The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "IMG3 File Format"
ChronicDev (talk | contribs) |
ChronicDev (talk | contribs) (→Tags) |
||
Line 24: | Line 24: | ||
CHIP: Chip to be used with. "0x8900" for [[S5L8900]] and "0x8720" for [[n72ap|S5L8720]]. Instead of there being a check against some piece of hardware, whatever is verifying this (bootrom / iBoot / LLB / etc.) has this hardcoded in. |
CHIP: Chip to be used with. "0x8900" for [[S5L8900]] and "0x8720" for [[n72ap|S5L8720]]. Instead of there being a check against some piece of hardware, whatever is verifying this (bootrom / iBoot / LLB / etc.) has this hardcoded in. |
||
BORD: Board to be used with |
BORD: Board to be used with |
||
− | KBAG: contains the KEY and IV required to decrypt encrypted with the [[GID-key]] |
+ | [[KBAG]]: contains the KEY and IV required to decrypt encrypted with the [[GID-key]] |
SHSH: RSA encrypted SHA1 hash of the file |
SHSH: RSA encrypted SHA1 hash of the file |
||
CERT: Certificate |
CERT: Certificate |
Revision as of 01:33, 27 December 2008
This is the replacement for the IMG2 File Format in 2.0 firmware.
Contents
Header
struct Img3 { unsigned int magic; unsigned int dataLenPad; unsigned int u1; // offSet to 20 byte footer unsigned int certOffset; unsigned int name; unsigned int type; unsigned int nameOffset; unsigned int dataLen; } typedef Img3;
Tag Format
unsigned int magic; unsigned int total_length; //data_length+0xC unsigned int data_length;
Tags
VERS: Version SEPO: Unknown PROD: Processor to be used with. CHIP: Chip to be used with. "0x8900" for S5L8900 and "0x8720" for S5L8720. Instead of there being a check against some piece of hardware, whatever is verifying this (bootrom / iBoot / LLB / etc.) has this hardcoded in. BORD: Board to be used with KBAG: contains the KEY and IV required to decrypt encrypted with the GID-key SHSH: RSA encrypted SHA1 hash of the file CERT: Certificate
Encryption
Apple got smarter this time, requiring the Hardware AES engine to be run per file. Decrypt the KBAG tag data (0x20 byte?) with the hardware AES engine and get the 0x10 byte IV and the 0x10 byte KEY.