diff --git a/.github/workflows/build_release.yml b/.github/workflows/build_release.yml index 84a1061..1b19187 100644 --- a/.github/workflows/build_release.yml +++ b/.github/workflows/build_release.yml @@ -209,6 +209,7 @@ jobs: make install - name: build wolfssl + if: ${{ env.OS != "win" }} run: | wget -q -nc -P ${BUILD_SOURCE} \ https://github.com/wolfSSL/wolfssl/archive/refs/tags/v${WOLFSSL_VERSION}-stable.tar.gz @@ -306,12 +307,14 @@ jobs: # because case-sensitive sed -i 's/Iphlpapi/iphlpapi/' ${BUILD_BASE}/lib/libimobiledevice-glue-1.0.la sed -i 's/Iphlpapi/iphlpapi/' ${BUILD_BASE}/lib/libirecovery-1.0.la + else + export TSSCHECKER_FLAGS="--with-wolfssl" fi ./autogen.sh \ ${CONFIGURE_FLAGS} \ --without-libcrypto \ - --with-wolfssl + ${TSSCHECKER_FLAGS} make -j$(nproc) \ LDFLAGS="-all-static -static ${LDFLAGS}" diff --git a/configure.ac b/configure.ac index 7c8fade..d96358d 100644 --- a/configure.ac +++ b/configure.ac @@ -82,6 +82,8 @@ AS_IF([test "x$with_wolfssl" = xyes], [ case "${host_os}" in darwin*) ;; + cygwin*|mingw*) + ;; *) AC_MSG_ERROR("No crypto library selected!", 1) ;; diff --git a/tsschecker/Makefile.am b/tsschecker/Makefile.am index e63cab0..eae0dd3 100644 --- a/tsschecker/Makefile.am +++ b/tsschecker/Makefile.am @@ -19,7 +19,7 @@ tsschecker_SOURCES = tsschecker.c tss.c download.c main.c endif if WINDOWS -tsschecker_LDFLAGS = -lpthread -Wl,--allow-multiple-definition $(AM_LDFLAGS) +tsschecker_LDFLAGS = -lpthread -Wl,--allow-multiple-definition -lbcrypt $(AM_LDFLAGS) else tsschecker_LDFLAGS = $(AM_LDFLAGS) endif diff --git a/tsschecker/tsschecker.c b/tsschecker/tsschecker.c index 2cb8e74..993692e 100644 --- a/tsschecker/tsschecker.c +++ b/tsschecker/tsschecker.c @@ -23,7 +23,11 @@ #include #include -#ifdef __APPLE__ +#ifdef WIN32 +#include +#include +#include +#elif defined(__APPLE__) # include # define SHA1(d, n, md) CC_SHA1(d, n, md) # define SHA384(d, n, md) CC_SHA384(d, n, md) @@ -46,7 +50,6 @@ #define printJString(str) printf("%.*s",(int)str->size,str->value) #ifdef WIN32 -#include #define __mkdir(path, mode) mkdir(path) static int win_path_didinit = 0; static const char *win_paths[4]; @@ -318,6 +321,92 @@ inline static t_bbdevice bbdevices_get_all() { return bbdevices; } +void sha1(unsigned char *buf, uint8_t bufSz, char* dest, uint8_t destSz) { +#ifdef WIN32 + BCRYPT_ALG_HANDLE hAlg = NULL; + BCRYPT_HASH_HANDLE hHash = NULL; + NTSTATUS status = STATUS_UNSUCCESSFUL; + DWORD size = 0; + + status = BCryptOpenAlgorithmProvider(&hAlg, BCRYPT_SHA1_ALGORITHM, NULL, 0); + if (status != STATUS_SUCCESS) { + error("BCryptOpenAlgorithmProvider failed: 0x%x", status); + exit(1); + } + + status = BCryptCreateHash(hAlg, &hHash, NULL, 0, NULL, 0, 0); + if (status != STATUS_SUCCESS) { + error("BCryptCreateHash failed: 0x%x", status); + exit(1); + } + + status = BCryptHashData(hHash, buf, bufSz, 0); + if (status) { + printf("BCryptHashData failed: 0x%x\n", status); + exit(1); + } + + status = BCryptFinishHash(hHash, dest, destSz, 0); + if (status) { + printf("BCryptFinishHash failed: 0x%x\n", status); + exit(1); + } + + BCryptCloseAlgorithmProvider(hAlg,0); + BCryptDestroyHash(hHash); +#elif defined(USE_WOLFSSL) + wc_Sha sha; + wc_InitSha(&sha); + wc_ShaUpdate(&sha, buf, bufSz); + wc_ShaFinal(&sha, (unsigned char*)dest); +#else + SHA1(buf, bufSz, (unsigned char*)dest); +#endif +} + +void sha384(unsigned char *buf, uint8_t bufSz, char* dest, uint8_t destSz) { +#ifdef WIN32 + BCRYPT_ALG_HANDLE hAlg = NULL; + BCRYPT_HASH_HANDLE hHash = NULL; + NTSTATUS status = STATUS_UNSUCCESSFUL; + DWORD size = 0; + + status = BCryptOpenAlgorithmProvider(&hAlg, BCRYPT_SHA384_ALGORITHM, NULL, 0); + if (status != STATUS_SUCCESS) { + error("BCryptOpenAlgorithmProvider failed: 0x%x", status); + exit(1); + } + + status = BCryptCreateHash(hAlg, &hHash, NULL, 0, NULL, 0, 0); + if (status != STATUS_SUCCESS) { + error("BCryptCreateHash failed: 0x%x", status); + exit(1); + } + + status = BCryptHashData(hHash, buf, bufSz, 0); + if (status) { + printf("BCryptHashData failed: 0x%x\n", status); + exit(1); + } + + status = BCryptFinishHash(hHash, dest, destSz, 0); + if (status) { + printf("BCryptFinishHash failed: 0x%x\n", status); + exit(1); + } + + BCryptCloseAlgorithmProvider(hAlg,0); + BCryptDestroyHash(hHash); +#elif defined(USE_WOLFSSL) + wc_Sha384 sha; + wc_InitSha384(&sha); + wc_Sha384Update(&sha, buf, bufSz); + wc_Sha384Final(&sha, dest); +#else + SHA384(buf, bufSz, dest); +#endif +} + char *getFirmwareJson(){ info("[TSSC] opening firmwares.json\n"); FILE *f = fopen(FIRMWARE_JSON_PATH, "rb"); @@ -828,14 +917,7 @@ int tss_populate_random(plist_t tssreq, int is64bit, t_devicevals *devVals){ getRandNum((char*)zz, 8, 256); snprintf(devVals->generator, 19, "0x%02x%02x%02x%02x%02x%02x%02x%02x",zz[7],zz[6],zz[5],zz[4],zz[3],zz[2],zz[1],zz[0]); makesha1: - #ifdef USE_WOLFSSL - wc_Sha sha; - wc_InitSha(&sha); - wc_ShaUpdate(&sha, zz, 8); - wc_ShaFinal(&sha, (unsigned char*)devVals->apnonce); - #else - SHA1(zz, 8, (unsigned char*)devVals->apnonce); - #endif + sha1(zz, 8, devVals->apnonce, 20); }else if (nonceLen == 32){ unsigned char zz[9] = {0}; unsigned char genHash[48]; //SHA384 digest length @@ -854,14 +936,7 @@ int tss_populate_random(plist_t tssreq, int is64bit, t_devicevals *devVals){ getRandNum((char*)zz, 8, 256); snprintf(devVals->generator, 19, "0x%02x%02x%02x%02x%02x%02x%02x%02x",zz[7],zz[6],zz[5],zz[4],zz[3],zz[2],zz[1],zz[0]); makesha384: - #ifdef USE_WOLFSSL - wc_Sha384 sha; - wc_InitSha384(&sha); - wc_Sha384Update(&sha, zz, 8); - wc_Sha384Final(&sha, genHash); - #else - SHA384(zz, 8, genHash); - #endif + sha384(zz, 8, genHash, 48); memcpy(devVals->apnonce, genHash, 32); }else{ return error("[TSSR] Automatic generator->nonce calculation failed. Unknown device with noncelen=%u\n",(unsigned int)nonceLen),-1;