diff --git a/chainbreaker/__init__.py b/chainbreaker/__init__.py index 0ab8c7b..a5b3e64 100644 --- a/chainbreaker/__init__.py +++ b/chainbreaker/__init__.py @@ -383,7 +383,7 @@ def _private_key_decryption(self, encryptedblob, iv): return keyname, keyblob - # ## Documents : http://www.opensource.apple.com/source/securityd/securityd-55137.1/doc/BLOBFORMAT + # ## Documents : https://github.com/apple-opensource/Security/blob/master/securityd/doc/BLOBFORMAT def _generate_master_key(self, pw): return pbkdf2_hmac('sha1', str.encode(pw), bytearray(self.dbblob.Salt), 1000, dklen=Chainbreaker.KEYLEN) @@ -453,7 +453,7 @@ def _get_private_key_record(self, record_offset): if not self.db_key: keyname = privatekey = Chainbreaker.KEYCHAIN_LOCKED_SIGNATURE else: - keyname, privatekey = self._private_key_decryption(record[10], record[9]) + keyname, privatekey = self._private_key_decryption(record[11], record[10]) return self.PrivateKeyRecord( print_name=record[0], label=record[1], @@ -462,10 +462,11 @@ def _get_private_key_record(self, record_offset): key_type=record[4], key_size=record[5], effective_key_size=record[6], - extracted=record[7], - cssm_type=record[8], - iv=record[9], - key=record[10], + is_extractable=record[7], + is_sensitive=record[8], + cssm_type=record[9], + iv=record[10], + key=record[11], key_name=keyname, private_key=privatekey, ) @@ -492,6 +493,7 @@ def _get_key_record(self, table_name, record_offset): record_meta = _SECKEY_HEADER(self.kc_buffer[base_addr:base_addr + _SECKEY_HEADER.STRUCT.size]) + print(_SECKEY_HEADER.STRUCT.size) key_blob = self.kc_buffer[base_addr + _SECKEY_HEADER.STRUCT.size:base_addr @@ -508,6 +510,7 @@ def _get_key_record(self, table_name, record_offset): self._get_int(base_addr, record_meta.KeySizeInBits & 0xFFFFFFFE), self._get_int(base_addr, record_meta.EffectiveKeySize & 0xFFFFFFFE), self._get_int(base_addr, record_meta.Extractable & 0xFFFFFFFE), + self._get_int(base_addr, record_meta.Sensitive & 0xFFFFFFFE), STD_APPLE_ADDIN_MODULE[ self._get_lv(base_addr, record_meta.KeyCreator & 0xFFFFFFFE).decode('utf-8').split('\x00')[0]], iv, @@ -872,8 +875,8 @@ def file_ext(self): class PrivateKeyRecord(KeychainRecord): def __init__(self, print_name=None, label=None, key_class=None, private=None, key_type=None, key_size=None, - effective_key_size=None, extracted=None, cssm_type=None, key_name=None, private_key=None, iv=None, - key=None): + effective_key_size=None, is_extractable=None, is_sensitive=None, cssm_type=None, key_name=None, + private_key=None, iv=None, key=None): self.PrintName = print_name self.Label = label self.KeyClass = key_class @@ -881,7 +884,8 @@ def __init__(self, print_name=None, label=None, key_class=None, private=None, ke self.KeyType = key_type self.KeySize = key_size self.EffectiveKeySize = effective_key_size - self.Extracted = extracted + self.isExtractable = is_extractable + self.isSensitive = is_sensitive self.CSSMType = cssm_type self.KeyName = key_name self.PrivateKey = private_key @@ -899,7 +903,8 @@ def __str__(self): output += ' [-] Key Type: %s\n' % self.KeyType output += ' [-] Key Size: %s\n' % self.KeySize output += ' [-] Effective Key Size: %s\n' % self.EffectiveKeySize - # output += ' [-] Extracted: %s\n' % self.Extracted + output += ' [-] isExtractable: %s\n' % self.isExtractable + output += ' [-] isSensitive: %s\n' % self.isSensitive output += ' [-] CSSM Type: %s\n' % self.CSSMType # output += ' [-] KeyName: %s\n' % self.KeyName