def createWithSystemkbfile(filename, wipeablekey, deviceKey=None):
mkb = BPlistReader.plistWithFile(filename)
decryptedPlist = AESdecryptCBC(mkb["_MKBPAYLOAD"],
wipeablekey,
mkb["_MKBIV"],
padding=True)
decryptedPlist = BPlistReader.plistWithString(decryptedPlist)
blob = decryptedPlist["KeyBagKeys"]
return Keybag.createWithDataSignBlob(blob, deviceKey)
def getBackupKeyBag(backupfolder, passphrase):
manifest = BPlistReader.plistWithFile(backupfolder + "/Manifest.plist")
kb = Keybag(manifest["BackupKeyBag"].data)
if kb.unlockBackupKeybagWithPasscode(passphrase):
print "BackupKeyBag unlock OK"
return kb
else:
return None
def getBackupKeyBag(backupfolder, passphrase):
manifest = BPlistReader.plistWithFile(backupfolder + "/Manifest.plist")
kb = Keybag(manifest["BackupKeyBag"].data)
if kb.unlockBackupKeybagWithPasscode(passphrase):
print "BackupKeyBag unlock OK"
return kb
else:
return None
def createWithSystemkbfile(filename, bag1key, deviceKey=None):
if filename.startswith("bplist"): #HAX
mkb = BPlistReader.plistWithString(filename)
else:
mkb = BPlistReader.plistWithFile(filename)
try:
decryptedPlist = AESdecryptCBC(mkb["_MKBPAYLOAD"].data, bag1key, mkb["_MKBIV"].data, padding=True)
except:
print "FAIL: AESdecryptCBC _MKBPAYLOAD => wrong BAG1 key ?"
return None
if not decryptedPlist.startswith("bplist"):
print "FAIL: decrypted _MKBPAYLOAD is not bplist"
return None
decryptedPlist = BPlistReader.plistWithString(decryptedPlist)
blob = decryptedPlist["KeyBagKeys"].data
return Keybag.createWithDataSignBlob(blob, deviceKey)
def createWithSystemkbfile(filename, bag1key, deviceKey=None):
if filename.startswith("bplist"): #HAX
mkb = BPlistReader.plistWithString(filename)
else:
mkb = BPlistReader.plistWithFile(filename)
try:
decryptedPlist = AESdecryptCBC(mkb["_MKBPAYLOAD"].data,
bag1key,
mkb["_MKBIV"].data,
padding=True)
except:
print "FAIL: AESdecryptCBC _MKBPAYLOAD => wrong BAG1 key ?"
return None
if not decryptedPlist.startswith("bplist"):
print "FAIL: decrypted _MKBPAYLOAD is not bplist"
return None
decryptedPlist = BPlistReader.plistWithString(decryptedPlist)
blob = decryptedPlist["KeyBagKeys"].data
return Keybag.createWithDataSignBlob(blob, deviceKey)
def decrypt_backup(backupfolder, outputfolder, passphrase):
manifest = plistlib.readPlist(backupfolder + "/Manifest.plist")
if not manifest["IsEncrypted"]:
print "backup is not encrypted manifest[IsEncrypted]"
return
manifest_data = manifest["Data"].data
authdata = manifest["AuthData"].data
pkbdf_salt = authdata[:8]
iv = authdata[8:24]
key = PBKDF2(passphrase,pkbdf_salt,iterations=2000).read(32)
data = AES.new(key, AES.MODE_CBC, iv).decrypt(authdata[24:])
auth_key = data[:32]
if hashlib.sha1(auth_key).digest() != data[32:52]:
print "wrong auth key (hash mismatch) => wrong passphrase"
return
print "Passphrase seems OK"
for mdinfo_name in glob.glob(backupfolder + "/*.mdinfo"):
mddata_name = mdinfo_name[:-7] + ".mddata"
mdinfo = BPlistReader.plistWithFile(mdinfo_name)
if mdinfo["IsEncrypted"]:
metadata = decrypt_blob(mdinfo["Metadata"], auth_key)
metadata = BPlistReader.plistWithString(metadata)
print metadata["Path"]
filedata = read_file(mddata_name)
filedata = decrypt_blob(filedata, auth_key)
filename = metadata["Path"].replace("/","_")
write_file(outputfolder + "/" + filename, filedata)
def createWithSystemkbfile(filename, bag1key, deviceKey=None):
if filename.startswith("bplist"): #HAX
mkb = BPlistReader.plistWithString(filename)
else:
mkb = BPlistReader.plistWithFile(filename)
try:
decryptedPlist = AESdecryptCBC(mkb["_MKBPAYLOAD"].data, bag1key, mkb["_MKBIV"].data, padding=True)
except:
print "FAIL: AESdecryptCBC _MKBPAYLOAD => wrong BAG1 key ?"
return None
if not decryptedPlist.startswith("bplist"):
print "FAIL: decrypted _MKBPAYLOAD is not bplist"
return None
decryptedPlist = BPlistReader.plistWithString(decryptedPlist)
blob = decryptedPlist["KeyBagKeys"].data
kb = Keybag.createWithDataSignBlob(blob, deviceKey)
if decryptedPlist.has_key("OpaqueStuff"):
OpaqueStuff = BPlistReader.plistWithString(decryptedPlist["OpaqueStuff"].data)
kb.passcodeComplexity = OpaqueStuff.get("keyboardType")
return kb
def getSystemkbfileWipeID(filename):
mkb = BPlistReader.plistWithFile(filename)
return mkb["_MKBWIPEID"]
def getSystemkbfileWipeID(filename):
mkb = BPlistReader.plistWithFile(filename)
return mkb["_MKBWIPEID"]
def __init__(self, filename, keybag):
self.keychain = BPlistReader.plistWithFile(filename)
self.keybag = keybag
def createWithSystemkbfile(filename, wipeablekey, deviceKey=None):
mkb = BPlistReader.plistWithFile(filename)
decryptedPlist = AESdecryptCBC(mkb["_MKBPAYLOAD"], wipeablekey, mkb["_MKBIV"], padding=True)
decryptedPlist = BPlistReader.plistWithString(decryptedPlist)
blob = decryptedPlist["KeyBagKeys"]
return Keybag.createWithDataSignBlob(blob, deviceKey)
def __init__(self, filename, keybag):
self.keychain = BPlistReader.plistWithFile(filename)
self.keybag = keybag
