苹果使用哪种硬件芯片/供应商进行硬件加速的AES / SHA-1加密? [英] Which hardware chip/vendor does Apple use for its hardware-accelerated AES/SHA-1 encryption?
问题描述
这是对我的问题的一种后续措施: iPhone是否支持硬件加速的AES加密?。经过进一步分析和黑客攻击后,我确定iOS CommonCrypto仅支持AES-CBC模式(密码块链接)的硬件加速,而不支持AES-CTR(计数器)或AES-ECB(电子密码本)模式的硬件加速。尽管这与开源代码不同: http:/ /opensource.apple.com/source/CommonCrypto/CommonCrypto-36064/Source/GladmanAES/ccNewGladman.c 。
This is a follow-up of sorts to my question: Does iPhone support hardware-accelerated AES Encryption?. After further analysis and hackery, I have determined that the iOS CommonCrypto supports hardware acceleration only for the AES-CBC mode (Cipher Block Chaining), but not AES-CTR (Counter) or AES-ECB (Electronic Codebook) modes. Although this differs from the open sourced code: http://opensource.apple.com/source/CommonCrypto/CommonCrypto-36064/Source/GladmanAES/ccNewGladman.c.
因此,这似乎是一个附加的修复程序之外的所有公开信息。因此,我很想知道硬件的功能,以及苹果是否实际上阻止了应用程序开发人员使用硬件芯片的所有功能。
So this seems like an additional "fix" on top of what's available publicly. So I'm curious to know what the capabilities of the hardware are and if Apple is actually preventing the application developers from using all the features of the hardware chip.
查看了通常的嫌疑人( Chipworks a>& iFixit ),但没有运气。
I have looked at the usual suspects (Chipworks & iFixit) for this info but no luck.
推荐答案
我很好奇知道硬件的功能以及苹果是否支持实际上阻止了应用程序开发人员使用硬件芯片的所有功能。
I'm curious to know what the capabilities of the hardware are and if Apple is actually preventing the application developers from using all the features of the hardware chip.
至少会有一些硬件加速的AES和SHA即将到来来自ARMv8-a及更高版本的CPU功能。 ARMv8-a是ARM-64,您可以通过以下方式查看它:
At least some of the hardware accelerated AES and SHA is coming from the CPU capabilities of ARMv8-a and above. ARMv8-a is ARM-64, and you can see it via:
$ clang++ -arch arm64 -dM -E - < /dev/null | sort | egrep -i '(arm|aarch)'
#define __AARCH64EL__ 1
#define __AARCH64_SIMD__ 1
#define __ARM64_ARCH_8__ 1
#define __ARM_64BIT_STATE 1
#define __ARM_ACLE 200
#define __ARM_ALIGN_MAX_STACK_PWR 4
#define __ARM_ARCH 8
#define __ARM_ARCH_ISA_A64 1
#define __ARM_ARCH_PROFILE 'A'
#define __ARM_FEATURE_CLZ 1
#define __ARM_FEATURE_CRYPTO 1
#define __ARM_FEATURE_DIV 1
#define __ARM_FEATURE_FMA 1
#define __ARM_FEATURE_UNALIGNED 1
#define __ARM_FP 0xe
#define __ARM_FP16_FORMAT_IEEE 1
#define __ARM_FP_FENV_ROUNDING 1
#define __ARM_NEON 1
#define __ARM_NEON_FP 7
#define __ARM_NEON__ 1
#define __ARM_PCS_AAPCS64 1
#define __ARM_SIZEOF_MINIMAL_ENUM 4
#define __ARM_SIZEOF_WCHAR_T 4
#define __aarch64__ 1
#define __arm64 1
#define __arm64__ 1
__ ARM_FEATURE_CRYPTO 实际上,您可以访问arm汇编程序说明和arm i。通常在< arm_neon.h> 和< arm_acle.h> 中找到的ntrinisics。
With __ARM_FEATURE_CRYPTO in effect, you get access to the arm assembler instructions and arm intrinisics customarily found in <arm_neon.h> and <arm_acle.h>.
我不知道这是否是从存储到内存的DMA数据路径上的相同AES电路。我相信此AES是iOS 4.3中宣布的数据保护API的一部分。
I don't know whether this is the same AES circuit on the DMA data path from storage to memory. I believe this AES is part of the Data Protection API announced in iOS 4.3.
您也许可以在Jean-BaptisteBédrune和Jean Sigwald中找到答案。 = http://esec-lab.sogeti.com/static/publications/11-hitbamsterdam-iphonedataprotection.pdf rel = nofollow> iPhone数据保护深入;和Dino Zavi的 Apple iOS 4安全评估。
You might be able to find the answer in Jean-Baptiste Bédrune and Jean Sigwald iPhone data protection in depth; and Dino Zavi's Apple iOS 4 Security Evaluation.
这篇关于苹果使用哪种硬件芯片/供应商进行硬件加速的AES / SHA-1加密?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
