Skip to content

Commit edb954c

Browse files
TaeHagenTaeHagen
committed
Circle support
1 parent a3b1244 commit edb954c

File tree

6 files changed

+342
-29
lines changed

6 files changed

+342
-29
lines changed

icloud-auth/rustcrypto-srp/src/server.rs

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -66,7 +66,7 @@ use num_bigint::BigUint;
6666
use subtle::ConstantTimeEq;
6767

6868
use crate::types::{SrpAuthError, SrpGroup};
69-
use crate::utils::{compute_k, compute_m1, compute_m2, compute_u};
69+
use crate::utils::{compute_k, compute_m1, compute_m2, compute_u, encode_hex};
7070

7171
/// SRP server state
7272
pub struct SrpServer<'a, D: Digest> {
@@ -76,7 +76,7 @@ pub struct SrpServer<'a, D: Digest> {
7676

7777
/// SRP server state after handshake with the client.
7878
pub struct SrpServerVerifier<D: Digest> {
79-
m1: Output<D>,
79+
pub m1: Output<D>,
8080
m2: Output<D>,
8181
key: Vec<u8>,
8282
}
@@ -146,21 +146,23 @@ impl<'a, D: Digest> SrpServer<'a, D> {
146146

147147
let key = self.compute_premaster_secret(&a_pub, &v, &u, &b);
148148

149+
let key = D::digest(&key.to_bytes_be());
150+
149151
let m1 = compute_m1::<D>(
150152
&a_pub.to_bytes_be(),
151153
&b_pub.to_bytes_be(),
152-
&key.to_bytes_be(),
154+
&key,
153155
username,
154156
salt,
155157
self.params,
156158
);
157159

158-
let m2 = compute_m2::<D>(&a_pub.to_bytes_be(), &m1, &key.to_bytes_be());
160+
let m2 = compute_m2::<D>(&a_pub.to_bytes_be(), &m1, &key);
159161

160162
Ok(SrpServerVerifier {
161163
m1,
162164
m2,
163-
key: key.to_bytes_be(),
165+
key: key.to_vec(),
164166
})
165167
}
166168
}

icloud-auth/src/anisette.rs

Lines changed: 60 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,65 @@ impl AnisetteData {
3232
.collect()
3333
}
3434

35+
pub fn get_postdata_headers(&self) -> HashMap<String, String> {
36+
// user must supply, content-type and accept
37+
// unaccounted headers: Accept-Encoding, Connection, Host
38+
// also unaccounted: X-Apple-I-UrlSwitch-Info, X-Apple-I-SRL-NO (opt), X-Apple-I-ROM (opt)
39+
const ACCEPTABLE_HEADERS: &[&'static str] = &["X-Apple-I-MD-LU", "X-Apple-I-MD-RINFO", "X-Apple-I-MD-M", "X-Apple-I-MD", "X-Mme-Device-Id", "X-Apple-I-Client-Time", "X-Apple-I-TimeZone"];
40+
self.base_headers.clone().into_iter().filter(|(key, _)| ACCEPTABLE_HEADERS.contains(&key.as_str()))
41+
.chain([
42+
("X-Apple-I-Device-Configuration-Mode", "0"),
43+
("X-Apple-I-CDP-Status", "true"),
44+
("X-Apple-I-OT-Status", "true"),
45+
("User-Agent", &self.client_info.akd_user_agent),
46+
("X-Apple-Requested-Partition", "0"),
47+
("X-MMe-Client-Info", &self.client_info.mme_client_info_akd),
48+
("X-Apple-I-CK-Presence", "true"),
49+
("X-Apple-I-DeviceUserMode", "0"),
50+
("X-Apple-AK-DataRecoveryService-Status", "1"),
51+
("X-Apple-I-TimeZone-Offset", "0"),
52+
("X-Apple-I-Service-Type", "itunesstore"),
53+
("x-apple-i-device-type", "1"),
54+
("Accept-Language", "en-US,en;q=0.9"),
55+
].into_iter().map(|(a, b)| (a.to_string(), b.to_string())))
56+
.collect()
57+
}
58+
59+
pub fn get_circle_headers(&self) -> HashMap<String, String> {
60+
// user must supply, content-type and accept
61+
// unaccounted headers: Accept-Encoding, Connection, Host
62+
// also unaccounted: X-Apple-I-UrlSwitch-Info, X-Apple-I-SRL-NO (opt), X-Apple-I-ROM (opt)
63+
const ACCEPTABLE_HEADERS: &[&'static str] = &["X-Apple-I-MD-LU", "X-Apple-I-MD-RINFO", "X-Apple-I-MD-M", "X-Apple-I-MD", "X-Mme-Device-Id", "X-Apple-I-Client-Time", "X-Apple-I-TimeZone"];
64+
self.base_headers.clone().into_iter().filter(|(key, _)| ACCEPTABLE_HEADERS.contains(&key.as_str()))
65+
.chain([
66+
("X-Apple-I-Device-Configuration-Mode", "0"),
67+
("User-Agent", &self.client_info.akd_user_agent),
68+
("X-MMe-Client-Info", &self.client_info.mme_client_info_akd),
69+
("X-Apple-I-DeviceUserMode", "0"),
70+
("X-Apple-I-TimeZone-Offset", "0"),
71+
("Accept-Language", "en-US,en;q=0.9"),
72+
].into_iter().map(|(a, b)| (a.to_string(), b.to_string())))
73+
.collect()
74+
}
75+
76+
pub fn get_takedown_headers(&self) -> HashMap<String, String> {
77+
// user must supply, content-type and accept
78+
// unaccounted headers: Accept-Encoding, Connection, Host
79+
// also unaccounted: X-Apple-I-UrlSwitch-Info, X-Apple-I-SRL-NO (opt), X-Apple-I-ROM (opt)
80+
const ACCEPTABLE_HEADERS: &[&'static str] = &["X-Apple-I-MD-LU", "X-Apple-I-MD-RINFO", "X-Apple-I-MD-M", "X-Apple-I-MD", "X-Mme-Device-Id", "X-Apple-I-Client-Time", "X-Apple-I-TimeZone", "X-Mme-Device-Id"];
81+
self.base_headers.clone().into_iter().filter(|(key, _)| ACCEPTABLE_HEADERS.contains(&key.as_str()))
82+
.chain([
83+
("X-Apple-I-Device-Configuration-Mode", "0"),
84+
("User-Agent", &self.client_info.akd_user_agent),
85+
("X-MMe-Client-Info", &self.client_info.mme_client_info_akd),
86+
("X-Apple-I-DeviceUserMode", "0"),
87+
("X-Apple-AK-DataRecoveryService-Status", "1"),
88+
("X-Apple-I-TimeZone-Offset", "0"),
89+
("Accept-Language", "en-US,en;q=0.9"),
90+
].into_iter().map(|(a, b)| (a.to_string(), b.to_string())))
91+
.collect()
92+
}
93+
3594
pub fn get_cpd_data(&self, request: &str) -> Dictionary {
3695
const ACCEPTABLE_HEADERS: &[&'static str] = &[
3796
"X-Apple-I-Client-Time",
@@ -43,7 +102,7 @@ impl AnisetteData {
43102
];
44103
self.base_headers.clone().into_iter().filter(|(key, _)| ACCEPTABLE_HEADERS.contains(&key.as_str()))
45104
.map(|(a, b)| (a, Value::String(b)))
46-
.chain(self.client_info.push_token.as_ref().map(|v| ("pktn".to_string(), Value::String(v.clone()))).into_iter())
105+
.chain(self.client_info.push_token.as_ref().map(|v| ("ptkn".to_string(), Value::String(v.clone()))).into_iter())
47106
.chain([
48107
("X-Apple-I-Device-Configuration-Mode", "0"),
49108
("X-Apple-I-Request-UUID", request),

0 commit comments

Comments
 (0)