Thanks for the information that furthered mine. The JTAG was brought up in a quotation that Ray posted. . . so I challenged if he even knew what it was. I knew he didn't know it was a way to poll the silicon to test for function, etc. He tossed it out trying to show he was "ept" when he really wasn't. The point apparently was that it could be a means of finding the code or UID and GID, etc., when Apple had already anticipated that.
My understanding is that to get a true random number seed, Apple has used the microphone, camera, and accelerometer sensors to poll when the AES encryption is first generated to get input to put into the random number generator. To be assured of re-creating the same thing later, they store that seed that was created in the same location the HASHes are stored.
That makes sense. The best way to get a cryptographically sound random key is to pull in high entropy sources like noise in microphones or noise in camera CMOS sensors. Basically make it impossible for an adversary to recreate. If they store that as a seed for a pseudorandom number generator that would be a sound way of restoring the AES key when it is needed.