Difference between revisions of "/dev/sha"

Latest revision as of 21:57, 17 January 2023

/dev/sha is an IPC interface for the SHA-1 engine that accepts IOS_Open, IOS_Close & IOCTLV commands.

Internally in IOS, it uses 2 FDs: one of 0x10001 normally calculating SHA-1 hashes and 0x10002 when dealing with HMAC key hashes (also based on SHA). Despite this, it is better to do an IOS_Open when using this resource.

/dev/sha handles both SHA-1 hashing and HMAC verification in modular IOS versions (IOS28 and later). For monolithic IOS versions (IOS22 and earlier), HMAC verification is done in a dedicated separate device called /dev/hmac.

/dev/sha IOS_Ioctlv

number	Description	in count	out count	vector	vector length
0x00	Initialize Hash Context	1	2	input data (64-byte aligned)	-
				SHA-1 Context	0x1c
				SHA-1 Hash	0x14
0x01	Contribute Additional Data	1	2	input data (64-byte aligned)	-
				SHA-1 Context	0x1c
				SHA-1 Hash	0x14
0x02	Finalize Hash	1	2	input data (64-byte aligned)	-
				SHA-1 Context	0x1c
				SHA-1 Hash	0x14
0x03	?	?	?	?	?
0x04	?	?	?	?	?
0x0F	some sort of H0,H1,H2 verifying	?	?	?	?

@@ Line 2: / Line 2: @@
 '''/dev/sha''' is an IPC interface for the [[Hardware/SHA-1 engine | SHA-1 engine]] that accepts IOS_Open, IOS_Close & IOCTLV commands.
 Internally in IOS, it uses 2 FDs: one of 0x10001 normally calculating SHA-1 hashes and 0x10002 when dealing with HMAC key hashes (also based on SHA). Despite this, it is better to do an IOS_Open when using this resource.
+/dev/sha handles both SHA-1 hashing and HMAC verification in modular IOS versions (IOS28 and later). For monolithic IOS versions (IOS22 and earlier), HMAC verification is done in a dedicated separate device called [[:/dev/hmac]].
 == /dev/sha IOS_Ioctlv ==
@@ Line 13: / Line 15: @@
 ! style="vertical-align: top;" |vector&nbsp;length
 |-
-| style="vertical-align: top;" rowspan="1" | 0x00
+| style="vertical-align: top;" rowspan="3" | 0x00
-| style="vertical-align: top;" rowspan="1" | ?
+| style="vertical-align: top;" rowspan="3" | Initialize Hash Context
-| style="vertical-align: top;" rowspan="1" | ?
+| style="vertical-align: top;" rowspan="3" | 1
-| style="vertical-align: top;" rowspan="1" | ?
+| style="vertical-align: top;" rowspan="3" | 2
-| style="vertical-align: top;" rowspan="1" | ?
+| style="vertical-align: top;" rowspan="1" | input data (64-byte aligned)
-| style="vertical-align: top;" rowspan="1" | ?
+| style="vertical-align: top;" rowspan="1" | -
+|-
+| style="vertical-align: top;" rowspan="1" | SHA-1 Context
+| style="vertical-align: top;" rowspan="1" | 0x1c
+|-
+| style="vertical-align: top;" rowspan="1" | SHA-1 Hash
+| style="vertical-align: top;" rowspan="1" | 0x14
+|-
+| style="vertical-align: top;" rowspan="3" | 0x01
+| style="vertical-align: top;" rowspan="3" | Contribute Additional Data
+| style="vertical-align: top;" rowspan="3" | 1
+| style="vertical-align: top;" rowspan="3" | 2
+| style="vertical-align: top;" rowspan="1" | input data (64-byte aligned)
+| style="vertical-align: top;" rowspan="1" | -
 |-
-| style="vertical-align: top;" rowspan="1" | 0x01
+| style="vertical-align: top;" rowspan="1" | SHA-1 Context
-| style="vertical-align: top;" rowspan="1" | ?
+| style="vertical-align: top;" rowspan="1" | 0x1c
-| style="vertical-align: top;" rowspan="1" | ?
-| style="vertical-align: top;" rowspan="1" | ?
-| style="vertical-align: top;" rowspan="1" | ?
-| style="vertical-align: top;" rowspan="1" | ?
 |-
-| style="vertical-align: top;" rowspan="1" | 0x02
+| style="vertical-align: top;" rowspan="1" | SHA-1 Hash
-| style="vertical-align: top;" rowspan="1" | ?
+| style="vertical-align: top;" rowspan="1" | 0x14
-| style="vertical-align: top;" rowspan="1" | ?
-| style="vertical-align: top;" rowspan="1" | ?
-| style="vertical-align: top;" rowspan="1" | ?
-| style="vertical-align: top;" rowspan="1" | ?
 |-
-| style="vertical-align: top;" rowspan="3" | 0x03
+| style="vertical-align: top;" rowspan="3" | 0x02
-| style="vertical-align: top;" rowspan="3" | ?
+| style="vertical-align: top;" rowspan="3" | Finalize Hash
 | style="vertical-align: top;" rowspan="3" | 1
 | style="vertical-align: top;" rowspan="3" | 2
-| style="vertical-align: top;" rowspan="1" | input data (32-byte aligned)
+| style="vertical-align: top;" rowspan="1" | input data (64-byte aligned)
 | style="vertical-align: top;" rowspan="1" | -
 |-
-| style="vertical-align: top;" rowspan="1" | SHA Context
+| style="vertical-align: top;" rowspan="1" | SHA-1 Context
 | style="vertical-align: top;" rowspan="1" | 0x1c
 |-
-| style="vertical-align: top;" rowspan="1" | SHA1 Hash
+| style="vertical-align: top;" rowspan="1" | SHA-1 Hash
 | style="vertical-align: top;" rowspan="1" | 0x14
+|-
+| style="vertical-align: top;" rowspan="1" | 0x03
+| style="vertical-align: top;" rowspan="1" | ?
+| style="vertical-align: top;" rowspan="1" | ?
+| style="vertical-align: top;" rowspan="1" | ?
+| style="vertical-align: top;" rowspan="1" | ?
+| style="vertical-align: top;" rowspan="1" | ?
 |-
 | style="vertical-align: top;" rowspan="1" | 0x04

Difference between revisions of "/dev/sha"

Latest revision as of 21:57, 17 January 2023

/dev/sha IOS_Ioctlv

Navigation menu

Search