This is a follow-up of sorts to my question: Does iPhone support hardware-accelerated AES Encryption?. After further analysis and hackery, I have determined that the iOS CommonCrypto supports hardware acceleration only for the AES-CBC mode (Cipher Block Chaining), but not AES-CTR (Counter) or AES-ECB (Electronic Codebook) modes. Although this differs from the open sourced code: http://opensource.apple.com/source/CommonCrypto/CommonCrypto-36064/Source/GladmanAES/ccNewGladman.c.
So this seems like an additional "fix" on top of what's available publicly. So I'm curious to know what the capabilities of the hardware are and if Apple is actually preventing the application developers from using all the features of the hardware chip.
I have looked at the usual suspects (Chipworks & iFixit) for this info but no luck.
I'm curious to know what the capabilities of the hardware are and if Apple is actually preventing the application developers from using all the features of the hardware chip.
At least some of the hardware accelerated AES and SHA is coming from the CPU capabilities of ARMv8-a and above. ARMv8-a is ARM-64, and you can see it via:
$ clang++ -arch arm64 -dM -E - < /dev/null | sort | egrep -i '(arm|aarch)'
#define __AARCH64EL__ 1
#define __AARCH64_SIMD__ 1
#define __ARM64_ARCH_8__ 1
#define __ARM_64BIT_STATE 1
#define __ARM_ACLE 200
#define __ARM_ALIGN_MAX_STACK_PWR 4
#define __ARM_ARCH 8
#define __ARM_ARCH_ISA_A64 1
#define __ARM_ARCH_PROFILE 'A'
#define __ARM_FEATURE_CLZ 1
#define __ARM_FEATURE_CRYPTO 1
#define __ARM_FEATURE_DIV 1
#define __ARM_FEATURE_FMA 1
#define __ARM_FEATURE_UNALIGNED 1
#define __ARM_FP 0xe
#define __ARM_FP16_FORMAT_IEEE 1
#define __ARM_FP_FENV_ROUNDING 1
#define __ARM_NEON 1
#define __ARM_NEON_FP 7
#define __ARM_NEON__ 1
#define __ARM_PCS_AAPCS64 1
#define __ARM_SIZEOF_MINIMAL_ENUM 4
#define __ARM_SIZEOF_WCHAR_T 4
#define __aarch64__ 1
#define __arm64 1
#define __arm64__ 1
With __ARM_FEATURE_CRYPTO
in effect, you get access to the arm assembler instructions and arm intrinisics customarily found in <arm_neon.h>
and <arm_acle.h>
.
I don't know whether this is the same AES circuit on the DMA data path from storage to memory. I believe this AES is part of the Data Protection API announced in iOS 4.3.
You might be able to find the answer in Jean-Baptiste Bédrune and Jean Sigwald iPhone data protection in depth; and Dino Zavi's Apple iOS 4 Security Evaluation.