|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "AES Keys"
DarkMalloc (talk | contribs) |
m (→Key 0x837) |
||
| Line 18: | Line 18: | ||
Generated by encrypting 345A2D6C5050D058780DA431F0710E15 with the [[S5L8900]] [[GID-key]] to get 188458A6D15034DFE386F23B61D43774 |
Generated by encrypting 345A2D6C5050D058780DA431F0710E15 with the [[S5L8900]] [[GID-key]] to get 188458A6D15034DFE386F23B61D43774 |
||
| − | It is used as the encryption key |
+ | It is used as the encryption key for [[S5L File Formats#IMG2|IMG2 files]]. With the introduction of [[IMG3 File Format|IMG3]] in 2.0, [[KBAG]]s are now used instead of the 0x837 key. |
==Resources== |
==Resources== |
||
Revision as of 19:45, 24 August 2010
The SoC in each device have an AES coprocessor with the GID-key and UID-key built in.
Running The Engine
Currently, there are four ways to run the hardware AES engine:
- Use the AES payload released on OpenPwn.
- Patch iBoot to jump to aes_decrypt.
- Use OpenIBoot.
- Use the crypto bundle provided in xpwn to utilize it via userland. This method requires a kernel patch.
If you want to decrypt IMG3 files you need to use this. The GID-key currently has not been extracted from the phone, so the only way to use it is on the phone itself.
See Easier method of getting Img3 Key / IV for an iBoot patch.
AES crypto payload
http://forums.openpwn.org/viewtopic.php?f=8&t=19&p=101#p101
Key 0x837
Generated by encrypting 345A2D6C5050D058780DA431F0710E15 with the S5L8900 GID-key to get 188458A6D15034DFE386F23B61D43774
It is used as the encryption key for IMG2 files. With the introduction of IMG3 in 2.0, KBAGs are now used instead of the 0x837 key.
