Mfi 2.0B

iPod Authentication Coprocessor 2.
0B
.
td n
n s L m.c
Su stic .co
st u d
re co th
Fo D A (at) 781
TH st -00
Specification
e 7
for -0
2009-07-27
6
Release R5
C5
Fo D A (at) 781
TH st -00
for -0
re co th
ENTIRE RISK AS TO ITS QUALITY AND
ACCURACY.
Apple Inc.
IN NO EVENT WILL APPLE BE LIABLE FOR
C5
© 2009 Apple Inc. DIRECT, INDIRECT, SPECIAL, INCIDENTAL,

All rights reserved. OR CONSEQUENTIAL DAMAGES
RESULTING FROM ANY DEFECT OR
INACCURACY IN THIS DOCUMENT, even if
No part of this publication may be advised of the possibility of such damages.
st
reproduced, stored in a retrieval system, or THE WARRANTY AND REMEDIES SET
e
transmitted, in any form or by any means, FORTH ABOVE ARE EXCLUSIVE AND IN
LIEU OF ALL OTHERS, ORAL OR WRITTEN,
mechanical, electronic, photocopying, EXPRESS OR IMPLIED. No Apple dealer, agent,
recording, or otherwise, without prior or employee is authorized to make any
modification, extension, or addition to this
6
written permission of Apple Inc., with the warranty.

following exceptions: Any person is hereby
Some states do not allow the exclusion or
authorized to store documentation on a limitation of implied warranties or liability for
single computer for personal use only and incidental or consequential damages, so the
Su stic .co
above limitation or exclusion may not apply to
to print copies of documentation for you. This warranty gives you specific legal
personal use provided that the rights, and you may also have other rights which
vary from state to state.
documentation contains Apple’s copyright
notice.
The Apple logo is a trademark of Apple Inc.
7
Use of the “keyboard” Apple logo

(Option-Shift-K) for commercial purposes
n
u
without the prior written consent of Apple
may constitute trademark infringement and
unfair competition in violation of federal
and state laws.
No licenses, express or implied, are granted
with respect to any of the technology
described in this document. Apple retains
all intellectual property rights associated
with the technology described in this
document. This document is intended to
assist application developers to develop
applications only for Apple-labeled or
Apple-licensed computers.
Every effort has been made to ensure that
d
the information in this document is

s L m.c
accurate. Apple is not responsible for

typographical errors.
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
408-996-1010
Apple, the Apple logo, iPod, and Pages are

td n
trademarks of Apple Inc., registered in the

United States and other countries.
Simultaneously published in the United
States and Canada.
Even though Apple has reviewed this document,
APPLE MAKES NO WARRANTY OR
.
REPRESENTATION, EITHER EXPRESS OR

IMPLIED, WITH RESPECT TO THIS
DOCUMENT, ITS QUALITY, ACCURACY,
MERCHANTABILITY, OR FITNESS FOR A
PARTICULAR PURPOSE. AS A RESULT, THIS
DOCUMENT IS PROVIDED “AS IS,” AND
YOU, THE READER, ARE ASSUMING THE
Fo D A (at) 781
TH st -00
for -0
re co th
Contents
C5
st
e
Chapter 1 Introduction 7
6
Overview 7
Authentication Protocol 7
Terminology Used in This Document 8
Su stic .co
Related Documents 9
Chapter 2 Signal Descriptions and Reference Circuits 11

7
CP Signals and Pinouts 11
n Communication Mode Selection 12

u
I2C Reference Circuit 13
SPI Reference Circuit 14
Chapter 3 Hardware Configuration and Interface 15
System Voltage 15
Reset 15
Communication Modes 15
Low-Power Sleep Mode 16
d
Chapter 4 Coprocessor Registers 17

s L m.c
Register Addresses 17
Register Descriptions 19
Device Version 19
Firmware Version 20
Authentication Protocol Major and Minor Versions 20
td n
Device ID 20
Error Code 20
Authentication Control and Status 21
Signature Data Length 22
Signature Data 22
.
Challenge Data Length 23

Challenge Data 23
Accessory Certificate Data Length 23
Accessory Certificate Data 23
Self-Test Control and Status 23
3
2009-07-27 | © 2009 Apple Inc. All Rights Reserved.
C O N T E N T S
Fo D A (at) 781
TH st -00
iPod Certificate Data Length 24
iPod Certificate Data 25
for -0
re co th
Chapter 5 Authentication Data Flows 27
C5
iPod Authentication of Accessory 27

Accessory Authentication of iPod 28
st
e
Chapter 6 I2C Communication Protocol 31
6
Slave Selection and Reset 31

Coprocessor Busy 31
Su stic .co
Writing to the Coprocessor 31
Reading from the Coprocessor 32
Chapter 7 SPI Communication Protocol 33

7

n
u
Timing and Polarity 34
Coprocessor Busy 34
Chapter 8 CP Device Characteristics 39
Maximum Environmental Conditions 39

Recommended Operating Conditions 39
DC Electrical Characteristics 40
Timing Characteristics 41
d
s L m.c
Mechanical Package Characteristics 42
Document Revision History 47

td n
.
4
Fo D A (at) 781
TH st -00
for -0
re co th
Figures and Tables
C5
st
e
Chapter 1 Introduction 7
6
Table 1-1 Document-specific terminology 8
Chapter 2 Signal Descriptions and Reference Circuits 11
Su stic .co Figure 2-1

Figure 2-2
Figure 2-3
CP chip pinouts, top view 11
Reference circuit for CP as I2C slave 13
Reference circuit for CP as SPI slave 14
7
Table 2-1 CP signals 11

n Table 2-2 Mode selection signals 13
u
Chapter 3 Hardware Configuration and Interface 15
Figure 3-1 I2C slave write address 16

Figure 3-2 I2C slave read address 16
Chapter 4 Coprocessor Registers 17
Figure 4-1 Authentication Control/Status register, read-only bits 21

d
Figure 4-2 Authentication Control/Status register, write-only bits 22

s L m.c
Figure 4-3 Self-test Control/Status register, write-only bits 23

Figure 4-4 Self-test Control/Status register, read-only bits 24
Table 4-1 iPod Authentication Coprocessor 2.0B register map 17
Table 4-2 Error codes 20
Table 4-3 Authentication ERR_SET values 21
Table 4-4 Authentication PROC_RESULTS values 21
td n
Table 4-5 Authentication PROC_CONTROL values 22

Table 4-6 Self-test PROC_CONTROL values 24
Table 4-7 Self-test result bits 24
.
Chapter 5 Authentication Data Flows 27
Table 5-1 Sequence of interactions by which an iPod authenticates an accessory 27

Table 5-2 Sequence of interactions by which an accessory authenticates an iPod 28
5
F I G U R E S A N D T A B L E S
Fo D A (at) 781
TH st -00
Chapter 7 SPI Communication Protocol 33
for -0
re co th
Figure 7-1 SPI_nSS timing 33
Figure 7-2 SPI data transmission timing 35
C5
Figure 7-3 Command byte that starts an SPI write action to the CP 35
Figure 7-4 Coprocessor write timing 36
Figure 7-5 Command byte that starts a read action from the CP 36
st
Figure 7-6 Coprocessor read timing 37
e
Table 7-1 Maximum SPI transaction delay times 34
6
Chapter 8 CP Device Characteristics 39
Su stic .co
Figure 8-1 Typical power-on reset timing and voltage limits 41
Figure 8-2 Typical external reset timing and voltage limits 42
Figure 8-3 Typical I/O port input waveform 42
Figure 8-4 2.0B iPod Authentication Coprocessor QFN-20 package 43
7
Figure 8-5 2.0B iPod Authentication Coprocessor SOP-8 package 44

Table 8-1 Maximum electrical and temperature ranges 39
n
u
Table 8-2 Recommended operating conditions 39
Table 8-3 Supply current into VCC, excluding external current 40
Table 8-4 Inputs 40
Table 8-5 Outputs 40
Table 8-6 Values for Figure 8-1 41
Table 8-9 QFN-20 package dimensions in millimeters 43
Table 8-10 SOP-8 package dimensions in millimeters 44
d
s L m.c
td n
.
6
C H A P T E R 1
Fo D A (at) 781
TH st -00
Introduction
for -0
re co th
C5
st
e
6
Su stic .co
NOTICE OF PROPRIETARY PROPERTY: THE INFORMATION CONTAINED HEREIN IS THE
PROPRIETARY PROPERTY OF APPLE INC. THE POSSESSOR AGREES TO THE FOLLOWING: (I)
TO MAINTAIN THIS DOCUMENT IN CONFIDENCE, (II) NOT TO REPRODUCE OR COPY IT,
(III) NOT TO REVEAL OR PUBLISH IT IN WHOLE OR IN PART, (IV) ALL RIGHTS RESERVED.
ACCESS TO THIS DOCUMENT AND THE INFORMATION CONTAINED THEREIN IS GOVERNED
7
BY THE TERMS OF THE MADE FOR IPOD LICENSE AGREEMENT AND/OR THE IPOD
TECHNOLOGY EVALUATION LICENSE AND CONFIDENTIALITY AGREEMENT. ALL OTHER
n
u
USE SHALL BE AT APPLE’S SOLE DISCRETION.
Overview
An Apple iPod verifies whether a device attached to it is an authorized accessory by issuing an

authentication challenge to the device. The device must respond to the iPod’s challenge, and it can
do so only with the assistance of an iPod Authentication Coprocessor (CP) chip located in the device.
Conversely, the accessory device can use its CP chip to authenticate the iPod. Certain control and
reporting functions of the iPod are made available externally only after it has authenticated an attached
d
device as an authorized accessory.

s L m.c
Earlier versions of the iPod Authentication Coprocessor (1.0 and 2.0A) were implemented in a QFN-40
package. The current version, 2.0B, is available in two smaller and more efficient industry-standard
packages: the QFN-20 (20-pin Quad Flat No-lead) package and the SOP-8 (8-pin Small Outline)
package. This document describes the configuration, usage, and specifications of Apple’s iPod
Authentication Coprocessor 2.0B in both packages.
td n
Authentication Protocol
The authentication protocol supported by the iPod Authentication Coprocessor 2.0B is based on
.
standard X.509 version 3 certification. Each certificate is generated and signed by a recognized certificate
authority and has a unique serial number. Information about the X.509 standard can be found at the
IETF website http://tools.ietf.org/html/3280.
For information about the iAP General lingo commands required to perform authentication using
the iPod Authentication Coprocessor 2.0B, see Apple’s iPod Accessory Protocol Interface Specification,
Release R36.
Overview 7
C H A P T E R 1
Introduction
Fo D A (at) 781
TH st -00
The iPod Authentication Coprocessor 2.0B supports iAP General lingo commands 0x14 through 0x1F,
providing five authentication-related services:
for -0
re co th
For iPod authentication of the accessory:
C5
■ Certificate delivery: To initiate authenticatication of the accessory that contains it, the CP supplies
an X.509 digital certificate for public key verification by the attached iPod.
Signature generation: To complete authentication of the accessory that contains it, the CP generates
st
■
a valid digital signature in response to a challenge from an attached iPod. This signature authorizes
e
the iPod to respond to messages and commands from the accessory.
6
For accessory authentication of the iPod:
■ iPod certificate validation: To initiate the authentication of an iPod attached to an accessory, the
Su stic .co
CP verifies that the X.509 certificate supplied by iPod has been signed by the proper certificate
authority.
■ Challenge generation: To continue the authentication of an iPod attached to an accessory, the
accessory’s CP can generate a challenge to be sent to the iPod.
7
■ Signature verification: To complete the authentication of an iPod attached to the accessory, the
n CP can verify the signature returned by the iPod in response to the previous challenge.
u
Terminology Used in This Document
Certain technical terms specific to this document are defined in Table 1-1.
Table 1-1 Document-specific terminology
Term Definition
d
Accessory controller The microcontroller in an iPod accessory responsible for implementing

s L m.c
application-specific logic.
Authentication A device in an accessory controller that provides iPod-related digital

coprocessor signature creation and verification services.
Challenge A random number sent via iAP from an iPod to an accessory controller,
or vice versa. The device being challenged must perform a digital signature
td n
computation on the offered challenge and return the resulting digital

signature to the challenging device for verification.
Digital signature The result obtained by performing a digital signing process on an offered
challenge.
.
iAP iPod Accessory Protocol. See Apple’s iPod Accessory Protocol Interface
Specification.
8 Terminology Used in This Document

C H A P T E R 1
Introduction
Fo D A (at) 781
TH st -00
Term Definition
for -0
re co th
I2C bus A 2-wire serial bus designed by Philips to allow easy communication
between components that reside on the same circuit board. The I2C
C5
specification is located at http://www.semiconductors.philips.com/

acrobat_download/literature/9398/39340011.pdf.
st
SPI bus A 4-wire serial communications interface used by many microprocessor
e
peripheral chips.
STD configuration The standard temperature range configuration of the 2.0B coprocessor chip.
6
WTR configuration The wide temperature range configuration of the 2.0B coprocessor chip.
Su stic .co
X.509 certification A standard defined by the International Telecommunication Union (ITU)
that governs the format of certificates used for authentication and sender
identity verification in public-key cryptography. X.509 certificates contain
the public keys used in the iPod’s accessory authentication process.
7
Parts of this document contain specification requirements that are incorporated by reference into legal
n
agreements between Apple Inc. and its licensees. The use of the words “must,” “should,” “may,” and
u
“reserved” in these specifications have the following meanings:
■ “Must” means that the specification is an absolute requirement.

■ “Must not” means that the specification is an absolute prohibition.
■ “Should” means that there may be valid reasons in particular circumstances to ignore the
specification, but their full implications must be understood and carefully weighed before choosing
to do so.
■ “Should not” means that there may be valid reasons in particular circumstances that make the
specified action or feature acceptable, but their full implications must be understood and carefully
weighed before choosing to include it.
d
s L m.c
■ “May” means that the indicated action or feature does not contravene this specification.
■ When a data field is marked “reserved,” accessories writing to it must set it to 0 and accessories
reading it must ignore its value.
Related Documents
td n
For further information about authenticating iPods and their attached accessories, see the iPod Accessory
Protocol Interface Specification, Release R36.
.
Related Documents 9
C H A P T E R 1
Introduction
Fo D A (at) 781
TH st -00
for -0
re co th
C5
st
e
6
Su stic .co
7
n
u d
s L m.c
td n
.
10 Related Documents
C H A P T E R 2
Fo D A (at) 781
TH st -00
Signal Descriptions and Reference Circuits
for -0
re co th
C5
st
e
6
Su stic .co
This chapter defines the pinout, signals, and reference circuitry of the iPod Authentication Coprocessor
2.0B supplied by Apple, Inc.
CP Signals and Pinouts

7
n
u
The 2.0B CP chip signal descriptions are given in Table 2-1 and its pinouts for both QFN-20 and SOP-8
packages are shown in Figure 2-1 (page 11).
Table 2-1 CP signals
Signal name QFN-20 pin SOP-8 pin I/O Description
VCC 5 4 I Supply voltage, positive terminal
VSS 11 5 I Supply voltage, negative terminal
nRESET 4 3 I CP reset (active low)

d
s L m.c
I2C_SDA 13 7 I/O I2C mode: I2C data

SPI_SOMI O SPI mode: slave-to-master data
I2C_SCL 12 6 I/O I2C mode: I2C clock

SPI_SIMO I SPI mode: master-to-slave data
MODE0 14 8 I Reset: selects communication mode

td n
SPI_CLK I SPI mode: SPI clock
MODE1 2 1 I Reset: selects communication mode

SPI_nSS I SPI mode: SPI slave select (active low)
.
NC 1, 3, 6–10, 15–20 2 Do not connect
CP Signals and Pinouts 11

C H A P T E R 2
Fo D A (at) 781
TH st -00
Figure 2-1 CP chip pinouts, top view
for -0
I2C_SDA/SPI_SOMI
I2C_SCL/SPI_SIMO
re co th
MODE0/SPI_CLK
C5
VSS
st
e
8 7 6 5
NC
NC
NC
NC
NC
20 19 18 17 16
6
NC 1 15 NC
Su stic .co
MODE1/SPI_nSS 2 14 MODE0/SPI_CLK
(top view)
NC 3 (top view) 13 I2C_SDA/SPI_SOMI
nRESET 4 12 I2C_SCL/SPI_SIMO
VCC 5 11 VSS
7
6 7 8 9 10
n
u
NC
NC
NC
NC
NC
1 2 3 4
MODE1/SPI_nSS
NC
nRESET
VCC
QFN-20 package SOP-8 package
Note: The MODE0 and MODE1 inputs must not be left unconnected. The next section describes their
usage.
d
s L m.c
Communication Mode Selection
When nRESET is driven low to initiate a CP reset cycle, the states of MODE0 and MODE1 must be
set to select the CP’s communication mode, as shown in Table 2-2 (page 13). After nRESET goes high,
td n
the states of these and the other CP inputs must be held static for at least 30 ms to complete the reset
cycle (see “Reset” (page 15)). After reset completion, if SPI mode has been selected, the MODE0 input
switches its functionality to SPI_CLK and the MODE1 input switches to SPI_nSS.
.
12 Communication Mode Selection

C H A P T E R 2
Fo D A (at) 781
TH st -00
Table 2-2 Mode selection signals
for -0
re co th
Signal state Communication mode I2C addresses
MODE1 MODE0 Write Read
C5
0 0 SPI slave mode
st
0 1 Reserved
e
1 0 0x20 0x21
I2C slave mode
6
1 1 0x22 0x23
Su stic .co
See “Communication Modes” (page 15) for interface details of the communication modes listed in
Table 2-2.
I2C Reference Circuit

7
n
u
The 2.0B CP may be used either as an I2C slave or an SPI slave, but not as both. The alternate uses of
QFN-20 pins 2, 12, 13, and 14 (SOP-8 pins 1, 6, 7, and 8) are shown in Table 2-1 (page 11). When the
CP chip is being reset, the states of QFN-20 pins 2 and 14 (SOP-8 pins 1 and 8) set its communication
mode to I2C or SPI, as described in “Communication Mode Selection” (page 12).
The reference circuit for I2C operation of the CP is shown in Figure 2-2.
Figure 2-2 Reference circuit for CP as I2C slave
VCC
d
s L m.c
VCC
10 k
MODE1 MODE0 See note 2

I2C_SDA
VCC
See note 1 nRESET I2C_SCL
VCC VSS
td n
0.1 F
.
The following notes apply to Figure 2-2:
■ Note 1: An active-low voltage supervisor (not shown) is recommended. nRESET should be

connected either to a GPIO on the accessory’s controller or to the active-low voltage supervisor.
■
Note 2: The MODE0 pin should be tied to either VCC or GND to select the desired I2C slave
read/write addresses, as shown in Table 2-2 (page 13).
I2C Reference Circuit 13

C H A P T E R 2
Fo D A (at) 781
TH st -00
SPI Reference Circuit
for -0
re co th
The reference circuit for SPI operation of the CP is shown in Figure 2-3 (page 14).
C5
Figure 2-3 Reference circuit for CP as SPI slave
st
e
See note 1 MODE1/SPI_nSS MODE0/SPI_CLK See note 1
SPI_SOMI
VCC
6
See note 2 nRESET SPI_SIMO
VCC VSS
Su stic .co
0.1 F
The following notes apply to Figure 2-3:

7
■ Note 1: Hold MODE1 and MODE0 low at reset time (see “Communication Mode Selection” (page
12)). This selects SPI mode, after which the low signal on SPI_nSS addresses the CP as an SPI
n
u
slave.
■ Note 2: An active-low voltage supervisor (not shown) is recommended. nRESET should be
connected either to a GPIO on the accessory’s controller or to the active-low voltage supervisor.
Further details of external connections to the CP are given in “Hardware Configuration and
Interface” (page 15).
d
s L m.c
td n
.
14 SPI Reference Circuit

C H A P T E R 3
Fo D A (at) 781
TH st -00 Hardware Configuration and Interface
for -0
re co th
C5
st
e
6
Su stic .co
This chapter describes the operating modes of the iPod Authentication Coprocessor 2.0B and the
ways that it interacts with other circuitry.
System Voltage
7
n
u
The 2.0B CP may be used either in an iPod-powered accessory or in a device that has its own power
source.
Reset
The nRESET pin may be used to force a reset of the CP. While nRESET is low, the CP does not operate.
After nRESET goes high, the states of all I/O pins must remain the same for at least 30 ms. After that
time, the CP is in its reset state and ready to operate.
d
The CP is available in both standard (STD) and wide temperature range (WTR) configurations (see
s L m.c
“Recommended Operating Conditions” (page 39)). If an attempt is made to operate either configuration
outside its specified temperature or voltage range, internal sensors will force it to its reset state. If this
happens, or if any unexpected error condition occurs, the CP should be brought back to its specified
operating environment and then externally reset.
Note: The nRESET pin must not be left unconnected and must be tied to VCC if not actively driven
by the accessory controller or another component, such as a voltage supervisor (the use of which is
td n
recommended).
Communication Modes
.
The CP may be addressed using either I2C or SPI. In both cases, the CP is the slave device. The
communication mode is set by the states of MODE1 and MODE0 when nRESET goes high, as described
in “Communication Mode Selection” (page 12).
System Voltage 15
C H A P T E R 3
Hardware Configuration and Interface
Fo D A (at) 781
TH st -00
When operating, the 2.0B CP chip is internally clocked at a nominal rate of 6 MHz.
for -0
When used in I2C mode, the CP is addressed as a standard 7-bit I2C slave. The I2C slave address is
re co th
configured upon reset and is based on the MODE0 input. The I2C effective slave address for writing
C5
is shown in Figure 3-1 (page 16) and the corresponding read address in Figure 3-2 (page 16).
Figure 3-1 2
I C slave write address
st
e
A6 A5 A4 A3 A2 A1 A0 R/nW
0 0 1 0 0 0 MODE0 0
6
Figure 3-2 2
I C slave read address
Su stic .co
A6
0
A5
0
A4
1
A3
0
A2
0
A1
0
A0
MODE0
R/nW
1
7
In I2C mode, the CP has both a write address and a read address, as is typical for an I2C device. The
I2C write address of the CP consists of the seven bits [A6:A0] followed by 0 for the R/nW bit. The I2C
n
u
read address of the CP consists of the seven bits [A6:A0] followed by 1 for the R/nW bit. If the MODE0
input is connected to ground, the write and read addresses of the CP are 0x20 and 0x21 respectively;
if it is pulled high, the write and read addresses of the CP are 0x22 and 0x23.
In SPI mode, the CP does not have a protocol-level slave address. Instead, as is typical for an SPI
device, the CP is addressed by means of its slave-select pin (SPI_nSS).
Low-Power Sleep Mode

d
The 2.0B CP does not automatically enter a low-power mode. It can be forced to sleep by using the
s L m.c
Authentication Control/Status register. See “Authentication Control and Status” (page 21) for details.
Once it has gone into Sleep mode, the CP must be reset to resume normal operation. See “Reset” (page
15).
Note: To optimize accessory power usage, the CP should be put into Sleep mode whenever it is not
being used for authentication.
td n
.
16 Low-Power Sleep Mode

C H A P T E R 4
Fo D A (at) 781
TH st -00
Coprocessor Registers
for -0
re co th
C5
st
e
6
Su stic .co
Registers within the iPod Authentication Coprocessor 2.0B (CP) are accessed via either I2C or SPI
transport, as discussed in “Communication Modes” (page 15). Also see “I2C Communication
Protocol” (page 31) and “SPI Communication Protocol” (page 33) for register addressing details and
telegram formats.
7
n
Register Addresses
u
Registers and their addresses in the CP are listed in Table 4-1. Each register is discussed in the sections
that follow.
Note: Registers in the same block with consecutive addresses may be read from sequentially in
increasing numerical order. With the exception of the iPod certificate data registers (addresses
0x51-0x5F), registers in the same block with consecutive addresses may also be written to sequentially
in increasing numerical order. Multibyte numeric values are stored in big-endian order; for example,
the first byte in a two-byte register is the MSB of the stored value and the second byte is its LSB.
d
s L m.c
Table 4-1 iPod Authentication Coprocessor 2.0B register map
Register Block Register name Length Contents after Access mode

address in bytes reset
0x00 0 Device Version 1 0x03 Read-only
0x01 0 Firmware Version 1 0x01 Read-only

td n
0x02 0 Authentication Protocol Major 1 0x02 Read-only

Version
0x03 0 Authentication Protocol Minor 1 0x00 Read-only

.
Version
0x04 0 Device ID 4 0x00000200 Read-only
0x05 0 Error Code 1 0x00 Read-only

(cleared on read)
Register Addresses 17
C H A P T E R 4
Fo D A (at) 781
TH st -00
Register
address
Block Register name Length
in bytes
Contents after
reset
Access mode
for -0
re co th
C5
0x10 1 Authentication Control/Status 1 0x00 Read/write
0x11 1 Signature Data Length 2 128 Read/write
st
e
0x12 1 Signature Data 128 Undefined Read/write
6
0x20 2 Challenge Data Length 2 20 Read/write
Su stic .co
0x21 2 Challenge Data 20 Undefined Read/write
0x30 3 Accessory Certificate Data 2 ≤1920 Read-only

7
Length
n
0x31 3 Accessory Certificate Data 128 Certificate Read-only
u
(Page 1)

(Page 2)

(Page 3)

(Page 4)

d
(Page 5)
s L m.c

(Page 6)

(Page 7)

td n
(Page 8)

(Page 9)
.
0x3A 3 Accessory Certificate Data 128 Certificate Read-only

(Page 10)
0x3B 3 Accessory Certificate Data 128 Certificate Read-only

(Page 11)
18 Register Addresses
C H A P T E R 4
Fo D A (at) 781
TH st -00Register
address
Block Register name Length
in bytes
Contents after
reset
Access mode
for -0
re co th
0x3C 3 Accessory Certificate Data 128 Certificate Read-only
(Page 12)
C5
0x3D 3 Accessory Certificate Data 128 Certificate Read-only

(Page 13)
st
e
0x3E 3 Accessory Certificate Data 128 Certificate Read-only
(Page 14)
6
0x3F 3 Accessory Certificate Data 128 Certificate Read-only

(Page 15)
Su stic .co
0x40 4 Self-test Control/Status 1 0x00 Read/write
7
n
0x50 5 iPod Certificate Data Length 2 Undefined Read/write
u
0x51 5 iPod Certificate Data (Page 1) 128 Undefined Read/write

d

s L m.c
Register Descriptions
td n
This section describes the ways that the CP registers listed in Table 4-1 are used.
Device Version
.
The Device Version read-only register contain the version number of the coprocessor device. The
current Authentication 2.0B coprocessor is designated as device version 0x03. The previous 2.0A CP
is device version 0x02 and the 1.0 CP is device version 0x01.
C H A P T E R 4
Fo D A (at) 781
TH st -00
Firmware Version
for -0
re co th
The Firmware Version read-only register contains the version number of the coprocessor firmware.
Firmware version numbers advance by whole integers.
C5
Authentication Protocol Major and Minor Versions
st
e
The Authentication Protocol Major Version and Authentication Protocol Minor Version read-only
registers provide the version number of the authentication protocol that the CP supports. This
6
information is accessed by the iAP command RetDevAuthenticationInfo during accessory

authentication.
Su stic .co
Device ID
The Device ID read-only register identifies the accessory and is accessed by the iAP command
7
SetFIDTokenValues during accessory identification.
n
u
Error Code
The Error Code read-only register stores the most recent communication or authentication process
error code generated since the register was last cleared. The error code register is cleared after it is
read. The possible error codes are listed in Table 4-2.
Table 4-2 Error codes
Code Description
0x00 No error
d
s L m.c
0x01 Invalid register for read
0x02 Invalid register for write
0x03 Invalid signature length
0x04 Invalid challenge length

td n
0x05 Invalid certificate length
0x06 Internal process error during signature generation
0x07 Internal process error during challenge generation

.
0x08 Internal process error during signature verification
0x09 Internal process error during certificate validation
0x0A Invalid process control
20 Register Descriptions
C H A P T E R 4
Fo D A (at) 781
TH st -00
Code Description
for -0
re co th
0x0B–0xFF Reserved
C5
If a single communication operation happens to produce multiple errors (for example, by writing an
invalid signature length during a multiregister write that also attempts to continue past the end of
the corresponding block) then only the highest-numbered error code is stored.
st
e
Authentication Control and Status
6
The Authentication Control/Status read/write register provides control and status information for
the CP’s authentication processes.
Su stic .co
When read from, the Authentication Control/Status register provides the status of the most recently
requested CP process, as shown in Figure 4-1 and Tables 4-3 and 4-4.
7
Figure 4-1 Authentication Control/Status register, read-only bits
n 7 6 5 4 3 2 1 0
u
ERR_SET PROC_RESULTS 0 0 0 0
Table 4-3 Authentication ERR_SET values
Value Description
0 No process or communication error is currently stored in the Error Code register
1 The Error Code register contains the most recent process or communication error. Both this
bit and the Error Code register itself are cleared after the Error Code register is next read.
d
s L m.c
Table 4-4 Authentication PROC_RESULTS values
Value Description
0 Most recent process did not produce valid results.
1 Accessory signature successfully generated.

td n
2 Challenge successfully generated.
3 iPod signature successfully verified.

.
4 iPod certificate successfully validated.
5-7 Reserved
When written to, the Authentication Control/Status register controls the start of CP processes, as
shown in Figure 4-2 and Table 4-5.
C H A P T E R 4
Fo D A (at) 781
TH st -00
Figure 4-2 Authentication Control/Status register, write-only bits
for -0
7 6 5 4 3 2 1 0
re co th
0 0 0 0 0 PROC_CONTROL
C5
Note: Attempts to write to other bits are ignored.
st
e
Table 4-5 Authentication PROC_CONTROL values
Value Description
6
0 No effect
Su stic .co
1 Start new signature-generation process
2 Start new challenge-generation process
3 Start new signature-verification process

7
4 Start new certificate-validation process

n
u
5 Force CP to sleep
6-7 Reserved
Signature Data Length

The Signature Data Length read/write register holds the length in bytes of the results of the most
recent signature-generation process (if the iPod is authenticating an accessory) or signature-verification
process (if the accessory is authenticating the iPod).
d
Before a signature-generation process begins, this register should contain 0x80, the maximum allowable
s L m.c
signature length. After completion of the signature-generation process, the CP updates this register
to contain the actual length of the generated signature. This updated value should be read in order
to determine how much of the Signature Data register contains valid signature bytes.
Before a signature-verification process begins, this register should hold the actual length of the
signature being verified.
td n
Signature Data
In the case of a signature-generation process, the Signature Data read/write register holds the newly
generated signature. In the case of a signature-verification process, it holds the signature to be verified.
.
C H A P T E R 4
Fo D A (at) 781
TH st -00
Challenge Data Length
for -0
re co th
The Challenge Data Length read/write register holds the length, in bytes, of the current challenge.
This challenge may either be written into the CP, during iPod authentication of an accessory, or
C5
generated by the CP during accessory authentication of an iPod.
Before starting a signature-generation process on the current challenge during iPod authentication
st
of an accessory, this register should contain the length of the challenge.
e
Before starting a new challenge-generation process during accessory authentication of an iPod, this
register should contain the requested challenge length.
6
The required length of a challenge, whether offered by the iPod or by an accessory, is 20 bytes. This
length requirement may not hold in future versions of the authentication protocol.
Su stic .co
Challenge Data
7
The Challenge Data read/write register holds the current challenge. This challenge may either be
written into the CP (during iPod authentication of an accessory) or generated by the CP (during
n
accessory authentication of an iPod).
u
Accessory Certificate Data Length
The Accessory Certificate Data Length read-only register holds the length of the X.509 certificate that
the iPod uses to authenticate an accessory. The length of a certificate varies but is always less than or
equal to 1920 bytes. This length limit may not hold for future versions of the authentication protocol.
Accessory Certificate Data

d
s L m.c
The Accessory Certificate Data read-only register holds the X.509 Certificate that the iPod uses to
authenticate an accessory. The Accessory Certificate may be read from the coprocessor in 128-byte
pages starting at any Accessory Certificate Data Page address, or it may be read in a continuous
stream starting at Page 1. Since the length of the Accessory Certificate varies, fewer than all of the
pages may be used. The Accessory Certificate Data Length value can be read to determine which
Accessory Certificate Data Pages contain the certificate data.
td n
Self-Test Control and Status

The Self-test Control/Status read/write register provides access to the built-in self-test functions of
the coprocessor. When it is set to a value of 1, the Self-test Control/Status register initiates a self-test
.
process, as shown in Figure 4-3 and Table 4-6.
Figure 4-3 Self-test Control/Status register, write-only bits
7 6 5 4 3 2 1 0
0 0 0 0 0 PROC_CONTROL
C H A P T E R 4
Fo D A (at) 781
TH st -00
Note: Attempts to write to other bits are ignored.
for -0
re co th
Table 4-6 Self-test PROC_CONTROL values
C5
Value Test process to be run
0 None
st
e
1 Run X.509 certificate and private key tests
2-7 Reserved
6
When read from, bits 7–4 of the Self-test Control/Status register report the results of the X.509 certificate
Su stic .co
and private key tests, as shown in Figure 4-4 and Table 4-7. The CP detects a read cycle and resets
the control/status register to 0x00 after it; hence bits 7–4 must all be retrieved in one operation.
Figure 4-4 Self-test Control/Status register, read-only bits

7
7 6 5 4 3 2 1 0
n Self-Test results 0 0 0 0
u
Table 4-7 Self-test result bits
Bit Test Bit value
0 1
7 X.509 certificate Certificate not found Certificate found in memory (see note below)
6 Private key Private key not found Private key found in memory (see note below)
d
s L m.c
5-4 Reserved
Note: The X.509 and private key tests only verify that these elements are present in Flash memory;
no authentication is performed.
td n
iPod Certificate Data Length

The iPod Certificate Data Length register holds the length of the X.509 certificate supplied by the
attached iPod. An accessory uses this certificate to authenticate an iPod in both the certificate validation
.
and signature verification processes. The length of an iPod certificate varies but is always less than
or equal to 1024 bytes. This length limit may not hold for future versions of the authentication protocol.
C H A P T E R 4
Fo D A (at) 781
TH st -00
iPod Certificate Data
for -0
re co th
The iPod Certificate Data register holds the X.509 Certificate that an accessory uses to authenticate
an iPod in both the certificate validation and signature verification processes. The iPod Certificate
C5
may be written to the coprocessor in 128-byte pages starting at any iPod Certificate Data Page address,
but it may not be written in a multipage stream. Since the length of the iPod Certificate varies, not all
of the pages need to be used. The iPod Certificate Data Length value determines which iPod Certificate
st
Data Pages contain valid certificate data.
e
6
Su stic .co
7
n
u d
s L m.c
td n
.
C H A P T E R 4
Fo D A (at) 781
TH st -00
for -0
re co th
C5
st
e
6
Su stic .co
7
n
u d
s L m.c
td n
.
C H A P T E R 5
Fo D A (at) 781
TH st -00
Authentication Data Flows
for -0
re co th
C5
st
e
6
Su stic .co
Authentication involves communication between the accessory controller (AC), the Authentication
Coprocessor (CP) in the accessory, and the iPod attached to the accessory.
Communication between the accessory controller and the CP takes place via the transport mode (I2C
or SPI) described in “Communication Modes” (page 15). Communication between the accessory
7
controller and the iPod takes place via the iPod Accessory Protocol. See the iPod Accessory Protocol
n
Interface Specification, Release R36, for full details.
u
This chapter summarizes the kinds of information that pass between the AC, the CP, and the attached
iPod.
iPod Authentication of Accessory
The sequence of interactions by which an iPod authenticates an accessory is shown in Table 5-1 (page
27). At the beginning of this process the accessory controller is granted access by iPod to the iAP
lingo or lingoes it requests; however, if the process does not finish successfully that access is terminated.
d
s L m.c
Table 5-1 Sequence of interactions by which an iPod authenticates an accessory
Command or action Direction Comments
Read Authentication Protocol CP –> AC Accessory controller reads authentication protocol

Version and Device ID version and device ID from CP
StartIDPS (iAP) AC –> iPod The accessory controller initiates and completes
td n
the Identify Device Preferences and Settings (IDPS)

SetFIDTokenValues (iAP) AC –> iPod process. It sends the iPod a set of ID tokens, one
of which includes the device ID returned by the
EndIDPS (iAP) AC –> iPod CP. See iPod Accessory Protocol Interface Specification,
Release R36, “Device Signaling and Initialization”
.
in Chapter 5 and “Sample Identication

Sequences”in Chapter 6.
GetDevAuthenticationInfo iPod –> AC iPod requests device authentication info

(iAP)
iPod Authentication of Accessory 27

C H A P T E R 5
Fo D A (at) 781
TH st -00Command or action Direction Comments
for -0
re co th
Read Accessory Certificate Length CP –> AC Accessory controller reads Accessory certificate
and Data from CP
C5
RetDevAuthenticationInfo AC –> iPod Accessory controller returns information needed

(iAP) for authentication process, using the authentication
protocol version number and X.509 certificate
st
returned by the CP
e
AckDevAuthenticationInfo iPod –> AC The status of the authentication version
6
(iAP) comparison is returned to the accessory controller.

The returned status includes information about
the validity of the X.509 certificate.
Su stic .co
GetDevAuthentication-
Signature (iAP)
iPod –> AC iPod sends accessory controller a challenge and
requests that it provide corresponding digital
signature
7
Write Challenge Length and AC –> CP Accessory controller writes challenge into CP
Challenge Data
n
u
Write Authentication Control: AC –> CP Accessory controller starts signature-generation
PROC_CONTROL = 1 process in CP
Wait for process completion CP –> AC Accessory controller waits for CP to finish
processing
Read Authentication Status CP –> AC Accessory controller reads Authentication Status

and checks PROC_RESULTS field
Read Signature Data Length and CP –> AC Accessory controller reads signature from CP
Signature Data
d
RetDevAuthentication- AC –> iPod Accessory controller returns signature to iPod

s L m.c
Signature (iAP)
AckDevAuthenticationStatus iPod –> AC Resulting success or failure of signature

(iAP) verification sent to accessory controller by iPod
Accessory Authentication of iPod

td n
The sequence of interactions by which an accessory authenticates an iPod is shown in Table 5-2 (page
28).
.
Table 5-2 Sequence of interactions by which an accessory authenticates an iPod
Read Authentication Protocol CP –> AC Accessory controller reads authentication

Version and Device ID protocol version and device ID from CP
28 Accessory Authentication of iPod

C H A P T E R 5
Fo D A (at) 781
TH st -00
for -0
re co th
The accessory controller performs the accessory identification and authentication processes listed
in Table 5-1 (page 27).
C5
These processes, by which the iPod authenticates the accessory, must finish successfully before the
sequence by which the accessory authenticates the iPod can continue.
st
GetiPodAuthenticationInfo AC –> iPod Accessory controller requests iPod
e
(iAP) authentication information
RetiPodAuthenticationInfo iPod –> AC iPod returns its authentication version and

6
(iAP) certificate
Write iPod Certificate length and AC –> CP Accessory controller writes iPod Certificate
Su stic .co
data into CP
Write Authentication Control: AC –> CP Accessory controller starts certificate

PROC_CONTROL = 4 validation process in CP
7
processing
n
u
Read Authentication Status CP –> AC Accessory controller reads Authentication
Status and checks PROC_RESULTS field
AckiPodAuthenticationInfo AC –> iPod Results of the authentication information

(iAP) comparison are returned to iPod
Write Authentication Control: AC –> CP Accessory controller starts

PROC_CONTROL = 2 challenge-generation process in CP to
calculate new challenge
processing
d
s L m.c
Read Authentication Status CP –> AC Accessory controller reads the

authentication status and checks
PROC_RESULTS field
Read Challenge Length and CP –> AC Accessory controller reads challenge from
Challenge Data CP
td n
GetiPodAuthentication- AC –> iPod Accessory controller sends challenge to iPod

Signature (iAP) and requests that iPod calculate digital
signature
RetiPodAuthentication- iPod –> AC iPod returns digital signature to Accessory

Signature (iAP) controller
.
Write Signature Data Length and AC –> CP Accessory controller writes digital signature
Signature Data into CP
Accessory Authentication of iPod 29

C H A P T E R 5
Fo D A (at) 781
TH st -00
for -0
re co th
Write Challenge Length and AC –> CP Accessory controller writes challenge into
Challenge CP (it needs to write this into the CP only if
C5
the challenge has been changed in the

meantime)
Write Authentication Control: AC –> CP Accessory controller starts
st
PROC_CONTROL = 3 signature-verification process in CP
e
6
processing
Read Authentication Status CP –> AC Accessory controller reads authentication
Su stic .co
status and checks PROC_RESULTS field
AckiPodAuthenticationStatus AC –> iPod Signature verification status is returned to

(iAP) iPod.
7
n
u d
s L m.c
td n
.
30 Accessory Authentication of iPod

C H A P T E R 6
Fo D A (at) 781
TH st -00
I2C Communication Protocol
for -0
re co th
C5
st
e
6
Su stic .co
When configured for I2C mode, the iPod Authentication Coprocessor (CP) acts as an I2C slave.
I2C_SCL is the I2C clock line and is usually driven by the accessory controller. I2C_SDA is the I2C
data line and is driven by whichever device is currently sending data. The CP may perform I2C slave
7
clock synchronization by stretching I2C_SCL, so the accessory controller must allow for this possibility.
n
The maximum supported I2C clock rate is 50 kHz. If the I2C bus is shared with other devices, the CP
u
must either be put in Sleep mode or held in reset status during any communication that exceeds this
rate.
Slave Selection and Reset
During reset, the MODE1 pin must be held high for at least 30 ms to select I2C operation, as described
in “Communication Mode Selection” (page 12). As an I2C slave, the CP is then selected in-band via
its I2C address. The least significant bit of the I2C slave address controls whether a write or a read
d
s L m.c
operation is to be performed, as described in “Communication Modes” (page 15).
Coprocessor Busy
When the CP is busy processing it is unable to handle incoming communication attempts. If the
td n
coprocessor does not ACK its slave address during an attempted I2C communication, then the
coprocessor is busy. The accessory controller must repeatedly attempt communication until the
coprocessor sends an ACK after receiving its slave address.
.
Writing to the Coprocessor
To write data to the coprocessor, follow these steps:

C H A P T E R 6
I2C Communication Protocol
Fo D A (at) 781
TH st -00
1. Send the I2C start sequence.
for -0
re co th
2. Send the I2C write address of the CP.
C5
3. Check for an ACK from the slave; if it is not received, loop back to Step 1.
4. Send the register address at which to begin writing.
st
5. Send the data bytes.
e
6. Send the I2C stop sequence.
6
Su stic .co
Reading from the Coprocessor
To read data from the coprocessor, follow these steps:

7

n
u
2. Send the I2C write address of the CP.
4. Send the register address at which to begin reading.
5. Optional: send the I2C stop sequence.
7. Send the I2C read address of the CP.

d
s L m.c
9. Read the data bytes.
10. Send the I2C stop sequence.

td n
Any additional reads after an I2C read stop sequence continue with the byte following the previous
byte read until an invalid register address or an end of block is reached, at which point the slave
returns 0xFF in response to all further reads.
.
32 Reading from the Coprocessor

C H A P T E R 7
Fo D A (at) 781
TH st -00
SPI Communication Protocol
for -0
re co th
C5
st
e
6
Su stic .co
When configured for SPI mode, the iPod Authentication Coprocessor (CP) acts as an SPI slave.
The SPI clock (SPI_CLK) controls data transfer on the master-to-slave (SPI_SIMO) and slave-to-master
(SPI_SOMI) data lines; it must be driven by the accessory controller.
7
The maximum supported SPI_CLK rate is 75 kHz.
n
u
Slave Selection and Reset
To select SPI mode, both the MODE1 and MODE0 pins must be held low for at least 30 ms during
reset, as described in “Communication Mode Selection” (page 12).
Before attempting to communicate with the CP via SPI, the accessory controller must ensure that the
SPI slave-select pin (SPI_nSS) is low.
When SPI_nSS is low, the CP drives SPI_SOMI. When SPI_nSS is high, the CP leaves SPI_SOMI
undriven and ignores any activity on SPI_CLK and SPI_SIMO.
d
s L m.c
After completing a transaction, the accessory controller may return SPI_nSS high, but it is not required
to do so. A rising-edge signal on SPI_nSS causes the CP to reset its SPI module. If the CP is the only
SPI slave in the accessory, SPI_nSS may be tied directly to ground.
If SPI_nSS is not tied to ground, its timing relations with SPI_SOMI during a typical SPI transaction
are as shown in Figure 7-1. The TSOMI_READY and TSOMI_RELEASE times are shown in Table 7-1.
td n
Figure 7-1 SPI_nSS timing
T SOMI_READY T SOMI_RELEASE
Wait for SPI_SOMI high before

T nSS_DEASSERT starting transaction
.
SPI_SOMI high-Z high-Z
SPI_nSS
Wait for SPI_SOMI high before

de-asserting SPI_nSS

C H A P T E R 7
Fo D A (at) 781
TH st -00
Table 7-1 lists the maximum values of various delays during SPI transactions by the CP. The accessory
controller should wait for at least these times at the appropriate stages of each transaction.
for -0
re co th
Table 7-1 Maximum SPI transaction delay times
C5
Name Time Description
TSOMI_READY 50 µs Delay before SPI_SOMI indicates the ready status of the coprocessor
st
e
TSOMI_RELEASE 50 µs Delay between deasserting SPI_nSS and SPI_SOMI becoming a
high-impedance input
6
TnSS_DEASSERT 300 µs Minimum time between de-asserting and re-asserting SPI_nSS.
Su stic .co
Timing and Polarity
7
The CP latches the state of SPI_SIMO on the falling edge of SPI_CLK. The accessory controller should
update SPI_SIMO on the rising edge of SPI_CLK.
n
u
When SPI_nSS is low, the CP updates SPI_SOMI on the rising edge of SPI_CLK. The accessory
controller should latch SPI_SOMI on the falling edge of SPI_CLK.
For both SPI_SIMO and SPI_SOMI, the most significant bit of a data byte is the first to be transmitted.
Coprocessor Busy
When the coprocessor is busy processing it is unable to handle incoming communication attempts.
In SPI mode, the coprocessor uses its SPI_SOMI line to indicate when it is ready to communicate.
d
s L m.c
SPI_SOMI is set low when the coprocessor is busy and set high when the coprocessor is ready for
further communication.
Before starting a new SPI transaction, the accessory controller must wait for SPI_SOMI to be set high.
Once SPI_SOMI has been set high, the accessory controller may transmit the command and length
bytes. After receiving the command and length bytes, the coprocessor will be busy preparing for the
transaction. The coprocessor sets the SPI_SOMI line high when it is ready to continue with the data
byte portion of the transaction.
td n
The overall SPI data transmission timing is shown in Figure 7-2 (page 35).
.
34 Timing and Polarity

C H A P T E R 7
Fo D A (at) 781
TH st -00
Figure 7-2 SPI data transmission timing
for -0
Cycle number 1 2 3 4 5 6 7 8
re co th
SPI_UCLK
C5
SPI_nSS
SPI_SIMO/
st
MSB LSB
SPI_SOMI
e
SPI data byte moved
to transmit buffer
6
Shift transmit data out
Receive data sample points
Su stic .co
Writing to the Coprocessor
7
n
u
To write data to the CP using SPI, follow these steps:
1. Set SPI_nSS low and wait for the TSOMI_READY delay time before continuing (see Table 7-1 (page
34)).
2. Wait for SPI_SOMI to go high.
3. Send the command byte on SPI_SIMO. This byte consists of a write bit plus the register address;
see Figure 7-3. SPI_SOMI goes low after the first bit.
4. Send the length byte on SPI_SIMO.

d
s L m.c
6. Send the data bytes on SPI_SIMO; SPI_SOMI goes low after the first bit.
7. Wait for the TSOMI_READY delay time before continuing (see Table 7-1 (page 34)).
9. Optional: set SPI_nSS high.

td n
Figure 7-3 Command byte that starts an SPI write action to the CP
7 6 5 4 3 2 1 0
.
1 CP register address to be written to
The overall timing of an SPI write transaction is shown in Figure 7-4 (page 36).

C H A P T E R 7
Fo D A (at) 781
TH st -00
Figure 7-4 Coprocessor write timing
for -0
re co th
SPI_CLK
C5
SPI_SIMO command length data1 data2 dataN
st
SPI_SOMI
e
Wait for SPI_SOMI high
6
before continuing
Su stic .co
Reading from the Coprocessor
To read data from the CP using SPI, follow these steps:

7
1. Set SPI_nSS low and wait for the TSOMI_READY delay time before continuing (see Table 7-1 (page
n
u
34)).
3. Send the command byte on SPI_SIMO. This byte consists of a read bit plus the register address;
see Figure 7-5. SPI_SOMI goes low after the first bit.
4. Send the length byte on SPI_SIMO.
6. Send a number of dummy bytes on SPI_SIMO equal to the number of data bytes to be read. While
the dummy bytes are being clocked out, read the incoming data bytes on SPI_SOMI.
d
s L m.c
7. Wait for the TSOMI_READY delay time before continuing (see Table 7-1 (page 34)).
9. Optional: set SPI_nSS high.

td n
Figure 7-5 Command byte that starts a read action from the CP
7 6 5 4 3 2 1 0
0 CP register address to be read from

.
The overall timing of an SPI read transaction is shown in Figure 7-6 (page 37).

C H A P T E R 7
Fo D A (at) 781
TH st -00
Figure 7-6 Coprocessor read timing
for -0
T SOMI_READY
re co th
SPI_CLK
C5
SPI_SIMO command length dummy1 dummy2 dummyN
st
e
SPI_SOMI data1 data2 dataN
6
Wait for SPI_SOMI high Wait for SPI_SOMI high

before continuing before next transaction
Su stic .co
7
n
u d
s L m.c
td n
.

C H A P T E R 7
Fo D A (at) 781
TH st -00
for -0
re co th
C5
st
e
6
Su stic .co
7
n
u d
s L m.c
td n
.

C H A P T E R 8
Fo D A (at) 781
TH st -00
CP Device Characteristics
for -0
re co th
C5
st
e
6
Su stic .co
This chapter provides technical details and tolerances for the Apple iPod Authentication Coprocessor
2.0B (CP) chip.
Maximum Environmental Conditions

7
n
u
Table 8-1 lists the CP’s absolute maximum electrical and free-air temperature ranges. Stresses to the
CP chip beyond the ranges listed in Table 8-1 may cause permanent damage. Exposure to either end
of any range for extended periods may affect device reliability.
Table 8-1 Maximum electrical and temperature ranges
Condition Maximum range
Voltage applied at VCC relative to VSS –0.3 V to +7.0 V
Voltage applied to any pin –0.3 V to VCC + 0.3 V

d
s L m.c
Storage temperature –55 °C to +85 °C
Recommended Operating Conditions
The CP is available in both standard (STD) and wide temperature range (WTR) configurations. Internal
td n
sensors force it to its reset state if any of the conditions listed in Table 8-2 are exceeded. Attempting
to operate the CP in this state is not recommended and may lead to device failure or unreliability.
Table 8-2 Recommended operating conditions

.
Condition Minimum Maximum Unit
STD configuration operating free-air temperature –25 +85 °C
WTR configuration operating free-air temperature –40 +85 °C
Supply voltage during program execution, STD or WTR 1.8 3.6 V
Maximum Environmental Conditions 39

C H A P T E R 8
Fo D A (at) 781
TH st -00
DC Electrical Characteristics
for -0
re co th
Tables 8-3 through 8-5 show the DC electrical characteristics of the CP chip over its recommended
C5
voltage and temperature ranges. Unless otherwise specified in these tables, VCC = 1.8 to 3.6 V; for the
STD configuration, TA = –25 °C to +85 °C and for the WTR configuration, TA = –40 °C to +85 °C.
st
Table 8-3 Supply current into VCC, excluding external current
e
Parameter Test conditions Minimum Typical Maximum Unit
6
I(AM) 7.5 mA
Active mode (authentication process running)
Su stic .co
I(sleep)
Sleep mode
TA ≤ 50 °C
TA > 50 °C
100
200
µA
7
n
Table 8-4 Inputs
u
Symbol Parameter Test conditions Minimum Typical Maximum Unit
VIH High-level input voltage VCC = 2.2 to 3.6 VCC × 0.7 VCC + 0.3 V
VCC = 1.8 to 2.2 VCC × 0.85
VIL Low-level input voltage VCC = 2.2 to 3.6 –0.3 VCC × 0.2
VCC = 1.8 to 2.2 0.2

d
Ip nRESET pullup VIN = 0 V 150 µA

s L m.c
Ilkg Leakage current VIN = 0.5 to VCC – 0.5 V 10
Table 8-5 Outputs
Symbol Parameter Test conditions Minimum Typical Maximum Unit

td n
VOH High-level output voltage IOH = +200 µA; VCC × 0.7 VCC V
VOL Low-level output voltage IOL(max) = –1 mA; VSS VSS + 0.4

.
40 DC Electrical Characteristics
C H A P T E R 8
Fo D A (at) 781
TH st -00
Timing Characteristics
for -0
re co th
This section documents the typical timing characteristics of the CP’s internal and external resets and
C5
its I/O inputs. In all cases, VCC = 1.8 to 3.6 V; for the STD configuration, TA = –25 °C to +85 °C and
for the WTR configuration, TA = –40 °C to +85 °C.
st
Figure 8-1 illustrates the timing of the CP’s internal reset during a typical power-on sequence. In the
e
diagram, TPOR1 represents the minimum time during which external power is held below VPOR1.
Table 8-6 lists the parameter values in Figure 8-1.
6
Figure 8-1 Typical power-on reset timing and voltage limits
Su stic .co
VCC
T PWON1
VPOR1
VCC-min
7
n T POR1 T PRST
u
Internal reset signal
(Enable low)
Table 8-6 Values for Figure 8-1
Symbol Description Maximum value Test condition
VPOR1 Power-on reset valid voltage 0.1 V
TPWON1 Supply voltage rise time when power-on reset is 0.5 ms TPOR1 ≥ 1 sec
d
s L m.c
cancelled
1 ms TPOR1 ≥ 10 sec
TPRST Internal reset signal release time 500 µs
Figure 8-2 illustrates a typical externally-controlled reset sequence, both immediately after power-up
td n
and at an arbitrary later time while power is on. Table 8-7 lists the parameter values in Figure 8-2.
.
Timing Characteristics 41
C H A P T E R 8
Fo D A (at) 781
TH st -00
Figure 8-2 Typical external reset timing and voltage limits
for -0
re co th
1.8V
VCC
C5
st
RES
VCC x 0.2 VCC x 0.2 VCC x 0.2
e
T RW L 1 T RW L 2
6
Symbol Description Minimum value
Su stic .co
TRLW1
TRLW2
Reset pulse width, cold reset
Reset pulse width, warm reset 200 µs

500 µs
7
Figure 8-3 illustrates the CP’s typical I/O port input signal timing and voltage limits. Table 8-8 lists
n
u
the parameter values in Figure 8-3.
Figure 8-3 Typical I/O port input waveform
VCC x 0.7 VCC x 0.7

I/O port
(input) VCC x 0.2 VCC x 0.2
TF TR
Symbol Description Maximum value

d
s L m.c
TF Fall time 1.0 µs
TR Rise time 1.0 µs
Mechanical Package Characteristics

td n
The 2.0B CP is available in two packages: no-lead QFN-20 and SOP-8. The QFN-20 package is shown
in Figure 8-4 (page 43) and its dimensions in millimeters are listed in Table 8-9 (page 43). The SOP-8
package is shown in Figure 8-5 (page 44) and its dimensions in millimeters are listed in Table 8-10 (page
.
44). These drawings and their dimensions are subject to change without notice.
42 Mechanical Package Characteristics

C H A P T E R 8
Fo D A (at) 781
TH st -00
Figure 8-4 2.0B iPod Authentication Coprocessor QFN-20 package
for -0
HD
re co th
D
11 12 13 14 15
C5
10 16
st
9 17
e
e
HE E 8 18
7 19
6
6 20
ZE
LP
Su stic .co x4
t
y1
ZD
5 4 3
b
b1
2 1
x M
7
Bottom View
c
c1
n A2 A
u
A1
y
Table 8-9 QFN-20 package dimensions in millimeters
Symbol Minimum Nominal Maximum Notes
D 4.0
E 4.0
A2 0.89
d
s L m.c
A 0.95
A1 0.005 0.02 0.04
b 0.17 0.22 0.27 Including plating thickness
b1 0.17 0.20 0.23 Base material dimension

td n
e 0.5
Lp 0.50 0.60 0.70

.
x 0.05
y 0.05
y1 0.20
t 0.20

C H A P T E R 8
Fo D A (at) 781
TH st -00
for -0
re co th
HD 4.2
C5
HE 4.2
ZD 1.0
st
e
ZE 1.0
c 0.17 0.22 0.25 Including plating thickness

6
c1 0.17 0.20 0.23 Base material dimension
Su stic .co
Mass 0.04 g
Figure 8-5 2.0B iPod Authentication Coprocessor SOP-8 package

7
HD
n 8 5
u
HE
1 4
d
W
s L m.c
ZD
W1
A1 A c WA
e
W2
t
td n
b x M
Table 8-10 SOP-8 package dimensions in millimeters

.
A 1.73
A1 0.102 0.14 0.154
b 0.35 0.40 0.45 Palladium plated

C H A P T E R 8
Fo D A (at) 781
TH st -00
for -0
re co th
e 1.27
x 0.25
C5
t 0.10
st
HD 4.89 5.15
e
HE 3.90
6
ZD 0.69
Su stic .co
c 0.15 0.20 0.25 Palladium plated
W 5.84 6.02 6.20
W1 1.06
7
WA 0° 8°
n
u
W2 0.406 0.60 0.889
Mass 0.08 g
d
s L m.c
td n
.

C H A P T E R 8
Fo D A (at) 781
TH st -00
for -0
re co th
C5
st
e
6
Su stic .co
7
n
u d
s L m.c
td n
.

R E V I S I O N H I S T O R Y
Fo D A (at) 781
TH st -00
Document Revision History
for -0
re co th
C5
st
e
6
Su stic .co
This table describes the changes to iPod Authentication Coprocessor 2.0B Specification.
Date Notes
2009-07-27 Release R5:

7
Updated Table 5-1 (page 27) and Table 5-2 (page 28) to conform to current
n
u
IDPS and authentication processes (see iPod Accessory Protocol Interface
Specification, Release R36, Chapter 5 and Appendix B).
2008-01-16 Release R4:
Added documentation for the SOP-8 package and WTR (wide temperature
range) configurations of the CP.
Added TnSS_DEASSERT timing to “Slave Selection and Reset” (page 33).
Increased the maximum supported I2C and SPI clock rates.

d
2007-05-21 Release R3:

s L m.c
Removed references to Verification/Validation Status register (no longer

used).
2007-05-14 Release R2:
Added Device Version register (Table 4-1).

td n
Renamed communication mode selection and configuration pins (now

MODE1 and MODE0).
Added new section “Communication Mode Selection” (page 12).
Added sleep function to Authentication Control/Status Register.

.
Limited iPod certificate data to 1024 bytes (8 pages).
Modified process for accessory authentication of iPod.
Provided values for maximum SPI transaction delay times (Table 7-1).
47
R E V I S I O N H I S T O R Y
Document Revision History
Fo D A (at) 781
TH st -00
Date Notes
for -0
re co th
Widened storage temperature range (Table 8-1).
Changed maximum supply current values (Table 8-3).

C5
2007-03-29 Release R1: Initial publication.
st
e
6
Su stic .co
7
n
u d
s L m.c
td n
.
48

Mfi 2.0B

Uploaded by

Copyright:

Available Formats

Mfi 2.0B

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Mfi 2.0B

Uploaded by

Copyright:

Available Formats

What is the document about?

What is the document about?

What communication protocols are supported?

What communication protocols are supported?

iPod Authentication Coprocessor 2.

© 2009 Apple Inc. DIRECT, INDIRECT, SPECIAL, INCIDENTAL,

written permission of Apple Inc., with the warranty.

Use of the “keyboard” Apple logo

the information in this document is

accurate. Apple is not responsible for

Apple, the Apple logo, iPod, and Pages are

trademarks of Apple Inc., registered in the

REPRESENTATION, EITHER EXPRESS OR

Chapter 2 Signal Descriptions and Reference Circuits 11

CP Signals and Pinouts 11

n Communication Mode Selection 12

Chapter 3 Hardware Configuration and Interface 15

Chapter 4 Coprocessor Registers 17

Challenge Data Length 23

iPod Authentication of Accessory 27

Slave Selection and Reset 31

Chapter 7 SPI Communication Protocol 33

Slave Selection and Reset 33

Chapter 8 CP Device Characteristics 39

Maximum Environmental Conditions 39

Mechanical Package Characteristics 42

Document Revision History 47

Table 1-1 Document-specific terminology 8

Chapter 2 Signal Descriptions and Reference Circuits 11

Su stic .co Figure 2-1

Table 2-1 CP signals 11

Figure 3-1 I2C slave write address 16

Chapter 4 Coprocessor Registers 17

Figure 4-1 Authentication Control/Status register, read-only bits 21

Figure 4-2 Authentication Control/Status register, write-only bits 22

Figure 4-3 Self-test Control/Status register, write-only bits 23

Table 4-5 Authentication PROC_CONTROL values 22

Chapter 5 Authentication Data Flows 27

Table 5-1 Sequence of interactions by which an iPod authenticates an accessory 27

Chapter 8 CP Device Characteristics 39

Figure 8-5 2.0B iPod Authentication Coprocessor SOP-8 package 44

An Apple iPod verifies whether a device attached to it is an authorized accessory by issuing an

device as an authorized accessory.

For accessory authentication of the iPod:

Table 1-1 Document-specific terminology

Accessory controller The microcontroller in an iPod accessory responsible for implementing

Authentication A device in an accessory controller that provides iPod-related digital

computation on the offered challenge and return the resulting digital

8 Terminology Used in This Document

specification is located at http://www.semiconductors.philips.com/

■ “Must” means that the specification is an absolute requirement.

CP Signals and Pinouts

Table 2-1 CP signals

Signal name QFN-20 pin SOP-8 pin I/O Description

VCC 5 4 I Supply voltage, positive terminal

VSS 11 5 I Supply voltage, negative terminal

nRESET 4 3 I CP reset (active low)

I2C_SDA 13 7 I/O I2C mode: I2C data

I2C_SCL 12 6 I/O I2C mode: I2C clock