Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nimble crashes with 'Illegal instruction: 4' #22

Closed
angelovAlex opened this issue Jan 6, 2015 · 7 comments
Closed

Nimble crashes with 'Illegal instruction: 4' #22

angelovAlex opened this issue Jan 6, 2015 · 7 comments

Comments

@angelovAlex
Copy link

Hi, @meeee. Thank you for the new updates.
So the issue is in the title. I copied nimble binary to /private/var/Keychains on my iPhone, changed permission and got this error 'Illegal instruction: 4'.
What does nimble do? Or where I can find a working version?
Another question is do I have to have device certificate for every device? I already use PushProxy, so can I use a certificate extracted from OS X?
iPhone 6, iOS 8.1.2.
@bored-engineer
Copy link

The nimble binary is likely not compiled for arm64. That's my guess

@angelovAlex
Copy link
Author

That's my guess too, because it works on my iPad. The question is what is it doing or where I can get a new binary?

@angelovAlex
Copy link
Author

Ok, I dumped this certificate using this tool ptoomey3/Keychain-Dumper#13.

@mfrister
Copy link
Owner

mfrister commented Jan 9, 2015

Yep, some ARM architecture issue is also my guess.

It's great to know there's another utility. I'd be happy if you could write down a few sentences about how to use the tool, so I can add the instructions to the README. I think having an open source utility is way better than the binary-only nimble tool (besides working on newer devices).

I'm not sure whether you need a different device certificate for each device, but I suspect using the same certificate for multiple devices might result in problems with message routing as the device certificate is probably used as identification and authentication for the device and thus associated with push tokens used for message routing.

You could try using a certificate from a device that longer uses it:

  • Extract the certificate from device A
  • Put the extracted certificate into push proxy under the name of device B's certificate's common name
  • Force device A to request a new push certificate - delete the push keychain on device A or make pushproxy return a TLS certificate error for that device, e.g. 'peer certificate error' - this should force the device to request a new certificate after a few attempts.

Note that doing that between a Mac and an iOS device might not work as the device certificates contain an X.509 extension that is iOS/OS X-specific.

This might allow you to use the push service via pushproxy on both devices at the same time. I've never tried that, but would be interested in what happens :)

@angelovAlex
Copy link
Author

To extract certificate from iOS device you need to download and compile Keychain-Dumper (modified version is here: https://github.com/reinitialized/Keychain-Dumper) and a binary should be signed. There's an instruction of how to sign the binary using self-signed certificate in Keychain-Dumper's README. Upload this binary to device and run it with -k:

./KeychainDumper_signed -k

Find the key where label is APSClientIdentity and copy the key

Key
---
Entitlement Group: com.apple.apsd
Label: APSClientIdentity
Application Label: <XXXX>
Key Class: Private
Permanent Key: True
Key Size: 1024
Effective Key Size: 1024
For Encryption: False
For Decryption: True
For Key Derivation: True
For Signatures: True
For Signature Verification: False
For Key Wrapping: False
For Key Unwrapping: True
-----BEGIN RSA PRIVATE KEY-----
XXXX
-----END RSA PRIVATE KEY-----

Then run this tool with -i and copy certificate

./KeychainDumper_signed -k

Identity
--------
Certificate
-----------
Summary: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX                   //INDENTIFIER ! ! !
Entitlement Group: com.apple.apsd
Label: APSClientIdentity
Serial Number: XXXX
Subject Key ID: XXXX
Subject Key Hash: XXXX
-----BEGIN CERTIFICATE-----
XXXX
-----END CERTIFICATE-----

Put key and certificate in one file and rename it to the INDENTIFIER.pem and put this file in certs/device.
I'm not sure if that's enough because connection with my iPhone doesn't look stable and it reconnects periodically.

By the way, I usually get those errors when my server is not available. So instead of thinking that something wrong with your certificates, check if there's any SSL error in pushproxy's output.

apsd[xx]: Failed to evaluate trust: No error. (0), result=5; retrying with revocation checking optional
apsd[xx]: Failed to evaluate trust: No error. (0), result=5; retrying with system roots
apsd[xx]: Failed to evaluate trust: No error. (0), result=5

@mfrister
Copy link
Owner

Thanks for documenting the steps! I added them to the README.

I'm not sure if that's enough because connection with my iPhone doesn't look stable and it reconnects periodically.

Do you see any error messages either from pushproxy or in the apsd debug log when your iPhone disconnects?

By the way, I usually get those errors when my server is not available. So instead of thinking that something wrong with your certificates, check if there's any SSL error in pushproxy's output.

That's a bit strange, as these errors should only appear when apsd attempts to do a TLS handshake, which it wouldn't without a TCP connection. Is there any way apsd connects to another server with a wrong TLS certificate when your server is not running?

@mfrister
Copy link
Owner

Closing due to inactivity, please reopen if this is still an issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mfrister @bored-engineer @angelovAlex