Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Several encrypted keys in key set #50

Closed
Louti opened this issue Jan 9, 2017 · 4 comments
Closed

Several encrypted keys in key set #50

Louti opened this issue Jan 9, 2017 · 4 comments
Assignees
@horrorho
Labels
bug

Comments

@Louti
Copy link

Louti commented Jan 9, 2017

Hello,

Sometimes some records have more encrypted key (in ProtectionInfo.EncryptedKeys) and when you try to get the master key in Optional encryptedKey(Set encryptedKeySet) you try only the first one.

Sometimes the other ones will work but not the first one, I made a quick fix (more of a hack) to try if it worked and it did.

This would be the new code, but as I said it's just a test code :

`Optional< byte[]> masterKey(Set encryptedKeySet, LinkedHashMap<KeyID, Key> keys) {
logger.info("-- masterKey2()");
Optional<byte[]> opb = encryptedKey(encryptedKeySet, false)
.flatMap(ek -> unwrapKey(ek, keys));

    if (!opb.isPresent())
    	return encryptedKey(encryptedKeySet, true)
                .flatMap(ek -> unwrapKey(ek, keys));
    else
    	return opb;
}

Optional<EncryptedKey> encryptedKey(Set<EncryptedKey> encryptedKeySet, boolean second)  {
    logger.info("-- encryptedKey() - encrypted key set: {}", encryptedKeySet);
    if (encryptedKeySet.size() != 1) {
        logger.warn("-- encryptedKey() - unexpected encrypted key count: {}", encryptedKeySet.size());
        if (second)
        {
        	Iterator it = encryptedKeySet.stream().iterator();
            EncryptedKey ek = (EncryptedKey) it.next();
            ek = (EncryptedKey) it.next();
            Optional<EncryptedKey> oek = Optional.of(ek);
            return oek;
        }
    }
    
    Optional<EncryptedKey> ek = encryptedKeySet.stream()
            .findFirst();
    
    return ek;
}`

Just so you know.
@horrorho
Copy link
Owner

horrorho commented Jan 9, 2017

Thank you! I had envisioned this scenario but having never seen it I incorrectly assumed it wasn't a concern.

If you would like, you can submit a pull request and I can test/ tidy it and you can have a recognised contribution. It doesn't have to be perfect, you can just add in your hacked code as an alternatively named set of functions in PZFactory.java and I can take it from there. The real value of the contribution is the further elucidation of the underlying CloudKit protocol, not so much the code itself.

Alternatively I can just code a solution and add you to the thank you list.

@horrorho horrorho self-assigned this Jan 9, 2017
@horrorho horrorho added the bug label Jan 9, 2017
@Louti
Copy link
Author

Louti commented Jan 10, 2017

I will propose a patch :)

@horrorho
Copy link
Owner

I've been working on a new tool and I've examined the IPSW disassembly for this routine. There is an issue with InflatableDonkey converting a list to a set further up the chain which is jumbling the order in which keys arrive. My understanding is that the first key should work if presented in the correct order. I'll issue a patch over the weekend. That being said your approach is more robust.

horrorho added a commit that referenced this issue Apr 21, 2017
@horrorho
Issue #50 multiple key support
e7ee2e7
@horrorho
Copy link
Owner

I've patched in multiple key support. Hopefully this should resolve the issue. Please re-open the ticket if the issue persists. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@horrorho horrorho

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Louti @horrorho