From 16d4771621904bd265a8f03ddb30dbcf112c9b0f Mon Sep 17 00:00:00 2001 From: alfiecg24 Date: Sun, 10 Dec 2023 15:47:58 +0000 Subject: [PATCH] Defend against apps with encrypted binaries --- Exploits/fastPathSign/Makefile | 2 +- Exploits/fastPathSign/src/coretrust_bug.c | 20 ++++- .../src/external/include/choma/CSBlob.h | 77 ++++++++++-------- .../src/external/include/choma/FAT.h | 7 +- .../src/external/include/choma/MachO.h | 6 ++ .../external/include/choma/MachOByteOrder.h | 7 ++ .../src/external/include/choma/PatchFinder.h | 17 ++-- .../src/external/include/choma/Signing.h | 12 --- .../src/external/include/choma/Util.h | 1 + .../fastPathSign/src/external/lib/libchoma.a | Bin 90240 -> 120096 bytes Exploits/fastPathSign/src/main.m | 55 +++++++------ RootHelper/external/include/choma/CSBlob.h | 77 ++++++++++-------- RootHelper/external/include/choma/FAT.h | 7 +- RootHelper/external/include/choma/MachO.h | 6 ++ .../external/include/choma/MachOByteOrder.h | 7 ++ .../external/include/choma/PatchFinder.h | 17 ++-- RootHelper/external/include/choma/Signing.h | 12 --- RootHelper/external/include/choma/Util.h | 1 + RootHelper/external/lib/libchoma.a | Bin 90608 -> 92696 bytes RootHelper/main.m | 7 ++ TrollStore/TSApplicationsManager.m | 3 + 21 files changed, 205 insertions(+), 136 deletions(-) delete mode 100644 Exploits/fastPathSign/src/external/include/choma/Signing.h delete mode 100644 RootHelper/external/include/choma/Signing.h diff --git a/Exploits/fastPathSign/Makefile b/Exploits/fastPathSign/Makefile index c7ff624..e1a3981 100644 --- a/Exploits/fastPathSign/Makefile +++ b/Exploits/fastPathSign/Makefile @@ -9,4 +9,4 @@ $(TARGET): $(wildcard src/*.m src/*.c) $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ clean: - @rm -f $(TARGET) \ No newline at end of file + @rm -f $(TARGET) diff --git a/Exploits/fastPathSign/src/coretrust_bug.c b/Exploits/fastPathSign/src/coretrust_bug.c index 7fbc1c1..5978529 100644 --- a/Exploits/fastPathSign/src/coretrust_bug.c +++ b/Exploits/fastPathSign/src/coretrust_bug.c @@ -10,7 +10,6 @@ #include #include #include -#include #include #include #include @@ -122,6 +121,12 @@ int apply_coretrust_bypass(const char *machoPath) { MachO *macho = macho_init_for_writing(machoPath); if (!macho) return -1; + + if (macho_is_encrypted(macho)) { + printf("Error: MachO is encrypted, please use a decrypted app!\n"); + macho_free(macho); + return 2; + } CS_SuperBlob *superblob = macho_read_code_signature(macho); if (!superblob) { @@ -137,8 +142,19 @@ int apply_coretrust_bypass(const char *machoPath) CS_DecodedBlob *mainCodeDirBlob = csd_superblob_find_blob(decodedSuperblob, CSSLOT_CODEDIRECTORY, NULL); CS_DecodedBlob *alternateCodeDirBlob = csd_superblob_find_blob(decodedSuperblob, CSSLOT_ALTERNATE_CODEDIRECTORIES, NULL); + CS_DecodedBlob *entitlementsBlob = csd_superblob_find_blob(decodedSuperblob, CSSLOT_ENTITLEMENTS, NULL); + CS_DecodedBlob *derEntitlementsBlob = csd_superblob_find_blob(decodedSuperblob, CSSLOT_DER_ENTITLEMENTS, NULL); + + if (!entitlementsBlob && !derEntitlementsBlob && macho->machHeader.filetype == MH_EXECUTE) { + printf("Error: Unable to find existing entitlements blobs in executable MachO, please make sure to ad-hoc sign with entitlements before running the bypass.\n"); + csd_blob_free(mainCodeDirBlob); + if (alternateCodeDirBlob) csd_blob_free(alternateCodeDirBlob); + macho_free(macho); + return -1; + } + if (!mainCodeDirBlob) { - printf("Error: Unable to find code directory, make sure the input binary is ad-hoc signed?\n"); + printf("Error: Unable to find code directory, make sure the input binary is ad-hoc signed.\n"); return -1; } diff --git a/Exploits/fastPathSign/src/external/include/choma/CSBlob.h b/Exploits/fastPathSign/src/external/include/choma/CSBlob.h index 5901e84..f779929 100644 --- a/Exploits/fastPathSign/src/external/include/choma/CSBlob.h +++ b/Exploits/fastPathSign/src/external/include/choma/CSBlob.h @@ -12,63 +12,74 @@ // Blob index typedef struct __BlobIndex { - uint32_t type; - uint32_t offset; + uint32_t type; + uint32_t offset; } CS_BlobIndex; // CMS superblob typedef struct __SuperBlob { - uint32_t magic; - uint32_t length; - uint32_t count; - CS_BlobIndex index[]; + uint32_t magic; + uint32_t length; + uint32_t count; + CS_BlobIndex index[]; } CS_SuperBlob; typedef struct __GenericBlob { - uint32_t magic; /* magic number */ - uint32_t length; /* total length of blob */ - char data[]; + uint32_t magic; /* magic number */ + uint32_t length; /* total length of blob */ + char data[]; } CS_GenericBlob; // CMS blob magic types enum { - CSBLOB_REQUIREMENT = 0xfade0c00, - CSBLOB_REQUIREMENTS = 0xfade0c01, - CSBLOB_CODEDIRECTORY = 0xfade0c02, - CSBLOB_EMBEDDED_SIGNATURE = 0xfade0cc0, - CSBLOB_DETACHED_SIGNATURE = 0xfade0cc1, - CSBLOB_ENTITLEMENTS = 0xfade7171, - CSBLOB_DER_ENTITLEMENTS = 0xfade7172, - CSBLOB_SIGNATURE_BLOB = 0xfade0b01 -} CS_BlobType; + CSMAGIC_REQUIREMENT = 0xfade0c00, + CSMAGIC_REQUIREMENTS = 0xfade0c01, + CSMAGIC_CODEDIRECTORY = 0xfade0c02, + CSMAGIC_EMBEDDED_SIGNATURE = 0xfade0cc0, + CSMAGIC_EMBEDDED_SIGNATURE_OLD = 0xfade0b02, + CSMAGIC_EMBEDDED_ENTITLEMENTS = 0xfade7171, + CSMAGIC_EMBEDDED_DER_ENTITLEMENTS = 0xfade7172, + CSMAGIC_DETACHED_SIGNATURE = 0xfade0cc1, + CSMAGIC_BLOBWRAPPER = 0xfade0b01, + CSMAGIC_EMBEDDED_LAUNCH_CONSTRAINT = 0xfade8181, +} CS_BlobMagic; enum { CSSLOT_CODEDIRECTORY = 0, - CSSLOT_INFOSLOT = 1, - CSSLOT_REQUIREMENTS = 2, - CSSLOT_RESOURCEDIR = 3, - CSSLOT_APPLICATION = 4, - CSSLOT_ENTITLEMENTS = 5, + CSSLOT_INFOSLOT = 1, + CSSLOT_REQUIREMENTS = 2, + CSSLOT_RESOURCEDIR = 3, + CSSLOT_APPLICATION = 4, + CSSLOT_ENTITLEMENTS = 5, CSSLOT_DER_ENTITLEMENTS = 7, - CSSLOT_ALTERNATE_CODEDIRECTORIES = 0x1000, - CSSLOT_ALTERNATE_CODEDIRECTORY_MAX = 5, - CSSLOT_ALTERNATE_CODEDIRECTORY_LIMIT = CSSLOT_ALTERNATE_CODEDIRECTORIES + CSSLOT_ALTERNATE_CODEDIRECTORY_MAX, - CSSLOT_SIGNATURESLOT = 0x10000 + CSSLOT_LAUNCH_CONSTRAINT_SELF = 8, + CSSLOT_LAUNCH_CONSTRAINT_PARENT = 9, + CSSLOT_LAUNCH_CONSTRAINT_RESPONSIBLE = 10, + CSSLOT_LIBRARY_CONSTRAINT = 11, + + CSSLOT_ALTERNATE_CODEDIRECTORIES = 0x1000, /* first alternate CodeDirectory, if any */ + CSSLOT_ALTERNATE_CODEDIRECTORY_MAX = 5, /* max number of alternate CD slots */ + CSSLOT_ALTERNATE_CODEDIRECTORY_LIMIT = CSSLOT_ALTERNATE_CODEDIRECTORIES + CSSLOT_ALTERNATE_CODEDIRECTORY_MAX, /* one past the last */ + + CSSLOT_SIGNATURESLOT = 0x10000, + CSSLOT_IDENTIFICATIONSLOT = 0x10001, + CSSLOT_TICKETSLOT = 0x10002, } CS_SlotType; typedef struct s_CS_DecodedBlob { - struct s_CS_DecodedBlob *next; - uint32_t type; - MemoryStream *stream; + struct s_CS_DecodedBlob *next; + uint32_t type; + MemoryStream *stream; } CS_DecodedBlob; typedef struct s_CS_DecodedSuperBlob { - uint32_t magic; - struct s_CS_DecodedBlob *firstBlob; + uint32_t magic; + struct s_CS_DecodedBlob *firstBlob; } CS_DecodedSuperBlob; // Convert blob magic to readable blob type string -char *cs_blob_magic_to_string(int magic); +const char *cs_blob_magic_to_string(uint32_t magic); +const char *cs_slot_type_to_string(uint32_t slotType); // Extract Code Signature to file int macho_extract_cs_to_file(MachO *macho, CS_SuperBlob *superblob); diff --git a/Exploits/fastPathSign/src/external/include/choma/FAT.h b/Exploits/fastPathSign/src/external/include/choma/FAT.h index 22faf05..102133b 100644 --- a/Exploits/fastPathSign/src/external/include/choma/FAT.h +++ b/Exploits/fastPathSign/src/external/include/choma/FAT.h @@ -30,11 +30,16 @@ FAT *fat_init_from_memory_stream(MemoryStream *stream); // Initialise a FAT structure using the path to the file FAT *fat_init_from_path(const char *filePath); -//FAT *fat_init_from_path_for_writing(const char *filePath); // Find macho with cputype and cpusubtype in FAT, returns NULL if not found MachO *fat_find_slice(FAT *fat, cpu_type_t cputype, cpu_subtype_t cpusubtype); +// Create a FAT structure from an array of MachO structures +FAT *fat_create_for_macho_array(char *firstInputPath, MachO **machoArray, int machoArrayCount); + +// Add a MachO to the FAT structure +int fat_add_macho(FAT *fat, MachO *macho); + // Free all elements of the FAT structure void fat_free(FAT *fat); diff --git a/Exploits/fastPathSign/src/external/include/choma/MachO.h b/Exploits/fastPathSign/src/external/include/choma/MachO.h index 5b92923..1b933ba 100644 --- a/Exploits/fastPathSign/src/external/include/choma/MachO.h +++ b/Exploits/fastPathSign/src/external/include/choma/MachO.h @@ -57,6 +57,12 @@ MachO *macho_init(MemoryStream *stream, struct fat_arch_64 archDescriptor); // Initialize a single slice macho for writing to it MachO *macho_init_for_writing(const char *filePath); +// Create an array of MachO objects from an array of paths +MachO **macho_array_create_for_paths(char **inputPaths, int inputPathsCount); + +// Check if a MachO is encrypted +bool macho_is_encrypted(MachO *macho); + void macho_free(MachO *macho); #endif // MACHO_SLICE_H \ No newline at end of file diff --git a/Exploits/fastPathSign/src/external/include/choma/MachOByteOrder.h b/Exploits/fastPathSign/src/external/include/choma/MachOByteOrder.h index 394dba7..f1b0a7b 100644 --- a/Exploits/fastPathSign/src/external/include/choma/MachOByteOrder.h +++ b/Exploits/fastPathSign/src/external/include/choma/MachOByteOrder.h @@ -99,6 +99,13 @@ applier(lc, dataoff); \ applier(lc, datasize); +#define ENCRYPTION_INFO_COMMAND_APPLY_BYTE_ORDER(eic, applier) \ + applier(eic, cmd); \ + applier(eic, cmdsize); \ + applier(eic, cryptoff); \ + applier(eic, cryptsize); \ + applier(eic, cryptid); + #define BLOB_INDEX_APPLY_BYTE_ORDER(bi, applier) \ applier(bi, type); \ applier(bi, offset); diff --git a/Exploits/fastPathSign/src/external/include/choma/PatchFinder.h b/Exploits/fastPathSign/src/external/include/choma/PatchFinder.h index b2ddd60..d15b0f4 100644 --- a/Exploits/fastPathSign/src/external/include/choma/PatchFinder.h +++ b/Exploits/fastPathSign/src/external/include/choma/PatchFinder.h @@ -6,6 +6,7 @@ #define METRIC_TYPE_FUNCTION_XREF 3 typedef struct PFSection { + MachO *macho; uint64_t fileoff; uint64_t vmaddr; uint64_t size; @@ -13,13 +14,16 @@ typedef struct PFSection { bool ownsCache; } PFSection; -PFSection *macho_patchfinder_create_section(MachO *macho, const char *filesetEntryId, const char *segName, const char *sectName); -int macho_patchfinder_cache_section(PFSection *section, MachO *fromMacho); -void macho_patchfinder_section_free(PFSection *section); +PFSection *pf_section_init_from_macho(MachO *macho, const char *filesetEntryId, const char *segName, const char *sectName); +int pf_section_read_at_relative_offset(PFSection *section, uint64_t rel, size_t size, void *outBuf); +int pf_section_read_at_address(PFSection *section, uint64_t vmaddr, void *outBuf, size_t size); +uint32_t pf_section_read32(PFSection *section, uint64_t vmaddr); +int pf_section_set_cached(PFSection *section, bool cached); +void pf_section_free(PFSection *section); + typedef struct MetricShared { uint32_t type; - PFSection *section; } MetricShared; @@ -39,6 +43,5 @@ typedef struct BytePatternMetric { BytePatternAlignment alignment; } BytePatternMetric; -BytePatternMetric *macho_patchfinder_create_byte_pattern_metric(PFSection *section, void *bytes, void *mask, size_t nbytes, BytePatternAlignment alignment); - -void macho_patchfinder_run_metric(MachO *macho, void *metric, void (^matchBlock)(uint64_t vmaddr, bool *stop)); +BytePatternMetric *pf_create_byte_pattern_metric(void *bytes, void *mask, size_t nbytes, BytePatternAlignment alignment); +void pf_section_run_metric(PFSection *section, void *metric, void (^matchBlock)(uint64_t vmaddr, bool *stop)); diff --git a/Exploits/fastPathSign/src/external/include/choma/Signing.h b/Exploits/fastPathSign/src/external/include/choma/Signing.h deleted file mode 100644 index 5a0d670..0000000 --- a/Exploits/fastPathSign/src/external/include/choma/Signing.h +++ /dev/null @@ -1,12 +0,0 @@ -#ifndef SIGNING_H -#define SIGNING_H - -#include -#include -#include -#include -#include - -// int signWithRSA(const char *certificateFile, const char *inputFile, const char *outputFile); - -#endif // SIGNING_H \ No newline at end of file diff --git a/Exploits/fastPathSign/src/external/include/choma/Util.h b/Exploits/fastPathSign/src/external/include/choma/Util.h index acca0ab..4bbda41 100644 --- a/Exploits/fastPathSign/src/external/include/choma/Util.h +++ b/Exploits/fastPathSign/src/external/include/choma/Util.h @@ -1,6 +1,7 @@ #include #include +int memcmp_masked(const void *str1, const void *str2, unsigned char* mask, size_t n); uint64_t align_to_size(int size, int alignment); int count_digits(int64_t num); void print_hash(uint8_t *hash, size_t size); \ No newline at end of file diff --git a/Exploits/fastPathSign/src/external/lib/libchoma.a b/Exploits/fastPathSign/src/external/lib/libchoma.a index e71ff9b1f1fa35b731b941fb18a4a340779e2447..e69e1860cc810354eee338317d1085e780294d9c 100644 GIT binary patch delta 41961 zcmbV#4SZC^z4kfT02@9+0)d2&kd1&O$U;H_B+5!KAVC+21QeCH3CTjDA&E&)QuUtL z&^Ep5Tj-%(TEBwWc0;w|#n#YkD_*>9+ENSF_R`kg2Eld_Yw_yahE^}{^UVCuX0t@w zzVplGInT_0zQ5Fguv<%~0 zqVWU4{}TMY;03|4rgmVO;5@;r1aB0q6>JlHQ1I)5FABa!v=E|mqH$4hc7pb3wcr-P z2L!(+_>$l$!BmOqpA!wE{9eO21Wx>g;GYH4#C$Q(qQFMcxL2@B1b-v^-vy_Q&<=h@ z_zsbKQ1B4VziSx368x;-eS*sc%LN-o7?!f|WzqPdBRJA94*twA(ggnqee!$2`%W81 zrJ#lU?|a)YPLc!vEcl%0|4?v}V7A~Q!BwM>|Fl>k8g~jlBKTXu-Qw`mfDKlQ zK?}HJl4;x~7!rI=@Jhiq1mCuj48wD^X`B%J3k=8?jMkVYXb3J9xpjiu1RoGA6S=Pn zzg+Mx(cdI^SoE!N^6)SW_HHzdM+JKYPY9kC{J(==o7q0 zuuG$5JR%w|2!3ILVbuMLY5WG9_(ZD4?+P9lJT3T<;3%;-Nib9Ja=}8u62a>gTF5KW z*dlnh;7-9O1P=&)SMW8#w*>zt__hT6f?(oU9f9eBa|N#@T8Lr2XxM^%f@cL&$7u(y z65J&CIl(6dzb|-BaD1}1S15R+V1wX;K#NHn7LB8VzZ3k6;Dqtop*e!f1aA<$U2unB zm*AHKzb^P)!Ji4fJ0A6)0Z2~K9xN2}3vLs9SnwIaV}idG{2#$YDGRBB9>ILURf1~; zZ%sx0X8<;f#vOv&1^-nrZK7ceJZ2h};3IbAPjuhYzI`_rQ<$JVz7f{isT?agh$+C%>}+BQS4Tw$gidU$NTX{}hfZiNcs z>bBrEBQS)PSGTm)S2tX*pwxI@>>f8|Ap=ID)Yw()- zwu-iv`o^uwTDhh4nwlDd)s0$*8mr;>R`F8V5{<=$gE9!jcEk#4fG{f|M@Pb@3|2NW z`J-{u)E{iz+E%B`Ev@5NReIWZ?G|lRJFHpMMMpTs&9(KlrA^zKt6LDZruy3DwWZ5f zx3+F)d=y<t#CoP zxq8Jq6p@zNo2nb?QK*LtLVPsD-k_`T0_81DTk0Ev)+LdN7rb$~i2hy4in^xY=B6Ek zey(n8ZL4l*2)2}0*W6jX6=^1J(2thJ>INfVIcbOzwrx#y%biFVCim(UvChO9E&N!s zikPImG-c!bsAz9(vx3{8yY&-Xgpih5RWRtSE*&ddYg(G_p`Z1v2ToM9;hLt+NZ*RK zCZ`xOTH0uRu(eH$tvK_Rrn~Ez??@|2_851!x7LYgr499{{ewmo!J6$Y!E2hD+E~yk znu9gk3}vjTrM|6wb>o(%uXSjTiaTy>l@p& z1-c3mlz$zC`k?4HZQIt=ctiCz9sSa#?Tu|M?Ss6fVMRS0s^7ewrMA2&>fnkX(yqR_ z&4RWH(#o3h?VC{vHQ82O->|&4w#5nXN;tc{we6;0ODm(Ig@&uS@ugQM6zkfsc1kU@ zPO$|$-u_C41UbgM3b39zmD zr0@+Ec;)`JEhrbY4TCwby0NZ)bA8+LAq|>t4VO2x-B4{w&JAh){7p604bWL#s~lAn zg(#Y>YbtJ7UyeScroOqlVNkbL*P=DG3)i()E1PR-(P5xktf^h(pks7{j<^+M(OQoV zSqZFd*;?IL|0&hRMIDaStZvwVE-z}N>r;Gbl?qth+>C0Z3o3$pHwv#4&GKMNeG_A6 z)z{wGR@$tEZfx6dLlc?}9Tq2~6?N75DsX&QSyL-(qt&c#JV>L$ubmpord$3<*Y4regc%J5Xj-CQBZR){wTq zS6?gID!&I?fh%sA9c^b9^8&GcU z4hEXGY-tUmaf}gS3{jo zru}ewf%iC`uy|$c!rZM4>p-AJxkyh2@&|1r9lsIwd+7`8<0*+tFCHCn;=`s%Js;gW zx#y$K5xcuxGY0l`W)6g1w-30@l4AGE#$Az7PfYDIjU}+1ru0WZ-%Pm6-qknbh8ex5 zL_6$)wa&_c@X_hLVOQlq_kQz4xN{2lCh)1f`&o6E-1P1c1_9Qq0uV2i(+&fQF%EgDyL7I zyZ_;+taqYvOI%bUTT3qVyAYL`#)ZhwOAbe_M^r8vyWiZe6Y=jxXR_n+)ePrFDJm*Q z<`qDz9}b-={RbVJjXcM2kleeQF5C4kt=6lL9pKA?z*!Xz1x1uHRG}OYLRgYmEnoCd977v>z zn$I6?4Ei)U74@_P(Y7@PYdy1TJ!%q7SEAF-Elq>=HmmumrwNmqEe%cgc<#ZxCdSH| z3izdFtMp%4tk|x`qFc5%G_-3;_!HxHc5Il2n_CVE9cFqeiZKoh25!iN+8SbSFjj*> z9JKfk$7;~Z$4rC=J++XQPG~u*3)Zec&ccCV6J${0|1Uk1{T6ojtseAr@J7w{f}(}; z)Y#PKsfL-J$^R1(iI0bJ@)P5sB&@-RVDgJ1i!flY5cIUwRX2K?8iSs}Fr$#S)xo^A zu4#KitqN)#Ms&f(`SS+@I+#SNjA6pUNO@`orz@@Sas^#xZd;1Bvq|~sVG!U z18ZwWw{Z4{qIdq0!eY`VBxNp}$U}Zz*sp?BxN` z^ZVy%^rZl&VF}bb77tkX_q#Rvj-&Zw0FD7Mbnv79Ci)%)Vg%sr5cB(hNLT+3jlMe3 z=PM{=oxe(>uMo%piOQ7BqJkTM&;{y6VL{>2X13)B-{{xM_7e&7p zh_L#f*XZj4GGNSm+Vcb9l)p?PUUDfuvH+UN_&KTx4^}cXd{Z7o!i}^9(`G_{vVf<*nUii)MUpY`GL$re;@TdrUL--rQ9~b_= z!iyz=Gpt6&Eh)t5Z%wjakb{CJ3cHm4qYvE)*hv687iumTG5ikbUa*_ z`~}XdXS{vJ8|fu^GWi&Ou93fJ zNl~6XBBx?P^K6~+ImlD0=Gkgi(Z|s}6t!uxcaC8kRkI4mbB2RnR8jlol!;Ys-(OZ&D2uIAvIIYEF$v_<1PpdEJE{)G8H?sSO|Uo zvhceRKaVrBuuJB8GIPf2SwqBCa(H#s1M7Zt+eXqRUgYrpxw_QQWYvb57U z(VuP{j-+!Cp4Os*G>xE_(kqP^j)FQQYcQBdv(Gg4A1d_LjW@ePsng9_ z_L@Z#552y0zuOM1OdsjVX=GAt8TJb+$EW(Mw>Q?*)v6JYTC=r}z~r5k znTej9{9OCo${BcA=sXlS4~5RdBK0uVlOxlMT%*+f%gRq#+Fd#;Yr&q@1`HT;T7wN+ za*dBO<$IULwvRW*0!}krtl!)agi!tFmg<)Fcs~p_oO9LUit^KN)~NLh7_GOyzUIzg zn|ikQotbSvb?t|tr2%uS9bQ#t_S^5RO3&?=-k_h&kViE}coOW#$bBr>F7}z-9eys3ahhEltqoIl#w3;I4T{sox-%)8DTm0iPafy z3<;?+?B&_%=B&{2Br_{il4QC~9r0aaUT43Yo#7s@h1=}+%F+`WCfK8|pONHYCkj<$ zpF)^63Ui0{m6;iC&S;_PRG|8Vy{II2PSR%6?Nf*tS9YMDr^`v}F)pR53%$GyjtINY z-i>Ht07tcpg4UzxPB3ur?ggT$_wUi@;|?fv0p3?I3ZwZE;5?YWsL|I2ycPO|z-C|` z@CumE)99N8U#g)$7C0CB^cCpi@G%$sLj(zE`TFs&!7v)$&{+92FaV3)z$L(0z#?E8 zkO4^n=D>lm8hz(845JYG$AJv+(}Irz?*QKk#Nf=^01N^*0qM?0U=GG?{`Km?@D%~+ zPzI0=eUPs443G{T1Ja@AfplmWa1+oEq=RL^ISAMajlK*ZS|D#TGG+;|9Jm_Ti(FHP zyu6lU<{~}-(=d0T$LBFuA$9|o0(Sz7fGMK?4(2R0?-P6o$N;SXQtse*!?+T-6G*u_ z!5qO4P#~#)5@_9who|sB2ReXE`ZnNJ;D;#Yb--i5%Yjb=8)*)_6IdwvX}~SuucJ0m z?s;H6<$&9O8-et2J&^9r0#XheS}Y~-3Th~mxB++@&<~`A93TVu!Dt=8K42yI5nvUN zdyFX80lXb}A8jGwh@6_nq0h|HerqNdi%mlC1=;M|^ zG$sD^8hvFzG!gz48ZBQD9?&NE3pM(3fT-I3SsHyAK-5Tonns@+m=2z((Kp~yi`srp zYf!^{5g=-q|BOc8Ngyhi|8eB0fF-uYV_p*@uz0@Kwk-Ziv@@z%7H>;hfx5I)G!tvdhEt&rqzT1#m>jC zfjv$}ojJ)CnuGreWr3<#_&MSKiwMyCqVN;K(@~bF4hUZ)yi@op%`Ib-XjF>8BH`PG zCkx*xe76MP5#ie<0!NTiRGY;788KfV{Aa>H5cl3w9NG9o(U^$ZK-DdLk??lmHw#}U z+!B6;a9eny@W+IIP6F_(V_*2oB+=4j>TDFlJPr74D3D??(({mt2Cv zosqT$w`u;4lLBy?e1(Muh-#_`I0Mwb2_Gxw&q9V4-avap6~K?&83#{73X$(Y7eIAJ z0^kgW*|^etmbiC|aLXBE|C?BF#>;!e!74PtR3|0G&Y<`|gb$!arMg$-8_*(CJt5}K zc=k#$cZSRe3j<^s&Zzl|TEpl@UqDqQ7MzjuZ0M;NqmQ7PCLU~(6gdYyntNc6>RGY> zI^?K+DlvAZC(kN=g<%{+-cxZmKOJ}xotWZq05n1D8_D*Co3hMZ_LQ5~roIbJm_?P> zZohef`3<}0=B(5gvOm8uD|ogc7&_IP$N!;6(L=Qa92wi32DZ*h^msOq-V9dmSi zPfF-^*!!xMP2PCfpe{mgl;@%%nD)Dq7p6K!(-1?dJiEAh*_0i#HDg~#RSst<&}{Fn zUXpYkJ=!f`9fwX-kC|?E*}uL2PP5Kl{V#u;3*BA#?Z%INa9X&gvZyb~Sgf91x8Myq z7KFa>#MGRmLz}J9W`3-E*md(j7M6yTEM8nkpJ{J|u{-RVGO*fytYc@EEAa$+d8{Mx zHD}3%aOaGHZr60YhMxx9G+>uKkZHNndbOwPd&8v}>bbjfV=n{NeRQHWJ6h2j?i915 zV%8~UoiIBpX0BVby;3nNg_&!LcC%E>Tw>;eS?QEswqI%8onm-&f_S(N9*V`IV%8~U zoiIBpW_W$C0$M6&r7**W0Oe+>n7PEvwa#Aq>4nzORPo|QI3uF2+q5&CV%7;W*EDfP z%u2N1`T1CW_bijRoi5>2oJkZm5(|{We z<&G%X-Q$`JhbIk$T{l7hW|S0cSNPl$QzMuX>Jo9YmWMv&wBCk+vn~U6Cs_kYAC>$( z*Jtd`{o{RKJTTKZvD!=-z_4pqNs&?$Tg5&5UF8Ezfqe)d&2%c1BY+zQPPyC%o;+=wc(OA^>F@7^e(9=PdV3JV z1D&@P<=#Jf8bUuNT$!G@LdOmbDs?u}Kx`<#6UJQ0K43EM*>W6{bl!8Y>flH$eY*wqcY2 zdx6MV?^D2)z&2nhA8Y`a%az=R&=!M;L3pF^yM?b3-l4f=3{V4(c45v&XWvIID$KWMKCxj!hExlu zK4y%wzdHHqNnBZ@qBc^}IFE^e-s9+)aJ7M|Y^;4{_0^fZGP9@>ZSGS^~!GRd$i$1sez@HPyugXQb+?l0$-xdShS zw#_ut56wC-%gmPTWm~Y59^1UynmpLX>sfI{;P24rYXBng)uJcz$a@}!$TjbAAZAnEJwV#;0Mh<_ zz)`TjL!%Fy5Y?WJLf{0Ldw`f0dcE&JY6>3ufS9&cTL=GYZ#_TJ{?v0fPW||a@S(S#OHGSz zPEYv3g^`zi@@A2|B21Ape_Ao2N|vOY%_3FP)n<_$r~p*XW|1ybgpF#mh-31)7BIS} zs?8$hs0CEb8jKw%_iUcavbkN{*(`EIq`Fc3s3Ic8;q@do;>j78>HLq(HjIu$`_=Tx zNvQICC1Ff++H5;z-*WqzMd^nQ{%miWJ?pj9RoJiFbM$e{vM@!H_K`c$FU~OzUz{mT z_{@^SJx6aJoQcUUk1(42vokvm8)&}m^D`z*jP6v|`flnUyf@8a3yzYR#`Zo5ZE9o= z8f#2!BJhNIJ=pU8HXO=npF4nzPm91qHzqO>1mIU_^Uu!dfc#(pv3umgMf5pJ7JW-> z;P9?OP4g~J6!VEC)?wvAddK11_B#f05dbx(T=K+Jw{%9_TYnbj46z%H|JjN986DS! zx1k>m7`LP_U=xkQZzEt%0F)jA^jmgNuoFgvY1Z8t82IR3`-Y-11xL*jAKg0=JN?bw z-7pRBH%>%c#)X%#vWn~@-l7G_=L^WeJ^d~?i(tB| zONz1Q<*;e$E%ivh!>Dl+KDzf>Y_vA*g8B0^pVQrFL}t8^s}SnXKo4INL=r>4H_d{r zN$3{Q+vOx72Y~Kz!p8|mA}Morr!)sgB$X2wU8od3ix9ny++%MKy<#Nn1@@dd)kZNR z&!2t1Kf^9xu-+~^(=+#yZc~4q%nsATPiL?Pydij{XLjpo`~5R(zWA2sP~Kba1pCNO z-R7fqHeS;|gr1738y#v!4!S2Q#F7o9R0|TV(xe{h%>;g7YNLZy2ZmbWT?(89OoLnG zAHoCnP3M7V^ZoB=^qm2s&+zwa^c@3Uj)_*E#>(U9i#Y-702Tx91ES~l@6hNg1I~wj z3J`LZ_jUM!XYbQM_RGi7GcE!i1Qr52fD3>Pz+7M{o8~=!~}FC-tH9LgVzG-K^|}+@B=Igv)_FO$bR=EkTH54h(5-DT%*qq z#2neX0=NV?54ae}7u`#Ny+FPYe+Wo-cVNuPl&u4fvKK|NikW^TV8BX_bdi+aGIVP> zK#pN(>&!^)N-vO{9d(-haAeLcu+{Lv2yMF$I2Wb|fmcBPX^oXAuxgZY5~Gkg(C2zG zu<~gj;}iy>p;hl)fxi2|ud>ITO}Fx4x)F?H95g6OnlC?5r2U3Q-&3$c-#7^cR_*{& z{zH^R53m`J_jVTH;OiP)duy;>h1gKT zsld-6_8j4GhXqvwe&pv-x~TpYKk_{Y6xG8(@@}L#)i1^VUQLZB?J4K7rsj&S^N!<) z*m`KPea*SW_WA#CPdx?^svqD-2M;QSSN{q2SI^C`xK;sO&To}^8{)D2HW2(p6%PQ4 z#|I{rrr4NM*H6nF0fC%`{jvz7gKX*ph z8mO(u?mxTrPqXc>{i!}JAm?Yq9*|*Q{L`9L9?20HqWj!!X?D|dqbK2O&jvV%?bU;C zd1^v;rJGYm4{nII8_(aY2C+rzJ&yi2xUc!po9AzzVcr{BKHki-T3Dr!Hs5560yRhY zw}o?e2F+g*9uoc|;oP4<^Zyb)QutfKzY8;(zbD)h{#VT{qd+u9NR>Mz0pMmTsygA* zg=Y$%EBsaQaItV!VS30DV5pV|zezY-T$|uP!Y2xUML74d(Ecxkvucq?$l<@?6^%cO!2gJcBPKBXXugGy6Mm=g$-=XQ=LmP! zDX$j3UIN7Ko+?Rr4LJQbzAFLXc}P^w%4nzXnPUDW;aHVXF*qQcb&WAPBD`AoN#T=( zpA+t^Q(olYg6cX6(I^a5sNNF~(}f=to-5p08RZHT)f6%3p*vLnEgo(a{zc)P!fzHH znz&V47$X`y<%h~ynEa0L5((fBh5tc3d_(xxg}*P{Sr|=}e&$D^mnWdIb)$h{hdT?y zMXICp7FHu7#@zrkUx9HD)fSPj6~0vD-58xwnG)=)#r^{l%=?6QiFtwM*BCqqjyd(H z2;>Rp0FP?C#ACdepCZT4c{$%5+BeY*r1GRa_G;V|NA>;-scGiOgwU+X=0ii*G+%gj zvUwz-@Z)FH!+&J4cuD@^&{I>)O%uALQgES>sw-73YdZTUsEzm-RY>?^HE(uI?iUL$ zjt?D}YA%~DBLEMjp-SK`VqxSUDO1&q_#mEULI?9jqb$Mxe)nY6BuxuFx7aLt;VaY3 z)-f-n0&+GcTC-`Lc{P$1yzO=(iV$FLJ!Y3(>Z?f^5nS7fKLHw-C4COArJlMd^0N-!z6FoD81;% zEi0&B-ew>}vk^$w*AqkI7MNM)l#rJ&DYS-=656)FT#`#WwMYqK36OS{YOI_GWQcQ! zp`XImbcXB|BrU?~?E)gM-Zmhuhf?y)Zp+Dl*+^-YwRuu_CkwwrIEM^0-!D8-_#49i z23Ki5LvpTA%$@Dr^MyP9sb5in(x_tBMgtjp+d@JeTTREJ98}8AOCye5V`evJp>saCD zGp70xtW98DLVvS@b&s&D4AgOhPS zYa?|Zj?xif?50c{#v|kKcKD<0F*TB=O-S+~MJ!s#PMXW*q8yz6c1co(h6W@O5>Jsz zSov3;Uc{P?(w_ncDNh;s>Zwkasi+ryml8rsN(x)rK_u63$*w-3x-{8K5tEB!WRYwP zmU~p7@RDW;0_Av!#U*!TMg+N>0_D@xhYANh}PA zsgt;UPM)G5xqrLk=MgEHklTG0se>|rLgqdYp*hYrq4~S4df<|{7cL?|sQdA_)H@7QRdqtFE=biG#*SDeAC zjv**e=rL#*7^swXQa85hIH{^a!koh~HTzEA4!>@PUnTGhuLQ6HX21Sg zhIP^9!i$G7Js%xSz!5`P1N$UU`#UoSo+{16UcJg*ClCm}>WjL0mJsy0$;?DrIlI|d zbQpMZATA6i3C;q`O2m^9iLg; z4F_?m5BBU$8#px+2k#8$xbxPD9!eV+mYPeqBVUjn{R=3cQGf10^^SeX14H+?qzB#O zfTp3k{b;DAR6L8os#-`{_F-`N94gXFh!JGdoY;L0&k-9#iU*DMw;wENx6j{~VSRi^ zQ2fU07^}BU5|Bt1%6S%w83Gh(GTPsPKKYoWlJ>WoO4`q=VmbBzvgSg>HRb@zdc-yQ zKu(f+Ewl?MrBW*bS+|+BT*b)A#|T1o7LK8^z!1rf#tsdf9^@zsGn9One0}{kJZCIc z@GvQ5(bTmJgMi2N4z3D8;6E7=>m?fkDW_QaV{sdOA0uhND(Pze^e%=FdXpNuA{50=&~n zV^xogH;XadO4A|LncgLiIU&t)Diuc`u_0mZcc>A}%f)U~Rvd+tVL8GW=%*FHa7d8S zpO`ut-DW*}cH@VI+!lB0=clql(BbZ*0i29O9ug7#nMruP-h0RJX-i)oxWRziA~8wH?-Q z&FYHbY|is!uPtA{dhHF%{qsE4o10qjVIRY_e)%fTv>Vp0_guSn!woBD_3)^pl3%)7ZR>O<{S-_&~0RZu;u7&qZlJ;Yrzxn+2VL)Cz!!<#Nl5QnPgF@B)x zwco>M!I(Hxt+4mK6(xP4>JpQu-($K(CoKdmRBrN%QUiLeyIa#6Z}a2t+^O?RKjfqj$RC>j*WBynOG4DW`W9A_b?sC2-U< z?3-q-vlikpb|=lv5aG<+nbGFb9DIRHWu1des)Uab^G^xKR8+}_g#TXL`+@M8VlM7m zs*Z6P%9$%a3JaXsJE}=|p=it#-XK}LQn-`oah@pzFMzY zuxTi-w&IV|R?;{%H+uT@ptKRd%ZcDNbwXs_ohsm3dhq;g=fsxyW4{IuVTm4%twZE$ zSzKs8ckIf^L%%Xnt1yf63+>d&85#M-i@D(9EV<}2u=SG5v{2h3b6$2iDiRgiWThO= ztmH4j&QDn|Jr6~nic)L_PNHa`7O>8BgdSRHdZ&wkN1W+}vnXN44y-;UaXm2i2%hLy z$9U}O1kyq|epGBA_+xuACiFn1x%5tq`XZdiayomYv4^xda!Mz7s1%$%&$0n z&(&S=o$+%Fb}OhHIIS^&ahMKinbT83Pllz%Y6^hv2q8Pno|0o#yI>yKU2sb{VBsUn*%bRP=9Ofrz!j)+{EfeU36h8$rIE@f_r zAajV%Z^C14G@^s2Fy-OwW9eK7Y6G~+*&Ym-Q}h{wDrHd*^|T|(0ffeJV7XeCfZ*S= zjP$>-57WFbEOQ><%mLIa&Hn9-u@=+7DX<8l%0#R)hVks?I^kNB1wP+zOyo)#j=5Cp ziI=9u(4;_%ub2O1jE_vy1J>&?zg^2rOq$C=ZLzSSYg02gSzA)c5P={9fD)|>bcB|$ zs>THkRZx*sIqzi^DgFDA;RvWIAsr;jKNc$^oh54~9FZ;}fCEfyhiwNGmbaMb2WS3T5>0 zn@3SB3Zz)f#7<{66iZ;XgmqSeFHIHoES9hHOwu0XxfmY$)r|0DkV$0DcGV zIjbBIta9|6wq(kQ7Ti5a7bP_TgCS>v&Xh(?z?K>9s`jkPpCLx=gI)nG2dmK$w>0*+f`biLu&4PQGBFYoYR4|u7G1uiE zvTn$#JjS%APVyKdCCW$31?Oi*YDuw^1=c4O4raj}|7aFS03tfSkqQ|qfKDnnk#q{7 zTc?gXE$aeGFn`5rtsSv~kct)al+Ac9TH&*F7)i{^C{1=WR&j;u6U!9#p~Vz->k~>l z`xvP*Wll09d(@H|YKL0fW$j>7gxaCHgip%r;j-Fd>kP++%WD-&7DV3-$cWrnotY_qXVHa7zknfMSV38;uwVkA?m4tP$||9v?q{J>OMPlb%s49 zJ1c1?!bYXf+Tt0cRBb#bE2)ITW~fbSGwq`s8$+!i%k9Tpk%~J@poFPs^{)^UN~*oe z?lDX!scP{p%QSw=;^kNxo~dJl;IOv~n$#bQf7IuxJP`5X#5)eLy&EyGM{vAvfKZXZ22pA)ialVmgL0N>Q68yL1Ut^FVvvt26As{&YN6J(S`eMXC%Jj`N>k zdvZOQMJPa2{FI5RN*6eTi!L`tzqTk7zdcGue_=$69!xq-`~L3296Wpj8hf#|gx^e| zY(}S&EM5Gq!|&_%U8zNOQr|=i)4vO7ozzRPh%`W|)uJByb4SmO-VkyV_zR=mn8j9+ zcG3EA2r6$r)JdKnX9s~&b_^MiU|_O1`j*l8bR1FCp9Dx?*bT>ejB1wVwtuxP)4B#< z7U)UP+|QPM_Ald1({vsZoQFi`VTAKA1`n_L5-9qrFHykdAT2`M)2%vl>UXX6ii@f9P@5hF&Krr;QjdBXFQ2cI3d#xyMi@w0!vf7EgVB8ldwm!u`Q zv~Yq5CnRi0bZtl+xgl}XhD7&<#L*iP$81O(M|()EBqz0!(j1*h+P+KdyAp(pyRJmx zNknUeJAnf9dbCT$7vWMV`q{tK)Q*(gz>`XBt;clLPbu=0ILdiQb{?Wesg86))Lw!k zKEfI+rX$Acn82s>=+l&_)zQ%>9dn4yaI~gHcA&D4XIBww@>_VqW$_0Q$F^$HTzOC(HkzXnV;-i z>iZK1ZGEht2#@y@-HDGCH^;>|Jm`gbveVvA;kBcK%0@V->->B}Oygbudpy>);r;n% zbj|Z>#lIWAejQ^01KEv6Ir%(>H#Y*=J!AbZ`8aSb@Cfh*;6dOTU^mbY+y%TI*a5r_ z*bH0^tP(5-mVuW5R{`^Y*8)Ajm00mlPQk+pXc$0@6_UAA{Tg6Da5?ZeumpGnxD3eM zu~!4Tfj;0aAeM-dJAhXKn}PVcCb8#1>?iX7+SqOVWh1w_l0+yO*qpWF<@kRiDWh!U?p=RuE}Tmp{q zfcmTlJ!rBA{oUdf4t{TbohXZ_PLzN~1obFH&XwHw1sXke5+HseL-kdWuMz$WF|QN;zHojZLe(YmpAvpi%sYi!0X#59 z4~fP(<^%W_gl~`#e^Gd$n14xlnee^B_rp`#e?<6Q!XFpzye-?Oxy5e_m4&B7U?h+Z zgoQJy$iFH4A(8)&!T{l|3>%&Vtz*WV-kQr3jdq9{}4vqyu*e?+^>063$yP zXwJ{3sLlb&|Bvw1!uJa2E^(SaDICqc;@?bA@yF+z62j+2AYb_Rgs&F|ejuFpsnfyZ z!XFp;Uki7>F*z+fMK%AUo&%4lLgHWs z8hWbtgmY1Y>N_HjMNFmc(*9XSnP?=zF*;Z$e4+3i!WY3B&AB>4b)7g^Bz%KJpi4O4 zhEsm8aF%xRA_>sd${hJWAOaJ_f?EWz?5ZrB6!Rw}K)u5MU3j1HS0%+Vgx`cf(!;Ru z2gE(M@MARR5teopv+@Hd6K#lu;`H;Vb&%zrwtS3Kwv z4|5<$#czUXUL^cs=#giLJg?y)9}o|2f<8Ijq52R%@;;GYCFUoETRabj0?v@>5s6`j zIPj5J*b5mdemzb3I^i79k#7|F--vuz%zr8JIbwcT%zL%DWlR!*9b(}FCqQE1$6}#R z%s($4mWeq};b8zyiut#pPo4pHs1^y|EAnqaPelOsRR32cNmwTW?cn$uQ~};LzL$4u3PPzBm>8 zb0Bfaz0k@{CNe{SgjSb{$KAF{lwmC zK6qO*FWRk9*BtAJ=u6LW(Moj#^8XVqOdlFn9n{!Mu7@)p^ftybNuW!wnYV_!XFeJu z22?`MOImQBUW}XZB|HA+_^2!Kg0Yv(TZ4|qi?1k)cW-&Li zw^{1OcDyfGi*nqwjrZB;D9V-9F*jDzm7%v|Q)kF6=+qc`D>rqdWJhmjrk-;vwZW$ZaMwoDV0p8}d+LX~hn~jH1=^D7jqUMSqz#7G zRfSw<#!6iO-gJ-LX0Poyw{KgL+#hpgH$$P)T(uYy4%T>F!j8+Bv74`rMVptf4IdV{ zu3e=9F6)lo$SoQLR`lj=M&K2p7^{Bz} z+O?%tMR`oD;#!c^D`L#zQ&~46A`x#m^e%e(94`^Ql3iU!KNtn=qq@UgM+BFYi>bP> z+>yi$=zL{W5EH_<&{wqM`q^#J+`6hj$>N%C+LqQ&x0SaBTNED@7Ad6KFybP;dW9J3 z3(}SAxVBxwmall8x>`H?6AvsaTwJ^`v|^FDDcghfE2=K(`5lhIM$A6TBUsgcv<-w)tSg z1V-%o9T(1_QanlcB;n)qMnx(u#&t z_8d?zD-}Dpu!%wi#KaYK{a4~E?M2h^X&ZK3>aUC72RC`d?&x%@`?s@tvDB%*OhQ~7 z=exxDe!K)!Un#+iTg^;tFyTgm=ng&X=|Pq#`vzVBD%lZH*<>Yr8jc_b_H>8vxm||s zD;OL4?R0beVBnG@aNIB=F9>4;$4KyPq}q?=!e>^HKLETAk&51?9kV~nv5Uf_zQ^R| zJlatS;L8TLF4ZbOPlS~HVrPBU)OQg3vjr#3ah4~2~QzN_@^MJLDI`$~%Yu=>vesse#h zLWdmAg6R}q^{LvF&>h#BGpx7piO=uX8ts1=&n<`eelE7;IiFckA0>%<;=`8X^)ApI%gGjAC%3Ke(sM_F-6-EExNS8 zO{l{;_6L+ens+007$LnkN*{u^Z1JSAOhJ^obtbagJ|3QO%h91H@TvVc*ek_a%1DK= zAJcj6fnF|hiUACxnR%%ubB9WlY{@A^);$ibQ;6S6+cO$xs88_25JT&!KYPS88rHNf z1cCaPc%`{^e9xTFi@XbzR_vsq_l^6uIoD|_V1E^sEqqrMsd}<=%>qeTI z%YGRNloZ!VA%Y#<($!S%Q2Q6*Ceww1e+?U-l8)SD!nWjZILaLdna_#!$yH)01tm&lqN3QjSb$kJu03 zcETvB&Q7=czwb7e^8H`Z88r;+G7FVR9imBfA4L*ANV0Fuo{>~1 zUExOc7V&8?gu86W02dgK0Be>53@ln!+1H4^F30md2t-ikCT5gj-LtLb&Z*u z(7eU|UUItqUt^O)$FDIj^EGb?wBq|d%-jPw46HVQqikD(4VX(~Ggs4=E%;)`2n-{G z<8E>F=oiP$3{5CC=T420sBf%q3-ClueHxj)Z**FU+8Y5s1+=f zVJwH$c}4?nt0@ZPg}#5iIeAgx!lK1_#lxT5l3!3*bj9}OV9RD)hl71$Jhw$Y zBEslUsV>PNherpuq3o$<9+#J?C`Aj$Q8g%mHPH^6gWHG*R8bSE83On-*tEFRS?L}; zv5X%Cb^wPP+|p?l6TmHsn6nnX%OW2{umzu$ad#BVm3|8@YOyJYJsP>4y)6g=AG{d425fL`9rGFnfn)uIFx*_9i&$U0SnU$*!`M_A`6nd;T(Vd^h#&cxo zI_DcBc&1dC9fBFQPkb&b6ddm+ApX2Xg6t~EUx8&}STGNWmd|VN znw3%C3KHAa284%UgK8UoY-^pu$aaNIqoY;{?-M=D7U)^@>`C+@nuqeQGt+0}YKs4& z^p}9r7}%fxQ|7f&-}QmKfyUrHfmWxQ8H0~#mYN%?Yk~n*KTJi}R#e|jyB?KVjkYj6gTNjP@m}Ll*zLh}M%eMqaXX`z0Mx%cfiPVnI9 zCl498zX~6?qvF0)n%R5$D28+RG-&7ToqBSCPYUQTf2UEY`%&ThG0f9L>Hx0T&}T^Z zL+pect?2Q%b8pT2SwcK#pIY2eK}80XZP*0CFHy2jqCB7Kn`YS84QZ z0wOp38#VgY133_59mDv@@@C+H10nzgN4^P+t#4e;VEuB+%ddpbl!EeO;g<{ld7L~e zH@D#AiFqgZVEu%_Xgm8@mVNNq6g%Z$iuD~BLo!-D?~db*n&ZD#1pskbX>5t(--_cm z#PP2V~T{7;UrAL)=6Ze3x1YSiMzMS1xJAJcFwDa_O3103w;Z>m;H$<>YA zOCGv)k$G+Q4x|88m!zx1+4u9OJ~0lJ1Wb1tMcAxF6^8~5|Kpu58YO~9Acw40!U?Js z;a(NC6dY$)0b^Scy6F58`Rt4gmPb1xv<#{v!fJ@q34M|o98n54kzyG8u)Vpqx-A%Js0kpC?f)G! zE;M?wIW_dxbaR@EyZ+z!&#X^grp#YdurPG&HgkRId8QMT)9jzOANawtNwqP$eC$Ii zx>T$0n8>`rSemF#;bSgPb*TSXrlbWt_X88v=inTop&c@I0jq$q`2``v`MJ4=|AldL zOqcmWZ>8C6DxVVVyKw1yqNGw0zpx2)1k6Nbc#xT5AOEptJM8?jjC6#DtshVPge8BG zMxULs$78M!Jr^+3H#<>bjb{Ehyo?-ycj7b`ocZPW&Onea8> delta 17397 zcma)D4P2E~nm^}Wkc+5%Du^H#(FEh_1xc~IdJQ$qYnq~INf!eqECfVMOzWcb!IV1- zy*95+PU1(~#j#|=32dCg#dfWnNy};7S)09n)LhG%wb^C|O4t2A?|ELmGB&&C$L0V2 zpXWKx`9AMC=Y8MSy%7zE!<$F=a&mHW@^hVb`)$q~yWLJ#c6*M~IVmsCZl5^CnNQqq zFB$0dj$gEF-ppCE?Th9wESfb_AT(Qr7#k%-_gpFNV7wpl<70)`9U;WgOG2z=euR1X z03m|Mga{ufM9ghIDN1ZY)C`y65jfcPfF!@7DOw2piQb_?RliE;|l#+pgiZ-NOmL!}tQrUtxTc@yGz5 z>I}zO5M&I4L+T^}c93m!7AfX2ZeaW=<1ZM`GA46;Cu0nnh}!&C#@Q@i>EnwnjE`|= ze46nU#siEWFn-S1#~2r>I&lu;9L9$j>lwE&zQ*`SH(#7&yukP@_jU^~<~Avkf$o`T za3n~>Y7UnqnfWZnMX;mcxDDuiXvLcHNqOG#s?zGRa;-Ugl$Pv>(_W4kuI-K61`69QA=gA_IKw7cKj%& zLi)U`R+Ls$duvwIl~(+KJk)w?*H#g)E3d8ct}3sqU0Et_VpWQG<=!>rrFAQ-t8Qvg zTfU;M-22da{QF*ah1XIoRpx)gA?53P^P?S39yao?%fjxwKd3D)*IVC^$@i>T`Eb>J zE9)v2E}9{{Gs{bB*VojQmo0*HMcvxk@|(%LmE|bm+L|&d55+euy$@AZKcwZPq-E9A zuB@u_R;*Z4fiaJekuxDDSIxD?|D4HAV`|RP&#aP(owj%6q5%W0OOiTvrtFO!_BW!0 z=j2Vy&C_0WEsC>^QfXvjG*PgP(!Lx&ZD=rAQ4*8JIa-LI!=gE(l~`k z!oWjU6{b(*LC_D8L;-$wt;IP(YZw`(1*Y3&P)l`>ur!5hx4V;X&kPrnF(49xR`MoHW~S7FmXrn(Xi{f$Za?3D#ElMxsxrnFm10pIo)r)ZaHWCk8bc%2wl3C zKBLuFAWj4##KB;M`(V&24%(zxP0197WWg4$Wd2ZDq>?p-$_6W0MW`(HCjN#hStjgU zW;t!CN@xp>9PTzUQz5UH#5P083Q-SZwAdN#+S<9%9Y*BI;p*GeNDM2z`S8ETUm<{TV1=}zNWIePCH&aQmcKi zLR;*O?s&>;mzuw1!HgzkP{bJB2p89bAqTDe9{o4m!#rBf(IgvnCWJ1K#K>M|Hht44 zGBHx%-a{eZQ06nsHdq<6CWBpMR->PZK*Z&k87bJcd*O8>vj)TTGBYDZtp@esJes7p z|4iCs1sQ10hitOYFx`V&3xx`8_4`RS>aqwWhN_a8%G#bAbYX*(Wu~4UDU;+NZST=E z8_QIV%9weySU6@c>^fDHEisB7&`zKz?pVe0^_By$t!HXeQ5)iv)+k40 zkl7(+yC+^LQIiS$h48+>a zaelbc2Y@4?KdsQ^2YR3{0zL#>0K~lE@hEi7L^6vY&jzMIo~h7f2aW(wQRs6CT-=5J zbs4z?79RuNi-_GoOgN62KukA|JRoJ%2}IsJ*$Q1Tz*``{G)!gq7~>(}a>(}p=K!|= z?*ncGlAn5DGL}!CI^#mPmIBF9K9EYDz!(N3M;9R^M<;>gs2z9@uo6fPD}YofWeQ#S zz_E}wqiv`lHNZQ7r_gi;qDAw45G-UL;y7X$yRm>C555OTHQ)r2eh_02eT(=$ zAZ4fwNOs2u3y}@n10;PDV+eTBOZ`S zUIU~IFJPSM!v%G&(ZFfI%b5BoXT1uGj{p}#z6VG(fcubPR|K35j(dxk1w47!du_b5x=05D@c} zr%R!09}xZ3<5%d~4n+U-Y*Xmk0z|*`G%0j#1fu_W>J|E2mAF7Z^HeBwEeE1Md6p`4 zd4T9IoQ=yC(oQAj%@dbSt?j#?3;JDz@Yg!KId z85n{%X1EjAL*UC?ru~uh;C-0bD168~3Ns~zpD<5jzK;21=Jzw7&)mg)h2lOD&4P7o zK;4WIe1`c2=G&M@pax05k2&>Y;vX>*o@rl;^9T!1o;e}(d)#8h;d}O_SY5=Ous7FgF)cPikkX6Mg1#tpT2*VKE3piNaxcB5tl#MzG#o-CSm# zjiE?kKYnCyuCKhz%|%oOa!>jL7=jc&NA-gHgt?Tuzz%1!!~2jmcK(y4^)&4tz&)|)G> zEY842?r~qS-i?A$*iZ3k(lJ-WzvdE~Yg?L0H{*+W9%T$PT<+3y&c6Q2tWCSXM24O|}k4Oss} z?eDviwX^HvwaCW@=^0aTL^0@Ks=jrq9Hw2F8llxao}ul0JV$@rB{Q_h4XLr-@oVa8 z$LBglrMk+|ul`)7hSPDU+Ea(;Omg0qt3AEpf!L<8s-UMhTTR;68>SDd72}%HX%38RM9w~;2y1gdwzNnH97^dMks+>GAPl`Y@8e!m}o4EL`_Hf6HzHLQ**rZ zsI+M>z4YBkB%9zbEzYlq6qAf=>#|;(6ki8l!%o)L@y<^M$|S$_zTPw`T1XF{&G@z8 zw^a+goFqM3-^)*pEeJc|w@UotdofI!v!uI^er=5-dr{$iI~zv;-F@2j?Ww+=xGp25 zo`qfhf+XX*wQ*?|d2DTDT_bdjtm|Q20qY8&>tUUBnTls+ofSIkaOJarbv?11-n~d~ zco)unMM7&MD;rta2xTKj>|tF2>k6RjVV(7UPLOq0=&Z?{AnST!IKc%-Fd2UD&-XVb z=leCFmaKLDbfmA5O&Vd+!_ln|DAxt7D}c^Af?c!D$~r5#9s$=6^xD$h2W^`~i@!0k z*WY+wZ@_BXE5&B4GEtva$k2L`V)Mtg$oGHZ?-|zhZsRaj2mZz-U2Q!}x{QO1PMjzV zRGWB`N6t%F6tqU}wLRh1{MKQ;ZPq2dHaN)&cek`P4uw~toa|J$THK3?6>$@KBd@r9pJcg2OV%GYzOc7coR}kHda>qcj`EzY z)K=st`id~*XJZ*V6?hlcxA_W-6M*+XekvVf9oPj#+d5i-vw)Sr0@zn5EIwp67VwTO zKnZ;fV-aH#<7Lz)=>rOVjw3AaGj3t5VJu?IXUqnA;J^l?42LN!K8a#cK@I^)-leeE z52TI29-sqJTNS#t8S*G>x^R&VMYAUVA>MZ@t`^x(BQUdQY|7YfZX1;@YN`{JG&wMKLF}Rsh{DsVa$NtL=?i1n_7OZ1~ zQszHoK9%`)=0llxF#n@fCD6nC5c6L#f06m`m{&2sNF3>l5uC&C*x)255H(trXe;yK z%$G5DFwbQ^i+L3DQs%TPr5bpWIX!qI-U3ePi|1Len+?jCcQB9T48F&l);i?iH1qk) zzh(X$^GnP#nSaMzGM8gi`r@~o;D9lz#D3;E%r`Ng$()w4l!4jIBf=FgWZumQlrjHD z=4PjTj5vHWjnSTabGBumRr~nODtW6mqa#sX)RuLO9n}d79sx#{K7w^9KX1`?bv&py z#mE>f=73wy)$TnoL4Mt_>A+Lgh=N7lJLv(%)y}Gp4PC#H$$$H?M3QClWUcY-#j#6y zn_!N;rP{s6r^nK<3k8y*%)+VdJU;oFbTsGcqSlr=JvE>ARd$xfVALY#B7n_*r18)o z6UPFW00iBnT46;=F2IihMW$Z_emGqagUp8p9W{p%B0B>AJX&^S9<|HVOIUqlxH^sl z<7kcn!jYo^n4*35exff4EDsE+IqX2Vb6kYqVL&?0!6}HN8;ElvM>}(Rc!)KbgO=vl zjyZxrY`;9`6}o71LdP~SKpgQodeKJMsyi+M$v?F^`L7H^rpPcK0&IO931p}}{lNq@ z*3UnfoP(k}Vo;S7={)LyBDDi4(S1Oed;AJrw3kTHQa>CUNwHc{D=FH%4-*Gb0i9r! z5v}3FLf=*xhEAkdrW$?JY`!Yi4?>YBJWm{%Si{Y`k-5gaknOYC-pl$wv3?2jfvU-U z;%OF`304qCiv^xuR@o)N!Lo&^BQ0QOA z$P~@;YlpUbZG!$}oJ`fKfBl*E;71E}>sxYo$o`}w@X>eiA&>kLJ9^KZ3w;Kd7(OK@ zH_xtJ`EpTQ0R53dCJi)%K%()8?-Fel5J*fK8@gSg@rcjVv>AFFs3sbZ_*&8ZD7cOP zc+?EPG!6^V#VquQPrtNGrl+u#;S*XLIu%(hg;k91+9C6@aYY@;W>;^CgpO9KZu((p zQ!f`u=4jPw4$aUU^AbCn|FA7VZx5Gk`pyAz{#y~USNcw(C^RVd0gWMyk$5Y3J8&GZ z0XPO&3A6+AfSJG;;4Q!~U>5K+#y#;vj0+f@j7h)@=%2zMqx6;ok)F@dig82(t_(;C zIDwSFH?T5BKad9RDc}U)Ng#Th=eRIle(X zH<*Md`cYsy)a}4gkndAij3u;D%u|?5uu`j}n>w&~A8-QfX`O_&_UuvUqIFk}{)Z@; zST+{wrJz(xHXxaY0WlCfG&cc_lVnP+6+VE)wCW-I%N8{y)u2O+2S*8v<|V{LVH}4N zYWB(o-?NAmI%Pc%Bbt)TPW>e5!AEjGt!AFZ{AuVY{!~;Ag-`IK8OQAXds)8~RZPK6 z@$u_c@qJ=4JFH@d=Gx87Knd&bX8lTbU?yO!15hIY);p0P%|I3C6BH`(Bfb^!DEtTO zThSSfd(bo%Y$J|voBq-enKqCne~M?1*FPR2CyjamD&ogrPQi~K@pgkDeW{O&mLq*$ z=pnv#c(kw|UkfGvu7&@?RVZK9PycW~epf$!Rrxpl`NVH-6o{mL5w`T>ef{ja`{{2% z#X)o}eAUn1dIQJsjq4Yo(xN^0tC4q(xWP`XWkUUq?-%VWq!_CI(3tQy(K|KE^bv7# ziaG7C)h3=Ds&x+@ppS}|Kh{5rm+1p}`Bk*OMsK)Jrs$Cga)G`vK~B>;>f`ktzr<;g z=c9PtF;vdQ^h#^9+(C?KI|4>;tQqLSLV}6_`V|=U8-DphwEJjtzEzEz;{9jQL z(!b06$IRbnZj1rw|CM<->py3H5ITzgHS;H#f2+7pe!%;`P0nlCP@xoWNz*VcQY^M486%b zj`&Gk=8nFyS;tbI( zjRMWVRG?CDW50BeGw>K2nA27x^HHpSk@@dA!M)61X5P)bg!w7v3CzD@Zf*dt#_@h> z4(BKWH)9HyIKf2b`72oTVg3atc$)dE%>RqIx#JAO6hh%sef4CS=6fA;0Nr3l)4B)YpD0;G4YJv{e9A(0Mpt4zQRTMg8#Y@`cV7cgS}w##T|iJArtaenR{=5Em+r+xW0UPt4yo7=?(WMzta9gQ_lASV>MWAyu{%jqdx z7B|X4!41F2uPDTNB2KMBag_my4V#@pSW#;%z>fm$KIli8q1iOTT!nTPx@BEdr|pCc zlbwg=%3kYhUGt?yZ}>zeMb`6al6tpj-bv&Piz&w;AT5??4M&Tm^H?|_F~>0=t!}mh zkx1n>g~d&9L-tQ8EG~m_nx48)CZ^NI@HDD>6mSoaqSN-&4s;XO7cZ1)S+spiz={tJ z904q2&>xN011L93!O43Oq5e~t%VhnR1jF>t2x9ds3*}@QWDe@UgfzWVoT&%Xj$ z6H}X6Wv&F0(9ckfq8%nSI?Nb+iHsq!qd#=(PwbG1;S?uIk9Es@z3*L_sFkFLbza;d z!z?nWf4x)w{m^Sq2CNUNheP!Kq5k47sri~L>d;?=H+&2?c!HDK8;o-I*>cK`A9PSH7;7J1x_9@2!E4*6am7aQ0!LGl{*mnUX$$}joaXe4gnaJh4 zJ!xH(ODdI!R6dMr=nNY?naJEErUZ}%$tB_wT3}0P9qb-pB;2Z}79uZ}6IV7wv|Z_u zEq-WQt!ceG@ziXWb!6{u)a4#)YVYT1q7UyU^!?r|)(7LMzR(P)12e}>{2r+xr_`ch zgQmI=ZRGr`-xr9MV3dj{5bq4q*@Y_EZ7uFS?@M#{eLlk7_l4KJ-l&dfylV;rj{N+E zcodr|KH7cIkD{a7B>1gf<8j_jBy!DBh@amhj?o!lZ`6N}w~On)rQ7QL^lGC(p=H|@ zWK4736FD)YFcoI?qxx){+*6JU^W;E!3wNUq z=$g7Lu2GlfbsJ<^XboyrKkE10b1C&koGd&^qt|OuSGK|E4f>8`>fc{QY01we>+OCS z?t>|YR6-#d*^g^Xg9%N1jr&}JO)5F%kh*mc&8B*w7uiFT^oW+TsBJ&0{!5@0kGCl4 zFl2`?93>=a$!Bz*DUtTu_xzo{wL>nrM!g z{cUo*7gcf|Jwpso!<+`q1q_-@>g-Y+^dk!f$MB|n8`qIWuTgdw97eCAII*fX88%ts zU;r|$+cR2UuvZr9TldP*^1ON*bP%ePLOZ?xsoPiL-Pmu8S5VCXKZ+Syz#s1Yd6Z9p8zG{gaq6glP8G6Bfd3VuY8F~Nj&o%z94@C42_v5r;)r!i> z>YILG68gEvO};<*e}1L%{U4!J)~%|^$rc27vE=TeIk$P8s3Nr&H$I)a>EgGu{)jA# zuuqvdF)wf8_k3!1TfS32-6@^gzVX>{W`om~ltO#Bah#jP{er}#p%d;I`g`xli9=0Q zzG07+#K@ro+YwrQsy%iAM|5***K3<5WN61yQ&O9`YuPzo7hKX>C4gm*)aFgk%f`iM z2r@Cwx)B}2@Y))hmSXgy2(*rlGuP0Cm#g1tGjA?edj_BIH_8*i49w^>dT=LDcY~3= zf%&2@Fdz44yenZ5Jgv>e)HIiD#MfHQ7b&BIyT!rNm?z0FU9?^|ybFeRT{rZR;V~Fe zY;#o*C_oAY>XsFlj_c`|qrpSpT`=uQehzx*jCB;*1|c)wTR;)Fl8i8zfptRT>8V0C zxLO-On<~N^a$Ha}?;>t>p>b`H4)wgADNE zLJ$%Dh$%nR$=ThqJ)@M3l0<=ZSRwltX&?+PF`X>Fn*jy(Q=JhF$glTk6y@7%UoRm{yi z`1*TT2oI+0>aEChhHRnx+SRcr(0t1Yy!Bu-!$Y{AosAYo>VY&g50*@*x#o1P$w0id z1rIp-(q}b%d!~X=u6AWzxjn=!xiORVm7D2a zPeMiDgeV`O5pH5nzU*}s_-e`gOz)cea%8RunyT`3*JbvVYm7>wD8AC_TKd!p+Q-S* z3^cc5)xmS9DFs48+w&miKaASS^9qZP0`XwWK`&I;f!mlj14n^x0b&~UG%0k^Duv{} z5?mlz&vJz>H!uT=d>}I5$y4Yumoqf+(xacCMLj$@38Vvn<3P;I9y<01y1IcFOb&Xh zo-+0nBfU*O3Y^}i$29Nr(2*!ET=e!l<(xL%6d@Zp3P?8|3>Xi6aSU`}J~QktNu|FC z#0|s~ROq7P0*coS#0|-FNTI70h-ZclI@TwB6OcYe_B>@=2v;R5DuAeE4{hdwu56ZP z0#SI+XoappK+0$sFb;SLtwS|)3Wzf_W1WZN495X*9CJ9f11Vv8eu6T1wi4ou)K!lQ zI_Ox=21|kP=_yj^%4a>C8Eu}Vuoysg1KRK}bPX8`IUTH-cVH?x@jC8J^gbtXIx02J zXg9N97aJHygD`lF`6H}vW4?m;oMv~Y(WX5L+nxQ2KR6V%tb83Mxf{a_`4Qf#}zo9J*o6X>otM0nWMNO z_&>QH|EM4D?#HQ#LK7U?F9UCzdhPu)iN;fXpVt%tDV)VG)Wy1f9AoAN{eAuT_Ok8N@c{*a!kTdxd;z-oY{5bH?eIHyI+{^%OLIw{C XeeX#*Kaut)xyCLfhxaNl5aNFUtQ4-0 diff --git a/Exploits/fastPathSign/src/main.m b/Exploits/fastPathSign/src/main.m index 2cdb251..269e99b 100644 --- a/Exploits/fastPathSign/src/main.m +++ b/Exploits/fastPathSign/src/main.m @@ -11,7 +11,30 @@ char *extract_preferred_slice(const char *fatPath) FAT *fat = fat_init_from_path(fatPath); if (!fat) return NULL; MachO *macho = fat_find_preferred_slice(fat); - if (!macho) return NULL; + +#if TARGET_OS_MAC && !TARGET_OS_IPHONE + if (!macho) { + // Check for arm64v8 first + macho = fat_find_slice(fat, CPU_TYPE_ARM64, CPU_SUBTYPE_ARM64_V8); + if (!macho) { + // If that fails, check for regular arm64 + macho = fat_find_slice(fat, CPU_TYPE_ARM64, CPU_SUBTYPE_ARM64_ALL); + if (!macho) { + // If that fails, check for arm64e + macho = fat_find_slice(fat, CPU_TYPE_ARM64, CPU_SUBTYPE_ARM64E); + if (!macho) { + fat_free(fat); + return NULL; + } + } + } + } +#else + if (!macho) { + fat_free(fat); + return NULL; + } +#endif // TARGET_OS_MAC && !TARGET_OS_IPHONE char *temp = strdup("/tmp/XXXXXX"); int fd = mkstemp(temp); @@ -26,30 +49,6 @@ char *extract_preferred_slice(const char *fatPath) return temp; } -int apply_coretrust_bypass_wrapper(const char *inputPath, const char *outputPath) -{ - char *machoPath = extract_preferred_slice(inputPath); - printf("extracted best slice to %s\n", machoPath); - - int r = apply_coretrust_bypass(machoPath); - if (r != 0) { - free(machoPath); - return r; - } - - r = copyfile(machoPath, outputPath, 0, COPYFILE_ALL | COPYFILE_MOVE | COPYFILE_UNLINK); - if (r == 0) { - chmod(outputPath, 0755); - printf("Signed file! CoreTrust bypass eta now!!\n"); - } - else { - perror("copyfile"); - } - - free(machoPath); - return r; -} - int main(int argc, char *argv[]) { if (argc < 2) return -1; @@ -77,9 +76,11 @@ int main(int argc, char *argv[]) { printf("Applying CoreTrust bypass...\n"); - if (apply_coretrust_bypass(machoPath) != 0) { + r = apply_coretrust_bypass(machoPath); + + if (r != 0) { printf("Failed applying CoreTrust bypass\n"); - return -1; + return r; } if (copyfile(machoPath, input, 0, COPYFILE_ALL | COPYFILE_MOVE | COPYFILE_UNLINK) == 0) { diff --git a/RootHelper/external/include/choma/CSBlob.h b/RootHelper/external/include/choma/CSBlob.h index 5901e84..f779929 100644 --- a/RootHelper/external/include/choma/CSBlob.h +++ b/RootHelper/external/include/choma/CSBlob.h @@ -12,63 +12,74 @@ // Blob index typedef struct __BlobIndex { - uint32_t type; - uint32_t offset; + uint32_t type; + uint32_t offset; } CS_BlobIndex; // CMS superblob typedef struct __SuperBlob { - uint32_t magic; - uint32_t length; - uint32_t count; - CS_BlobIndex index[]; + uint32_t magic; + uint32_t length; + uint32_t count; + CS_BlobIndex index[]; } CS_SuperBlob; typedef struct __GenericBlob { - uint32_t magic; /* magic number */ - uint32_t length; /* total length of blob */ - char data[]; + uint32_t magic; /* magic number */ + uint32_t length; /* total length of blob */ + char data[]; } CS_GenericBlob; // CMS blob magic types enum { - CSBLOB_REQUIREMENT = 0xfade0c00, - CSBLOB_REQUIREMENTS = 0xfade0c01, - CSBLOB_CODEDIRECTORY = 0xfade0c02, - CSBLOB_EMBEDDED_SIGNATURE = 0xfade0cc0, - CSBLOB_DETACHED_SIGNATURE = 0xfade0cc1, - CSBLOB_ENTITLEMENTS = 0xfade7171, - CSBLOB_DER_ENTITLEMENTS = 0xfade7172, - CSBLOB_SIGNATURE_BLOB = 0xfade0b01 -} CS_BlobType; + CSMAGIC_REQUIREMENT = 0xfade0c00, + CSMAGIC_REQUIREMENTS = 0xfade0c01, + CSMAGIC_CODEDIRECTORY = 0xfade0c02, + CSMAGIC_EMBEDDED_SIGNATURE = 0xfade0cc0, + CSMAGIC_EMBEDDED_SIGNATURE_OLD = 0xfade0b02, + CSMAGIC_EMBEDDED_ENTITLEMENTS = 0xfade7171, + CSMAGIC_EMBEDDED_DER_ENTITLEMENTS = 0xfade7172, + CSMAGIC_DETACHED_SIGNATURE = 0xfade0cc1, + CSMAGIC_BLOBWRAPPER = 0xfade0b01, + CSMAGIC_EMBEDDED_LAUNCH_CONSTRAINT = 0xfade8181, +} CS_BlobMagic; enum { CSSLOT_CODEDIRECTORY = 0, - CSSLOT_INFOSLOT = 1, - CSSLOT_REQUIREMENTS = 2, - CSSLOT_RESOURCEDIR = 3, - CSSLOT_APPLICATION = 4, - CSSLOT_ENTITLEMENTS = 5, + CSSLOT_INFOSLOT = 1, + CSSLOT_REQUIREMENTS = 2, + CSSLOT_RESOURCEDIR = 3, + CSSLOT_APPLICATION = 4, + CSSLOT_ENTITLEMENTS = 5, CSSLOT_DER_ENTITLEMENTS = 7, - CSSLOT_ALTERNATE_CODEDIRECTORIES = 0x1000, - CSSLOT_ALTERNATE_CODEDIRECTORY_MAX = 5, - CSSLOT_ALTERNATE_CODEDIRECTORY_LIMIT = CSSLOT_ALTERNATE_CODEDIRECTORIES + CSSLOT_ALTERNATE_CODEDIRECTORY_MAX, - CSSLOT_SIGNATURESLOT = 0x10000 + CSSLOT_LAUNCH_CONSTRAINT_SELF = 8, + CSSLOT_LAUNCH_CONSTRAINT_PARENT = 9, + CSSLOT_LAUNCH_CONSTRAINT_RESPONSIBLE = 10, + CSSLOT_LIBRARY_CONSTRAINT = 11, + + CSSLOT_ALTERNATE_CODEDIRECTORIES = 0x1000, /* first alternate CodeDirectory, if any */ + CSSLOT_ALTERNATE_CODEDIRECTORY_MAX = 5, /* max number of alternate CD slots */ + CSSLOT_ALTERNATE_CODEDIRECTORY_LIMIT = CSSLOT_ALTERNATE_CODEDIRECTORIES + CSSLOT_ALTERNATE_CODEDIRECTORY_MAX, /* one past the last */ + + CSSLOT_SIGNATURESLOT = 0x10000, + CSSLOT_IDENTIFICATIONSLOT = 0x10001, + CSSLOT_TICKETSLOT = 0x10002, } CS_SlotType; typedef struct s_CS_DecodedBlob { - struct s_CS_DecodedBlob *next; - uint32_t type; - MemoryStream *stream; + struct s_CS_DecodedBlob *next; + uint32_t type; + MemoryStream *stream; } CS_DecodedBlob; typedef struct s_CS_DecodedSuperBlob { - uint32_t magic; - struct s_CS_DecodedBlob *firstBlob; + uint32_t magic; + struct s_CS_DecodedBlob *firstBlob; } CS_DecodedSuperBlob; // Convert blob magic to readable blob type string -char *cs_blob_magic_to_string(int magic); +const char *cs_blob_magic_to_string(uint32_t magic); +const char *cs_slot_type_to_string(uint32_t slotType); // Extract Code Signature to file int macho_extract_cs_to_file(MachO *macho, CS_SuperBlob *superblob); diff --git a/RootHelper/external/include/choma/FAT.h b/RootHelper/external/include/choma/FAT.h index 22faf05..102133b 100644 --- a/RootHelper/external/include/choma/FAT.h +++ b/RootHelper/external/include/choma/FAT.h @@ -30,11 +30,16 @@ FAT *fat_init_from_memory_stream(MemoryStream *stream); // Initialise a FAT structure using the path to the file FAT *fat_init_from_path(const char *filePath); -//FAT *fat_init_from_path_for_writing(const char *filePath); // Find macho with cputype and cpusubtype in FAT, returns NULL if not found MachO *fat_find_slice(FAT *fat, cpu_type_t cputype, cpu_subtype_t cpusubtype); +// Create a FAT structure from an array of MachO structures +FAT *fat_create_for_macho_array(char *firstInputPath, MachO **machoArray, int machoArrayCount); + +// Add a MachO to the FAT structure +int fat_add_macho(FAT *fat, MachO *macho); + // Free all elements of the FAT structure void fat_free(FAT *fat); diff --git a/RootHelper/external/include/choma/MachO.h b/RootHelper/external/include/choma/MachO.h index 5b92923..1b933ba 100644 --- a/RootHelper/external/include/choma/MachO.h +++ b/RootHelper/external/include/choma/MachO.h @@ -57,6 +57,12 @@ MachO *macho_init(MemoryStream *stream, struct fat_arch_64 archDescriptor); // Initialize a single slice macho for writing to it MachO *macho_init_for_writing(const char *filePath); +// Create an array of MachO objects from an array of paths +MachO **macho_array_create_for_paths(char **inputPaths, int inputPathsCount); + +// Check if a MachO is encrypted +bool macho_is_encrypted(MachO *macho); + void macho_free(MachO *macho); #endif // MACHO_SLICE_H \ No newline at end of file diff --git a/RootHelper/external/include/choma/MachOByteOrder.h b/RootHelper/external/include/choma/MachOByteOrder.h index 394dba7..f1b0a7b 100644 --- a/RootHelper/external/include/choma/MachOByteOrder.h +++ b/RootHelper/external/include/choma/MachOByteOrder.h @@ -99,6 +99,13 @@ applier(lc, dataoff); \ applier(lc, datasize); +#define ENCRYPTION_INFO_COMMAND_APPLY_BYTE_ORDER(eic, applier) \ + applier(eic, cmd); \ + applier(eic, cmdsize); \ + applier(eic, cryptoff); \ + applier(eic, cryptsize); \ + applier(eic, cryptid); + #define BLOB_INDEX_APPLY_BYTE_ORDER(bi, applier) \ applier(bi, type); \ applier(bi, offset); diff --git a/RootHelper/external/include/choma/PatchFinder.h b/RootHelper/external/include/choma/PatchFinder.h index b2ddd60..d15b0f4 100644 --- a/RootHelper/external/include/choma/PatchFinder.h +++ b/RootHelper/external/include/choma/PatchFinder.h @@ -6,6 +6,7 @@ #define METRIC_TYPE_FUNCTION_XREF 3 typedef struct PFSection { + MachO *macho; uint64_t fileoff; uint64_t vmaddr; uint64_t size; @@ -13,13 +14,16 @@ typedef struct PFSection { bool ownsCache; } PFSection; -PFSection *macho_patchfinder_create_section(MachO *macho, const char *filesetEntryId, const char *segName, const char *sectName); -int macho_patchfinder_cache_section(PFSection *section, MachO *fromMacho); -void macho_patchfinder_section_free(PFSection *section); +PFSection *pf_section_init_from_macho(MachO *macho, const char *filesetEntryId, const char *segName, const char *sectName); +int pf_section_read_at_relative_offset(PFSection *section, uint64_t rel, size_t size, void *outBuf); +int pf_section_read_at_address(PFSection *section, uint64_t vmaddr, void *outBuf, size_t size); +uint32_t pf_section_read32(PFSection *section, uint64_t vmaddr); +int pf_section_set_cached(PFSection *section, bool cached); +void pf_section_free(PFSection *section); + typedef struct MetricShared { uint32_t type; - PFSection *section; } MetricShared; @@ -39,6 +43,5 @@ typedef struct BytePatternMetric { BytePatternAlignment alignment; } BytePatternMetric; -BytePatternMetric *macho_patchfinder_create_byte_pattern_metric(PFSection *section, void *bytes, void *mask, size_t nbytes, BytePatternAlignment alignment); - -void macho_patchfinder_run_metric(MachO *macho, void *metric, void (^matchBlock)(uint64_t vmaddr, bool *stop)); +BytePatternMetric *pf_create_byte_pattern_metric(void *bytes, void *mask, size_t nbytes, BytePatternAlignment alignment); +void pf_section_run_metric(PFSection *section, void *metric, void (^matchBlock)(uint64_t vmaddr, bool *stop)); diff --git a/RootHelper/external/include/choma/Signing.h b/RootHelper/external/include/choma/Signing.h deleted file mode 100644 index 5a0d670..0000000 --- a/RootHelper/external/include/choma/Signing.h +++ /dev/null @@ -1,12 +0,0 @@ -#ifndef SIGNING_H -#define SIGNING_H - -#include -#include -#include -#include -#include - -// int signWithRSA(const char *certificateFile, const char *inputFile, const char *outputFile); - -#endif // SIGNING_H \ No newline at end of file diff --git a/RootHelper/external/include/choma/Util.h b/RootHelper/external/include/choma/Util.h index acca0ab..4bbda41 100644 --- a/RootHelper/external/include/choma/Util.h +++ b/RootHelper/external/include/choma/Util.h @@ -1,6 +1,7 @@ #include #include +int memcmp_masked(const void *str1, const void *str2, unsigned char* mask, size_t n); uint64_t align_to_size(int size, int alignment); int count_digits(int64_t num); void print_hash(uint8_t *hash, size_t size); \ No newline at end of file diff --git a/RootHelper/external/lib/libchoma.a b/RootHelper/external/lib/libchoma.a index 0b3c84b5bdb15b5fbfbc8123a5739587fd1d2684..99c1d461119d6cf0b05643c5030be04aed43b52d 100644 GIT binary patch delta 19141 zcma)k3tW{|y7zk7sCy$SS3wlmDCWl83W5seHWV-Dw@p$^yx<182uVPQg(v$qg)>=s zzOd!AoyjIlXJ+GAVb}Y>x|SitJOL^75`b&Qd4J=EF*Q+OyX8+ zQHaYmb>*663l=UCH(i%WJ*S2Vk%q^X(L#)3oD5xqO^B`Fgrk^$9HjVfb#x1HfCX;G zQbx%hCoo^jJeLFdZ{{JI3UCbLWX3GU<%}B{>lhy;bR%U4S?~(uS;k9@-!LxbgdFCG zPcy#H*u(fJ5?D|!#C?oM7~f^Q&KMCagqsXA@IZJM<2FVQV<+Q>jMo{*3{n0zaDcxf z{tF>)XS{>)ZpMFM+`+hKh;Zv3j3{(cRfdY2}8fNh1Ec%Sigg^{9z1-(FD zi6+dU@^7YN@()jskxTZ4%GU}*7G`+T!{OIehJS`FP0s(8?{Yvg(q$ZMF4f zrR^VwNX@e$LmS?{D|CyNTwCtiQdUx5SySz*+gk0~xUIene(TE+VOf1$Wr=Xrmdn*6 ziP|`t$+jByu6wD1^GQ zEn5cY78=UBvZ~_x%KOS(HRa`7%IXIgQ4Ve?zIx=PDRYD&w5n2rIexDRbjbT6HG!6bRpVA;_Z5E<~^l4~vw&Vb=Jt zB&9AwzeX-|g0eabs|nH`o}S{HD#X3e_-CLMpsk~>_J=tg&-6>g?@pOCd3C%kRLnx3 z9py7+cP=SZ64sS3%V5fi?2>Pn#8&87}4pA$?i03QFVIa zhj5@Ivx^8{B=nJ_7x(&xi9U0`s3CEFP&o0qNUq#{6esYy&XYLP8KzC<*x zND(dlH4KB`tSl?ulqUESU8v{#JMT0AM^v}8FVBeMPKoC9Wg z|H7D|R$EO~X^Q;i!W8+$!dUl8qc5;hUm%>tTdPYdO06X|)%A77=rWXeRrTiTn)|DD zVy)j+TPEgJp$A1TQU=q~GHYpN9r{>wm)0#+HT70oTFMVuOxG>k|16O79}Fbp2Q6m& zbBp0fYi0F)#Z{FklP?xV%khggxm6)h8EoM~P?_3NR#l$DMf8u_+Tyyh>iX~3qr_H|qr{mXspQ%JRw*j0iQ=N|s+)vbn5YfA&-l(|2yN5b@c^I zD#)ow_E0Yjm#ypGV^*QFIiX6ItFs-l39_?dYIXC7CKT{ z#>!Vu#A+icZI%Trb9!E-u$WcIbC1MW{InE-tEbF_RYfRvlps|EN$cmaTBf{rXN;vF zQmM?kx1uP;R7Sd(9ha~ETdX-+smAGswAvwel)|^n{Yl^y=#MLO>;z&FWX}NB0#kvvLO(^JBN?$2Lmmp8 z3^~OLbO>My_}54i(Cz5P!zv-FE+{NK40OR`3vd=N8JG!-0#ZW5fHnjWs?gCJi!}@6 zXMvR9!;JfYcZ2T$t_D^CF+Z`d2U0i%KpU1E&V2nrI5L40P%MxFx*nsj2S@>(0a8Fm zffP_Pa6QloqyTe)laR0l3LUXP^sM$;yqQ_RJm3;w2i}{Gc$tf^ zSJ(oa1HJ>82@GTTRV;AHu8VOOkP@^2NOo@ zAlU_nqWsC=G@2_FaTRbK&6zzx9dz=?PT4GJCg zz+~`Rg$^6A0Cr)(HK=o;At--56kfLoQ3}O*AVqi>coz)33JZ6#z7|*o{d(X=U@FU_ zfaK4I84mgDQCN5yNa5B3D}Z@GN^mM;vKtR~Ll6vf0xzJ?qm-RjSa=Xv0{IRgy&}v3 zbh`{-J~(xsD}kqnD1I17&8``U>8*2@LIf9CTp)d?c5qUA~MX5Uv zDs=1xTEX`ybYLn;lUwHwg^mVb0(iYbM+Gn*yi}p10En){nXk~13q%*;T%geH$ixHs z1ZRdqhYg6P?Mznahy|iWI-?Xi%)l7%V1*99NeHwoCv9W^9X=phn6pQr<2(=z%=w-| z2W=Cfi*=sX(JdU!7|YP|oVye{8i8nO&g}{vwLr8iXO%)n5fClOxn7|o4~PcibSiXY z1JNLya}+vgd4dY>OjhXV(o_kbCPe*nbl?FM(s@*&!wW=xa?(~1(6JXt)nkuB$4($s zgB=PT4Zxw`^$HyoK)g+7sX|8q5QXK;SLnzEBJ<7#zs^TbWDd!OWjw{s<@FMZ-Vy zSBWEjF_8uDu)$>xpojTynSaInDdw?>lw6Eq%rlwiGB0GF#C$9BuTaOR1a^SCDFE94 zBEeoZn1Q0CI$_NJ4pN;!eLHC-YcvwFhinciKe@5&zl;6TM3KU~zQt1meKPa8%%?GrVcx)ezL7w#q`AxwCN5S1 z4kJN84*!z^Kq8Dih0VxqqIObH&dB|kc`W>qdr+pWig6p0Y&Sw01&gajei0IJW11Pq zdShbxcjm^_^hJb7_Qpin#oU+xN254MZ%mzgP`==p5~2GdM_nlyB%^yHw}!bfyM9S| z5Ifi&Te!NtF=;)|32tWp|IXZ)3qQd2#%%amUGK(7h5>-wY&Nj+oET}*BQWO3Pck$%2Vfs8U}g+FpHl7A-z@4=AV?>WZ{_yxVl+*q1Sfh`4K z%&?~*0MH=zE=J1m)rnfOOk2G?{4Wqf*YE6d_v&fdujH$%6T^=W(#?_ARxeLWR-yI# zs6_06Av`|FSCG87ATeAU^;P>P1^*fpOw022E$a?x@|mG= zazWvLhvuww&BvmCS@EXIk|)>1%eyu_Dw}&_W!5v*@}+0)^HjuYp`M+w+AXrx6)h`& zev5pocbIJb`Q)H9m;C(aNuJ~xTFejZ^vz72nJJeQt&3=wq%wP+lh!av&JLR!T`>Np z80i*yDQE?9L~(k!p&5(pkxP|#7T+G6vS4SQL?dN$5xY5x~@h(-fo zGk&}A+v7E@_9tRfi)`h-##n8Me7SK)qAB;Xvc}o*3PepKqD-a=jJjJ>u)-^$Qigl*793ks+pfkmBgsd~M&IDaf z9Kv0j>1~S3^h%(NlMg(c;64@3(cX!m*}G|-3c87PP0*Rfa?q^HVO`wXf_9qWb5a*U? zVSdc4n!|#!`$W*~AGAU?SQUb>*bhI}-e%9>%E5@F{3IBu4&!bp%hf#?1wLE#DH3d!Pj1Kz}*@JJyt0&jW zyoz}>^ZS@DX5Of{Tlh(UKzH)w!^#FvvWGr&_!L1W^VgYQWZuF&bb?C2Hs({9-$EIH z|M|>6=I~eP+${vnR>)uz8_c6GoLU~ zmB2dYGnu3J(gVz7{whb1&-^9kMy0)4cNW%xe3?nE-Mc}%EIaou*XBygPp4@;?O8wFVUlm|s~F)5oPM>Z zJ@bK<{{1Jc-+hicBO^`T_Ux*NSZ*jr3ymE?bF0y`H%5-cNVw?5WZfa;$l~b{hKe=} z$mNF0r7?5k>5!gW5sRAC#3dNltdCF*_gLexa0x-wC?Dce%RTdeHk%A z?hcFgO`5kM;tZ_9pln7%t_?*d}C z&3+Py)wR8i`7R)K=j>O}vM3ckAQrpM9)%8CBE~{a+l^R7+o>1FxMIHwr0{9`1&cp> zRWPC@!%PS;lG$ndFJ3Nuewr33w?02B4K>RihWbjLdhi;_QyY*XJq(1o)2q-yE4oDa z(eslmRXHbk|P z_!rE7#P(Czejn@apauXZnU^c>7TZ~1EXn_!xsiZh5Jy`xnjj_ws_VhaB?q<6X+N6W zVhE@!TEGd2XC8*vMD8j4NS{rFI@N6e643rLxuf_IZ^Qd1=fID6fzI@qhR&IaU*ZAk ze%CdK&x0~hKPiwegfS|^00Y`G3G|RYh+iFKzgqL$9i=5W%Ld7N2JtO}!uh8ciE`U+ z8$tJs`mY_eKhzecNq29geDcVhap;lNRYm>A3vMjlyz>(DQg~GVotL=R`iB0%N;owW zE8!WxUl~!vdrZcim!ffW=Vf#Q+5|b{&dW};jRMtM8>;t|g=mS>Z@uK9Wss{?AR18X zskhEe!Y*hf&c{|X8N^tl3vaJ| zyEjT6ejkU(V~4m;C3Li&`Z*R!}Sl7hQZA#fzT* z(uBrN!M%7lE{ssmZl-nkFf7hAV{xYJ%&?;cl}!_UNKi9=yQOt|u$wx1)Y&NVY(byv zn}n_$YaAaEL9$lU2LEM5WZO2`j~Wr>LxRjS7$AWkVlcQgsS)-!Gk{AleK#;P>9!bx z0uzsu34O(PBa-!z*>`v95yUihrfj?0pMnJF%gb5M#+iA{@*)A3pr;&|F*sa`RL>aS z`YuD>pD?;vLkWu%otKd?BLTV$3HnGr6P1{82zvZBNk#9 z)<$J_q8&zj^T483L?Zv!)T!}D)X3`Ng|6>5r0_?O;r;l6J>P0tdWi)CBt|})1*Hu% zk6=E6ISNGA)4)o4aAZgiB9~wBC8X#w-V{v$Aj?7_>Z7QwSY%NlNawU#S=7@?L+2QE z5s(H=E8VBFmRDAl&9+Y55+a9RTqa{LT0KQ(47IL{*ECBnh7NLAg5i9A7e+I3Ei|a6 zOu-mN4tb-_ksAdO<)XM5;tm6y^fQ}6e%%#dXe0JHz+_+)!Xo}PVxZBg7l{7ec~zmK z2Z-^)*{#rV26zkBVO7Gk|Tt3}7P=$2s;YUe;7mz|}z;rW8F7!>xqEgBR0~XTk76oR{#lU3)3Lshc3{}26fW&Dij*`FdO_~Q^ zRo90o-(A4T(6#|@h5WF>LR3b5dU77qiAj*tzA&)xFfdDwxD=Ce8+10 zcpBsdK$_g3V}SLtOELKrHZ44Xg$+Q`ehn{HU@fXvCNLF9ud4`%OpPo6qGU(r0a1`6 zNl$V->nLq2yqsh>^}7>FZ*aHxbdbT)LHxBr{JlZ^=pg>QN{|tOXd1+6Qj34=FlX!= zAV3ZWrcnH9Pyq7==`lbB1SrH$2k{+)?CB)GKLPUPy^$;K9h8E7gM6$R#CronKt|}a zx<5ql@tU07HcoE%bJ_P^8Bdab`13ruGB`_)`%9MmVC`tx)RrcH{FegxZre23_m`*S zlj~#T6JI2GA~Uox@`Eq(qFj7AJ@B5njOkq#Mi<##0a97iJ89s`Up~=0CS;bVa!ti$ z!l^Umk9$|^v(8MOaS{Z~I=|}Okf1%_Su;vYbk|XvLH>VD{RP}4<}Wj+`w^r+!Q8|A z4d!%1fb{>td?@pa%wK_y^w*fvmovn_Qrs=lSuliKSvx0yt}~IVU_Op{JoCxS-{J^o zGN)Ec5iDjti}_v5sXrxsh0akw+gMP~23wi`h&eTI^6(Sp##ZD3<{LOcFENi~ewsPm zBq9IrGp7ba+(#Vo3p)$`#s+`o2!}*a{?R`(AHjSx^U=%`ncJ8fJCAdj=W~K+fF@^Q zUII?>i&r=S_pyPo*V)8;0_%Um92+Wn4h}J=_Cz^4$(;H$;^&!1Grz*z*m=AW!5ei; zIYqr?Mxe2^pckPLH5n5;a;GR-c=fRv9nq8C zIKnSy`%=tp$jxDU<8G(M$)3ypAL3+gXTFp5>59)6GudDt8>BL)DH*v@oR3kg|AaVx z#))~0r!!J>g)fDO1}VChM()dFDN)+cAk8J`4U6{tF-nW}Y#OZ<5A39ly*^qy8IZKmh=7;SyTPHrE@4&}~peTUMx-(c)e7U3OasWq>mdJt(PcYKs*_6F_t zahO7qv!Zy&Wg}qZNZ2q<4VMqLXISts0fO!r&)TtCoP{FBidUG8mF%&$v0DA`V>X-S zHys-{MGFqn^lQlOvlzc=?%Dyw?5*mk!oqHxb66qo0@7r7FAyPC?NL~`12ux|8x2%kEuWY+3BhxAYF2Dsv+~y^}PFNI}2Ny&)sR-+#tNpLuuM*O*?k%$aL+o zprn8L^-;#mtm&ThGf*q7c!T69yX35)o;PP`bE8kgnOb_hp(7 z_#xiUApdehCS(zz|nU_~Rg5Kh(I<;__43P#WmhJ)CO=)GDwLFf{Y4SGqN#E-`nX#;`D8khCCY4eS-Wwhh4G*sLMTL zv->WhZTx9@_BJjHeJ_jsK28-61-h`$$S4|lf9)g>`w`K11@<{SlD-9nqc@yWt`2$T zk7Mvzavv2Qs^$s}Z<=g8VUx7zHG?+)_L~xM2_ylRKU5R&V)M^ABj}<=AT#LsU=OjW?lhU!nx?iaV)rbv{JsInbXiXj|NI z*hc8xs@n2Q5}ouGpUg=1IB(Z-J$rB0tVx1K3H|U&$Nv9pC|q(U^>2@S1DF?kROII9 zIyz`0SETQ18uu1^J;n6p4{}N_L$|D8ww)|x3%;wuw@J9NQ^Dg}f#)Ikaf2aI_9!6c zU3NN7q`|%bh^Xvm5DMO~vrD0)0Ehut|Iz_1)*cH^^A|s=3I;p<;E*N_G;blhGnk(c z9tI)`doz&Y$pg}UUV#%2&PcNIUJlcFMCOi%l|N33J{P4xZ zAg7R*Urdx=I@70fzTw?L~LmiFD>$!C4{Dk*J7`gG5nLM=a{7xj@GEr-bU2I;G$(f~0%cA;IE z)GEnPan~T`1nc)WsAZ6A)c?ncpzZ^UB4Duor8~87s@cuJA|TCC^Y9}FqyC@Sb8Ul` zd2He&&7>W(xwKl%Gj6Ij&O+O<k~7{Aj+=Z+0c?@$EY(=hz1i1vJznBCbOiOCSgbv21{;o_G%uOz!m z)3Q5d(Q~m`-7w@qeD_I{>w|%Rx?<|a%4%`{MzLaHzSUu!Sb)KWT^Nmw?ytdUK%oqx zke$~RIxYaI#-0SCk=Ty|X<#}EL@C>M0%@dc1kwms0i=Pd6o?n@EK=xL4@7x63luu? zfi%LR3!#C}ZKs7IjdTDq9Qr9RaL}TS3u+EVjrx%J1Q?Th6F<`5!u(z4hW%;c$eB^Y zn!s;14=6%p)|o_4-cl`0+S^`BVWH;7j&j{lWQ2XNH7pnMR2VGyV09ccfv zf!y0 z>>YQvk1_3Pu=b6XTCsfJ?2ql=TDP>w3?{ z@OysezR!KW&$*xHInRz`5$Ad$+QxWua&mL>vvVAd>GaQ$n~i^tob2owd3g@Uw1R25 z#2t>xsEUdyCCeAho4>$OvUo}9{CNUlhee1<(Lx-*L5gb_S0Fw(Nr+vMLiC;!VgvJo z%xi`q;txVZLGg$^htzXTwKKwS2GqfRxz$;e1tRj4dXG!uNdRQb%CZcE@Qlx zaR=jTj2{8LRD-WLA}K-}c!V>2j`4NIql|xJ{El%#n66O~V+~_7V-7X>?}Tu}zV#U) ziWyf#2(J-wJ4Zas_$$U=GrkE7zKkE^NEjr30~-!<->xT)zTM3k|0m-%j(?i*H;e~| zcy)p!91&y;he0yb%LcNH!6L;X#`_qbVtk$P6k`&n&t{B47g3*I#khdu>%4rimGLJ$ z7$0POn(-CJcNjlm>|>0x=|P;sxRCKy#*K_y8J{=h2l(O`Z$w=~bi`0%_~IVc6}m?9SCywQDOHS2tDF-bQKHRjk|4K)k7DT|>p4HBIa4 zszk*PwW^S=reb|fRa4#ChASxe&fY9jyjMuKu4Z-9ze;H2|Ks^`juli`6z|Tp>+ZQi z?p&}T4HdVotEo}1jhM7_UQN}ydm5W+s!QtDG^}pgu&zc_{4lPfz6P~fzoD^a-L3U& zZ`Ik*m8jUzSZ$QtOkP3J>dzz6(i_*+H8fS!u3ld&#^+4U;g!@_PIG2v)51HmV0zc} zF?B;CP4e2Pqp{`}oaO(~ir*%O3# zUZ@+_ufMUreRW0+4Efx@(jLJ0aHktkFzPhNI)&?aVL7$*cR?tQlA%}d_C z<&AY#X}cq6e`=J6_o}3;Yr_XpKeMa&$lGPC^NLUFV=QtS&xy7vVwVxLutyQm~Z14?3z&~br*aW);-IxudSj;kFQ z7kdSJBXwK`^jv0BSW|SQbztHMw^5i{dAYLIxjL>0l}uNovpUrWGe>kCo?14-cjzja zuI`@^-?ehiE~}bfl&DgQGHm_hTisuj7+<)yy2epmw+<5(Q^m2qer=PQy)aeXyRde6 zzow3k{XAWDUVlM#-cT%CmGszcttc#odSYSc!_?KDRGXWI3_`b>i^z~g-HS+p4TD0y z8e5!*Dj6Y*G;Gz(TGh!#{h~&-bEG|NrBx*@O0{jmQbwWK(7(XUuy1<>%OnN2n)`U7 zl}W9kxDtB+g(8FPW>%|K-g0>g0`fTXURdwZ6^8 zGSSLxznZ()ZrdHNWyyx-fdtK7A)B@)JEv1~(P&II8HFrM)S@<0^zO$huv!RbHxP5q z^NL1S8*n7z&y3dcUSKNZCp5YOKo8`lz*~XEKumm(N26;Vaw$Q47BCs{85&&<;27{^ zjb4|)#dR1W7f?uG`C;HqNO%B<6~j3Xi1osm2c&{#15q|lmPS_$a3bQ*!2_fMA7?li=2Pnv4tKDg%|Q0U8iCgUkE7cRL}%uE5m81Lz`PipaSY=DIJQ#|zZ*y`kPU=Q z=TOEVMiKEBfmEPsAn6?$CPWr+H<0A5j75wIj3JCnFV*NEF35l%NKL;TxEz=aTmd|b zA&*{i9tKvD99Rx4<@h{c8TffjA<{bryoL0D6~K)^Do7KM?9Bs`-h?Q$KPjBC=_V$p zXAyWkkP;LD7XlN2RKOsn_F`Z!a0zffko5dOY#`1jfp&Dk4vntuK=hucO{1#_cs=y8 zfj3~xWm(bwxF}CR#8L=C*o`Q|!@wda9MV`G0Ft~7xC*!lSPCrW_&gw`vjQm{xuwAJ zGjLOlbU>H^klbX5Y;d!CgVU3621*7tZcy4*lCu4k4;S2hrh=E*X! zLbx2bfUDw3*64}>qA@%}HM#^4d3!Ek*#x@I0TJantI_2KjzuLMj2PJ>9UQG9CUiZv zbd2*26v`dR-VId~ryHVVII9*vcf!Y`SpF~6JnOy(%J3oPpEBRUJQ6KP@)w!YI41rM^Ea6vW8TL6FU;>`9x^y484Y+cU`y6D zn#Oz#^9bfS%nQ*Y)M6p@1clwyVz@S4&<@f^+)8vkg+FrzsyY2dwzrWu@)wJdxsd>4 ziNZ&$u!$4wWxktv6BoeTEfYzO0<^Ms`w;6NVEroQzh}OHc>?q)e{qZ>%s&5uOYG(Z zyGTBuhRwuL2-BUu1GP<)2aLf>_8wxM4?7foiVBWEoEhleo;Z9kBY)8h;}kIzvx~x; zFiyN0vyZ|UmYXik1?Hwx^AdDO-}J94n46B%coc->rpNUO7oa{`=Py2GgY!7U70l0L zy`j*>33hVNjBMVC^ zuEh;+*SojcrTVgJx37Joj92efN2<4W#rx7G$qByIlVpmzxhBQ;#Uwdib=2gjGd1H? z_;V?~xJ)_9ccx0(|A%|t8QIfw)nm8a64yFOSMxX*s&$fjCua7@+HseosZT01>CRx$ znrX47gk}K+w`yNAC#5xAGg|m5RKhGNR8GULNB6R}UR=Rf5{+G%wb98kLrvduhqS7l zTfVg+>x4j6d48>W`N8P0qDEaUfZ(;b+fJNdLAHr;D%arau`gOFVhS2VPJ6py8-F;FtzyH9H=J$7fDUXs- z%EVt-)=k&`p15wKNIgrs1BHpkwZDaBEi7w+tc7JgEGvxb#?x2Sr4Yg%7Fw2TqZUqR zfy^>m8!cp6Pb_D66Eb933(Hzq)&f}z%X(N=$g)DndJI{1g5R=&Gi0F!LQ4{7$g-Xo z&aha$(3Hoq7M58cD;$IJ-4e2nb?>uoMvt`ELxGlM zp- zylqiJNzh{3W4+(40+vys4$IPz6-F{6-0dALBViQ3mYWg3EQIu*1s{GUDJVES;tYMn zlb+E*mYYLZWRW%@WV`70{#T|;v}gW()3!ZT;^;yd6T-sS78B;~6Jc{c>_FUPS!^V5 z$f(ac@Ll5R2(fb0~| zFy2ync~T%9CPi!jP5VOE&PR@fsr8S|mr-4NAG3wYS?bNl?Y6VHMWwJwoqXKxEyZkK z0H1ai@H#lV`5Ma;fHxxk_*l$yU^fsw>GT8V1M7i>(67~4zTaVZ^Uke633(%9DPtnz z1+*Q>do_BU2RS0ZxRtSyv6L~NF$?H{0V|LS9Imna7^+1T*$<@nZjI#uAl()020D?{ zuhF%`i1*?S3>R4tv}tse83Nos0Ix!Pu|`)u$L9ejBR*TBD+@^XFUc%V1Y*hbBxrOE z<#;PF1M%S+U1#C-EW^s^4B`T7rss@C*8yM&;XjPHyAHJJbAoMzmfSY=IPi}Dg6@We`5PJ2KNf_G)LUc3RTR1#(Wm@ zCz+3A-o^YM7M(#4^Zm^K!2Aj3e`4Oi{48Ai}+{rwb z`F!Tl%&VBw4J)<4PnpxZGUDyvl)reCBX+SuHS;d!v0T8nn3K;#22Lj1nW^&guAe=##WIxLvC?}QYlN@&TA8FK?po}-f1;cOpX|o2(5_0E_b=W? zT=|_t-prZm(dTZCD`OAdoUdik5p)-W8!|lHFERgKd@F2VO zK+?+x;_lg*08CPky*gFG;e2)GXjIl2gBGMTXV5m3rW2T~hW*wqlU4d}CuNb2A1y)o zKM91`vqPh66Oiha4Wx3Y%4J1fauf$HxLCT4v21ot1Ive^CKMhejzX;GuG_?1F)w2M zEY`1J`4=o-$~;PUvR6FF5oU(9#L?a6D4>TkH0!9WOps~5=2{sO=9cQ4->3S5B{C+K zZs7)|`=f7jtxSvAHz>Kf(0z^Xg}HLLYQ8vL-M#N)b=zx8e5b2qV*e|?_g{-m=qG=B zw{OV5zV|7}$<1@9h!0ERdim}#gXS4RubtlaZ98urPB9c|#lS1lulml>O$b7V29ant zUiJAg1SzGlFdMiP zNLDr?kKtA47@4Z058sQ<$!H z_N7Gypg~%Wc=b`=4DU7wh#rPAg#doUI}L`cSp7vH1*#g!-9!*7kPfu}0n(B|d;^4> z)X@JD{|9idSUyN$%^-f=Abv?_U>Ku+9}MD&gY>r!;(g!KFGcSRQkaP5L{xwH?0X5Y z{0!o8gY@ged{Gl*>a}AA>5*SD(C(B$={`e_1LeOL>WgnT<7iBx>bNjhjlWpnJ3Ut> zs1^HC)UJzVYQ%Rht4mQs)W_eAiMs4-`C6~V79D%3SZ%p9TfJTtue|SCRq1Q-PfV9L zV78LSm7DLl94?>#c=eZZRjSGk#rUjgGRAus1{%$V7h-f%Ol1Bl^Z!QqN&W`&e`EeO zb7S;F{@=_aSpEs~eUMT5&zaNXW#Zpx?iINl5y9j6H(Y=i=4+TIGpA>nWMDG$KX8UK znA006l3&Ms2J@xNzvcXD4USucmpGz{6`Gho$ecDiGWY~@^CoZ?^KvfGZ9~Nc*?|KVb!P!D?YXj^$4<|0`#>hxxCVA7Ea|{5bOj=ASV)@A)pp@h#FqE>R@5 zRSM@gLp$@Am}fF?VD4s~$b2dDk2%9N%-fl_Fki~t7r#bl7{w9)&I;yD-fx-D;R60& z=6~S~PcVOu`IpSio6KQ%s@U5`#1$U z2uhsZ$Wyq6^{u=!(3VO)Ih)frb1^qDf0*UdG{08RNl{AhBr8m1PVNW=Dh$a-u)LQz zeutPp<6AynR>Uqu6m1XTR-Np&y>E|~L&D5w^S-y!<+iLdH?lv=Kx z8#SZghGEn|6v4NMqg%kJzZCxbu?i{o z9-JXVmgf&#EyHBE+KdA{8~G8EaiGY13UU@?Z-o`o-=eX+8p`CVh2Y)b&p7!&h{wCeP2UONIPl#-vPUcOP57d{P!sBwOP%2x(X`IQp-o`X6LWxho)%J&IDtS@4=oJsS}Nn@IjR(wh` zOJg}LUsQ(-LSM~nnU+lVqX*Fklw~UrwRbiFDY^20-R8@fBNM%5N2a4&XwcEQ6bhr5 zH!vT@{CVc#%zK%COF1BJ9Cvdb%jtXzg(=L<{L+Y9(BI~`sD=R=&U9v$!d~W0(Z2WR z$k|~VhwhDY%TaP~{#kX1@3j2feBZG`xpHh9TcZY`U~+T?dEO$-cXFxB z9)pgeKw2o5NJNjLndm4%vpQ?fN@-&S(`!gX|D&ZvClsyf?`!h1IE4da=m4yM_TL(j zBK^n)#aqqstcv3j_qNTK)-W0L{o*?L_{jbj3YJxPNgzHq4kP+pMN%zo4b$%mL`3uZ zFtXj>k`f9=yZfv;?tL9C<)I9`IWl-Gy-5O(U_O$$P4op2pEgYNp@0dfUxJA6r7o0q zoM7k++F@$gfTYAtQ-hLHa{BpU?&5vdbzHK9sW~r?wgw~dHUba-Rm@unbw!ttE%tqi za%Mt+_a2YZbq31tMo(Hdm4V7EZ1|y0#x-Py4qjJeY!(H*FiP;;OP>v~TAE zXo5#iA5QXO ztbP{ln|&j;Tc}~OBov`L1GvVdOK9b5?0X4TspECSmxqGrAfv7=6?ij+#_tjBr_ine zOL^#TKnvb(QMTbI3Sk5)LpTIu)hy26@Y-x4+B(uD;>fq6r-OF|BT+8yVLyzYgt1e* zMEmI$(LPWoz%6&mE7~u4MS;I%Rp=y51}j=k&iOFtbr;lfYr?KE5dx=IZu}H)xq`4s z?L(C~a_N#CofS^A!?$d)oKk@XI)hOm@Jg35?6qK^TQDkUpi8kYfI=A@6PIdYT-%Hh zqxCQ`j1fg?V)aNebTY-hUc{-!854Y=#j?mZt5{BuXN;qxL(#?*I+esxTqft~^s16y zrrBcn_PWhDbxKb?DQxk{o3QPa(Fs#8JwnCmkW~!879zSo=qBE z0*F=4c@B>x2EJsKr@89?~l#vwQ2hSvrpcM=}JXlElWPWoGOTzNqk3m&)tZo5LKw=$qx_|J4^4|I@b|=4T$p#}xS5qUO%3I~(y$$oe~K zs_Em4`uerzHzGIv;8POwQx53;uf8;)4@r`9>znRu%n|fIThw1)x^Q|$HrhwuZ(q^N zow4`&rLr#4_gR&UNz0x&qhNaW^dIpY3Vcb`GFN4Nm=)K_lY{O(DRd5@N3SF4*%}3k zCdqLOg(8&_JFQ=mZ^&`D3I@Wk*^f~HyCZHWCIE#>9uIkuhF{#sxws7>zOK{r&G13O z;1`dbLwBU~W8Varfr*t4q(_X0V2-?sV*DtW+EhxqLy0lH4KHmMy;y`!^43JFeGrQf z4AA!&{rjMmJq;ty=H7=b3@bdo(ZC8C;1dfZqx})njMHjc|G=tu3GrmJ7yBmi)LT_y zjFwS2Hi4rQ@P>Si zQ)RLv&|~lZJIs^TSm9rSI^xs@wCKQvspTcDKS7Jq3hWhzR?A47c+e*u{5WRe$0>(r z!M}Ghg7qnW7vyvZN9S;}aeTu(6=B8^2C?@GdBEkj{Bo9vApF(zSrE|VZYPB|dJ?*+ zMFKsg-PX<6i*R2^B)a<*>39SZQj-oe_N>Kn^bMTp@FUUY zFw+@~N9jr~*MBJ0f4fotl8`EXAi+V+Lk%JCdf@%AaGWYaaw?m@FdheEO1ifN$4#_% zZ=xiu`K+ZBzEeqP=Z*(-6I|Bx+PiOurXNzHel2mKOY22nCAKyiVH9@?&QI@Jfgke3 z7I!jD;1Ngjw$s=fP5Ei;ms&2`#&TOZ=EDZOGtxPk=H7P-PLQE@2W;Jeh9=v$Akr-6 zX+*wxi!S1)xXu`2?572!Ja&Hbl4mVpM^D+=AU1L`7DS-qLZYFw&Sy**V$6hS(|} zDv~vp@Gu!6!X2mb`qFE5Pum;6=1`S7F?Y|w;Xm;=XFi($^jmj+_}c$_W0>*Urf}_s z`f5kR+9n5mFXy0-f#&sp3q;?qjg1n6bk=*#58NEAP*OBEclrzmecyJqL!@WtZp5y> zV0B%6O|_$Gt>f0!>uYA@IcgfJ=u;!og3)Vrq)wB*exUx{>*|_n90QD!k@c4|_3C0> z&Oj&NY{=rE1X{mp^^`km?hzVvmDg@So$DGL_?nT*blD>1=4h(Lhf(H7ftL#~_L?YB z3QseXvd>B28!6BwzTu=>90C8{L|7pU0aB2bi)PUsMftY%pHjS<( zpwU9Wagfs&1=xH%r5auN9G?foj_S$Q=t=T$Rka9)u5lL4&k0z0y+7dQ^_ zCxB=@&vA_|KgT}_L?t{sG`gCB^wee}kXnYGTTsh*fYdU1Kx&x`AU!prFA&K7P@oru z@L-Rk!nn?2T+p+aV?a_k0))tOSfi_x2aay zZy3)z!L#YRZwlKf0V0aoA-RwFD(3aftC&|YuVKD|`4;92m_NaszG@`Nh=!Y<}^c7^CmcuL@A{uFUEndy0LVYyjDdhtc4>rGecXRtY9fIe<33~n`R z9ESwt^_$^aQUEt6>tb9F5Q{yKgZICAd&=ZWeqi@G>STH6U}&Y}V@v`X+HsBw6R2p#O!gg%!R6?(0$sA*6;tDN+TYvC0?e*TdU zrD=6tR@YR!q+~9acuIkJk+1%-D>-V0NvHe1nFTG-k4dU9+c^?(CE1WZ`50}k?dm0*vt(afQrR5#h_ z?1B}s@yh*$RTU4=o1xbE&pviFNa#HL$tpSuss?v*2?E@dDx~idlup-~;C| b)r@#PkODk0g9lYC=4oq{Ebtw{cL)C;`H$N& diff --git a/RootHelper/main.m b/RootHelper/main.m index 74dd0ab..59bc61d 100644 --- a/RootHelper/main.m +++ b/RootHelper/main.m @@ -666,6 +666,11 @@ int signApp(NSString* appPath) if (r == 0) { NSLog(@"[%@] Applied CoreTrust bypass!", filePath); } + if (r == 2) { + NSLog(@"[%@] Cannot apply CoreTrust bypass on an encrypted binary!", filePath); + fat_free(fat); + return 180; + } else { NSLog(@"[%@] CoreTrust bypass failed!!! :(", filePath); fat_free(fat); @@ -740,6 +745,7 @@ void applyPatchesToInfoDictionary(NSString* appPath) // 172: no info.plist found in app // 173: app is not signed and cannot be signed because ldid not installed or didn't work // 174: +// 180: tried to sign encrypted binary int installApp(NSString* appPackagePath, BOOL sign, BOOL force, BOOL isTSUpdate, BOOL useInstalldMethod) { NSLog(@"[installApp force = %d]", force); @@ -1014,6 +1020,7 @@ int uninstallAppById(NSString* appId, BOOL useCustomMethod) // 166: IPA does not exist or is not accessible // 167: IPA does not appear to contain an app +// 180: IPA contains an encrypted binary int installIpa(NSString* ipaPath, BOOL force, BOOL useInstalldMethod) { cleanRestrictions(); diff --git a/TrollStore/TSApplicationsManager.m b/TrollStore/TSApplicationsManager.m index 5b77e9f..48963be 100644 --- a/TrollStore/TSApplicationsManager.m +++ b/TrollStore/TSApplicationsManager.m @@ -74,6 +74,9 @@ extern NSUserDefaults* trollStoreUserDefaults(); case 179: errorDescription = @"The app you tried to install has the same identifier as a system app already installed on the device. The installation has been prevented to protect you from possible bootloops or other issues."; break; + case 180: + errorDescription = @"The app you tried to install contains encrypted binaries, which cannot have the CoreTrust bypass applied to them. Please ensure you install decrypted apps."; + break; } NSError* error = [NSError errorWithDomain:TrollStoreErrorDomain code:code userInfo:@{NSLocalizedDescriptionKey : errorDescription}];