Difference between revisions of "Secure Enclave"

From The iPhone Wiki
Jump to: navigation, search
(Examples)
(Redirected page to Secure Enclave Processor)
(Tag: New redirect)
 
(9 intermediate revisions by 6 users not shown)
Line 1: Line 1:
  +
#REDIRECT [[Secure Enclave Processor]]
The '''Secure Enclave''' is part of the [[A7]] chip and a basic part of Apples [[Touch ID]] fingerprint technology. Within the Secure Enclave the fingerprint data is stored in an encrypted form which - according to Apple - can only be decrypted by a key available by the Secure Enclave thus making fingerprint data walled off from the rest of A7 Chip and as well as the rest of iOS. The secure enclave itself is a flashable 4MB processor called the secure enclave processor (SEP) as documented in [http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220130308838%22.PGNR.&OS=DN/20130308838&RS=DN/20130308838 Apple Patent Application 20130308838]. The technology used is basically [http://www.arm.com/products/processors/technologies/trustzone/index.php ARM's TrustZone/SecurCore].
 
 
The SEP is located in the devicetree under IODeviceTree:/arm-io/sep and manged by the AppleSEPManager driver as seen [http://winocm.com/images/ioregdump.txt here]
 
 
==SEP OS==
 
 
The SEP has its own OS called SEP OS and there exists a tool called [[seputil]] which is used to communicate with it.
 
 
==ART Object==
 
 
Example 1:
 
<pre>
 
./seputil --art get
 
raw ART: 305e0201003037020218340414519c0248f04d316a3d71e03978b4126fbfb2b15c0400041467fc18385630dc6429726677d196c81466f47b5e3103c00100042027b6dadbab356612997af0203cefeae51fe90cd985ee7cdd6211c766b8cc7a60
 
Successfully parsed ART:
 
counter: 6196
 
manifest hash (20 bytes): 519c0248f04d316a3d71e03978b4126fbfb2b15c
 
sleep hash is absent
 
restore nonce (20 bytes): 67fc18385630dc6429726677d196c81466f47b5e
 
</pre>
 
 
raw ART is also a [http://en.wikipedia.org/wiki/Abstract_Syntax_Notation_One#Example_encoded_in_DER DER encoded ASN.1 object]:
 
 
<pre>
 
30 — type tag indicating SEQUENCE
 
5e — length in octets of value that follows (92)
 
02 — type tag indicating INTEGER
 
01 — length in octets of value that follows
 
00 — value (0)
 
30 — type tag indicating SEQUENCE
 
37 — length in octets of value that follows (55)
 
02 — type tag indicating INTEGER
 
02 — length in octets of value that follows
 
1834 — value (6196) (of counter)
 
04 — type tag indicating STRING
 
14 — length in octets of value that follows (20)
 
519c0248f04d316a3d71e03978b4126fbfb2b15c — value (of manifest hash)
 
04 — type tag indicating STRING
 
00 — length in octets of value that follows (0); empty, so no value to follow (sleep has is absent)
 
04 — type tag indicating STRING
 
14 — length in octets of value that follows (20)
 
67fc18385630dc6429726677d196c81466f47b5e — value (of restore nonce)
 
31 — type tag indicating SET
 
03 — length in octets of value that follows (3)
 
c00100 — value
 
04 — type tag indicating STRING
 
20 — length in octets of value that follows (32)
 
27b6dadbab356612997af0203cefeae51fe90cd985ee7cdd6211c766b8cc7a60 — value
 
</pre>
 
 
Example 2:
 
<pre>
 
./seputil --art get
 
raw ART: 3072020100304b0202186c0414519c0248f04d316a3d71e03978b4126fbfb2b15c04147f75cb9012128cf71eb8fcd6b13e56a02a7324db041467fc18385630dc6429726677d196c81466f47b5e3103c0010004209ce3646167631d0df8d4db28973db8d5a27f85d345ad6ec220aeb1e22f39f31f
 
Successfully parsed ART:
 
counter: 6252
 
manifest hash (20 bytes): 519c0248f04d316a3d71e03978b4126fbfb2b15c
 
sleep hash (20 bytes): 7f75cb9012128cf71eb8fcd6b13e56a02a7324db
 
restore nonce (20 bytes): 67fc18385630dc6429726677d196c81466f47b5e
 
</pre>
 
 
Decode (used the decoder [http://lapo.it/asn1js/ here]):
 
 
<pre>
 
SEQUENCE (3 elem)
 
INTEGER 0
 
SEQUENCE (5 elem)
 
INTEGER 6252
 
OCTET STRING (20 byte) 519C0248F04D316A3D71E03978B4126FBFB2B15C
 
OCTET STRING (20 byte) 7F75CB9012128CF71EB8FCD6B13E56A02A7324DB
 
OCTET STRING (20 byte) 67FC18385630DC6429726677D196C81466F47B5E
 
SET (1 elem)
 
Private 0 (1 byte) 00
 
OCTET STRING (32 byte) 9CE3646167631D0DF8D4DB28973DB8D5A27F85D345AD6EC220AEB1E22F39F31F
 
</pre>
 
 
Example 3:
 
<pre>
 
./seputil --art clear
 
ART cleared from storage
 
 
./seputil --art get
 
seputil: Get ART command error: 0xe00002bc
 
</pre>
 
 
==Further References==
 
 
[http://www.forbes.com/sites/quora/2013/09/18/what-is-apples-new-secure-enclave-and-why-is-it-important/ www.forbes.com]
 

Latest revision as of 07:24, 7 March 2020