From 5d4f094f09a0a72a778a20026e47596b2bb4ffd8 Mon Sep 17 00:00:00 2001 From: blacktop Date: Fri, 2 Aug 2024 11:56:28 -0600 Subject: [PATCH] chore: add support for `--key-val` in `ipsw ota` `extract` and `ls` cmds --- cmd/ipsw/cmd/ota/ota_extract.go | 4 +++- cmd/ipsw/cmd/ota/ota_ls.go | 4 +++- pkg/ota/aa.go | 9 +++++++-- 3 files changed, 13 insertions(+), 4 deletions(-) diff --git a/cmd/ipsw/cmd/ota/ota_extract.go b/cmd/ipsw/cmd/ota/ota_extract.go index d2fd451e8..c0675d38a 100644 --- a/cmd/ipsw/cmd/ota/ota_extract.go +++ b/cmd/ipsw/cmd/ota/ota_extract.go @@ -45,6 +45,7 @@ func init() { otaExtractCmd.Flags().BoolP("kernel", "k", false, "Extract kernelcache") otaExtractCmd.Flags().StringP("pattern", "p", "", "Regex pattern to match files") otaExtractCmd.Flags().StringP("range", "r", "", "Regex pattern control the payloadv2 file range to search") + otaExtractCmd.Flags().StringP("key-val", "b", "", "Base64 encoded symmetric encryption key") otaExtractCmd.Flags().BoolP("confirm", "y", false, "Confirm searching for pattern in payloadv2 files") otaExtractCmd.Flags().BoolP("decomp", "x", false, "Decompress pbzx files") otaExtractCmd.Flags().StringP("output", "o", "", "Output folder") @@ -53,6 +54,7 @@ func init() { viper.BindPFlag("ota.extract.kernel", otaExtractCmd.Flags().Lookup("kernel")) viper.BindPFlag("ota.extract.pattern", otaExtractCmd.Flags().Lookup("pattern")) viper.BindPFlag("ota.extract.range", otaExtractCmd.Flags().Lookup("range")) + viper.BindPFlag("ota.extract.key-val", otaExtractCmd.Flags().Lookup("key-val")) viper.BindPFlag("ota.extract.confirm", otaExtractCmd.Flags().Lookup("confirm")) viper.BindPFlag("ota.extract.decomp", otaExtractCmd.Flags().Lookup("decomp")) viper.BindPFlag("ota.extract.output", otaExtractCmd.Flags().Lookup("output")) @@ -85,7 +87,7 @@ var otaExtractCmd = &cobra.Command{ output = filepath.Clean(viper.GetString("ota.extract.output")) } - o, err := ota.Open(filepath.Clean(args[0])) + o, err := ota.Open(filepath.Clean(args[0]), viper.GetString("ota.extract.key-val")) if err != nil { return fmt.Errorf("failed to open OTA file: %v", err) } diff --git a/cmd/ipsw/cmd/ota/ota_ls.go b/cmd/ipsw/cmd/ota/ota_ls.go index a85d12f6b..69e562d46 100644 --- a/cmd/ipsw/cmd/ota/ota_ls.go +++ b/cmd/ipsw/cmd/ota/ota_ls.go @@ -43,11 +43,13 @@ func init() { otaLsCmd.Flags().BoolP("payload", "p", false, "List the payloadv2 files") otaLsCmd.Flags().StringP("pattern", "r", "", "Regex pattern to match payloadv2 files") otaLsCmd.Flags().BoolP("bom", "b", false, "List the post.bom files") + otaLsCmd.Flags().StringP("key-val", "b", "", "Base64 encoded symmetric encryption key") otaLsCmd.Flags().BoolP("json", "j", false, "Output in JSON format") otaLsCmd.MarkFlagsMutuallyExclusive("payload", "bom") viper.BindPFlag("ota.ls.pattern", otaLsCmd.Flags().Lookup("pattern")) viper.BindPFlag("ota.ls.payload", otaLsCmd.Flags().Lookup("payload")) viper.BindPFlag("ota.ls.bom", otaLsCmd.Flags().Lookup("bom")) + viper.BindPFlag("ota.ls.key-val", otaLsCmd.Flags().Lookup("key-val")) viper.BindPFlag("ota.ls.json", otaLsCmd.Flags().Lookup("json")) } @@ -66,7 +68,7 @@ var otaLsCmd = &cobra.Command{ } color.NoColor = viper.GetBool("no-color") - ota, err := ota.Open(filepath.Clean(args[0])) + ota, err := ota.Open(filepath.Clean(args[0]), viper.GetString("ota.ls.key-val")) if err != nil { return fmt.Errorf("failed to open OTA file: %v", err) } diff --git a/pkg/ota/aa.go b/pkg/ota/aa.go index 1e17b18a6..fb00e123d 100644 --- a/pkg/ota/aa.go +++ b/pkg/ota/aa.go @@ -99,11 +99,16 @@ func NewOTA(r io.ReaderAt, size int64) (*AA, error) { return f, nil } -func Open(name string) (*AA, error) { +func Open(name string, symmetricKey ...string) (*AA, error) { if isAEA, err := magic.IsAEA(name); err != nil { return nil, err } else if isAEA { // check if file is AEA encrypted - key, _ := getKeyFromName(name) + var key string + if len(symmetricKey) > 0 { + key = symmetricKey[0] + } else { + key, _ = getKeyFromName(name) + } name, err = aea.Decrypt(&aea.DecryptConfig{ Input: name, Output: os.TempDir(),