Firmware Keys

VFDecrypt Keys are keys which decrypt the root filesystem of certain (beta) firmwares. Apple uses a to ensure the safety of their files. Over time Apple has changed the way to encrypt firmware files, thus the way to decrypt files as well as the way to get the keys has also.

Background
With the release of the iPhone came the IMG2 file format. They were used on all known iPhone OS 1.x firmwares. For the 1.1.x series, they were encrypted with the 0x837 key. The discovery of the 0x837 key led to the ability to decrypt any 1.x firmware.

Following IMG2 came the IMG3 file format. They were introduced with iPhone OS 2.0b4, and have been in use ever since. In order to maintain their integrity, they contain multiple layers of encryption, all based around a public/private key encryption method. Apple took encryption seriously with IMG3 by utilizing AES (based on the Rinjndael key schedule). In order to complicate things, they contain the VFDecrypt key, albeit encrypted, as part of the KBAG structure in the ramdisks.

The ramdisk keys can only be retrieved with the processor specific GID Key. The GID key is currently unretrievable and can only be utilized through the built-in AES engine. To complicate things even more, the engine is only accessible through a special bootrom exploit (jailbreaks typically expose it with /dev/aes_0). This makes usage of the key nearly impossible.

However, once you have access to the AES engine, the entire system falls apart. You are able to upload an encrypted ramdisk and grab the decryption keys for it. Once you manage to decrypt the ramdisk, you can run it through GenPass to decrypt the VFDecrypt key.

Beginning with iOS 6.0b1, Apple decided to tweak their disk images so they no longer work with VFDecrypt. VFDecrypt will report that the filesystem is decrypted, but you will be unable to mount it. The current workaround is to use dmg from Xpwn to decrypt them. What has changed to break VFDecrypt is currently unknown. Decryption will take slightly longer due to dmg writing its progress to the terminal, but the difference is negligible.

S5L8900
To decrypt a firmware file, decrypt the encrypted key and IV in the KBAG using GIDecrypt, or OpenSSL with the key 5F650295E1FFFC97CE77ABD49DD955B3 and the iv 0

S5L8720
Business as usual, but keys and IVs have to be decrypted on the device still, unlike with the new S5L8900 KBAGs. Apple incorrectly assumed that by encrypting iBEC and iBSS they were being sly. They were not. You can decrypt those on a 2.2.1 aes setup no problem whatsoever.

S5L8920
The iPhone 3GS firmware files are interesting. They have two KBAGs, which use AES-256 instead of the S5L8900 and S5L8720 that are using AES-128 still. The first KBAG has an identifier in it's header indicating that it is to be decrypted with the gid key, and the second is not known. For those that don't know how AES256 works, this now means that the first 0x10 bytes are the IV, and the remaining 0x20 bytes (not 0x10 anymore!) are the key.

Firmware Versions
This is a full and comprehensive list of all firmwares Apple Inc. has made available to the public in some way, be it the dev center or iTunes.