Skip to content

Commit 0bc6174

Browse files
CryptiiiicCryptiiiic
authored
Fix noNonce blobs, re-write longopts a little (#16)
* Fix noNonce blobs, re-write longopts a little * Update README
1 parent dd7e883 commit 0bc6174

File tree

4 files changed

+78
-72
lines changed

4 files changed

+78
-72
lines changed

README.md

Lines changed: 27 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -76,29 +76,30 @@ Usage: `tsschecker [OPTIONS]`
7676

7777
Example: `tsschecker -d iPhone10,1 -B D20AP -e [ECID] -i 13.4.1 --generator 0x1111111111111111 -s`
7878

79-
| option (short) | option (long) | description |
80-
|----------------|---------------------------|-----------------------------------------------------------------------------------|
81-
| `-h` | `--help` | prints usage information |
82-
| `-d` | `--device MODEL` | specify device by its model (eg. `iPhone8,1`) |
83-
| `-i` | `--ios VERSION` | specify firmware version (eg. `13.4.1`) |
84-
| `-Z` | `--buildid BUILD ` | specific buildid instead of firmware version (eg. `17E255`) |
85-
| `-B` | `--boardconfig BOARD ` | specific boardconfig instead of device model (eg. `n71ap`) |
86-
| `-o` | `--ota` | check OTA signing status, instead of normal restore |
87-
| `-b` | `--no-baseband` | don't check baseband signing status. Request tickets without baseband |
88-
| `-m` | `--build-manifest` | manually specify a BuildManifest (can be used with `-d`) |
89-
| `-s` | `--save` | save fetched shsh blobs (mostly makes sense with -e) |
90-
| `-u` | `--update-install `| request update tickets instead of erase |
91-
| `-l` | `--latest` | use the latest public firmware version instead of manually specifying one<br/>especially useful with `-s` and `-e` for saving signing tickets |
92-
| `-e` | `--ecid ECID` | manually specify ECID to be used for fetching blobs, instead of using random ones.<br/>ECID must be either DEC or HEX eg. `5482657301265` or `ab46efcbf71` |
93-
| `-g` | `--generator GEN` | manually specify generator in format 0x%%16llx |
94-
| | `--apnonce NONCE` | manually specify ApNonce instead of using random ones<br/>(required for saving blobs for A12/S4 and newer devices with generator) |
95-
| | `--sepnonce NONCE` | manually specify SepNonce instead of using random ones (not required for saving signing tickets) |
96-
| | `--bbsnum SNUM` | manually specify BbSNUM in HEX to save valid BBTickets (not required for saving blobs) |
97-
| | `--save-path PATH` | specify path for saving shsh blobs |
98-
| |`--beta` | request ticket for a beta instead of normal release (use with `-o`) |
99-
| |`--list-devices` | list all known devices |
100-
| |`--list-ios` | list all known firmware versions |
101-
| |`--nocache` | ignore caches and re-download required files |
102-
| |`--print-tss-request` | print the TSS request that will be sent to Apple |
103-
| |`--print-tss-response` | print the TSS response that comes from Apple |
104-
| |`--raw` | send raw file to Apple's TSS server (useful for debugging) |
79+
| option (short) | option (long) | description |
80+
|----------------|-----------------------------|-----------------------------------------------------------------------------------|
81+
| `-h` | `--help` | prints usage information |
82+
| `-d` | `--device MODEL` | specify device by its model (eg. `iPhone8,1`) |
83+
| `-i` | `--ios VERSION` | specify firmware version (eg. `13.4.1`) |
84+
| `-Z` | `--buildid BUILD ` | specific buildid instead of firmware version (eg. `17E255`) |
85+
| `-B` | `--boardconfig BOARD ` | specific boardconfig instead of device model (eg. `n71ap`) |
86+
| `-o` | `--ota` | check OTA signing status, instead of normal restore |
87+
| `-b` | `--no-baseband` | don't check baseband signing status. Request tickets without baseband |
88+
| `-m` | `--build-manifest` | manually specify a BuildManifest (can be used with `-d`) |
89+
| `-s` | `--save` | save fetched shsh blobs (mostly makes sense with -e) |
90+
| `-u` | `--update-install ` | request update tickets instead of erase |
91+
| `-l` | `--latest` | use the latest public firmware version instead of manually specifying one<br/>especially useful with `-s` and `-e` for saving signing tickets |
92+
| `-e` | `--ecid ECID` | manually specify ECID to be used for fetching blobs, instead of using random ones.<br/>ECID must be either DEC or HEX eg. `5482657301265` or `ab46efcbf71` |
93+
| `-g` | `--generator GEN` | manually specify generator in format 0x%%16llx |
94+
| `-8` | `--apnonce NONCE` | manually specify ApNonce instead of using random ones<br/>(required for saving blobs for A12/S4 and newer devices with generator) |
95+
| `-9` | `--sepnonce NONCE` | manually specify SepNonce instead of using random ones (not required for saving signing tickets) |
96+
| `-c` | `--bbsnum SNUM` | manually specify BbSNUM in HEX to save valid BBTickets (not required for saving blobs) |
97+
| `-3` | `--save-path PATH` | specify path for saving shsh blobs |
98+
| `-6` | `--beta` | request ticket for a beta instead of normal release (use with `-o`) |
99+
| `-1` | `--list-devices` | list all known devices |
100+
| `-2` | `--list-ios` | list all known firmware versions |
101+
| `-7` | `--nocache` | ignore caches and re-download required files |
102+
| `-4` | `--print-tss-request` | print the TSS request that will be sent to Apple |
103+
| `-5` | `--print-tss-response` | print the TSS response that comes from Apple |
104+
| `-r` | `--raw` | send raw file to Apple's TSS server (useful for debugging) |
105+
| `-0` | `--debug` | print extra tss info(useful for debugging) |

tsschecker/main.c

Lines changed: 43 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -46,20 +46,20 @@ static struct option longopts[] = {
4646
{ "update-install", optional_argument, NULL, 'u' },
4747
{ "boardconfig", required_argument, NULL, 'B' },
4848
{ "buildid", required_argument, NULL, 'Z' },
49-
{ "debug", no_argument, NULL, 0 },
50-
{ "list-devices", no_argument, NULL, 1 },
51-
{ "list-ios", no_argument, NULL, 2 },
52-
{ "save-path", required_argument, NULL, 3 },
53-
{ "print-tss-request", no_argument, NULL, 4 },
54-
{ "print-tss-response", no_argument, NULL, 5 },
55-
{ "beta", no_argument, NULL, 6 },
56-
{ "nocache", no_argument, NULL, 7 },
57-
{ "apnonce", required_argument, NULL, 8 },
58-
{ "sepnonce", required_argument, NULL, 9 },
59-
{ "raw", required_argument, NULL, 10 },
60-
{ "bbsnum", required_argument, NULL, 11 },
61-
{ "server-url", required_argument, NULL, 12 },
62-
{ "bplist", no_argument, NULL, 13 },
49+
{ "debug", no_argument, NULL, '0' },
50+
{ "list-devices", no_argument, NULL, '1' },
51+
{ "list-ios", no_argument, NULL, '2' },
52+
{ "save-path", required_argument, NULL, '3' },
53+
{ "print-tss-request", no_argument, NULL, '4' },
54+
{ "print-tss-response", no_argument, NULL, '5' },
55+
{ "beta", no_argument, NULL, '6' },
56+
{ "nocache", no_argument, NULL, '7' },
57+
{ "apnonce", required_argument, NULL, '8' },
58+
{ "sepnonce", required_argument, NULL, '9' },
59+
{ "raw", required_argument, NULL, 'r' },
60+
{ "bbsnum", required_argument, NULL, 'c' },
61+
{ "server-url", required_argument, NULL, 'S' },
62+
{ "bplist", no_argument, NULL, 'p' },
6363
{ "generator", required_argument, NULL, 'g' },
6464
{ NULL, 0, NULL, 0 }
6565
};
@@ -82,19 +82,20 @@ void cmd_help(){
8282
printf(" -e, --ecid ECID\t\tmanually specify ECID to be used for fetching blobs, instead of using random ones\n");
8383
printf(" \t\tECID must be either DEC or HEX eg. 5482657301265 or 0xab46efcbf71\n");
8484
printf(" -g, --generator GEN\t\tmanually specify generator in HEX format 16 in length (eg. 0x1111111111111111)\n\n");
85-
printf(" --apnonce NONCE\t\tmanually specify ApNonce instead of using random ones\n\t\t\t\t(required for saving blobs for A12/S4 and newer devices with generator)\n\n");
86-
printf(" --sepnonce NONCE\t\tmanually specify SEP Nonce instead of using random ones (not required for saving blobs)\n");
87-
printf(" --bbsnum SNUM\t\tmanually specify BbSNUM in HEX to save valid BBTickets (not required for saving blobs)\n\n");
88-
printf(" --save-path PATH\t\tspecify output path for saving shsh blobs\n");
89-
printf(" --bplist\t\t\tsave shsh blob as binary plist (used with --save)\n");
90-
printf(" --server-url URL\t\tmanually specify TSS server url\n");
91-
printf(" --beta\t\t\trequest tickets for a beta instead of normal release (use with -o)\n");
92-
printf(" --list-devices\t\tlist all known devices\n");
93-
printf(" --list-ios\t\tlist all known firmware versions\n");
94-
printf(" --nocache \t\tignore caches and re-download required files\n");
95-
printf(" --print-tss-request\tprint the TSS request that will be sent to Apple\n");
96-
printf(" --print-tss-response\tprint the TSS response that comes from Apple\n");
97-
printf(" --raw\t\t\tsend raw file to Apple's TSS server (useful for debugging)\n\n");
85+
printf(" -8 --apnonce NONCE\t\tmanually specify ApNonce instead of using random ones\n\t\t\t\t(required for saving blobs for A12/S4 and newer devices with generator)\n\n");
86+
printf(" -9 --sepnonce NONCE\t\tmanually specify SEP Nonce instead of using random ones (not required for saving blobs)\n");
87+
printf(" -c --bbsnum SNUM\t\tmanually specify BbSNUM in HEX to save valid BBTickets (not required for saving blobs)\n\n");
88+
printf(" -3 --save-path PATH\t\tspecify output path for saving shsh blobs\n");
89+
printf(" -p --bplist\t\t\tsave shsh blob as binary plist (used with --save)\n");
90+
printf(" -S --server-url URL\t\tmanually specify TSS server url\n");
91+
printf(" -6 --beta\t\t\trequest tickets for a beta instead of normal release (use with -o)\n");
92+
printf(" -1 --list-devices\t\tlist all known devices\n");
93+
printf(" -2 --list-ios\t\tlist all known firmware versions\n");
94+
printf(" -7 --nocache \t\tignore caches and re-download required files\n");
95+
printf(" -4 --print-tss-request\tprint the TSS request that will be sent to Apple\n");
96+
printf(" -5 --print-tss-response\tprint the TSS response that comes from Apple\n");
97+
printf(" -r --raw\t\t\tsend raw file to Apple's TSS server (useful for debugging)\n");
98+
printf(" -0 --debug\t\t\tprint extra tss info(useful for debugging)\n\n");
9899
}
99100

100101
int64_t parseECID(const char *ecid){
@@ -183,7 +184,7 @@ int main(int argc, const char * argv[]) {
183184
return -1;
184185
}
185186

186-
while ((opt = getopt_long(argc, (char* const *)argv, "d:i:Z:e:m:B:hg:slbuo", longopts, &optindex)) > 0) {
187+
while ((opt = getopt_long(argc, (char* const *)argv, "hd:i:Z:B:e:g:b:u:m:3:8:9:r:c:S:lso0124567p", longopts, &optindex)) > 0) {
187188
switch (opt) {
188189
case 'h': // long option: "help"; can be called as short option
189190
cmd_help();
@@ -247,47 +248,47 @@ int main(int argc, const char * argv[]) {
247248
flags |= FLAG_BUILDMANIFEST;
248249
buildmanifest = optarg;
249250
break;
250-
case 0: // only long option: "debug"
251+
case '0': // long option: "debug"; can be called as short option
251252
idevicerestore_debug = 1;
252253
break;
253-
case 1: // only long option: "list-devices"
254+
case '1': // long option: "list-devices"; can be called as short option
254255
flags |= FLAG_LIST_DEVICES;
255256
break;
256-
case 2: // only long option: "list-ios"
257+
case '2': // long option: "list-ios"; can be called as short option
257258
flags |= FLAG_LIST_IOS;
258259
break;
259-
case 3: // only long option: "save-path"
260+
case '3': // long option: "save-path"; can be called as short option
260261
shshSavePath = optarg;
261262
break;
262-
case 4: // only long option: "print-tss-request"
263+
case '4': // long option: "print-tss-request"; can be called as short option
263264
print_tss_request = 1;
264265
break;
265-
case 5: // only long option: "print-tss-response"
266+
case '5': // long option: "print-tss-response"; can be called as short option
266267
print_tss_response = 1;
267268
break;
268-
case 6: // only long option: "beta"
269+
case '6': // long option: "beta"; can be called as short option
269270
versVals.useBeta = 1;
270271
break;
271-
case 7: // only long option: "nocache"
272+
case '7': // long option: "nocache"; can be called as short option
272273
nocache = 1;
273274
break;
274-
case 8: // only long option: "apnonce"
275+
case '8': // long option: "apnonce"; can be called as short option
275276
apnonce = optarg;
276277
break;
277-
case 9: // only long option: "sepnonce"
278+
case '9': // long option: "sepnonce"; can be called as short option
278279
sepnonce = optarg;
279280
break;
280-
case 10: // only long option: "raw"
281+
case 'r': // long option: "raw"; can be called as short option
281282
rawFilePath = optarg;
282283
idevicerestore_debug = 1;
283284
break;
284-
case 11: // only long option: "bbsnum"
285+
case 'c': // long option: "bbsnum"; can be called as short option
285286
bbsnum = optarg;
286287
break;
287-
case 12: // only long option: "server-url"
288+
case 'S': // long option: "server-url"; can be called as short option
288289
serverUrl = optarg;
289290
break;
290-
case 13: // only long option: "bplist"
291+
case 'p': // long option: "bplist"; can be called as short option
291292
save_bplist = 1;
292293
break;
293294
default:

tsschecker/tss.c

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -299,7 +299,6 @@ int tss_request_add_ap_img4_tags(plist_t request, plist_t parameters)
299299
// The logic here is missing why this value is expected to be 'false'
300300
plist_dict_set_item(request, "UID_MODE", plist_new_bool(0));
301301
}
302-
303302
return 0;
304303
}
305304

tsschecker/tsschecker.c

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -858,6 +858,8 @@ int tss_populate_devicevals(plist_t tssreq, uint64_t ecid, char *nonce, size_t n
858858
plist_dict_set_item(tssreq, "ApECID", plist_new_uint(ecid)); //0000000000000000
859859
if (nonce) {
860860
plist_dict_set_item(tssreq, "ApNonce", plist_new_data((const char*)nonce, (int)nonce_size));//aa aa aa aa bb cc dd ee ff 00 11 22 33 44 55 66 77 88 99 aa
861+
} else {
862+
plist_dict_set_item(tssreq, "ApNonce", plist_new_data(NULL, 0));
861863
}
862864

863865
if (sep_nonce) {//aa aa aa aa bb cc dd ee ff 00 11 22 33 44 55 66 77 88 99 aa
@@ -1213,12 +1215,15 @@ int isManifestBufSignedForDevice(char *buildManifestBuffer, t_devicevals *devVal
12131215
plist_get_uint_val(pecid, &devVals->ecid);
12141216
char *cecid = ecid_to_string(devVals->ecid);
12151217

1216-
if (*devVals->generator)
1218+
if (*devVals->generator) {
12171219
plist_dict_set_item(apticket, "generator", plist_new_string(devVals->generator));
1218-
if (apticket2)
1220+
}
1221+
if (apticket2) {
12191222
plist_dict_set_item(apticket, "updateInstall", apticket2);
1220-
if (apticket3)
1223+
}
1224+
if (apticket3) {
12211225
plist_dict_set_item(apticket, "noNonce", apticket3);
1226+
}
12221227

12231228
uint32_t size = 0;
12241229
char* data = NULL;

0 commit comments

Comments
 (0)