|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "KBAG"
(better intro sentence) |
(img4) |
||
| Line 1: | Line 1: | ||
| − | Apple's [[IMG3 File Format|IMG3]] security scheme uses a data format called a '''KBAG'''. At the bottom of a firmware file, you will see something that will, on the ASCII side of your hex editor, say "GABK", which, as ARM is [[wikipedia:little-endian|little-endian]] based, is "KBAG" flipped. Look on the hex side and you will see the KBAG according to this format: |
+ | Apple's [[IMG3 File Format|IMG3]] and [[IMG4 File Format|IMG4]] security scheme uses a data format called a '''KBAG'''. At the bottom of a firmware file, you will see something that will, on the ASCII side of your hex editor, say "GABK", which, as ARM is [[wikipedia:little-endian|little-endian]] based, is "KBAG" flipped. Look on the hex side and you will see the KBAG according to this format: |
== How it works == |
== How it works == |
||
| Line 6: | Line 6: | ||
Because of the circumstances with the [[IMG3 File Format]], the kernel never needs to even touch the [[GID Key]] anymore, as its job is to just flash the image to the [[NOR]] as is, with container and all. |
Because of the circumstances with the [[IMG3 File Format]], the kernel never needs to even touch the [[GID Key]] anymore, as its job is to just flash the image to the [[NOR]] as is, with container and all. |
||
| − | In order to decrypt the KBAG, you need to remove them |
+ | In order to decrypt the KBAG for img3, you need to remove them using this command <code>dd if=IMG3_FILE bs=1 skip=4741424B count=0x70</code> or for img4, <code>dd if=IMG4FILE bs=44 skip=1 | openssl enc -aes-256-cbc -d -nopad -iv IV -K KEY > OUTPUTFILE</code> |
| + | |||
| + | To grab the KBAG for img3 files, you'd run <code>xpwntool /path/to/img3/ /dev/null</code>. This is different with img4 files so you'd have to go to a ASN1 JavaScript decoder such as [https://lapo.it/asn1js/ lapo.it/asn1js], select the file and then you'd need to add up the octect strings under integer 1 like in [http://imgur.com/1LIhRx3 this screenshot] which would mean the KBAG is <code>487b602e72acdb8567f8911ddd6f6a73b9619393c8a39a4215257b36a179af161f5197df0c5035311548ff2f95a4e176</code>. |
||
==KBAG Format== |
==KBAG Format== |
||
Revision as of 13:03, 7 July 2016
Apple's IMG3 and IMG4 security scheme uses a data format called a KBAG. At the bottom of a firmware file, you will see something that will, on the ASCII side of your hex editor, say "GABK", which, as ARM is little-endian based, is "KBAG" flipped. Look on the hex side and you will see the KBAG according to this format:
How it works
It boils down to using the GID Key to decrypt encIV and encKey, then using that key and IV to decrypt the DATA section of the file (the code itself).
Because of the circumstances with the IMG3 File Format, the kernel never needs to even touch the GID Key anymore, as its job is to just flash the image to the NOR as is, with container and all.
In order to decrypt the KBAG for img3, you need to remove them using this command dd if=IMG3_FILE bs=1 skip=4741424B count=0x70 or for img4, dd if=IMG4FILE bs=44 skip=1 | openssl enc -aes-256-cbc -d -nopad -iv IV -K KEY > OUTPUTFILE
To grab the KBAG for img3 files, you'd run xpwntool /path/to/img3/ /dev/null. This is different with img4 files so you'd have to go to a ASN1 JavaScript decoder such as lapo.it/asn1js, select the file and then you'd need to add up the octect strings under integer 1 like in this screenshot which would mean the KBAG is 487b602e72acdb8567f8911ddd6f6a73b9619393c8a39a4215257b36a179af161f5197df0c5035311548ff2f95a4e176.
KBAG Format
KBAG128
typedef struct {
uint32_t magic; // string with bytes flipped ("KBAG" in little endian)
uint32_t fullSize; // size of KBAG from beyond that point to the end of it
uint32_t tagDataSize; // size of KBAG without this 0xC header
uint32_t cryptState; // 1 if the key and IV in the KBAG are encrypted with the GID Key
// 2 is used with a second KBAG for the S5L8920, use is unknown.
uint32_t aesType; // 0x80 = aes128 / 0xc0 = aes192 / 0x100 = aes256
uint8_t encIV[16]; // IV for the firmware file, encrypted with the GID Key
uint8_t encKey[16]; // Key for the firmware file, encrypted with the GID Key
} UnparsedKbagAes128_t;
KBAG192
typedef struct Unparsed_KBAG_AES192 {
uint32_t magic; // string with bytes flipped ("KBAG" in little endian)
uint32_t fullSize; // size of KBAG from beyond that point to the end of it
uint32_t tagDataSize; // size of KBAG without this 0xC header
uint32_t cryptState; // 1 if the key and IV in the KBAG are encrypted with the GID Key
// 2 is used with a second KBAG for the S5L8920, use is unknown.
uint32_t aesType; // 0x80 = aes128 / 0xc0 = aes192 / 0x100 = aes256
uint8_t encIV[16]; // IV for the firmware file, encrypted with the GID Key
uint8_t encKey[24]; // Key for the firmware file, encrypted with the GID Key
} UparsedKbagAes192_t;
KBAG256
typedef struct Unparsed_KBAG_256 {
uint32_t magic; // string with bytes flipped ("KBAG" in little endian)
uint32_t fullSize; // size of KBAG from beyond that point to the end of it
uint32_t tagDataSize; // size of KBAG without this 0xC header
uint32_t cryptState; // 1 if the key and IV in the KBAG are encrypted with the GID Key
// 2 is used with a second KBAG for the S5L8920, use is unknown.
uint32_t aesType; // 0x80 = aes128 / 0xc0 = aes192 / 0x100 = aes256
uint8_t encIV[16]; // IV for the firmware file, encrypted with the GID Key
uint8_t encKey[32]; // Key for the firmware file, encrypted with the GID Key
} UparsedKbagAes256_t;
