diff --git a/apns.py b/apns.py index 09106a4..f0a17f4 100644 --- a/apns.py +++ b/apns.py @@ -374,6 +374,18 @@ class APNSField: self.id.to_bytes(1, "big") + len(self.value).to_bytes(2, "big") + self.value ) +async def receive_exact(stream: trio.abc.Stream, length: int) -> bytes: + """Receives exactly length bytes from the given stream""" + buffer = b"" + while len(buffer) < length: + b = await stream.receive_some(length - len(buffer)) + if b == b"": + raise Exception("Unable to read payload from stream (EOF)") + elif b is None: + logger.warning("Got None from receive_some, why?") + else: + buffer += b + return buffer @dataclass class APNSPayload: @@ -385,20 +397,17 @@ class APNSPayload: @staticmethod async def read_from_stream(stream: trio.abc.Stream) -> APNSPayload: """Reads a payload from the given stream""" - if not (id_bytes := await stream.receive_some(1)): - raise Exception("Unable to read payload id from stream") - id: int = int.from_bytes(id_bytes, "big") + id = await receive_exact(stream, 1) + id = int.from_bytes(id, "big") - if (length := await stream.receive_some(4)) is None: - raise Exception("Unable to read payload length from stream") + length = await receive_exact(stream, 4) length = int.from_bytes(length, "big") if length == 0: return APNSPayload(id, []) + + buffer = await receive_exact(stream, length) - buffer = await stream.receive_some(length) - if buffer is None: - raise Exception("Unable to read payload from stream") fields = [] while len(buffer) > 0: diff --git a/demo.py b/demo.py index 39bd5e0..98f4f1c 100644 --- a/demo.py +++ b/demo.py @@ -6,6 +6,7 @@ from subprocess import PIPE, Popen from rich.logging import RichHandler import apns +import ids.facetime import ids import imessage @@ -21,7 +22,7 @@ logging.getLogger("py.warnings").setLevel(logging.ERROR) # Ignore warnings from logging.getLogger("asyncio").setLevel(logging.WARNING) logging.getLogger("jelly").setLevel(logging.INFO) logging.getLogger("nac").setLevel(logging.INFO) -logging.getLogger("apns").setLevel(logging.INFO) +logging.getLogger("apns").setLevel(logging.DEBUG) logging.getLogger("albert").setLevel(logging.INFO) logging.getLogger("ids").setLevel(logging.DEBUG) logging.getLogger("bags").setLevel(logging.INFO) @@ -67,7 +68,7 @@ async def main(): async with apns.APNSConnection.start(push_creds) as conn: await conn.set_state(1) - await conn.filter(["com.apple.madrid"]) + await conn.filter(["com.apple.madrid"]+ids.facetime.TEST_TOPICS) user = ids.IDSUser(conn) user.auth_and_set_encryption_from_config(CONFIG) @@ -80,6 +81,7 @@ async def main(): CONFIG["id"] = { "key": user._id_keypair.key, "cert": user._id_keypair.cert, + "ft_cert": user._facetime_cert, } CONFIG["auth"] = { "key": user._auth_keypair.key, @@ -97,6 +99,8 @@ async def main(): with open("config.json", "w") as f: json.dump(CONFIG, f, indent=4) + await ids.facetime.provision_alias(user) + im = imessage.iMessageUser(conn, user) # Send a message to myself @@ -182,9 +186,34 @@ async def input_task(im: imessage.iMessageUser): print("No chat selected") async def output_task(im: imessage.iMessageUser): + import plistlib while True: - msg = await im.receive() - print(str(msg)) + def check(payload: apns.APNSPayload): + # Check if the "c" key matches + #ody = payload.fields_with_id(3)[0].value + #if body is None: + #3 return False + #body = plistlib.loads(body) + #if not "c" in body: + # return False + #if isinstance(c, int) and body["c"] != c: + # return False + #elif isinstance(c, list) and body["c"] not in c: + # return False + return True + + payload = await im.connection.expect_notification(ids.facetime.TEST_TOPICS, check) + + body_bytes: bytes = payload.fields_with_id(3)[0].value + body: dict[str, Any] = plistlib.loads(body_bytes) + + print(body) + + print(im._decrypt_payload(body["P"])) + #return body + + #msg = await im.receive() + #print(str(msg)) if __name__ == "__main__": diff --git a/ids/__init__.py b/ids/__init__.py index d15c878..7a2bfac 100644 --- a/ids/__init__.py +++ b/ids/__init__.py @@ -67,12 +67,12 @@ class IDSUser: self.ec_key, self.rsa_key will be set to a randomly gnenerated EC and RSA keypair if they are not already set """ - + self.ngm = encryption.NGMIdentity(self.extra.get("device_key"), self.extra.get("prekey")) self.extra["device_key"] = self.ngm.device_key self.extra["prekey"] = self.ngm.pre_key - cert = identity.register( + certs = identity.register( b64encode(self.push_connection.credentials.token), self.handles, self.user_id, @@ -82,7 +82,8 @@ class IDSUser: validation_data, self.ngm ) - self._id_keypair = _helpers.KeyPair(self._auth_keypair.key, cert) + self._id_keypair = _helpers.KeyPair(self._auth_keypair.key, certs["com.apple.madrid"]) + self._facetime_cert = certs["com.apple.private.alloy.facetime.multi"] #self.extra = extra @@ -114,7 +115,8 @@ class IDSUser: (rsa_key := encryption.get("rsa_key")) and (signing_key := encryption.get("ec_key")) and (cert := id.get("cert")) and - (key := id.get("key")) + (key := id.get("key")) and + (ft_cert := id.get("ft_cert")) ): self.encryption_identity = identity.IDSIdentity( encryption_key=rsa_key, @@ -123,6 +125,8 @@ class IDSUser: id_keypair = _helpers.KeyPair(key, cert) self.restore_identity(id_keypair) + + self._facetime_cert = ft_cert else: logging.info("Registering new identity...") import emulated.nac @@ -132,6 +136,7 @@ class IDSUser: self.register(vd) - async def lookup(self, uris: list[str], topic: str = "com.apple.madrid") -> Any: - return await query.lookup(self.push_connection, self.current_handle, self._id_keypair, uris, topic) - + async def lookup(self, uris: list[str], topic: str = "com.apple.madrid", keypair = None) -> Any: + if keypair is None: + keypair = self._id_keypair + return await query.lookup(self.push_connection, self.current_handle, keypair, uris, topic) diff --git a/ids/facetime.py b/ids/facetime.py new file mode 100644 index 0000000..0e000fa --- /dev/null +++ b/ids/facetime.py @@ -0,0 +1,112 @@ +from ids import IDSUser +import logging +logger = logging.getLogger("ids") +import plistlib +from ids._helpers import PROTOCOL_VERSION, KeyPair, parse_key, serialize_key +from ids.signing import add_auth_signature, armour_cert, add_id_signature, add_push_signature +import requests +import base64 +import time + +TEST_TOPICS = ["com.apple.ess", + "com.apple.private.alloy.facetime.video", + "com.apple.private.alloy.facetime.sync", + "com.apple.private.alloy.facetime.lp", + "com.apple.private.alloy.facetime.mw", + "com.apple.private.alloy.facetime.multi", + "com.apple.ids" + ] +async def provision_alias(user: IDSUser): + logger.debug(f"Adding new temp alias") + body = { + "attributes": { + "allowedServices": { + "com.apple.private.alloy.facetime.multi": [] + }, + # Unix timestamp in seconds, with decimal places, for 1 year from now + "expiry-epoch-seconds": time.time() + 31536000, + "featureId": "Gondola" + }, + "operation": "create" + } + body = plistlib.dumps(body) + + headers = { + "x-protocol-version": PROTOCOL_VERSION, + "x-id-self-uri": user.current_handle, + } + add_push_signature(headers, body, "id-provision-alias", user._push_keypair, base64.b64encode(user.push_connection.credentials.token)) + # Create ID keypair with facetime cert + keypair = KeyPair( + user._id_keypair.key, + user._facetime_cert, + ) + add_id_signature(headers, body, "id-provision-alias", keypair, base64.b64encode(user.push_connection.credentials.token)) + + r = requests.post( + "https://identity.ess.apple.com/WebObjects/TDIdentityService.woa/wa/provisionAlias", + headers=headers, + data=body, + verify=False, + ) + r = plistlib.loads(r.content) + + print(r) + alias = r["alias"] + # remove pseud: prefix + alias = alias[6:] + # link + + pub, key = create_key() + print(f"https://facetime.apple.com/join#v=1&p={alias}&k={pub}") + print(key) + + # print(await user.lookup(["mailto:jjtech@jjtech.dev"])) + + #print(await user.lookup([f"pseud:{alias}"], "com.apple.private.alloy.facetime.multi", KeyPair(user._auth_keypair.key, user._facetime_cert))) + +def parse_key(key: str): + # Add = padding + key = key + "=" * (4 - len(key) % 4) + # Urlsafe base64 decode + key = base64.urlsafe_b64decode(key) + print(key.hex()) + # Parse as a P256 key + from cryptography.hazmat.primitives.asymmetric import ec + from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat + + # Parse compressed key... need to add 0x02 prefix + k = ec.EllipticCurvePublicKey.from_encoded_point(ec.SECP256R1(), b"\x02" + key) + # Serialize as PEM + k = k.public_bytes(Encoding.PEM, PublicFormat.SubjectPublicKeyInfo) + print(k.decode()) + +def create_key() -> tuple[str, str]: + """ + Create a P256 keypair and return the public key as a URL-safe base64 string + and the private key as a PEM string. + """ + + # Generate a P256 keypair + from cryptography.hazmat.primitives.asymmetric import ec + from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat + + # Generate keys until we get one that is even + key = None + pub = None + + while True: + key = ec.generate_private_key(ec.SECP256R1()) + pub = key.public_key().public_bytes(Encoding.X962, PublicFormat.CompressedPoint) + if pub[0] == 0x02: + pub = pub[1:] + break + + # URL-safe base64 encode + pub = base64.urlsafe_b64encode(pub).decode() + # Remove padding + pub = pub.replace("=", "") + + # Turn private key into PEM for convenience + return pub, serialize_key(key) + diff --git a/ids/identity.py b/ids/identity.py index 645130e..0b370b2 100644 --- a/ids/identity.py +++ b/ids/identity.py @@ -13,57 +13,61 @@ from cryptography.hazmat.primitives.asymmetric import ec, rsa from typing import Self import logging + logger = logging.getLogger("ids") + class IDSIdentity: def __init__( - self, - signing_key: str | None = None, - encryption_key: str | None = None, - signing_public_key: str | None = None, - encryption_public_key: str | None = None - ): + self, + signing_key: str | None = None, + encryption_key: str | None = None, + signing_public_key: str | None = None, + encryption_public_key: str | None = None, + ): if signing_key is not None: self.signing_key = signing_key - self.signing_public_key = serialize_key(parse_key(signing_key).public_key())# type: ignore + self.signing_public_key = serialize_key(parse_key(signing_key).public_key()) # type: ignore elif signing_public_key is not None: self.signing_key = None self.signing_public_key = signing_public_key else: # Generate a new key self.signing_key = serialize_key(ec.generate_private_key(ec.SECP256R1())) - self.signing_public_key = serialize_key(parse_key(self.signing_key).public_key())# type: ignore + self.signing_public_key = serialize_key(parse_key(self.signing_key).public_key()) # type: ignore if encryption_key is not None: self.encryption_key = encryption_key - self.encryption_public_key = serialize_key(parse_key(encryption_key).public_key())# type: ignore + self.encryption_public_key = serialize_key(parse_key(encryption_key).public_key()) # type: ignore elif encryption_public_key is not None: self.encryption_key = None self.encryption_public_key = encryption_public_key else: self.encryption_key = serialize_key(rsa.generate_private_key(65537, 1280)) - self.encryption_public_key = serialize_key(parse_key(self.encryption_key).public_key())# type: ignore + self.encryption_public_key = serialize_key(parse_key(self.encryption_key).public_key()) # type: ignore @classmethod def decode(cls, inp: bytes) -> Self: input = BytesIO(inp) - assert input.read(5) == b'\x30\x81\xF6\x81\x43' # DER header + assert input.read(5) == b"\x30\x81\xF6\x81\x43" # DER header raw_ecdsa = input.read(67) - assert input.read(3) == b'\x82\x81\xAE' # DER header + assert input.read(3) == b"\x82\x81\xAE" # DER header raw_rsa = input.read(174) # Parse the RSA key raw_rsa = BytesIO(raw_rsa) - assert raw_rsa.read(2) == b'\x00\xAC' # Not sure what this is - assert raw_rsa.read(3) == b'\x30\x81\xA9' # Inner DER header - assert raw_rsa.read(3) == b'\x02\x81\xA1' + assert raw_rsa.read(2) == b"\x00\xAC" # Not sure what this is + assert raw_rsa.read(3) == b"\x30\x81\xA9" # Inner DER header + assert raw_rsa.read(3) == b"\x02\x81\xA1" rsa_modulus = raw_rsa.read(161) rsa_modulus = int.from_bytes(rsa_modulus, "big") - assert raw_rsa.read(5) == b'\x02\x03\x01\x00\x01' # Exponent, should always be 65537 + assert ( + raw_rsa.read(5) == b"\x02\x03\x01\x00\x01" + ) # Exponent, should always be 65537 # Parse the EC key - assert raw_ecdsa[:3] == b'\x00\x41\x04' + assert raw_ecdsa[:3] == b"\x00\x41\x04" raw_ecdsa = raw_ecdsa[3:] ec_x = int.from_bytes(raw_ecdsa[:32], "big") ec_y = int.from_bytes(raw_ecdsa[32:], "big") @@ -74,25 +78,27 @@ class IDSIdentity: rsa_key = rsa.RSAPublicNumbers(e=65537, n=rsa_modulus) rsa_key = rsa_key.public_key() - return IDSIdentity(signing_public_key=serialize_key(ec_key), encryption_public_key=serialize_key(rsa_key)) - + return IDSIdentity( + signing_public_key=serialize_key(ec_key), + encryption_public_key=serialize_key(rsa_key), + ) def encode(self) -> bytes: output = BytesIO() raw_rsa = BytesIO() - raw_rsa.write(b'\x00\xAC') - raw_rsa.write(b'\x30\x81\xA9') - raw_rsa.write(b'\x02\x81\xA1') - raw_rsa.write(parse_key(self.encryption_public_key).public_numbers().n.to_bytes(161, "big")) # type: ignore - raw_rsa.write(b'\x02\x03\x01\x00\x01') # Hardcode the exponent + raw_rsa.write(b"\x00\xAC") + raw_rsa.write(b"\x30\x81\xA9") + raw_rsa.write(b"\x02\x81\xA1") + raw_rsa.write(parse_key(self.encryption_public_key).public_numbers().n.to_bytes(161, "big")) # type: ignore + raw_rsa.write(b"\x02\x03\x01\x00\x01") # Hardcode the exponent - output.write(b'\x30\x81\xF6\x81\x43') - output.write(b'\x00\x41\x04') - output.write(parse_key(self.signing_public_key).public_numbers().x.to_bytes(32, "big"))# type: ignore - output.write(parse_key(self.signing_public_key).public_numbers().y.to_bytes(32, "big"))# type: ignore + output.write(b"\x30\x81\xF6\x81\x43") + output.write(b"\x00\x41\x04") + output.write(parse_key(self.signing_public_key).public_numbers().x.to_bytes(32, "big")) # type: ignore + output.write(parse_key(self.signing_public_key).public_numbers().y.to_bytes(32, "big")) # type: ignore - output.write(b'\x82\x81\xAE') + output.write(b"\x82\x81\xAE") output.write(raw_rsa.getvalue()) return output.getvalue() @@ -108,6 +114,7 @@ def register( data, key = encryption.create_loggable_data() import uuid + body = { "device-name": "pypush", "hardware-version": "MacBookPro18,3", @@ -121,10 +128,12 @@ def register( { "capabilities": [{"flags": 1, "name": "Messenger", "version": 1}], "service": "com.apple.madrid", - "sub-services": ["com.apple.private.alloy.sms", - "com.apple.private.alloy.gelato", - "com.apple.private.alloy.biz", - "com.apple.private.alloy.gamecenter.imessage"], + "sub-services": [ + "com.apple.private.alloy.sms", + "com.apple.private.alloy.gelato", + "com.apple.private.alloy.biz", + "com.apple.private.alloy.gamecenter.imessage", + ], "users": [ { # "client-data": { @@ -203,7 +212,149 @@ def register( "user-id": user_id, } ], - } + }, + { + "capabilities": [{"flags": 1, "name": "Invitation", "version": 1}], + "service": "com.apple.private.alloy.facetime.multi", + "sub-services": [], + "users": [ + { + "client-data": { + "public-message-identity-key": identity.encode(), + "public-message-identity-version": 2, + "supports-avless": True, + "supports-co": True, + "supports-gft-calls": True, + "supports-gft-errors": True, + "supports-modern-gft": True, + "supports-self-one-to-one-invites": True, + }, + # "client-data": { + # "public-message-ngm-device-prekey-data-key": b"\n \xb4\\\x15\x8e\xa4\xc8\xe5\x07\x98\tp\xd0\xa4^\x84k\x05#Ep\xa9*\xcd\xadt\xf5\xb0\xfb\xa6_ho\x12@\xe3\xf5\xcaOwh\xfd\xb9\xecD\t\x0e\x9e\xb8\xb0\xa1\x1c=\x92\x9dD/lmL\xde.\\o\xeb\x15>\x9f\xae\xd9\xf9\xd1\x9c*\x8dU\xe0\xd2\xdeo\xb2\xcb\xd8\xf8i\xd4\xd0a^\t!\x0fa\xb2\xddI\xfc_*\x19\xb2\xf0#\x12\xe0@\xd9A", + # "supports-avless": True, + # "public-message-identity-key": b"0\x81\xf6\x81C\x00A\x04\x87\x1e\xeb\xe4u\x0b\xa3\x9e\x9c\xbc\xf8rK\x1e\xfe44%f$\x1d\xe8\xbb\xc6\xbdCD\x9ckv K\xc1\x1e\xb1\xdf4\xc8S6\x0f\x92\xd0=\x1e\x84\x9c\xc5\xa5\xb6\xb7}\xdd\xec\x1e\x1e\xd8Q\xd8\xca\xdb\x07'\xc7\x82\x81\xae\x00\xac0\x81\xa9\x02\x81\xa1\x00\xa8 \xfc\x9f\xa6\xb0V2\xce\x1c\xa7\x13\x9e\x03\xd1\xd8\x97a\xbb\xdd\xac\x86\xb8\x10(\x89\x13QP\x8f\xf0+EP\xd1\xb06\xee\x94\xcd\xa8\x9e\xf1\xedp\xa4\x9726\x1e\xe9\xab\xd4\xcb\xac\x05\xd7\x8c?\xbb\xa2\xde,\xfe\r\x1a\xb9\x88W@\x99\xec\xa0]\r\x1a>dV\xb2@\xc5P\xf3m\x80y\xf5\xa0G\xae\xd8h\x92\xef\xca\x85\xcbB\xed\xa9W\x8c\x13\xd4O\xdbYI2\xdcM\x1f\xf6c\x17\x1c\xd1v\xdd\xbcc\xac,&V\xfd\x07\xa0\xc3\x9f\x00\x1f\xc6\xe4\x02u\x12p\x8f\xe2\xb0\x14\xfai\x12\xbb\xa6\x9a6Q\xa5\xde+\x9e{\xcf\xc8\x1b}\x02\x03\x01\x00\x01", + # "supports-gft-calls": True, + # "public-message-identity-version": 2.0, + # "supports-co": True, + # "supports-gft-errors": True, + # "supports-self-one-to-one-invites": True, + # "supports-modern-gft": True, + # "public-message-identity-ngm-version": 12.0, + # "device-key-signature": b"0a\x04\x14\x1d\xb02~\xefk&\xf8\r;R\xa4\x95c~\x8a\x90H\x85\xb0\x02\x01\x01\x04F0D\x02 @\xce\xa7P6\x89\x92Wf\x87\xc9\xc5M-\xb1\xe5Q\x9f\x7fKi\x1bp\xd5\x12\x1c,:\xdb\xed\x08\x12\x02 l\xfd\\\xe2\xd3:,\xc1\xd8\x08|\xbe\x05M\x12\xee@\xc2=eR8:\xa7h3u|\x83ia\x19", + # }, + # "kt-loggable-data": b'\n"\n \rl\xbe\xca\xf7\xe8\xb2\x89k\x18\x1e\xb9,d\xf8\xe2\n\xbf\x8d\xe1E\xd6\xf3T\xcb\xd9\x99d\xd1mk\xeb\x10\x0c\x18\x05', + + "uris": uris, + "user-id": user_id, + } + ], + }, + { + "capabilities": [{"flags": 1, "name": "Invitation", "version": 21}], + "service": "com.apple.ess", + "sub-services": [ + "com.apple.private.alloy.facetime.video", + "com.apple.private.alloy.facetime.sync", + "com.apple.private.alloy.facetime.lp", + "com.apple.private.alloy.facetime.mw", + ], + "users": [ + { + "client-data": { + "public-message-identity-key": identity.encode(), + "public-message-identity-version": 2, + "supports-avless": True, + "supports-co": True, + "supports-gft-calls": True, + "supports-gft-errors": True, + "supports-modern-gft": True, + "supports-self-one-to-one-invites": True, + }, + "uris": uris, + "user-id": user_id, + } + ], + }, + { + "capabilities": [ + {"flags": 1, "name": "com.apple.private.alloy", "version": 1} + ], + "service": "com.apple.private.alloy.multiplex1", + "sub-services": [ + "com.apple.private.alloy.continuity.encryption", + "com.apple.private.alloy.willow.stream", + "com.apple.private.alloy.status.keysharing", + "com.apple.private.alloy.ids.cloudmessaging", + "com.apple.private.alloy.avconference.icloud", + "com.apple.private.alloy.keytransparency.accountkey.pinning", + "com.apple.private.alloy.gamecenter", + "com.apple.private.alloy.thumper.keys", + "com.apple.private.alloy.electrictouch", + "com.apple.private.alloy.alarms-timers", + "com.apple.private.alloy.continuity.activity", + "com.apple.private.alloy.home.invite", + "com.apple.private.alloy.safeview", + "com.apple.private.alloy.screensharing.qr", + "com.apple.private.alloy.phone.auth", + "com.apple.private.alloy.home", + "com.apple.private.alloy.groupkit.invite", + "com.apple.private.alloy.fmf", + "com.apple.private.alloy.continuity.tethering", + "com.apple.private.alloy.status.personal", + "com.apple.private.alloy.amp.potluck", + "com.apple.private.alloy.screentime", + "com.apple.private.alloy.copresence", + "com.apple.private.alloy.screentime.invite", + "com.apple.private.alloy.tips", + "com.apple.private.alloy.siri.icloud", + "com.apple.private.alloy.maps.eta", + "com.apple.private.alloy.phonecontinuity", + "com.apple.private.alloy.sleep.icloud", + "com.apple.private.alloy.usagetracking", + "com.apple.private.alloy.icloudpairing", + "com.apple.private.alloy.clockface.sharing", + "com.apple.private.alloy.carmelsync", + "com.apple.private.alloy.messagenotification", + "com.apple.private.alloy.digitalhealth", + "com.apple.private.alloy.ded", + "com.apple.private.alloy.screensharing", + "com.apple.private.alloy.contextsync", + "com.apple.private.alloy.accessibility.switchcontrol", + "com.apple.private.alloy.familycontrols", + "com.apple.private.alloy.fmd", + "com.apple.private.alloy.willow", + "com.apple.private.alloy.coreduet.sync", + "com.apple.private.alloy.nearby", + "com.apple.private.alloy.safari.groupactivities", + "com.apple.private.alloy.groupkit", + "com.apple.private.alloy.accounts.representative", + "com.apple.private.alloy.notes", + "com.apple.private.alloy.classroom", + "com.apple.private.alloy.applepay", + "com.apple.private.alloy.proxiedcrashcopier.icloud", + "com.apple.private.alloy.continuity.unlock", + "com.apple.private.alloy.nearby.family", + ], + "users": [ + { + "client-data": { + "public-message-identity-key": identity.encode(), + "public-message-identity-version": 2, + "supports-beacon-sharing-v2": True, + "supports-beneficiary-invites": True, + "supports-cross-platform-sharing": True, + "supports-fmd-v2": True, + "supports-incoming-fmd-v1": True, + "supports-maps-routing-path-leg": True, + "supports-maps-waypoint-route-sharing": True, + "supports-screen-time-v2": True, + "supports-secure-loc-v1": True, + }, + "uris": uris, + "user-id": user_id, + } + ], + }, ], "validation-data": b64decode(validation_data), } @@ -223,7 +374,7 @@ def register( verify=False, ) r = plistlib.loads(r.content) - #print(f'Response code: {r["status"]}') + # print(f'Response code: {r["status"]}') logger.debug(f"Recieved response to IDS registration: {r}") if "status" in r and r["status"] == 6004: raise Exception("Validation data expired!") @@ -237,4 +388,14 @@ def register( if not "cert" in r["services"][0]["users"][0]: raise Exception(f"No cert in response: {r}") - return armour_cert(r["services"][0]["users"][0]["cert"]) + return { + "com.apple.madrid": armour_cert(r["services"][0]["users"][0]["cert"]), + "com.apple.private.alloy.facetime.multi": armour_cert( + r["services"][1]["users"][0]["cert"] + ), + "com.apple.ess": armour_cert(r["services"][2]["users"][0]["cert"]), + "com.apple.private.alloy.multiplex1": armour_cert(r["services"][3]["users"][0]["cert"]), + + } + + # return armour_cert(r["services"][0]["users"][0]["cert"]) diff --git a/ids/query.py b/ids/query.py index fb7a6a9..6f362da 100644 --- a/ids/query.py +++ b/ids/query.py @@ -31,8 +31,8 @@ async def lookup( "x-protocol-version": PROTOCOL_VERSION, } - if 'alloy' in topic: - headers["x-id-sub-service"] = topic # Hack, if it has alloy in the name it's probably a sub-service + #if 'alloy' in topic: + # headers["x-id-sub-service"] = topic # Hack, if it has alloy in the name it's probably a sub-service signing.add_id_signature(headers, body, BAG_KEY, id_keypair, push_token) msg_id = random.randbytes(16) diff --git a/ids/signing.py b/ids/signing.py index f03ef07..5530544 100644 --- a/ids/signing.py +++ b/ids/signing.py @@ -90,11 +90,7 @@ def add_auth_signature( push_token: str, auth_number=None, ): - push_sig, push_nonce = _sign_payload(push_key.key, bag_key, "", push_token, body) - headers["x-push-sig"] = push_sig - headers["x-push-nonce"] = b64encode(push_nonce) - headers["x-push-cert"] = dearmour(push_key.cert) - headers["x-push-token"] = push_token + add_push_signature(headers, body, bag_key, push_key, push_token) auth_sig, auth_nonce = _sign_payload(auth_key.key, bag_key, "", push_token, body) auth_postfix = "-" + str(auth_number) if auth_number is not None else "" @@ -102,6 +98,18 @@ def add_auth_signature( headers["x-auth-nonce" + auth_postfix] = b64encode(auth_nonce) headers["x-auth-cert" + auth_postfix] = dearmour(auth_key.cert) +def add_push_signature( + headers: dict, + body: bytes, + bag_key: str, + push_key: KeyPair, + push_token: str +): + push_sig, push_nonce = _sign_payload(push_key.key, bag_key, "", push_token, body) + headers["x-push-sig"] = push_sig + headers["x-push-nonce"] = b64encode(push_nonce) + headers["x-push-cert"] = dearmour(push_key.cert) + headers["x-push-token"] = push_token def add_id_signature( headers: dict, diff --git a/proxy/printer.py b/proxy/printer.py index 2763e42..01953c9 100644 --- a/proxy/printer.py +++ b/proxy/printer.py @@ -214,6 +214,13 @@ def pretty_print_payload( print(f" {bcolors.WARNING}Topic{bcolors.ENDC}: {topic}", end="") + if topic is not None and "facetime" in topic: + payload: dict[str, Any] = plistlib.loads(_get_field(payload[1], 3)) + for (key, value) in payload.items(): + print(f" {bcolors.OKBLUE}{key}{bcolors.ENDC}: {value}") # type: ignore + + + if topic == "com.apple.madrid" or topic == "com.apple.private.alloy.sms": print(f" {bcolors.FAIL}Madrid{bcolors.ENDC}", end="") orig_payload = payload