Add Spring 2025 and fix multiple devices (#55)

* Fix M2 iPad Air, first-generation Watch, macOS OTAs, and add Spring 2025 devices

Author: ROSeaboyer

tsschecker/tsschecker.c

@@ -151,7 +151,7 @@ static struct bbdevice bbdevices[] = {
     {"Mac14,9", 0, 0},         // MacBook Pro (14-inch, M2 Pro, 2023)
     {"Mac14,10", 0, 0},        // MacBook Pro (16-inch, M2 Pro, 2023)
     {"Mac14,12", 0, 0},        // Mac mini (M2 Pro, 2023)
-    {"Mac14,13", 0, 0},        // Mac Studio (M2 Pro, 2023)
+    {"Mac14,13", 0, 0},        // Mac Studio (M2 Max, 2023)
     {"Mac14,14", 0, 0},        // Mac Studio (M2 Ultra, 2023)
     {"Mac14,15", 0, 0},        // MacBook Air (15-inch, M2, 2023)
     {"Mac15,3", 0, 0},         // MacBook Pro (14-inch, M3, Nov 2023)
@@ -275,7 +275,7 @@ static struct bbdevice bbdevices[] = {
     {"iPad1,1",    0, 0},            // iPad (1st gen)
     {"iPad2,1",    0, 0},            // iPad 2 Wi-Fi
     {"iPad2,2",    257, 12},         // iPad 2 GSM
-    {"iPad2,3",    257, 12},         // iPad 2 CDMA
+    {"iPad2,3",    2, 4},            // iPad 2 CDMA
     {"iPad2,4",    0, 0},            // iPad 2 Wi-Fi (2012, Rev A)
     {"iPad3,1",    0, 0},            // iPad (3rd gen, Wi-Fi)
     {"iPad3,2",    4, 4},            // iPad (3rd gen, CDMA)
@@ -330,14 +330,14 @@ static struct bbdevice bbdevices[] = {
     {"iPad13,16",  0, 0},            // iPad Air (5th gen, Wi-Fi)
     {"iPad13,17",  495958265, 4},    // iPad Air (5th gen, Cellular)
     {"iPad14,8",   0, 0},            // iPad Air (11-inch, M2, Wi-Fi)
-    {"iPad14,9",   495958265, 4},    // iPad Air (11-inch, M2, Cellular)
+    {"iPad14,9",   3452763205, 4},   // iPad Air (11-inch, M2, Cellular)
     {"iPad14,10",  0, 0},            // iPad Air (13-inch, M2, Wi-Fi)
-    {"iPad14,11",  495958265, 4},    // iPad Air (13-inch, M2, Cellular)
+    {"iPad14,11",  3452763205, 4},   // iPad Air (13-inch, M2, Cellular)
     {"iPad15,3",   0, 0},            // iPad Air (11-inch, M3, Wi-Fi)
     {"iPad15,4",   3452763205, 4},   // iPad Air (11-inch, M3, Cellular)
     {"iPad15,5",   0, 0},            // iPad Air (13-inch, M3, Wi-Fi)
     {"iPad15,6",   3452763205, 4},   // iPad Air (13-inch, M3, Cellular)
-    
+
     // iPad Pros
     {"iPad6,3",    0, 0},            // iPad Pro (9.7-inch, Wi-Fi)
     {"iPad6,4",    3840149528, 4},   // iPad Pro (9.7-inch, Cellular)
@@ -988,15 +988,15 @@ void getRandNum(char *dst, size_t size, int base){
 }
 
 #pragma mark tss functions
-int tss_populate_devicevals(plist_t tssreq, uint64_t ecid, char *nonce, size_t nonce_size, char *sep_nonce, size_t sep_nonce_size, int image4supported){
+int tss_populate_devicevals(plist_t tssreq, uint64_t ecid, char *nonce, size_t nonce_size, char *sep_nonce, size_t sep_nonce_size, int image4supported, int has_sep){
     plist_dict_set_item(tssreq, "ApECID", plist_new_uint(ecid)); //0000000000000000
     if (nonce) {
         plist_dict_set_item(tssreq, "ApNonce", plist_new_data((const char*)nonce, (int)nonce_size));//aa aa aa aa bb cc dd ee ff 00 11 22 33 44 55 66 77 88 99 aa
     } else {
         plist_dict_set_item(tssreq, "ApNonce", plist_new_data(NULL, 0));
     }
 
-    if (sep_nonce) {//aa aa aa aa bb cc dd ee ff 00 11 22 33 44 55 66 77 88 99 aa
+    if (has_sep && sep_nonce) {//aa aa aa aa bb cc dd ee ff 00 11 22 33 44 55 66 77 88 99 aa
         plist_dict_set_item(tssreq, "ApSepNonce", plist_new_data(sep_nonce, sep_nonce_size));
     }
 
@@ -1080,6 +1080,9 @@ int tss_request_add_custom_cryptex_tags(plist_t request, plist_t parameters)
     if ((strstr(key, "Cryptex") == 0)) {
       continue;
     }
+    if ((strstr(key, "Rap") == 0)) {
+      continue;
+    }
 
     plist_t info_dict = plist_dict_get_item(manifest_entry, "Info");
     if (!info_dict) {
@@ -1234,7 +1237,7 @@ int parseHex(const char *nonce, size_t *parsedLen, char *ret, size_t *retSize){
     return 0;
 }
 
-int tss_populate_random(plist_t tssreq, int is64bit, t_devicevals *devVals){
+int tss_populate_random(plist_t tssreq, int is64bit, int hasSEP, t_devicevals *devVals){
     size_t nonceLen = 32; //valid for all devices with KTRR
     if (!devVals->deviceModel)
         return error("[TSSR] internal error: devVals->deviceModel is missing\n"),-1;
@@ -1320,23 +1323,25 @@ int tss_populate_random(plist_t tssreq, int is64bit, t_devicevals *devVals){
         }
     }
 
-    if (devVals->sepnonce){
-        if (devVals->parsedSepnonceLen != NONCELEN_SEP)
-            return error("[TSSR] parsed SEPNoncelen != requiredSEPNoncelen (%u != %u)",(unsigned int)devVals->parsedSepnonceLen,(unsigned int)NONCELEN_SEP),-1;
-    }else{
-        devVals->sepnonce = (char*)calloc(1, (devVals->parsedSepnonceLen = NONCELEN_SEP) +1);
-        getRandNum(devVals->sepnonce, devVals->parsedSepnonceLen, 256);
+    if (hasSEP) {
+        if (devVals->sepnonce){
+            if (devVals->parsedSepnonceLen != NONCELEN_SEP)
+                return error("[TSSR] parsed SEPNoncelen != requiredSEPNoncelen (%u != %u)",(unsigned int)devVals->parsedSepnonceLen,(unsigned int)NONCELEN_SEP),-1;
+        }else{
+            devVals->sepnonce = (char*)calloc(1, (devVals->parsedSepnonceLen = NONCELEN_SEP) +1);
+            getRandNum(devVals->sepnonce, devVals->parsedSepnonceLen, 256);
+        }
+        if (devVals->apnonce) devVals->apnonce[nonceLen] = '\0';
+        devVals->sepnonce[NONCELEN_SEP] = '\0';
     }
-    if (devVals->apnonce) devVals->apnonce[nonceLen] = '\0';
-    devVals->sepnonce[NONCELEN_SEP] = '\0';
 
 #ifndef TSSCHECKER_NOMAIN
     debug("[TSSR] ecid=%llu\n",devVals->ecid);
     debug("[TSSR] ApNonce=%s\n",devVals->apnonce);
     debug("[TSSR] SepNonce=%s\n",devVals->sepnonce);
 #endif
 
-    int rt = tss_populate_devicevals(tssreq, devVals->ecid, devVals->apnonce, devVals->parsedApnonceLen, devVals->sepnonce, devVals->parsedSepnonceLen, is64bit);
+    int rt = tss_populate_devicevals(tssreq, devVals->ecid, devVals->apnonce, devVals->parsedApnonceLen, devVals->sepnonce, devVals->parsedSepnonceLen, is64bit, hasSEP);
     return rt;
 }
 
@@ -1370,12 +1375,17 @@ int tssrequest(plist_t *tssreqret, char *buildManifest, t_devicevals *devVals, t
     }
     plist_t sep = plist_dict_get_item(manifestdict, "SEP");
     plist_t virt = plist_dict_get_item(infodict, "VirtualMachineMinHostOS");
-    int is64Bit = !(!sep || plist_get_node_type(sep) != PLIST_DICT);
+    // macOS OTAs don't include SEP definition; hardcode them as having SEP
+    int hasSEP = (!(!sep || plist_get_node_type(sep) != PLIST_DICT)
+        || strncasecmp(devVals->deviceModel, "Mac", strlen("Mac")) == 0
+        || strncasecmp(devVals->deviceModel, "iMac", strlen("iMac")) == 0);
     if(virt) {
-        is64Bit = plist_get_node_type(virt) == PLIST_STRING;
+        hasSEP = plist_get_node_type(virt) == PLIST_STRING;
     }
+    // first-generation Apple Watch doesn't have SEP but *does* use img4
+    int isImg4 = (hasSEP || strncasecmp(devVals->deviceModel, "Watch1,", strlen("Watch1,")) == 0);
 
-    if (tss_populate_random(tssparameter,is64Bit,devVals))
+    if (tss_populate_random(tssparameter,isImg4, hasSEP, devVals))
         reterror("[TSSR] failed to populate tss request\n");
 
     tss_parameters_add_from_manifest(tssparameter, id0, true);
@@ -1387,7 +1397,7 @@ int tssrequest(plist_t *tssreqret, char *buildManifest, t_devicevals *devVals, t
         reterror("[TSSR] ERROR: Unable to add common tags to TSS request\n");
     }
 
-    if (is64Bit) {
+    if (isImg4) {
         if (tss_request_add_ap_img4_tags(tssreq, tssparameter) < 0) {
             reterror("[TSSR] ERROR: Unable to add img4 tags to TSS request\n");
         }