Difference between revisions of "KBAG"

From The iPhone Wiki
Jump to: navigation, search
m (removed template)
m (link updates)
Line 8: Line 8:
 
uint32_t fullSize; // size of KBAG from beyond that point to the end of it
 
uint32_t fullSize; // size of KBAG from beyond that point to the end of it
 
uint32_t tagDataSize; // size of KBAG without this 0xC header
 
uint32_t tagDataSize; // size of KBAG without this 0xC header
uint32_t cryptState; // 1 if the key and IV in the KBAG are encrypted with the [[GID-key]]
+
uint32_t cryptState; // 1 if the key and IV in the KBAG are encrypted with the [[GID Key]]
 
// 2 is used with a second KBAG for the [[S5L8920]], use is unknown.
 
// 2 is used with a second KBAG for the [[S5L8920]], use is unknown.
 
uint32_t aesType; // 0x80 = aes128 / 0xc0 = aes192 / 0x100 = aes256
 
uint32_t aesType; // 0x80 = aes128 / 0xc0 = aes192 / 0x100 = aes256
uint8_t encIV[16]; // IV for the firmware file, encrypted with the [[GID-key]]
+
uint8_t encIV[16]; // IV for the firmware file, encrypted with the [[GID Key]]
uint8_t encKey[16]; // Key for the firmware file, encrypted with the [[GID-key]]
+
uint8_t encKey[16]; // Key for the firmware file, encrypted with the [[GID Key]]
 
} UnparsedKbagAes128_t;
 
} UnparsedKbagAes128_t;
   
Line 20: Line 20:
 
uint32_t fullSize; // size of KBAG from beyond that point to the end of it
 
uint32_t fullSize; // size of KBAG from beyond that point to the end of it
 
uint32_t tagDataSize; // size of KBAG without this 0xC header
 
uint32_t tagDataSize; // size of KBAG without this 0xC header
uint32_t cryptState; // 1 if the key and IV in the KBAG are encrypted with the [[GID-key]]
+
uint32_t cryptState; // 1 if the key and IV in the KBAG are encrypted with the [[GID Key]]
 
// 2 is used with a second KBAG for the [[S5L8920]], use is unknown.
 
// 2 is used with a second KBAG for the [[S5L8920]], use is unknown.
 
uint32_t aesType; // 0x80 = aes128 / 0xc0 = aes192 / 0x100 = aes256
 
uint32_t aesType; // 0x80 = aes128 / 0xc0 = aes192 / 0x100 = aes256
uint8_t encIV[16]; // IV for the firmware file, encrypted with the [[GID-key]]
+
uint8_t encIV[16]; // IV for the firmware file, encrypted with the [[GID Key]]
uint8_t encKey[24]; // Key for the firmware file, encrypted with the [[GID-key]]
+
uint8_t encKey[24]; // Key for the firmware file, encrypted with the [[GID Key]]
 
} UparsedKbagAes192_t;
 
} UparsedKbagAes192_t;
   
Line 32: Line 32:
 
uint32_t fullSize; // size of KBAG from beyond that point to the end of it
 
uint32_t fullSize; // size of KBAG from beyond that point to the end of it
 
uint32_t tagDataSize; // size of KBAG without this 0xC header
 
uint32_t tagDataSize; // size of KBAG without this 0xC header
uint32_t cryptState; // 1 if the key and IV in the KBAG are encrypted with the [[GID-key]]
+
uint32_t cryptState; // 1 if the key and IV in the KBAG are encrypted with the [[GID Key]]
 
// 2 is used with a second KBAG for the [[S5L8920]], use is unknown.
 
// 2 is used with a second KBAG for the [[S5L8920]], use is unknown.
 
uint32_t aesType; // 0x80 = aes128 / 0xc0 = aes192 / 0x100 = aes256
 
uint32_t aesType; // 0x80 = aes128 / 0xc0 = aes192 / 0x100 = aes256
uint8_t encIV[16]; // IV for the firmware file, encrypted with the [[GID-key]]
+
uint8_t encIV[16]; // IV for the firmware file, encrypted with the [[GID Key]]
uint8_t encKey[32]; // Key for the firmware file, encrypted with the [[GID-key]]
+
uint8_t encKey[32]; // Key for the firmware file, encrypted with the [[GID Key]]
 
} UparsedKbagAes256_t;
 
} UparsedKbagAes256_t;
   
 
== How it Works ==
 
== How it Works ==
Basically, it just boils down to using the [[GID-key]] to decrypt <code>encIV</code> and <code>encKey</code>, then using that key and IV to decrypt the DATA section of the file (the code itself).
+
Basically, it just boils down to using the [[GID Key]] to decrypt <code>encIV</code> and <code>encKey</code>, then using that key and IV to decrypt the DATA section of the file (the code itself).
   
 
As an interesting side note, because of the circumstances with the [[IMG3 File Format]], the kernel never needs to even touch the [[GID-key]] anymore, as it's job is to just flash the image to the [[NOR]] as is, with container and all.
 
As an interesting side note, because of the circumstances with the [[IMG3 File Format]], the kernel never needs to even touch the [[GID-key]] anymore, as it's job is to just flash the image to the [[NOR]] as is, with container and all.

Revision as of 08:09, 4 August 2013

Explanation

In Apple's new IMG3 security scheme, they have used something called a KBAG. At the bottom of a firmware file, you will see something that will, on the ASCII side of your hex editor, see "GABK", which, as ARM is little-endian based, is "KBAG" flipped. Look on the hex side and you will the KBAG according to this format:

KBAG Format

KBAG128

typedef struct {
     uint32_t magic;       // string with bits flipped = "KBAG" (magic = 0x4741424B)
     uint32_t fullSize;    // size of KBAG from beyond that point to the end of it
     uint32_t tagDataSize; // size of KBAG without this 0xC header
     uint32_t cryptState;  // 1 if the key and IV in the KBAG are encrypted with the GID Key
                           // 2 is used with a second KBAG for the S5L8920, use is unknown.
     uint32_t aesType;     // 0x80 = aes128 / 0xc0 = aes192 / 0x100 = aes256
     uint8_t encIV[16];    // IV for the firmware file, encrypted with the GID Key
     uint8_t encKey[16];   // Key for the firmware file, encrypted with the GID Key
} UnparsedKbagAes128_t;

KBAG192

typedef struct Unparsed_KBAG_AES192 {
     uint32_t magic;       // string with bits flipped = "KBAG" (magic = 0x4741424B)
     uint32_t fullSize;    // size of KBAG from beyond that point to the end of it
     uint32_t tagDataSize; // size of KBAG without this 0xC header
     uint32_t cryptState;  // 1 if the key and IV in the KBAG are encrypted with the GID Key
                           // 2 is used with a second KBAG for the S5L8920, use is unknown.
     uint32_t aesType;     // 0x80 = aes128 / 0xc0 = aes192 / 0x100 = aes256
     uint8_t encIV[16];    // IV for the firmware file, encrypted with the GID Key
     uint8_t encKey[24];   // Key for the firmware file, encrypted with the GID Key
} UparsedKbagAes192_t;

KBAG256

typedef struct Unparsed_KBAG_256 {
     uint32_t magic;       // string with bits flipped = "KBAG" (magic = 0x4741424B)
     uint32_t fullSize;    // size of KBAG from beyond that point to the end of it
     uint32_t tagDataSize; // size of KBAG without this 0xC header
     uint32_t cryptState;  // 1 if the key and IV in the KBAG are encrypted with the GID Key
                           // 2 is used with a second KBAG for the S5L8920, use is unknown.
     uint32_t aesType;     // 0x80 = aes128 / 0xc0 = aes192 / 0x100 = aes256
     uint8_t encIV[16];    // IV for the firmware file, encrypted with the GID Key
     uint8_t encKey[32];   // Key for the firmware file, encrypted with the GID Key
} UparsedKbagAes256_t;

How it Works

Basically, it just boils down to using the GID Key to decrypt encIV and encKey, then using that key and IV to decrypt the DATA section of the file (the code itself).

As an interesting side note, because of the circumstances with the IMG3 File Format, the kernel never needs to even touch the GID-key anymore, as it's job is to just flash the image to the NOR as is, with container and all.

in order to decrypt the KBAG you need to remove them from IMG3 using this command dd if=IMG3_FILE bs=1 skip=4741424B count=0x70