Skip to content

Commit

Permalink
use winapi bcrypt
Browse files Browse the repository at this point in the history
  • Loading branch information
1Conan committed Feb 10, 2022
1 parent 147083a commit 2137d93
Show file tree
Hide file tree
Showing 4 changed files with 100 additions and 20 deletions.
5 changes: 4 additions & 1 deletion .github/workflows/build_release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -209,6 +209,7 @@ jobs:
make install
- name: build wolfssl
if: ${{ env.OS != "win" }}
run: |
wget -q -nc -P ${BUILD_SOURCE} \
https://github.com/wolfSSL/wolfssl/archive/refs/tags/v${WOLFSSL_VERSION}-stable.tar.gz
Expand Down Expand Up @@ -306,12 +307,14 @@ jobs:
# because case-sensitive
sed -i 's/Iphlpapi/iphlpapi/' ${BUILD_BASE}/lib/libimobiledevice-glue-1.0.la
sed -i 's/Iphlpapi/iphlpapi/' ${BUILD_BASE}/lib/libirecovery-1.0.la
else
export TSSCHECKER_FLAGS="--with-wolfssl"
fi
./autogen.sh \
${CONFIGURE_FLAGS} \
--without-libcrypto \
--with-wolfssl
${TSSCHECKER_FLAGS}
make -j$(nproc) \
LDFLAGS="-all-static -static ${LDFLAGS}"
Expand Down
2 changes: 2 additions & 0 deletions configure.ac
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,8 @@ AS_IF([test "x$with_wolfssl" = xyes], [
case "${host_os}" in
darwin*)
;;
cygwin*|mingw*)
;;
*)
AC_MSG_ERROR("No crypto library selected!", 1)
;;
Expand Down
2 changes: 1 addition & 1 deletion tsschecker/Makefile.am
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ tsschecker_SOURCES = tsschecker.c tss.c download.c main.c
endif

if WINDOWS
tsschecker_LDFLAGS = -lpthread -Wl,--allow-multiple-definition $(AM_LDFLAGS)
tsschecker_LDFLAGS = -lpthread -Wl,--allow-multiple-definition -lbcrypt $(AM_LDFLAGS)
else
tsschecker_LDFLAGS = $(AM_LDFLAGS)
endif
111 changes: 93 additions & 18 deletions tsschecker/tsschecker.c
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,11 @@
#include <libfragmentzip/libfragmentzip.h>
#include <libirecovery.h>

#ifdef __APPLE__
#ifdef WIN32
#include <windows.h>
#include <bcrypt.h>
#include <ntstatus.h>
#elif defined(__APPLE__)
# include <CommonCrypto/CommonDigest.h>
# define SHA1(d, n, md) CC_SHA1(d, n, md)
# define SHA384(d, n, md) CC_SHA384(d, n, md)
Expand All @@ -46,7 +50,6 @@
#define printJString(str) printf("%.*s",(int)str->size,str->value)

#ifdef WIN32
#include <windows.h>
#define __mkdir(path, mode) mkdir(path)
static int win_path_didinit = 0;
static const char *win_paths[4];
Expand Down Expand Up @@ -318,6 +321,92 @@ inline static t_bbdevice bbdevices_get_all() {
return bbdevices;
}

void sha1(unsigned char *buf, uint8_t bufSz, char* dest, uint8_t destSz) {
#ifdef WIN32
BCRYPT_ALG_HANDLE hAlg = NULL;
BCRYPT_HASH_HANDLE hHash = NULL;
NTSTATUS status = STATUS_UNSUCCESSFUL;
DWORD size = 0;

status = BCryptOpenAlgorithmProvider(&hAlg, BCRYPT_SHA1_ALGORITHM, NULL, 0);
if (status != STATUS_SUCCESS) {
error("BCryptOpenAlgorithmProvider failed: 0x%x", status);
exit(1);
}

status = BCryptCreateHash(hAlg, &hHash, NULL, 0, NULL, 0, 0);
if (status != STATUS_SUCCESS) {
error("BCryptCreateHash failed: 0x%x", status);
exit(1);
}

status = BCryptHashData(hHash, buf, bufSz, 0);
if (status) {
printf("BCryptHashData failed: 0x%x\n", status);
exit(1);
}

status = BCryptFinishHash(hHash, dest, destSz, 0);
if (status) {
printf("BCryptFinishHash failed: 0x%x\n", status);
exit(1);
}

BCryptCloseAlgorithmProvider(hAlg,0);
BCryptDestroyHash(hHash);
#elif defined(USE_WOLFSSL)
wc_Sha sha;
wc_InitSha(&sha);
wc_ShaUpdate(&sha, buf, bufSz);
wc_ShaFinal(&sha, (unsigned char*)dest);
#else
SHA1(buf, bufSz, (unsigned char*)dest);
#endif
}

void sha384(unsigned char *buf, uint8_t bufSz, char* dest, uint8_t destSz) {
#ifdef WIN32
BCRYPT_ALG_HANDLE hAlg = NULL;
BCRYPT_HASH_HANDLE hHash = NULL;
NTSTATUS status = STATUS_UNSUCCESSFUL;
DWORD size = 0;

status = BCryptOpenAlgorithmProvider(&hAlg, BCRYPT_SHA384_ALGORITHM, NULL, 0);
if (status != STATUS_SUCCESS) {
error("BCryptOpenAlgorithmProvider failed: 0x%x", status);
exit(1);
}

status = BCryptCreateHash(hAlg, &hHash, NULL, 0, NULL, 0, 0);
if (status != STATUS_SUCCESS) {
error("BCryptCreateHash failed: 0x%x", status);
exit(1);
}

status = BCryptHashData(hHash, buf, bufSz, 0);
if (status) {
printf("BCryptHashData failed: 0x%x\n", status);
exit(1);
}

status = BCryptFinishHash(hHash, dest, destSz, 0);
if (status) {
printf("BCryptFinishHash failed: 0x%x\n", status);
exit(1);
}

BCryptCloseAlgorithmProvider(hAlg,0);
BCryptDestroyHash(hHash);
#elif defined(USE_WOLFSSL)
wc_Sha384 sha;
wc_InitSha384(&sha);
wc_Sha384Update(&sha, buf, bufSz);
wc_Sha384Final(&sha, dest);
#else
SHA384(buf, bufSz, dest);
#endif
}

char *getFirmwareJson(){
info("[TSSC] opening firmwares.json\n");
FILE *f = fopen(FIRMWARE_JSON_PATH, "rb");
Expand Down Expand Up @@ -828,14 +917,7 @@ int tss_populate_random(plist_t tssreq, int is64bit, t_devicevals *devVals){
getRandNum((char*)zz, 8, 256);
snprintf(devVals->generator, 19, "0x%02x%02x%02x%02x%02x%02x%02x%02x",zz[7],zz[6],zz[5],zz[4],zz[3],zz[2],zz[1],zz[0]);
makesha1:
#ifdef USE_WOLFSSL
wc_Sha sha;
wc_InitSha(&sha);
wc_ShaUpdate(&sha, zz, 8);
wc_ShaFinal(&sha, (unsigned char*)devVals->apnonce);
#else
SHA1(zz, 8, (unsigned char*)devVals->apnonce);
#endif
sha1(zz, 8, devVals->apnonce, 20);
}else if (nonceLen == 32){
unsigned char zz[9] = {0};
unsigned char genHash[48]; //SHA384 digest length
Expand All @@ -854,14 +936,7 @@ int tss_populate_random(plist_t tssreq, int is64bit, t_devicevals *devVals){
getRandNum((char*)zz, 8, 256);
snprintf(devVals->generator, 19, "0x%02x%02x%02x%02x%02x%02x%02x%02x",zz[7],zz[6],zz[5],zz[4],zz[3],zz[2],zz[1],zz[0]);
makesha384:
#ifdef USE_WOLFSSL
wc_Sha384 sha;
wc_InitSha384(&sha);
wc_Sha384Update(&sha, zz, 8);
wc_Sha384Final(&sha, genHash);
#else
SHA384(zz, 8, genHash);
#endif
sha384(zz, 8, genHash, 48);
memcpy(devVals->apnonce, genHash, 32);
}else{
return error("[TSSR] Automatic generator->nonce calculation failed. Unknown device with noncelen=%u\n",(unsigned int)nonceLen),-1;
Expand Down

0 comments on commit 2137d93

Please sign in to comment.