Bugfixes

Author: TaeHagen

src/cloudkit.rs

@@ -18,7 +18,7 @@ use std::str::FromStr;
 use uuid::Uuid;
 use aes_gcm::KeyInit;
 
-use crate::{auth::{MobileMeDelegateResponse, TokenProvider}, ids::CompactECKey, keychain::KeychainClient, mmcs::{get_headers, get_mmcs, put_authorize_body, put_mmcs, AuthorizedOperation, MMCSConfig, PreparedPut}, mmcsp::FordChunk, pcs::{PCSKey, PCSPrivateKey, PCSService, PCSShareProtection}, prepare_put, util::{base64_decode, base64_encode, decode_hex, decode_uleb128, encode_hex, encode_uleb128, gzip_normal, kdf_ctr_hmac, rfc6637_unwrap_key, REQWEST}, FileContainer, OSConfig, PushError};
+use crate::{auth::{MobileMeDelegateResponse, TokenProvider}, ids::CompactECKey, keychain::KeychainClient, mmcs::{get_headers, get_mmcs, put_authorize_body, put_mmcs, AuthorizedOperation, MMCSConfig, PreparedPut}, mmcsp::FordChunk, pcs::{PCSKey, PCSKeys, PCSPrivateKey, PCSService, PCSShareProtection}, prepare_put, util::{base64_decode, base64_encode, decode_hex, decode_uleb128, encode_hex, encode_uleb128, gzip_normal, kdf_ctr_hmac, rfc6637_unwrap_key, REQWEST}, FileContainer, OSConfig, PushError};
 
 fn undelimit_response(resp: &mut impl Read) -> Vec<Vec<u8>> {
     let mut response: Vec<Vec<u8>> = vec![];
@@ -43,15 +43,15 @@ pub struct FetchedRecords {
 }
 
 impl FetchedRecords {
-    pub fn get_record<R: CloudKitRecord>(&self, record_id: &str, key: Option<&PCSKeys>) -> R {
+    pub fn get_record<R: CloudKitRecord>(&self, record_id: &str, key: Option<&PCSZoneConfig>) -> R {
         self.responses.iter().find_map(|response| {
             let r = response.record_retrieve_response.as_ref().expect("No retrieve response?").record.as_ref().expect("No record?");
             if r.record_identifier.as_ref().expect("No record id?").value.as_ref().expect("No identifier").name.as_ref().expect("No name?") == record_id {                
                 let got_type = r.r#type.as_ref().expect("no TYpe").name.as_ref().expect("No ta");
                 if got_type.as_str() != R::record_type() {
                     panic!("Wrong record type, got {} expected {}", got_type, R::record_type());
                 }
-                let key = key.map(|k| pcs_key_for_record(r, k).expect("PCS key failed"));
+                let key = key.map(|k| pcs_keys_for_record(r, k).expect("PCS key failed"));
                 Some(R::from_record_encrypted(&r.record_field, key.as_ref().map(|k| (k, r.record_identifier.as_ref().unwrap()))))
             } else { None }
         }).expect("No record found?")
@@ -100,14 +100,16 @@ pub trait CloudKitOp {
     }
 }
 
-pub fn pcs_key_for_record(record: &Record, keys: &PCSKeys) -> Result<PCSKey, PushError> {
+pub fn pcs_keys_for_record(record: &Record, keys: &PCSZoneConfig) -> Result<PCSKeys, PushError> {
     let Some(protection) = &record.protection_info else {
         let Some(pcskey) = &record.pcs_key else { panic!("No PCS Key??") };
-        let keys = keys.default_record_keys.iter().find(|i| i.key_id().ok().map(|id| pcskey == &id[..pcskey.len()]).unwrap_or(false));
+        if !keys.default_record_keys.iter().any(|i| i.key_id().ok().map(|id| pcskey == &id[..pcskey.len()]).unwrap_or(false)) {
+            return Err(PushError::PCSRecordKeyMissing);
+        }
 
-        return Ok(keys.ok_or(PushError::PCSRecordKeyMissing)?.clone())
+        return Ok(PCSKeys(keys.default_record_keys.clone()))
     };
-    Ok(keys.decode_record_protection(protection)?.remove(0))
+    Ok(PCSKeys(keys.decode_record_protection(protection)?))
 }
 
 pub struct UploadAssetOperation(pub cloudkit_proto::AssetUploadTokenRetrieveRequest);
@@ -191,7 +193,7 @@ impl CloudKitOp for SaveRecordOperation {
 
 impl SaveRecordOperation {
     // new with a *custom* record protection entry
-    pub fn new_protected<R: CloudKitRecord>(id: RecordIdentifier, record: R, key: &PCSKeys, update: Option<String>) -> (Self, String) {
+    pub fn new_protected<R: CloudKitRecord>(id: RecordIdentifier, record: R, key: &PCSZoneConfig, update: Option<String>) -> (Self, String) {
         // create a key for this record
         let record_protection = PCSShareProtection::create(&key.zone_keys[0], &[]).unwrap();
         let der = rasn::der::encode(&record_protection).unwrap();
@@ -219,7 +221,7 @@ impl SaveRecordOperation {
         }), tag)
     }
 
-    pub fn new<R: CloudKitRecord>(id: RecordIdentifier, record: R, key: Option<&PCSKeys>, update: bool) -> Self {
+    pub fn new<R: CloudKitRecord>(id: RecordIdentifier, record: R, key: Option<&PCSZoneConfig>, update: bool) -> Self {
         Self(cloudkit_proto::RecordSaveRequest {
             record: Some(cloudkit_proto::Record {
                 record_identifier: Some(id.clone()),
@@ -244,14 +246,14 @@ pub struct FetchedRecord {
 }
 
 impl FetchedRecord {
-    pub fn get_record<R: CloudKitRecord>(&self, key: Option<&PCSKeys>) -> R {
+    pub fn get_record<R: CloudKitRecord>(&self, key: Option<&PCSZoneConfig>) -> R {
         let r = self.response.record_retrieve_response.as_ref().expect("No retrieve response?").record.as_ref().expect("No record?");
 
         let got_type = r.r#type.as_ref().expect("no TYpe").name.as_ref().expect("No ta");
         if got_type.as_str() != R::record_type() {
             panic!("Wrong record type, got {} expected {}", got_type, R::record_type());
         }
-        let key = key.map(|k| pcs_key_for_record(r, k).expect("no PCS key"));
+        let key = key.map(|k| pcs_keys_for_record(r, k).expect("no PCS key"));
         R::from_record_encrypted(&r.record_field, key.as_ref().map(|k| (k, r.record_identifier.as_ref().unwrap())))
     }
 
@@ -793,14 +795,14 @@ pub struct QueryResult<T: CloudKitRecord> {
 }
 
 #[derive(Clone)]
-pub struct PCSKeys {
+pub struct PCSZoneConfig {
     zone_keys: Vec<CompactECKey<Private>>,
     zone_protection_tag: Option<String>,
     default_record_keys: Vec<PCSKey>,
     pub record_prot_tag: Option<String>,
 }
 
-impl PCSKeys {
+impl PCSZoneConfig {
 
     fn decode_record_protection(&self, protection: &ProtectionInfo) -> Result<Vec<PCSKey>, PushError> {
         let record_protection: PCSShareProtection = rasn::der::decode(protection.protection_info()).expect("Bad record protection?");
@@ -819,7 +821,7 @@ pub struct CloudKitOpenContainer<'t, T: AnisetteProvider> {
     container: CloudKitContainer<'t>,
     pub user_id: String,
     pub client: Arc<CloudKitClient<T>>,
-    pub keys: Mutex<HashMap<String, PCSKeys>>,
+    pub keys: Mutex<HashMap<String, PCSZoneConfig>>,
 }
 
 impl<'t, T: AnisetteProvider> Deref for CloudKitOpenContainer<'t, T> {
@@ -850,7 +852,7 @@ impl<'t, T: AnisetteProvider> CloudKitOpenContainer<'t, T> {
         cached_keys.remove(&zone_name);
     }
 
-    pub async fn get_zone_encryption_config(&self, zone: &cloudkit_proto::RecordZoneIdentifier, client: &KeychainClient<T>, pcs_service: &PCSService<'_>) -> Result<PCSKeys, PushError> {
+    pub async fn get_zone_encryption_config(&self, zone: &cloudkit_proto::RecordZoneIdentifier, client: &KeychainClient<T>, pcs_service: &PCSService<'_>) -> Result<PCSZoneConfig, PushError> {
         let mut cached_keys = self.keys.lock().await;
         let zone_name = zone.value.as_ref().unwrap().name().to_string();
         if let Some(key) = cached_keys.get(&zone_name) {
@@ -888,7 +890,7 @@ impl<'t, T: AnisetteProvider> CloudKitOpenContainer<'t, T> {
 
         let (_parent_key, keys) = zone_protection.decrypt_with_keychain(&data, pcs_service)?;
 
-        let mut keys = PCSKeys {
+        let mut keys = PCSZoneConfig {
             zone_keys: keys,
             zone_protection_tag: zone.protection_info.as_ref().unwrap().protection_info_tag.clone(),
             default_record_keys: vec![],

src/error.rs

@@ -183,4 +183,6 @@ pub enum PushError {
     CircleOver,
     #[error("Too many requests!")]
     TooManyRequests,
+    #[error("PCS Master key not found!")]
+    MasterKeyNotFound,
 }

src/findmy.rs

@@ -20,7 +20,7 @@ use tokio::sync::broadcast;
 use aes_gcm::KeyInit;
 use uuid::Uuid;
 use crate::{cloudkit::{should_reset, SaveRecordOperation}, util::{base64_decode, base64_encode, bin_deserialize, bin_deserialize_opt_vec, bin_serialize, bin_serialize_opt_vec}};
-use crate::{aps::APSInterestToken, auth::{MobileMeDelegateResponse, TokenProvider}, cloudkit::{pcs_key_for_record, record_identifier, CloudKitClient, CloudKitContainer, CloudKitOpenContainer, CloudKitSession, FetchRecordChangesOperation, FetchRecordOperation, ALL_ASSETS, NO_ASSETS}, ids::{identity_manager::{DeliveryHandle, IDSSendMessage, IdentityManager, MessageTarget, Raw}, user::IDSService, IDSRecvMessage}, keychain::{derive_key_into, KeychainClient}, login_apple_delegates, pcs::PCSService, util::{duration_since_epoch, encode_hex, REQWEST}, APSConnection, APSMessage, LoginDelegate, OSConfig, PushError};
+use crate::{aps::APSInterestToken, auth::{MobileMeDelegateResponse, TokenProvider}, cloudkit::{pcs_keys_for_record, record_identifier, CloudKitClient, CloudKitContainer, CloudKitOpenContainer, CloudKitSession, FetchRecordChangesOperation, FetchRecordOperation, ALL_ASSETS, NO_ASSETS}, ids::{identity_manager::{DeliveryHandle, IDSSendMessage, IdentityManager, MessageTarget, Raw}, user::IDSService, IDSRecvMessage}, keychain::{derive_key_into, KeychainClient}, login_apple_delegates, pcs::PCSService, util::{duration_since_epoch, encode_hex, REQWEST}, APSConnection, APSMessage, LoginDelegate, OSConfig, PushError};
 
 pub const MULTIPLEX_SERVICE: IDSService = IDSService {
     name: "com.apple.private.alloy.multiplex1",
@@ -443,7 +443,7 @@ impl<P: AnisetteProvider> FindMyClient<P> {
             let protection_info_tag = protection_info.protection_info_tag().to_string();
 
             if record.r#type.as_ref().unwrap().name() == MasterBeaconRecord::record_type() {
-                let item = MasterBeaconRecord::from_record_encrypted(&record.record_field, Some((&pcs_key_for_record(&record, &key)?, record.record_identifier.as_ref().unwrap())));
+                let item = MasterBeaconRecord::from_record_encrypted(&record.record_field, Some((&pcs_keys_for_record(&record, &key)?, record.record_identifier.as_ref().unwrap())));
 
                 info!("Got beacon {:?} {}", item, identifier);
 
@@ -453,7 +453,7 @@ impl<P: AnisetteProvider> FindMyClient<P> {
                     beacon_records.insert(identifier, item);
                 }
             } else if record.r#type.as_ref().unwrap().name() == BeaconNamingRecord::record_type() {
-                let item = BeaconNamingRecord::from_record_encrypted(&record.record_field, Some((&pcs_key_for_record(&record, &key)?, record.record_identifier.as_ref().unwrap())));
+                let item = BeaconNamingRecord::from_record_encrypted(&record.record_field, Some((&pcs_keys_for_record(&record, &key)?, record.record_identifier.as_ref().unwrap())));
 
                 if let Some(accessory) = accessories.get_mut(&item.associated_beacon) {
                     accessory.naming = item;
@@ -462,7 +462,7 @@ impl<P: AnisetteProvider> FindMyClient<P> {
                     naming_records.insert(item.associated_beacon.clone(), (identifier, Some(protection_info_tag), item));
                 }
             } else if record.r#type.as_ref().unwrap().name() == KeyAlignmentRecord::record_type() {
-                let item = KeyAlignmentRecord::from_record_encrypted(&record.record_field, Some((&pcs_key_for_record(&record, &key)?, record.record_identifier.as_ref().unwrap())));
+                let item = KeyAlignmentRecord::from_record_encrypted(&record.record_field, Some((&pcs_keys_for_record(&record, &key)?, record.record_identifier.as_ref().unwrap())));
 
                 if let Some(accessory) = accessories.get_mut(&item.beacon_identifier) {
                     accessory.alignment = item.clone();

src/imessage/cloud_messages.proto

@@ -12,7 +12,7 @@ message MessageProto2 {
 
 message MessageProto {
     uint32 unk1 = 1; // always 1, is finished or ck sync state
-    optional string groupTitle = 2;
+    optional string subject = 2;
     optional string text = 3;
     optional bytes attributedBody = 4;
     optional string balloonBundleId = 5;

src/imessage/cloud_messages.rs

@@ -27,7 +27,7 @@ use cloudkit_proto::RecordIdentifier;
 use log::info;
 use uuid::Uuid;
 use crate::cloud_messages::cloudmessagesp::{ChatProto, MessageProto, MessageProto2, MessageProto3, MessageProto4};
-use crate::cloudkit::{pcs_key_for_record, record_identifier, CloudKitSession, CloudKitUploadRequest, DeleteRecordOperation, FetchRecordChangesOperation, FetchRecordOperation, FetchedRecords, SaveRecordOperation, ZoneDeleteOperation, ALL_ASSETS, NO_ASSETS};
+use crate::cloudkit::{pcs_keys_for_record, record_identifier, CloudKitSession, CloudKitUploadRequest, DeleteRecordOperation, FetchRecordChangesOperation, FetchRecordOperation, FetchedRecords, SaveRecordOperation, ZoneDeleteOperation, ALL_ASSETS, NO_ASSETS};
 use crate::mmcs::{prepare_put_v2, PreparedPut};
 use crate::pcs::{get_boundary_key, PCSKey, PCSService};
 use bitflags::bitflags;
@@ -408,8 +408,9 @@ pub struct AttachmentMetaExtra {
 pub struct AttachmentMeta {
     #[serde(rename = "mimet")]
     pub mime_type: Option<String>,
+    // yes, these dates can be negative
     #[serde(rename = "sdt")]
-    pub start_date: u64,
+    pub start_date: i64,
     #[serde(rename = "tb")]
     pub total_bytes: u64,
     #[serde(rename = "st")]
@@ -435,7 +436,7 @@ pub struct AttachmentMeta {
     #[serde(rename = "t")]
     pub uti: Option<String>, // uti type
     #[serde(rename = "cdt")]
-    pub created_date: u64,
+    pub created_date: i64,
     pub pathc: Option<String>, // also transfer name
     #[serde(rename = "mdh")]
     pub md5: Option<String>, // first 8 bytes of md5 hash of file
@@ -494,7 +495,7 @@ impl<P: AnisetteProvider> CloudMessagesClient<P> {
             };
             if record.r#type.as_ref().unwrap().name() != T::record_type() { continue }
 
-            let pcskey = match pcs_key_for_record(&record, &key) {
+            let pcskey = match pcs_keys_for_record(&record, &key) {
                 Ok(key) => key,
                 Err(PushError::PCSRecordKeyMissing) => {
                     container.clear_cache_zone_encryption_config(&zone).await;

src/pcs.rs

@@ -5,7 +5,7 @@ use aes::{cipher::consts::U12, Aes128};
 use aes_gcm::{AesGcm, Nonce, Tag};
 use chrono::Utc;
 use cloudkit_proto::CloudKitEncryptor;
-use log::info;
+use log::{info, warn};
 use omnisette::AnisetteProvider;
 use openssl::{bn::{BigNum, BigNumContext}, ec::{EcGroup, EcKey, EcPoint, PointConversionForm}, hash::MessageDigest, nid::Nid, pkcs5::pbkdf2_hmac, pkey::{HasPublic, PKey, Private}, sha::sha256, sign::{Signer, Verifier}};
 use plist::{Dictionary, Value};
@@ -318,8 +318,14 @@ impl PCSPrivateKey {
 
         let decoded: PCSPrivateKey = rasn::der::decode(&key).expect("Failed to decode private key!");
 
-        if !decoded.verify_with_keychain(keychain, dict.get("atyp").expect("No dat?").as_data().expect("Not data")).unwrap() {
-            panic!("PCS Master key verification failed!");
+        match decoded.verify_with_keychain(keychain, dict.get("atyp").expect("No dat?").as_data().expect("Not data")) {
+            Ok(true) => {},
+            Ok(false) => {
+                panic!("PCS Master key verification failed!");
+            }
+            Err(e) => {
+                warn!("PCS master key verification failed {e}");
+            }
         }
 
         decoded
@@ -358,7 +364,8 @@ impl PCSPrivateKey {
             public.verify(&self.signing_key())
         } else {
             let account = Value::Data(signature.keyid.to_vec());
-            let item = keychain.items["ProtectedCloudStorage"].keys.values().find(|x| x.get("atyp") == Some(&account)).unwrap();
+            let item = keychain.items["ProtectedCloudStorage"].keys.values().find(|x| x.get("atyp") == Some(&account))
+                .ok_or(PushError::MasterKeyNotFound)?;
             let key = item.get("v_Data").expect("No dat?").as_data().expect("Not data");
 
             let decoded: PCSPrivateKey = rasn::der::decode(&key).unwrap();
@@ -374,6 +381,21 @@ impl PCSPrivateKey {
     }
 }
 
+fn get_ciphertext_key(ciphertext: &[u8]) -> (Vec<u8>, usize) {
+    let encryption_version = ciphertext[0];
+    if encryption_version != 3 {
+        panic!("Unimplemented encryption version {encryption_version}");
+    }
+
+    let second_keyid_part_len = ciphertext[3] as usize;
+    let total_tag = [
+        &ciphertext[1..3],
+        &ciphertext[4..4 + second_keyid_part_len]
+    ].concat();
+
+    (total_tag, 4 + second_keyid_part_len)
+}
+
 #[derive(AsnType, Encode, Decode, PartialEq, Eq, PartialOrd, Ord, Debug)]
 pub struct PCSKeyRef {
     keytype: u32,
@@ -443,28 +465,20 @@ impl PCSKey {
     fn decrypt(&self, ciphertext: &[u8], aad: &[u8]) -> Result<Vec<u8>, PushError> {
         let encryption_key = kdf_ctr_hmac(&self.0, "encryption key key m".as_bytes(), &[], self.0.len());
 
-        let encryption_version = ciphertext[0];
-        if encryption_version != 3 {
-            panic!("Unimplemented encryption version {encryption_version}");
+        let (required_key, header_len) = get_ciphertext_key(ciphertext);
+
+        if &required_key[..] != &self.key_id()?[..required_key.len()] {
+            panic!("Mismatched key id! Data {} key {}", encode_hex(&ciphertext[..16]), encode_hex(&self.key_id()?));
         }
 
         let tag_len = 12;
-        let second_keyid_part_len = ciphertext[3] as usize;
-        let total_tag = [
-            &ciphertext[1..3],
-            &ciphertext[4..4 + second_keyid_part_len]
-        ].concat();
 
-        if &total_tag[..] != &self.key_id()?[..total_tag.len()] {
-            panic!("Mismatched key id!");
-        }
-
-        let iv = &ciphertext[4 + second_keyid_part_len..4 + second_keyid_part_len + 12];
-        let firstaad = &ciphertext[0..4 + second_keyid_part_len];
+        let iv = &ciphertext[header_len..header_len + 12];
+        let firstaad = &ciphertext[0..header_len];
         let gcm = AesGcm::<Aes128, U12, U12>::new(encryption_key[..].try_into().expect("Bad key size!"));
-        let tag = &ciphertext[4 + second_keyid_part_len + 12..4 + second_keyid_part_len + 12 + tag_len];
+        let tag = &ciphertext[header_len + 12..header_len + 12 + tag_len];
 
-        let mut text = ciphertext[4 + second_keyid_part_len + 12 + tag_len..].to_vec();
+        let mut text = ciphertext[header_len + 12 + tag_len..].to_vec();
 
         gcm.decrypt_in_place_detached(Nonce::from_slice(iv), &[firstaad, aad].concat(), &mut text, Tag::from_slice(tag)).expect("GCM error?");
         Ok(text)
@@ -509,6 +523,20 @@ impl CloudKitEncryptor for PCSKey {
     }
 }
 
+pub struct PCSKeys(pub Vec<PCSKey>);
+impl CloudKitEncryptor for PCSKeys {
+    fn decrypt_data(&self, dec: &[u8], context: &[u8]) -> Vec<u8> {
+        let (required_key, _) = get_ciphertext_key(dec);
+
+        let key = self.0.iter().find(|k| &k.key_id().unwrap()[..required_key.len()] == &required_key[..]).expect("required key not found!");
+        key.decrypt(dec, context).expect("Decryption failed")
+    }
+
+    fn encrypt_data(&self, enc: &[u8], context: &[u8]) -> Vec<u8> {
+        self.0.first().expect("PCS keyset empty?").encrypt(enc, context).expect("Encryption failed")
+    }
+}
+
 #[derive(AsnType, Encode, Decode, Debug, Default)]
 pub struct PCSShareProtectionSignatureData {
     // 5 is the version. non-exist is 1, 5 is 2, 4 is 3,