firmware changes (unlock for example).

Application Processor

Baseband