The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information.

Secure Enclave

From The iPhone Wiki
Revision as of 09:17, 1 January 2014 by M2m (talk | contribs) (Examples)
Jump to: navigation, search

The Secure Enclave is part of the A7 chip and a basic part of Apples Touch ID fingerprint technology. Within the Secure Enclave the fingerprint data is stored in an encrypted form which - according to Apple - can only be decrypted by a key available by the Secure Enclave thus making fingerprint data walled off from the rest of A7 Chip and as well as the rest of iOS. The secure enclave itself is a flashable 4MB processor called the secure enclave processor (SEP) as documented in Apple Patent Application 20130308838. The technology used is basically ARM's TrustZone/SecurCore.

The SEP is located in the devicetree under IODeviceTree:/arm-io/sep and manged by the AppleSEPManager driver as seen here

SEP OS

The SEP has its own OS called SEP OS and there exists a tool called seputil which is used to communicate with it.

ART Object

Example 1: 

./seputil --art get  
raw ART: 305e0201003037020218340414519c0248f04d316a3d71e03978b4126fbfb2b15c0400041467fc18385630dc6429726677d196c81466f47b5e3103c00100042027b6dadbab356612997af0203cefeae51fe90cd985ee7cdd6211c766b8cc7a60
Successfully parsed ART:
counter: 6196
manifest hash (20 bytes): 519c0248f04d316a3d71e03978b4126fbfb2b15c
sleep hash is absent
restore nonce (20 bytes): 67fc18385630dc6429726677d196c81466f47b5e

raw ART is also a DER encoded ASN.1 object: 

30 — type tag indicating SEQUENCE
5e — length in octets of value that follows (92)
   02 — type tag indicating INTEGER
   01 — length in octets of value that follows
      00 — value (0)
   30 — type tag indicating SEQUENCE
   37 — length in octets of value that follows (55)
      02 — type tag indicating INTEGER
      02 — length in octets of value that follows
         1834 — value (6196) (of counter)
      04 — type tag indicating STRING
      14 — length in octets of value that follows (20)
         519c0248f04d316a3d71e03978b4126fbfb2b15c — value (of manifest hash)
      04 — type tag indicating STRING
      00 — length in octets of value that follows (0); empty, so no value to follow (sleep has is absent)
      04 — type tag indicating STRING
      14 — length in octets of value that follows (20)
         67fc18385630dc6429726677d196c81466f47b5e — value (of restore nonce)
      31 — type tag indicating SET
      03 — length in octets of value that follows (3)
      c00100 — value 
   04 — type tag indicating STRING
   20 — length in octets of value that follows (32)
      27b6dadbab356612997af0203cefeae51fe90cd985ee7cdd6211c766b8cc7a60 — value

Example 2: 

./seputil --art get
raw ART: 3072020100304b0202186c0414519c0248f04d316a3d71e03978b4126fbfb2b15c04147f75cb9012128cf71eb8fcd6b13e56a02a7324db041467fc18385630dc6429726677d196c81466f47b5e3103c0010004209ce3646167631d0df8d4db28973db8d5a27f85d345ad6ec220aeb1e22f39f31f
Successfully parsed ART:
counter: 6252
manifest hash (20 bytes): 519c0248f04d316a3d71e03978b4126fbfb2b15c
sleep hash (20 bytes): 7f75cb9012128cf71eb8fcd6b13e56a02a7324db
restore nonce (20 bytes): 67fc18385630dc6429726677d196c81466f47b5e

Decode (used the decoder here): 

SEQUENCE (3 elem)
   INTEGER 0
   SEQUENCE (5 elem)
      INTEGER 6252
      OCTET STRING (20 byte) 519C0248F04D316A3D71E03978B4126FBFB2B15C
      OCTET STRING (20 byte) 7F75CB9012128CF71EB8FCD6B13E56A02A7324DB
      OCTET STRING (20 byte) 67FC18385630DC6429726677D196C81466F47B5E
      SET (1 elem)
         Private 0 (1 byte) 00
   OCTET STRING (32 byte) 9CE3646167631D0DF8D4DB28973DB8D5A27F85D345AD6EC220AEB1E22F39F31F

Example 3: 

./seputil --art clear
ART cleared from storage

./seputil --art get  
seputil: Get ART command error: 0xe00002bc

Further References

www.forbes.com

Retrieved from "https://www.theiphonewiki.com/w/index.php?title=Secure_Enclave&oldid=38461"