bughz/TrollStore
1
0
Fork 0
mirror of https://github.com/opa334/TrollStore.git synced 2025-04-14 00:03:12 +08:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: bughz:main
Branches Tags
bughz:main
bughz:user-attempt-broken
bughz:exp-value-picker
bughz:2.1
bughz:2.0.15
bughz:2.0.14
bughz:2.0.13
bughz:2.0.12
bughz:2.0.11
bughz:2.0.10
bughz:2.0.9
bughz:2.0.8
bughz:2.0.7
bughz:2.0.6
bughz:2.0.5
bughz:2.0.4
bughz:2.0.3
bughz:2.0.2
bughz:2.0.1
bughz:2.0
bughz:1.5.1
bughz:1.5.0
bughz:1.4.5
bughz:1.4.4
bughz:1.4.3
bughz:1.4.2
bughz:1.4.1
bughz:1.4
bughz:1.3.5
bughz:1.3.4
bughz:1.3.3
bughz:1.3.2
bughz:1.3.1
bughz:1.3
bughz:1.2.2
bughz:1.2.1
bughz:1.2
bughz:1.1.2
bughz:1.1.1
bughz:1.1
bughz:1.0.10
bughz:1.0.9
bughz:1.0.8
bughz:1.0.7
bughz:1.0.6
bughz:1.0.5
bughz:1.0.4
bughz:1.0.3
bughz:1.0.2
bughz:1.0.1
bughz:1.0
..
compare: bughz:2.0.9
Branches Tags
bughz:main
bughz:user-attempt-broken
bughz:exp-value-picker
bughz:2.1
bughz:2.0.15
bughz:2.0.14
bughz:2.0.13
bughz:2.0.12
bughz:2.0.11
bughz:2.0.10
bughz:2.0.9
bughz:2.0.8
bughz:2.0.7
bughz:2.0.6
bughz:2.0.5
bughz:2.0.4
bughz:2.0.3
bughz:2.0.2
bughz:2.0.1
bughz:2.0
bughz:1.5.1
bughz:1.5.0
bughz:1.4.5
bughz:1.4.4
bughz:1.4.3
bughz:1.4.2
bughz:1.4.1
bughz:1.4
bughz:1.3.5
bughz:1.3.4
bughz:1.3.3
bughz:1.3.2
bughz:1.3.1
bughz:1.3
bughz:1.2.2
bughz:1.2.1
bughz:1.2
bughz:1.1.2
bughz:1.1.1
bughz:1.1
bughz:1.0.10
bughz:1.0.9
bughz:1.0.8
bughz:1.0.7
bughz:1.0.6
bughz:1.0.5
bughz:1.0.4
bughz:1.0.3
bughz:1.0.2
bughz:1.0.1
bughz:1.0

No commits in common. "main" and "2.0.9" have entirely different histories.
main ... 2.0.9

110 changed files with 2165 additions and 1649 deletions
Show Stats Expand all files Collapse all files

3
.gitmodules vendored
View File

@ -1,3 +0,0 @@
[submodule "ChOma"]
path = ChOma
url = https://github.com/opa334/ChOma

1
ChOma

@ -1 +0,0 @@
Subproject commit 964023ddac2286ef8e843f90df64d44ac6a673df

6
Exploits/fastPathSign/Makefile
View File

@ -2,10 +2,10 @@ TARGET = fastPathSign
CC = clang
CFLAGS = -framework Foundation -framework CoreServices -framework Security -fobjc-arc $(shell pkg-config --cflags libcrypto) -I../../ChOma/src
LDFLAGS = $(shell pkg-config --libs libcrypto)
CFLAGS = -framework Foundation -framework CoreServices -framework Security -fobjc-arc $(shell pkg-config --cflags libcrypto) -Isrc/external/include
LDFLAGS = $(shell pkg-config --libs libcrypto) -Lsrc/external/lib -lchoma
$(TARGET): $(wildcard src/*.m src/*.c ../../ChOma/src/*.c)
$(TARGET): $(wildcard src/*.m src/*.c)
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^
clean:

259
Exploits/fastPathSign/src/Templates/CADetails.h
View File

@ -1,259 +0,0 @@
unsigned char CACert[] = {
0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43,
0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d,
0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x49, 0x49, 0x44, 0x6d, 0x54, 0x43, 0x43,
0x41, 0x6f, 0x47, 0x67, 0x41, 0x77, 0x49, 0x42, 0x41, 0x67, 0x49, 0x42,
0x41, 0x54, 0x41, 0x4e, 0x42, 0x67, 0x6b, 0x71, 0x68, 0x6b, 0x69, 0x47,
0x39, 0x77, 0x30, 0x42, 0x41, 0x51, 0x73, 0x46, 0x41, 0x44, 0x42, 0x44,
0x4d, 0x51, 0x73, 0x77, 0x43, 0x51, 0x59, 0x44, 0x56, 0x51, 0x51, 0x47,
0x45, 0x77, 0x4a, 0x56, 0x55, 0x7a, 0x45, 0x30, 0x0a, 0x4d, 0x44, 0x49,
0x47, 0x41, 0x31, 0x55, 0x45, 0x41, 0x77, 0x77, 0x72, 0x56, 0x48, 0x4a,
0x76, 0x62, 0x47, 0x78, 0x54, 0x64, 0x47, 0x39, 0x79, 0x5a, 0x53, 0x41,
0x79, 0x49, 0x47, 0x6c, 0x51, 0x61, 0x47, 0x39, 0x75, 0x5a, 0x53, 0x42,
0x44, 0x5a, 0x58, 0x4a, 0x30, 0x61, 0x57, 0x5a, 0x70, 0x59, 0x32, 0x46,
0x30, 0x61, 0x57, 0x39, 0x75, 0x49, 0x45, 0x46, 0x31, 0x64, 0x47, 0x68,
0x76, 0x0a, 0x63, 0x6d, 0x6c, 0x30, 0x65, 0x54, 0x41, 0x65, 0x46, 0x77,
0x30, 0x79, 0x4d, 0x7a, 0x45, 0x79, 0x4d, 0x6a, 0x59, 0x79, 0x4d, 0x7a,
0x41, 0x30, 0x4e, 0x44, 0x46, 0x61, 0x46, 0x77, 0x30, 0x79, 0x4d, 0x7a,
0x45, 0x79, 0x4d, 0x6a, 0x59, 0x79, 0x4d, 0x7a, 0x41, 0x30, 0x4e, 0x44,
0x46, 0x61, 0x4d, 0x45, 0x4d, 0x78, 0x43, 0x7a, 0x41, 0x4a, 0x42, 0x67,
0x4e, 0x56, 0x42, 0x41, 0x59, 0x54, 0x0a, 0x41, 0x6c, 0x56, 0x54, 0x4d,
0x54, 0x51, 0x77, 0x4d, 0x67, 0x59, 0x44, 0x56, 0x51, 0x51, 0x44, 0x44,
0x43, 0x74, 0x55, 0x63, 0x6d, 0x39, 0x73, 0x62, 0x46, 0x4e, 0x30, 0x62,
0x33, 0x4a, 0x6c, 0x49, 0x44, 0x49, 0x67, 0x61, 0x56, 0x42, 0x6f, 0x62,
0x32, 0x35, 0x6c, 0x49, 0x45, 0x4e, 0x6c, 0x63, 0x6e, 0x52, 0x70, 0x5a,
0x6d, 0x6c, 0x6a, 0x59, 0x58, 0x52, 0x70, 0x62, 0x32, 0x34, 0x67, 0x0a,
0x51, 0x58, 0x56, 0x30, 0x61, 0x47, 0x39, 0x79, 0x61, 0x58, 0x52, 0x35,
0x4d, 0x49, 0x49, 0x42, 0x49, 0x6a, 0x41, 0x4e, 0x42, 0x67, 0x6b, 0x71,
0x68, 0x6b, 0x69, 0x47, 0x39, 0x77, 0x30, 0x42, 0x41, 0x51, 0x45, 0x46,
0x41, 0x41, 0x4f, 0x43, 0x41, 0x51, 0x38, 0x41, 0x4d, 0x49, 0x49, 0x42,
0x43, 0x67, 0x4b, 0x43, 0x41, 0x51, 0x45, 0x41, 0x39, 0x72, 0x6c, 0x2f,
0x36, 0x49, 0x6a, 0x74, 0x0a, 0x50, 0x44, 0x6d, 0x45, 0x79, 0x34, 0x31,
0x55, 0x5a, 0x53, 0x38, 0x65, 0x58, 0x4a, 0x56, 0x75, 0x33, 0x4a, 0x52,
0x6d, 0x31, 0x71, 0x6c, 0x34, 0x39, 0x7a, 0x75, 0x2b, 0x35, 0x2b, 0x70,
0x73, 0x46, 0x42, 0x35, 0x56, 0x2f, 0x5a, 0x59, 0x53, 0x6a, 0x35, 0x41,
0x61, 0x48, 0x4c, 0x42, 0x33, 0x41, 0x5a, 0x6a, 0x78, 0x37, 0x31, 0x76,
0x49, 0x52, 0x37, 0x55, 0x72, 0x53, 0x2f, 0x4f, 0x48, 0x0a, 0x64, 0x35,
0x45, 0x73, 0x61, 0x36, 0x67, 0x6c, 0x4d, 0x47, 0x67, 0x58, 0x36, 0x50,
0x6b, 0x76, 0x76, 0x47, 0x6c, 0x79, 0x71, 0x44, 0x6e, 0x53, 0x4b, 0x39,
0x71, 0x49, 0x6a, 0x38, 0x77, 0x6d, 0x77, 0x53, 0x49, 0x46, 0x52, 0x43,
0x36, 0x76, 0x74, 0x2b, 0x59, 0x2b, 0x4f, 0x6d, 0x50, 0x5a, 0x46, 0x68,
0x73, 0x6f, 0x73, 0x39, 0x4b, 0x42, 0x43, 0x4c, 0x72, 0x4b, 0x42, 0x4f,
0x44, 0x53, 0x0a, 0x2f, 0x44, 0x49, 0x31, 0x6c, 0x33, 0x2f, 0x45, 0x73,
0x7a, 0x49, 0x61, 0x61, 0x50, 0x46, 0x64, 0x79, 0x6d, 0x48, 0x49, 0x4e,
0x76, 0x42, 0x30, 0x47, 0x32, 0x49, 0x39, 0x6e, 0x4f, 0x77, 0x67, 0x2f,
0x49, 0x4a, 0x4a, 0x61, 0x6f, 0x61, 0x78, 0x39, 0x71, 0x30, 0x63, 0x31,
0x58, 0x34, 0x51, 0x48, 0x6a, 0x61, 0x71, 0x35, 0x55, 0x37, 0x42, 0x70,
0x41, 0x50, 0x6d, 0x53, 0x59, 0x50, 0x57, 0x0a, 0x59, 0x76, 0x6d, 0x43,
0x65, 0x31, 0x30, 0x32, 0x67, 0x58, 0x48, 0x56, 0x50, 0x39, 0x6d, 0x59,
0x39, 0x32, 0x43, 0x57, 0x6d, 0x34, 0x6b, 0x4e, 0x68, 0x6e, 0x67, 0x73,
0x73, 0x35, 0x4c, 0x67, 0x65, 0x49, 0x4a, 0x37, 0x58, 0x41, 0x4a, 0x50,
0x58, 0x6e, 0x56, 0x31, 0x42, 0x4b, 0x73, 0x36, 0x69, 0x7a, 0x6a, 0x76,
0x54, 0x70, 0x6c, 0x45, 0x57, 0x77, 0x48, 0x68, 0x5a, 0x38, 0x31, 0x37,
0x0a, 0x56, 0x72, 0x4c, 0x5a, 0x41, 0x6d, 0x53, 0x63, 0x46, 0x7a, 0x36,
0x4e, 0x66, 0x62, 0x4f, 0x67, 0x43, 0x6c, 0x76, 0x6c, 0x43, 0x4b, 0x74,
0x71, 0x68, 0x49, 0x34, 0x41, 0x32, 0x4e, 0x4d, 0x33, 0x67, 0x46, 0x57,
0x46, 0x63, 0x56, 0x56, 0x44, 0x75, 0x46, 0x61, 0x73, 0x6b, 0x32, 0x2f,
0x44, 0x45, 0x48, 0x63, 0x67, 0x78, 0x2b, 0x55, 0x47, 0x4f, 0x74, 0x61,
0x48, 0x4a, 0x74, 0x73, 0x36, 0x0a, 0x51, 0x76, 0x69, 0x54, 0x6d, 0x39,
0x37, 0x5a, 0x63, 0x78, 0x55, 0x67, 0x34, 0x51, 0x49, 0x44, 0x41, 0x51,
0x41, 0x42, 0x6f, 0x34, 0x47, 0x58, 0x4d, 0x49, 0x47, 0x55, 0x4d, 0x41,
0x38, 0x47, 0x41, 0x31, 0x55, 0x64, 0x45, 0x77, 0x45, 0x42, 0x2f, 0x77,
0x51, 0x46, 0x4d, 0x41, 0x4d, 0x42, 0x41, 0x66, 0x38, 0x77, 0x44, 0x67,
0x59, 0x44, 0x56, 0x52, 0x30, 0x50, 0x41, 0x51, 0x48, 0x2f, 0x0a, 0x42,
0x41, 0x51, 0x44, 0x41, 0x67, 0x4b, 0x45, 0x4d, 0x42, 0x4d, 0x47, 0x41,
0x31, 0x55, 0x64, 0x4a, 0x51, 0x51, 0x4d, 0x4d, 0x41, 0x6f, 0x47, 0x43,
0x43, 0x73, 0x47, 0x41, 0x51, 0x55, 0x46, 0x42, 0x77, 0x4d, 0x44, 0x4d,
0x42, 0x49, 0x47, 0x43, 0x53, 0x71, 0x47, 0x53, 0x49, 0x62, 0x33, 0x59,
0x32, 0x51, 0x47, 0x46, 0x67, 0x45, 0x42, 0x2f, 0x77, 0x51, 0x43, 0x42,
0x51, 0x41, 0x77, 0x0a, 0x45, 0x77, 0x59, 0x4b, 0x4b, 0x6f, 0x5a, 0x49,
0x68, 0x76, 0x64, 0x6a, 0x5a, 0x41, 0x59, 0x42, 0x41, 0x77, 0x45, 0x42,
0x2f, 0x77, 0x51, 0x43, 0x42, 0x51, 0x41, 0x77, 0x46, 0x41, 0x59, 0x4c,
0x4b, 0x6f, 0x5a, 0x49, 0x68, 0x76, 0x64, 0x6a, 0x5a, 0x41, 0x59, 0x42,
0x47, 0x51, 0x45, 0x42, 0x41, 0x66, 0x38, 0x45, 0x41, 0x67, 0x55, 0x41,
0x4d, 0x42, 0x30, 0x47, 0x41, 0x31, 0x55, 0x64, 0x0a, 0x44, 0x67, 0x51,
0x57, 0x42, 0x42, 0x54, 0x42, 0x46, 0x75, 0x62, 0x4e, 0x57, 0x64, 0x4c,
0x6d, 0x6a, 0x5a, 0x74, 0x51, 0x78, 0x31, 0x46, 0x33, 0x70, 0x49, 0x46,
0x6c, 0x67, 0x52, 0x53, 0x32, 0x34, 0x54, 0x41, 0x4e, 0x42, 0x67, 0x6b,
0x71, 0x68, 0x6b, 0x69, 0x47, 0x39, 0x77, 0x30, 0x42, 0x41, 0x51, 0x73,
0x46, 0x41, 0x41, 0x4f, 0x43, 0x41, 0x51, 0x45, 0x41, 0x4b, 0x78, 0x4d,
0x6d, 0x0a, 0x50, 0x32, 0x41, 0x68, 0x4e, 0x4a, 0x5a, 0x55, 0x35, 0x54,
0x49, 0x72, 0x4a, 0x71, 0x75, 0x6e, 0x6b, 0x78, 0x4d, 0x48, 0x75, 0x59,
0x71, 0x57, 0x6c, 0x38, 0x67, 0x56, 0x67, 0x32, 0x4f, 0x64, 0x6d, 0x48,
0x39, 0x33, 0x52, 0x49, 0x78, 0x66, 0x63, 0x32, 0x47, 0x4d, 0x4b, 0x6a,
0x4a, 0x58, 0x4e, 0x43, 0x61, 0x37, 0x43, 0x6e, 0x4b, 0x43, 0x6c, 0x68,
0x55, 0x4d, 0x79, 0x43, 0x6b, 0x70, 0x0a, 0x6f, 0x6f, 0x61, 0x6f, 0x76,
0x41, 0x55, 0x66, 0x59, 0x66, 0x65, 0x6c, 0x6f, 0x61, 0x39, 0x76, 0x7a,
0x6a, 0x72, 0x6d, 0x50, 0x6b, 0x35, 0x53, 0x4d, 0x67, 0x55, 0x4d, 0x43,
0x73, 0x55, 0x54, 0x4b, 0x5a, 0x6f, 0x73, 0x39, 0x50, 0x58, 0x76, 0x7a,
0x57, 0x4e, 0x56, 0x77, 0x72, 0x61, 0x6b, 0x76, 0x71, 0x39, 0x7a, 0x74,
0x6d, 0x74, 0x30, 0x6f, 0x46, 0x39, 0x34, 0x64, 0x53, 0x64, 0x6e, 0x0a,
0x74, 0x7a, 0x56, 0x37, 0x33, 0x54, 0x34, 0x45, 0x4d, 0x4d, 0x2f, 0x56,
0x73, 0x33, 0x31, 0x41, 0x4b, 0x37, 0x63, 0x4a, 0x4e, 0x70, 0x46, 0x5a,
0x34, 0x68, 0x34, 0x57, 0x5a, 0x54, 0x43, 0x49, 0x6d, 0x34, 0x6b, 0x78,
0x33, 0x55, 0x65, 0x32, 0x47, 0x54, 0x68, 0x32, 0x61, 0x4e, 0x47, 0x4a,
0x52, 0x50, 0x54, 0x6a, 0x78, 0x54, 0x73, 0x36, 0x76, 0x73, 0x50, 0x78,
0x38, 0x68, 0x2b, 0x58, 0x0a, 0x6b, 0x45, 0x66, 0x44, 0x70, 0x77, 0x30,
0x5a, 0x4c, 0x35, 0x39, 0x4a, 0x54, 0x4b, 0x6e, 0x78, 0x47, 0x6a, 0x53,
0x72, 0x38, 0x4d, 0x41, 0x59, 0x64, 0x7a, 0x7a, 0x56, 0x31, 0x4f, 0x59,
0x4b, 0x34, 0x45, 0x67, 0x37, 0x67, 0x52, 0x57, 0x77, 0x6d, 0x79, 0x6b,
0x49, 0x56, 0x4f, 0x6a, 0x57, 0x45, 0x2b, 0x76, 0x71, 0x66, 0x44, 0x68,
0x4b, 0x4e, 0x64, 0x50, 0x6f, 0x48, 0x52, 0x4b, 0x45, 0x0a, 0x6c, 0x6d,
0x7a, 0x41, 0x46, 0x79, 0x4d, 0x34, 0x78, 0x69, 0x55, 0x67, 0x2f, 0x6b,
0x54, 0x6a, 0x6c, 0x6d, 0x7a, 0x55, 0x6f, 0x46, 0x56, 0x50, 0x73, 0x58,
0x46, 0x4e, 0x6b, 0x35, 0x6b, 0x42, 0x4f, 0x4d, 0x6a, 0x51, 0x61, 0x35,
0x61, 0x49, 0x79, 0x35, 0x36, 0x32, 0x57, 0x37, 0x5a, 0x43, 0x75, 0x75,
0x4a, 0x4f, 0x33, 0x78, 0x41, 0x59, 0x4b, 0x61, 0x61, 0x6d, 0x73, 0x63,
0x65, 0x2f, 0x0a, 0x58, 0x78, 0x44, 0x6a, 0x6e, 0x6c, 0x75, 0x62, 0x47,
0x70, 0x67, 0x44, 0x53, 0x6e, 0x4c, 0x67, 0x47, 0x41, 0x3d, 0x3d, 0x0a,
0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52,
0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d,
0x2d, 0x0a
};
unsigned int CACertLength = 1310;
unsigned char CAKey[] = {
0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x50,
0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4b, 0x45, 0x59, 0x2d, 0x2d,
0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x49, 0x49, 0x45, 0x76, 0x51, 0x49, 0x42,
0x41, 0x44, 0x41, 0x4e, 0x42, 0x67, 0x6b, 0x71, 0x68, 0x6b, 0x69, 0x47,
0x39, 0x77, 0x30, 0x42, 0x41, 0x51, 0x45, 0x46, 0x41, 0x41, 0x53, 0x43,
0x42, 0x4b, 0x63, 0x77, 0x67, 0x67, 0x53, 0x6a, 0x41, 0x67, 0x45, 0x41,
0x41, 0x6f, 0x49, 0x42, 0x41, 0x51, 0x44, 0x32, 0x75, 0x58, 0x2f, 0x6f,
0x69, 0x4f, 0x30, 0x38, 0x4f, 0x59, 0x54, 0x4c, 0x0a, 0x6a, 0x56, 0x52,
0x6c, 0x4c, 0x78, 0x35, 0x63, 0x6c, 0x57, 0x37, 0x63, 0x6c, 0x47, 0x62,
0x57, 0x71, 0x58, 0x6a, 0x33, 0x4f, 0x37, 0x37, 0x6e, 0x36, 0x6d, 0x77,
0x55, 0x48, 0x6c, 0x58, 0x39, 0x6c, 0x68, 0x4b, 0x50, 0x6b, 0x42, 0x6f,
0x63, 0x73, 0x48, 0x63, 0x42, 0x6d, 0x50, 0x48, 0x76, 0x57, 0x38, 0x68,
0x48, 0x74, 0x53, 0x74, 0x4c, 0x38, 0x34, 0x64, 0x33, 0x6b, 0x53, 0x78,
0x72, 0x0a, 0x71, 0x43, 0x55, 0x77, 0x61, 0x42, 0x66, 0x6f, 0x2b, 0x53,
0x2b, 0x38, 0x61, 0x58, 0x4b, 0x6f, 0x4f, 0x64, 0x49, 0x72, 0x32, 0x6f,
0x69, 0x50, 0x7a, 0x43, 0x62, 0x42, 0x49, 0x67, 0x56, 0x45, 0x4c, 0x71,
0x2b, 0x33, 0x35, 0x6a, 0x34, 0x36, 0x59, 0x39, 0x6b, 0x57, 0x47, 0x79,
0x69, 0x7a, 0x30, 0x6f, 0x45, 0x49, 0x75, 0x73, 0x6f, 0x45, 0x34, 0x4e,
0x4c, 0x38, 0x4d, 0x6a, 0x57, 0x58, 0x0a, 0x66, 0x38, 0x53, 0x7a, 0x4d,
0x68, 0x70, 0x6f, 0x38, 0x56, 0x33, 0x4b, 0x59, 0x63, 0x67, 0x32, 0x38,
0x48, 0x51, 0x62, 0x59, 0x6a, 0x32, 0x63, 0x37, 0x43, 0x44, 0x38, 0x67,
0x6b, 0x6c, 0x71, 0x68, 0x72, 0x48, 0x32, 0x72, 0x52, 0x7a, 0x56, 0x66,
0x68, 0x41, 0x65, 0x4e, 0x71, 0x72, 0x6c, 0x54, 0x73, 0x47, 0x6b, 0x41,
0x2b, 0x5a, 0x4a, 0x67, 0x39, 0x5a, 0x69, 0x2b, 0x59, 0x4a, 0x37, 0x0a,
0x58, 0x54, 0x61, 0x42, 0x63, 0x64, 0x55, 0x2f, 0x32, 0x5a, 0x6a, 0x33,
0x59, 0x4a, 0x61, 0x62, 0x69, 0x51, 0x32, 0x47, 0x65, 0x43, 0x79, 0x7a,
0x6b, 0x75, 0x42, 0x34, 0x67, 0x6e, 0x74, 0x63, 0x41, 0x6b, 0x39, 0x65,
0x64, 0x58, 0x55, 0x45, 0x71, 0x7a, 0x71, 0x4c, 0x4f, 0x4f, 0x39, 0x4f,
0x6d, 0x55, 0x52, 0x62, 0x41, 0x65, 0x46, 0x6e, 0x7a, 0x58, 0x74, 0x57,
0x73, 0x74, 0x6b, 0x43, 0x0a, 0x5a, 0x4a, 0x77, 0x58, 0x50, 0x6f, 0x31,
0x39, 0x73, 0x36, 0x41, 0x4b, 0x57, 0x2b, 0x55, 0x49, 0x71, 0x32, 0x71,
0x45, 0x6a, 0x67, 0x44, 0x59, 0x30, 0x7a, 0x65, 0x41, 0x56, 0x59, 0x56,
0x78, 0x56, 0x55, 0x4f, 0x34, 0x56, 0x71, 0x79, 0x54, 0x62, 0x38, 0x4d,
0x51, 0x64, 0x79, 0x44, 0x48, 0x35, 0x51, 0x59, 0x36, 0x31, 0x6f, 0x63,
0x6d, 0x32, 0x7a, 0x70, 0x43, 0x2b, 0x4a, 0x4f, 0x62, 0x0a, 0x33, 0x74,
0x6c, 0x7a, 0x46, 0x53, 0x44, 0x68, 0x41, 0x67, 0x4d, 0x42, 0x41, 0x41,
0x45, 0x43, 0x67, 0x67, 0x45, 0x41, 0x41, 0x65, 0x58, 0x78, 0x52, 0x6e,
0x53, 0x42, 0x2f, 0x49, 0x42, 0x35, 0x36, 0x59, 0x76, 0x68, 0x4f, 0x54,
0x42, 0x78, 0x74, 0x61, 0x4d, 0x30, 0x7a, 0x37, 0x32, 0x30, 0x72, 0x54,
0x68, 0x76, 0x59, 0x73, 0x6e, 0x51, 0x36, 0x78, 0x6c, 0x74, 0x4a, 0x71,
0x49, 0x5a, 0x0a, 0x66, 0x64, 0x53, 0x52, 0x47, 0x4d, 0x32, 0x61, 0x54,
0x56, 0x50, 0x6b, 0x58, 0x51, 0x44, 0x51, 0x64, 0x50, 0x4f, 0x30, 0x47,
0x71, 0x7a, 0x68, 0x72, 0x2f, 0x31, 0x51, 0x45, 0x71, 0x6a, 0x31, 0x54,
0x6b, 0x42, 0x63, 0x56, 0x61, 0x4d, 0x5a, 0x34, 0x72, 0x34, 0x43, 0x7a,
0x6e, 0x71, 0x53, 0x56, 0x6a, 0x6e, 0x77, 0x61, 0x48, 0x76, 0x6e, 0x57,
0x4d, 0x47, 0x67, 0x6e, 0x31, 0x51, 0x56, 0x0a, 0x35, 0x62, 0x6c, 0x39,
0x47, 0x71, 0x74, 0x69, 0x32, 0x58, 0x32, 0x33, 0x32, 0x34, 0x4d, 0x6d,
0x79, 0x75, 0x77, 0x69, 0x31, 0x2f, 0x4b, 0x52, 0x74, 0x41, 0x51, 0x58,
0x72, 0x48, 0x62, 0x39, 0x6a, 0x59, 0x42, 0x76, 0x4c, 0x73, 0x53, 0x6a,
0x45, 0x6c, 0x46, 0x50, 0x31, 0x43, 0x4d, 0x67, 0x70, 0x47, 0x39, 0x51,
0x2b, 0x64, 0x35, 0x56, 0x69, 0x48, 0x54, 0x69, 0x76, 0x37, 0x57, 0x55,
0x0a, 0x4b, 0x56, 0x77, 0x55, 0x64, 0x62, 0x67, 0x67, 0x6a, 0x50, 0x56,
0x66, 0x6e, 0x44, 0x6b, 0x43, 0x70, 0x6c, 0x68, 0x74, 0x5a, 0x6b, 0x56,
0x56, 0x6d, 0x43, 0x53, 0x47, 0x63, 0x76, 0x32, 0x74, 0x5a, 0x73, 0x39,
0x77, 0x6a, 0x41, 0x62, 0x61, 0x31, 0x49, 0x74, 0x6e, 0x76, 0x35, 0x74,
0x30, 0x6e, 0x4e, 0x51, 0x34, 0x37, 0x74, 0x63, 0x4a, 0x4e, 0x74, 0x71,
0x48, 0x35, 0x42, 0x4f, 0x6a, 0x0a, 0x32, 0x66, 0x2b, 0x75, 0x2b, 0x6e,
0x35, 0x44, 0x51, 0x31, 0x33, 0x46, 0x4a, 0x74, 0x4b, 0x70, 0x37, 0x33,
0x73, 0x6a, 0x4a, 0x4c, 0x77, 0x54, 0x7a, 0x4a, 0x43, 0x4c, 0x6a, 0x46,
0x4f, 0x4b, 0x68, 0x66, 0x5a, 0x6d, 0x46, 0x51, 0x6f, 0x4f, 0x70, 0x54,
0x65, 0x75, 0x71, 0x53, 0x2f, 0x70, 0x53, 0x68, 0x56, 0x38, 0x50, 0x6c,
0x5a, 0x6a, 0x7a, 0x55, 0x79, 0x5a, 0x56, 0x62, 0x72, 0x70, 0x0a, 0x59,
0x35, 0x68, 0x64, 0x58, 0x48, 0x50, 0x32, 0x53, 0x35, 0x4b, 0x76, 0x4d,
0x76, 0x59, 0x67, 0x32, 0x77, 0x33, 0x44, 0x77, 0x38, 0x6b, 0x74, 0x2f,
0x53, 0x63, 0x69, 0x44, 0x57, 0x6a, 0x57, 0x47, 0x42, 0x69, 0x38, 0x6e,
0x33, 0x6a, 0x50, 0x77, 0x51, 0x4b, 0x42, 0x67, 0x51, 0x44, 0x2b, 0x36,
0x55, 0x47, 0x6d, 0x48, 0x31, 0x4a, 0x73, 0x31, 0x56, 0x68, 0x75, 0x48,
0x2b, 0x71, 0x4a, 0x0a, 0x56, 0x35, 0x53, 0x6f, 0x66, 0x31, 0x2b, 0x31,
0x6f, 0x6b, 0x48, 0x52, 0x33, 0x50, 0x53, 0x33, 0x75, 0x4c, 0x6e, 0x4a,
0x79, 0x33, 0x6a, 0x46, 0x31, 0x44, 0x73, 0x67, 0x51, 0x33, 0x48, 0x38,
0x75, 0x56, 0x51, 0x2b, 0x6d, 0x45, 0x33, 0x34, 0x79, 0x53, 0x69, 0x59,
0x52, 0x74, 0x6e, 0x6a, 0x4c, 0x6b, 0x6e, 0x63, 0x42, 0x71, 0x65, 0x79,
0x5a, 0x68, 0x56, 0x50, 0x6f, 0x52, 0x68, 0x79, 0x0a, 0x64, 0x64, 0x55,
0x47, 0x39, 0x56, 0x43, 0x75, 0x2f, 0x7a, 0x44, 0x52, 0x50, 0x6c, 0x49,
0x6d, 0x58, 0x64, 0x5a, 0x75, 0x39, 0x51, 0x4e, 0x56, 0x36, 0x32, 0x59,
0x43, 0x6d, 0x38, 0x2b, 0x73, 0x43, 0x6b, 0x4e, 0x57, 0x32, 0x49, 0x2f,
0x64, 0x52, 0x73, 0x6d, 0x2b, 0x71, 0x72, 0x54, 0x46, 0x70, 0x72, 0x6a,
0x35, 0x5a, 0x45, 0x66, 0x78, 0x45, 0x41, 0x39, 0x6f, 0x4e, 0x7a, 0x57,
0x6a, 0x0a, 0x4d, 0x50, 0x4d, 0x6d, 0x6c, 0x51, 0x59, 0x6c, 0x33, 0x38,
0x54, 0x74, 0x77, 0x70, 0x6f, 0x33, 0x2b, 0x6d, 0x6a, 0x46, 0x30, 0x6b,
0x70, 0x6c, 0x6f, 0x51, 0x4b, 0x42, 0x67, 0x51, 0x44, 0x33, 0x78, 0x30,
0x71, 0x51, 0x61, 0x4e, 0x57, 0x50, 0x67, 0x73, 0x65, 0x58, 0x55, 0x48,
0x42, 0x47, 0x66, 0x2b, 0x36, 0x4e, 0x34, 0x58, 0x54, 0x64, 0x79, 0x39,
0x55, 0x45, 0x73, 0x4a, 0x70, 0x47, 0x0a, 0x47, 0x42, 0x41, 0x5a, 0x79,
0x36, 0x34, 0x57, 0x42, 0x6a, 0x47, 0x34, 0x46, 0x4f, 0x6e, 0x50, 0x47,
0x4e, 0x4a, 0x71, 0x6c, 0x38, 0x34, 0x75, 0x39, 0x55, 0x45, 0x55, 0x6c,
0x78, 0x39, 0x6a, 0x69, 0x79, 0x75, 0x4b, 0x42, 0x57, 0x70, 0x57, 0x2f,
0x31, 0x6f, 0x6b, 0x44, 0x49, 0x48, 0x65, 0x70, 0x73, 0x42, 0x57, 0x52,
0x75, 0x45, 0x4d, 0x51, 0x67, 0x4a, 0x72, 0x6a, 0x59, 0x44, 0x33, 0x0a,
0x62, 0x37, 0x36, 0x77, 0x4a, 0x2b, 0x75, 0x42, 0x7a, 0x2f, 0x75, 0x6d,
0x47, 0x50, 0x6f, 0x50, 0x56, 0x4f, 0x32, 0x49, 0x2f, 0x79, 0x53, 0x54,
0x52, 0x47, 0x67, 0x66, 0x37, 0x5a, 0x70, 0x34, 0x47, 0x74, 0x50, 0x6f,
0x54, 0x67, 0x58, 0x68, 0x54, 0x65, 0x72, 0x37, 0x58, 0x79, 0x42, 0x73,
0x57, 0x49, 0x75, 0x78, 0x55, 0x78, 0x32, 0x2f, 0x48, 0x5a, 0x31, 0x58,
0x6f, 0x6a, 0x78, 0x65, 0x0a, 0x37, 0x75, 0x54, 0x37, 0x41, 0x6b, 0x70,
0x7a, 0x51, 0x51, 0x4b, 0x42, 0x67, 0x42, 0x46, 0x4b, 0x42, 0x73, 0x37,
0x61, 0x6e, 0x76, 0x2b, 0x4d, 0x74, 0x4e, 0x4f, 0x37, 0x54, 0x48, 0x41,
0x47, 0x52, 0x61, 0x6e, 0x73, 0x41, 0x62, 0x54, 0x54, 0x44, 0x58, 0x33,
0x4c, 0x61, 0x37, 0x6d, 0x75, 0x53, 0x4d, 0x4f, 0x63, 0x44, 0x6c, 0x50,
0x30, 0x6f, 0x68, 0x48, 0x39, 0x49, 0x52, 0x55, 0x51, 0x0a, 0x43, 0x4e,
0x75, 0x35, 0x2f, 0x73, 0x66, 0x5a, 0x39, 0x4f, 0x76, 0x6e, 0x47, 0x6b,
0x34, 0x6a, 0x54, 0x4a, 0x55, 0x6b, 0x79, 0x6d, 0x6a, 0x36, 0x4c, 0x59,
0x58, 0x61, 0x47, 0x6b, 0x74, 0x68, 0x48, 0x4a, 0x4b, 0x39, 0x50, 0x72,
0x79, 0x76, 0x79, 0x45, 0x4c, 0x59, 0x35, 0x44, 0x39, 0x2f, 0x36, 0x39,
0x52, 0x59, 0x76, 0x2b, 0x49, 0x71, 0x39, 0x68, 0x39, 0x46, 0x4c, 0x42,
0x2b, 0x79, 0x0a, 0x44, 0x6f, 0x45, 0x73, 0x62, 0x51, 0x32, 0x49, 0x43,
0x4a, 0x54, 0x72, 0x42, 0x52, 0x6e, 0x47, 0x78, 0x68, 0x4c, 0x38, 0x4c,
0x7a, 0x6a, 0x31, 0x61, 0x75, 0x59, 0x5a, 0x6f, 0x49, 0x53, 0x79, 0x42,
0x44, 0x76, 0x67, 0x72, 0x61, 0x73, 0x52, 0x38, 0x30, 0x78, 0x67, 0x2f,
0x34, 0x36, 0x2b, 0x61, 0x43, 0x37, 0x4b, 0x70, 0x59, 0x73, 0x68, 0x41,
0x6f, 0x47, 0x41, 0x47, 0x44, 0x52, 0x4e, 0x0a, 0x6f, 0x6d, 0x47, 0x37,
0x53, 0x76, 0x4f, 0x5a, 0x6a, 0x37, 0x78, 0x35, 0x32, 0x30, 0x6b, 0x77,
0x41, 0x6f, 0x67, 0x64, 0x70, 0x48, 0x54, 0x2b, 0x38, 0x43, 0x42, 0x59,
0x55, 0x62, 0x53, 0x55, 0x44, 0x68, 0x45, 0x4a, 0x68, 0x6e, 0x6c, 0x41,
0x62, 0x68, 0x30, 0x4d, 0x34, 0x67, 0x41, 0x6f, 0x76, 0x65, 0x54, 0x71,
0x62, 0x55, 0x66, 0x6a, 0x2f, 0x61, 0x44, 0x74, 0x6e, 0x67, 0x6e, 0x41,
0x0a, 0x54, 0x52, 0x46, 0x4f, 0x58, 0x41, 0x56, 0x42, 0x78, 0x76, 0x65,
0x35, 0x30, 0x41, 0x67, 0x32, 0x44, 0x62, 0x65, 0x4b, 0x30, 0x47, 0x6d,
0x36, 0x56, 0x73, 0x74, 0x52, 0x35, 0x39, 0x6e, 0x77, 0x70, 0x4d, 0x43,
0x68, 0x6a, 0x75, 0x4c, 0x45, 0x55, 0x47, 0x74, 0x73, 0x4d, 0x67, 0x63,
0x33, 0x31, 0x51, 0x51, 0x6e, 0x6a, 0x49, 0x4e, 0x49, 0x4d, 0x4b, 0x5a,
0x44, 0x53, 0x71, 0x78, 0x45, 0x0a, 0x4f, 0x78, 0x4d, 0x30, 0x47, 0x39,
0x68, 0x43, 0x74, 0x68, 0x2b, 0x4b, 0x79, 0x55, 0x71, 0x31, 0x43, 0x72,
0x4e, 0x31, 0x32, 0x6d, 0x2b, 0x49, 0x4b, 0x55, 0x46, 0x64, 0x36, 0x47,
0x41, 0x70, 0x32, 0x69, 0x4e, 0x56, 0x4a, 0x6f, 0x45, 0x43, 0x67, 0x59,
0x45, 0x41, 0x77, 0x34, 0x47, 0x6f, 0x44, 0x49, 0x77, 0x54, 0x59, 0x4e,
0x65, 0x63, 0x4e, 0x48, 0x5a, 0x45, 0x58, 0x6e, 0x36, 0x62, 0x0a, 0x76,
0x44, 0x51, 0x66, 0x73, 0x6e, 0x64, 0x34, 0x44, 0x30, 0x50, 0x58, 0x4c,
0x75, 0x52, 0x63, 0x35, 0x64, 0x70, 0x77, 0x46, 0x2f, 0x6a, 0x53, 0x33,
0x6d, 0x4a, 0x33, 0x6f, 0x74, 0x61, 0x6a, 0x7a, 0x79, 0x39, 0x59, 0x6a,
0x76, 0x4c, 0x6c, 0x7a, 0x75, 0x55, 0x38, 0x70, 0x43, 0x46, 0x36, 0x45,
0x45, 0x48, 0x70, 0x57, 0x6e, 0x71, 0x55, 0x54, 0x47, 0x69, 0x74, 0x51,
0x69, 0x58, 0x36, 0x0a, 0x33, 0x76, 0x69, 0x69, 0x79, 0x71, 0x6d, 0x34,
0x2f, 0x65, 0x30, 0x75, 0x36, 0x4a, 0x66, 0x30, 0x72, 0x55, 0x2f, 0x78,
0x71, 0x46, 0x49, 0x54, 0x65, 0x4a, 0x37, 0x6b, 0x43, 0x6a, 0x37, 0x73,
0x73, 0x32, 0x4e, 0x68, 0x53, 0x79, 0x54, 0x54, 0x34, 0x6a, 0x51, 0x30,
0x33, 0x36, 0x76, 0x39, 0x57, 0x65, 0x50, 0x55, 0x69, 0x70, 0x34, 0x44,
0x7a, 0x6c, 0x59, 0x6c, 0x65, 0x2f, 0x72, 0x79, 0x0a, 0x59, 0x43, 0x64,
0x56, 0x73, 0x63, 0x5a, 0x59, 0x31, 0x61, 0x38, 0x73, 0x46, 0x34, 0x73,
0x36, 0x74, 0x6e, 0x36, 0x64, 0x48, 0x75, 0x4d, 0x3d, 0x0a, 0x2d, 0x2d,
0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x50, 0x52, 0x49, 0x56, 0x41,
0x54, 0x45, 0x20, 0x4b, 0x45, 0x59, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a
};
unsigned int CAKeyLength = 1704;

35
Exploits/fastPathSign/src/Templates/DERTemplate.h
View File

@ -1,35 +0,0 @@
#include <stdint.h>
/*
SEQUENCE (2 bytes)
OBJECT IDENTIFIER (2+5 bytes) 1.3.14.3.2.26 (sha1)
OCTET STRING (2+20 bytes) <SHA1 CDHash>
SEQUENCE (2 bytes)
OBJECT IDENTIFIER (2+9 bytes) 2.16.840.1.101.3.4.2.1 (sha256)
OCTET STRING (2+32 bytes) <SHA256 CDHash>
*/
uint8_t CDHashesDERTemplate[] = {
/* SEQUENCE (2 bytes) */
0x30, 0x1D,
/* OBJECT IDENTIFIER (2+5 bytes) */
0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A,
/* OCTET STRING (2+20 bytes) */
0x04, 0x14,
/* SHA1 CDHash goes here */
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
/* SEQUENCE (2 bytes) */
0x30, 0x2D,
/* OBJECT IDENTIFIER (2+9 bytes) */
0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
/* OCTET STRING (2+32 bytes) */
0x04, 0x20,
/* SHA256 CDHash goes here */
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
#define CDHASHES_DER_SIZE 78
#define CDHASHES_DER_SHA1_OFFSET 11
#define CDHASHES_DER_SHA256_OFFSET 46

8
Exploits/fastPathSign/src/Templates/DecryptedSignature.h Normal file
View File

@ -0,0 +1,8 @@
unsigned char DecryptedSignature[] = {
0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20, 0xe2, 0x34, 0xf9, 0x25, 0x65,
0xa4, 0x33, 0xb7, 0x13, 0x67, 0xc8, 0x63, 0x93, 0xdc, 0x41, 0xaa, 0xc4,
0x0e, 0x76, 0xa0, 0x80, 0x29, 0x8b, 0x38, 0x9e, 0xc5, 0x6d, 0xd6, 0xba,
0xef, 0xbf, 0x0d
};
unsigned int DecryptedSignature_len = 51;

145
Exploits/fastPathSign/src/Templates/PrivateKey.h Normal file
View File

@ -0,0 +1,145 @@
unsigned char CAKey[] = {
0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x50,
0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4b, 0x45, 0x59, 0x2d, 0x2d,
0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x49, 0x49, 0x45, 0x76, 0x51, 0x49, 0x42,
0x41, 0x44, 0x41, 0x4e, 0x42, 0x67, 0x6b, 0x71, 0x68, 0x6b, 0x69, 0x47,
0x39, 0x77, 0x30, 0x42, 0x41, 0x51, 0x45, 0x46, 0x41, 0x41, 0x53, 0x43,
0x42, 0x4b, 0x63, 0x77, 0x67, 0x67, 0x53, 0x6a, 0x41, 0x67, 0x45, 0x41,
0x41, 0x6f, 0x49, 0x42, 0x41, 0x51, 0x43, 0x2b, 0x45, 0x79, 0x35, 0x49,
0x69, 0x68, 0x4b, 0x59, 0x57, 0x55, 0x39, 0x50, 0x0a, 0x58, 0x31, 0x76,
0x52, 0x54, 0x35, 0x64, 0x63, 0x37, 0x65, 0x6a, 0x57, 0x51, 0x2b, 0x6b,
0x2b, 0x4a, 0x6f, 0x49, 0x34, 0x49, 0x68, 0x68, 0x57, 0x52, 0x53, 0x48,
0x32, 0x38, 0x4c, 0x6a, 0x50, 0x34, 0x32, 0x6f, 0x58, 0x33, 0x38, 0x35,
0x79, 0x62, 0x61, 0x32, 0x6f, 0x66, 0x54, 0x48, 0x35, 0x6f, 0x55, 0x70,
0x7a, 0x37, 0x67, 0x64, 0x4c, 0x6c, 0x61, 0x68, 0x59, 0x44, 0x67, 0x58,
0x5a, 0x0a, 0x42, 0x31, 0x73, 0x39, 0x52, 0x37, 0x76, 0x4f, 0x66, 0x58,
0x35, 0x4c, 0x4d, 0x48, 0x62, 0x6b, 0x35, 0x43, 0x71, 0x66, 0x53, 0x45,
0x59, 0x38, 0x36, 0x43, 0x50, 0x72, 0x61, 0x38, 0x65, 0x76, 0x31, 0x57,
0x51, 0x6a, 0x5a, 0x76, 0x38, 0x6c, 0x32, 0x6d, 0x70, 0x2b, 0x6c, 0x54,
0x37, 0x44, 0x44, 0x65, 0x62, 0x47, 0x42, 0x70, 0x44, 0x47, 0x69, 0x69,
0x38, 0x66, 0x79, 0x32, 0x4f, 0x49, 0x0a, 0x6f, 0x44, 0x79, 0x64, 0x79,
0x6f, 0x56, 0x6e, 0x67, 0x47, 0x37, 0x68, 0x54, 0x72, 0x64, 0x68, 0x2f,
0x6f, 0x47, 0x4c, 0x55, 0x77, 0x63, 0x30, 0x56, 0x6c, 0x69, 0x6d, 0x52,
0x6c, 0x68, 0x67, 0x4a, 0x45, 0x53, 0x73, 0x70, 0x31, 0x79, 0x36, 0x71,
0x38, 0x46, 0x30, 0x62, 0x56, 0x79, 0x42, 0x34, 0x68, 0x75, 0x34, 0x4f,
0x6f, 0x66, 0x73, 0x43, 0x49, 0x61, 0x64, 0x68, 0x76, 0x6e, 0x4a, 0x0a,
0x44, 0x46, 0x33, 0x30, 0x58, 0x4e, 0x6e, 0x34, 0x65, 0x6e, 0x34, 0x67,
0x70, 0x5a, 0x56, 0x53, 0x63, 0x45, 0x76, 0x30, 0x6c, 0x6e, 0x37, 0x6b,
0x4d, 0x42, 0x45, 0x76, 0x58, 0x42, 0x6b, 0x4f, 0x70, 0x6d, 0x75, 0x58,
0x55, 0x6d, 0x6a, 0x58, 0x31, 0x32, 0x66, 0x70, 0x6b, 0x64, 0x72, 0x71,
0x79, 0x39, 0x52, 0x77, 0x75, 0x68, 0x45, 0x49, 0x75, 0x46, 0x53, 0x34,
0x53, 0x47, 0x46, 0x43, 0x0a, 0x34, 0x4b, 0x35, 0x54, 0x49, 0x38, 0x41,
0x58, 0x76, 0x57, 0x32, 0x78, 0x70, 0x52, 0x4f, 0x67, 0x5a, 0x62, 0x58,
0x71, 0x6b, 0x5a, 0x71, 0x6c, 0x4c, 0x34, 0x37, 0x43, 0x4f, 0x35, 0x46,
0x77, 0x6e, 0x5a, 0x35, 0x75, 0x6e, 0x7a, 0x35, 0x6e, 0x30, 0x39, 0x64,
0x69, 0x4f, 0x39, 0x79, 0x57, 0x48, 0x76, 0x4d, 0x4c, 0x52, 0x36, 0x38,
0x6d, 0x50, 0x4e, 0x30, 0x4f, 0x41, 0x4c, 0x39, 0x76, 0x0a, 0x4a, 0x4a,
0x34, 0x48, 0x50, 0x4f, 0x56, 0x64, 0x41, 0x67, 0x4d, 0x42, 0x41, 0x41,
0x45, 0x43, 0x67, 0x67, 0x45, 0x41, 0x42, 0x33, 0x73, 0x44, 0x52, 0x51,
0x30, 0x55, 0x44, 0x73, 0x56, 0x6a, 0x43, 0x75, 0x31, 0x6d, 0x6c, 0x47,
0x34, 0x45, 0x74, 0x37, 0x35, 0x51, 0x50, 0x64, 0x43, 0x46, 0x35, 0x7a,
0x47, 0x47, 0x53, 0x66, 0x58, 0x44, 0x6a, 0x65, 0x2b, 0x69, 0x46, 0x74,
0x45, 0x69, 0x0a, 0x41, 0x4f, 0x4b, 0x44, 0x48, 0x43, 0x58, 0x74, 0x66,
0x74, 0x44, 0x6b, 0x74, 0x76, 0x38, 0x59, 0x58, 0x71, 0x6e, 0x7a, 0x6e,
0x32, 0x7a, 0x6b, 0x67, 0x68, 0x76, 0x46, 0x65, 0x4a, 0x4f, 0x79, 0x74,
0x4c, 0x67, 0x6d, 0x70, 0x64, 0x71, 0x44, 0x49, 0x47, 0x30, 0x4e, 0x63,
0x61, 0x47, 0x61, 0x61, 0x45, 0x63, 0x33, 0x69, 0x7a, 0x58, 0x42, 0x74,
0x2b, 0x64, 0x74, 0x39, 0x48, 0x65, 0x31, 0x0a, 0x4c, 0x2b, 0x30, 0x65,
0x79, 0x41, 0x72, 0x6e, 0x61, 0x30, 0x4b, 0x31, 0x6b, 0x72, 0x35, 0x47,
0x62, 0x6c, 0x42, 0x48, 0x66, 0x77, 0x38, 0x6d, 0x6c, 0x76, 0x32, 0x38,
0x76, 0x59, 0x78, 0x59, 0x59, 0x6a, 0x6e, 0x6d, 0x4d, 0x4e, 0x4b, 0x56,
0x33, 0x66, 0x30, 0x75, 0x76, 0x2f, 0x54, 0x45, 0x59, 0x46, 0x6d, 0x76,
0x47, 0x50, 0x2f, 0x66, 0x52, 0x6e, 0x62, 0x49, 0x66, 0x65, 0x43, 0x77,
0x0a, 0x2f, 0x2b, 0x57, 0x57, 0x71, 0x37, 0x7a, 0x4c, 0x45, 0x7a, 0x55,
0x62, 0x73, 0x6d, 0x53, 0x46, 0x46, 0x68, 0x37, 0x52, 0x35, 0x77, 0x6d,
0x70, 0x37, 0x61, 0x62, 0x64, 0x58, 0x4a, 0x49, 0x72, 0x55, 0x59, 0x61,
0x67, 0x38, 0x38, 0x79, 0x76, 0x32, 0x57, 0x4b, 0x31, 0x4b, 0x71, 0x70,
0x50, 0x6d, 0x6c, 0x32, 0x61, 0x63, 0x78, 0x56, 0x65, 0x73, 0x38, 0x42,
0x73, 0x69, 0x34, 0x4b, 0x75, 0x0a, 0x2f, 0x4c, 0x35, 0x62, 0x46, 0x66,
0x59, 0x66, 0x50, 0x33, 0x50, 0x37, 0x5a, 0x45, 0x7a, 0x7a, 0x31, 0x55,
0x5a, 0x68, 0x34, 0x75, 0x47, 0x68, 0x49, 0x57, 0x6c, 0x53, 0x75, 0x77,
0x67, 0x4e, 0x71, 0x79, 0x71, 0x79, 0x4b, 0x67, 0x65, 0x62, 0x34, 0x31,
0x43, 0x78, 0x50, 0x53, 0x71, 0x63, 0x4c, 0x54, 0x63, 0x61, 0x30, 0x59,
0x38, 0x55, 0x34, 0x31, 0x62, 0x75, 0x76, 0x71, 0x4d, 0x46, 0x0a, 0x56,
0x63, 0x2b, 0x75, 0x31, 0x55, 0x2f, 0x34, 0x67, 0x6d, 0x54, 0x45, 0x58,
0x6e, 0x5a, 0x79, 0x46, 0x6b, 0x79, 0x47, 0x30, 0x34, 0x68, 0x57, 0x38,
0x4f, 0x64, 0x49, 0x49, 0x58, 0x51, 0x77, 0x67, 0x6a, 0x49, 0x78, 0x64,
0x48, 0x58, 0x58, 0x32, 0x51, 0x4b, 0x42, 0x67, 0x51, 0x44, 0x66, 0x64,
0x77, 0x63, 0x52, 0x4a, 0x50, 0x43, 0x2f, 0x49, 0x46, 0x30, 0x65, 0x31,
0x53, 0x75, 0x53, 0x0a, 0x66, 0x55, 0x4c, 0x65, 0x63, 0x31, 0x48, 0x65,
0x51, 0x56, 0x6d, 0x52, 0x74, 0x4b, 0x71, 0x6c, 0x35, 0x69, 0x6a, 0x50,
0x42, 0x5a, 0x5a, 0x6a, 0x37, 0x78, 0x2b, 0x73, 0x47, 0x49, 0x6b, 0x2f,
0x4e, 0x4d, 0x6f, 0x7a, 0x61, 0x6b, 0x70, 0x65, 0x2b, 0x4f, 0x69, 0x54,
0x62, 0x4f, 0x52, 0x37, 0x37, 0x70, 0x30, 0x39, 0x52, 0x2f, 0x2b, 0x62,
0x52, 0x71, 0x2b, 0x6f, 0x73, 0x61, 0x6c, 0x5a, 0x0a, 0x30, 0x56, 0x46,
0x59, 0x52, 0x30, 0x62, 0x42, 0x77, 0x4a, 0x6e, 0x66, 0x43, 0x36, 0x30,
0x36, 0x35, 0x54, 0x45, 0x39, 0x35, 0x48, 0x2b, 0x33, 0x75, 0x30, 0x57,
0x4e, 0x2f, 0x55, 0x50, 0x39, 0x4e, 0x58, 0x4b, 0x70, 0x4e, 0x49, 0x59,
0x71, 0x73, 0x43, 0x69, 0x4c, 0x53, 0x33, 0x57, 0x48, 0x67, 0x73, 0x62,
0x4e, 0x30, 0x43, 0x56, 0x46, 0x53, 0x54, 0x35, 0x76, 0x62, 0x76, 0x71,
0x31, 0x0a, 0x4a, 0x33, 0x50, 0x30, 0x77, 0x42, 0x41, 0x75, 0x2b, 0x2f,
0x6f, 0x34, 0x46, 0x35, 0x70, 0x6b, 0x70, 0x5a, 0x62, 0x36, 0x38, 0x34,
0x79, 0x4e, 0x78, 0x51, 0x4b, 0x42, 0x67, 0x51, 0x44, 0x5a, 0x76, 0x36,
0x52, 0x67, 0x79, 0x45, 0x47, 0x77, 0x53, 0x59, 0x56, 0x31, 0x49, 0x35,
0x63, 0x5a, 0x68, 0x2f, 0x66, 0x2b, 0x6f, 0x53, 0x49, 0x37, 0x74, 0x6b,
0x52, 0x62, 0x58, 0x74, 0x37, 0x46, 0x0a, 0x4e, 0x75, 0x2f, 0x71, 0x35,
0x66, 0x6f, 0x37, 0x58, 0x74, 0x54, 0x53, 0x6f, 0x38, 0x72, 0x53, 0x6a,
0x2f, 0x66, 0x79, 0x35, 0x35, 0x42, 0x6f, 0x58, 0x4c, 0x61, 0x7a, 0x53,
0x65, 0x61, 0x6e, 0x62, 0x68, 0x43, 0x58, 0x6e, 0x48, 0x39, 0x53, 0x67,
0x6f, 0x52, 0x77, 0x77, 0x56, 0x44, 0x49, 0x4a, 0x48, 0x2f, 0x42, 0x46,
0x35, 0x75, 0x6e, 0x74, 0x6e, 0x47, 0x72, 0x64, 0x5a, 0x64, 0x69, 0x0a,
0x47, 0x45, 0x56, 0x55, 0x4f, 0x4d, 0x53, 0x2b, 0x73, 0x70, 0x7a, 0x4b,
0x64, 0x42, 0x70, 0x4a, 0x49, 0x51, 0x43, 0x59, 0x4b, 0x38, 0x74, 0x54,
0x49, 0x62, 0x76, 0x78, 0x30, 0x4a, 0x4a, 0x68, 0x53, 0x66, 0x67, 0x7a,
0x44, 0x65, 0x68, 0x38, 0x4a, 0x64, 0x4f, 0x57, 0x56, 0x42, 0x68, 0x49,
0x43, 0x61, 0x51, 0x6f, 0x50, 0x31, 0x62, 0x71, 0x77, 0x36, 0x4a, 0x2b,
0x78, 0x71, 0x30, 0x35, 0x0a, 0x75, 0x4f, 0x37, 0x64, 0x70, 0x57, 0x6e,
0x4b, 0x75, 0x51, 0x4b, 0x42, 0x67, 0x47, 0x74, 0x77, 0x2b, 0x53, 0x37,
0x66, 0x43, 0x66, 0x6c, 0x37, 0x41, 0x41, 0x72, 0x52, 0x42, 0x33, 0x41,
0x5a, 0x56, 0x63, 0x74, 0x4b, 0x75, 0x76, 0x51, 0x58, 0x69, 0x34, 0x38,
0x6f, 0x78, 0x46, 0x75, 0x62, 0x65, 0x38, 0x64, 0x39, 0x73, 0x6a, 0x38,
0x2b, 0x4f, 0x34, 0x59, 0x74, 0x44, 0x65, 0x41, 0x62, 0x0a, 0x36, 0x35,
0x51, 0x6f, 0x36, 0x4c, 0x55, 0x64, 0x44, 0x41, 0x58, 0x46, 0x39, 0x31,
0x30, 0x32, 0x37, 0x74, 0x63, 0x47, 0x42, 0x50, 0x6d, 0x4e, 0x56, 0x4f,
0x76, 0x51, 0x37, 0x39, 0x48, 0x46, 0x65, 0x45, 0x7a, 0x76, 0x69, 0x43,
0x2b, 0x6b, 0x41, 0x4e, 0x64, 0x69, 0x37, 0x39, 0x6b, 0x2f, 0x56, 0x52,
0x75, 0x69, 0x2f, 0x31, 0x31, 0x42, 0x5a, 0x30, 0x48, 0x4c, 0x6f, 0x61,
0x4c, 0x65, 0x0a, 0x7a, 0x64, 0x42, 0x59, 0x39, 0x71, 0x45, 0x54, 0x72,
0x59, 0x71, 0x37, 0x72, 0x7a, 0x69, 0x47, 0x51, 0x6a, 0x75, 0x32, 0x64,
0x68, 0x55, 0x49, 0x45, 0x45, 0x4c, 0x58, 0x6f, 0x79, 0x62, 0x79, 0x58,
0x79, 0x67, 0x77, 0x4b, 0x42, 0x66, 0x50, 0x41, 0x78, 0x46, 0x78, 0x46,
0x38, 0x53, 0x49, 0x63, 0x54, 0x30, 0x62, 0x57, 0x46, 0x72, 0x5a, 0x41,
0x6f, 0x47, 0x41, 0x55, 0x6d, 0x69, 0x67, 0x0a, 0x4b, 0x6d, 0x79, 0x2f,
0x78, 0x35, 0x73, 0x62, 0x6f, 0x69, 0x69, 0x56, 0x44, 0x2f, 0x6d, 0x51,
0x6c, 0x74, 0x4b, 0x65, 0x35, 0x53, 0x42, 0x6e, 0x49, 0x48, 0x6c, 0x34,
0x4d, 0x41, 0x56, 0x4a, 0x71, 0x59, 0x6e, 0x65, 0x4f, 0x55, 0x66, 0x37,
0x6e, 0x62, 0x69, 0x56, 0x6b, 0x7a, 0x6b, 0x66, 0x61, 0x74, 0x50, 0x4f,
0x71, 0x47, 0x43, 0x6d, 0x57, 0x4a, 0x5a, 0x59, 0x62, 0x2f, 0x64, 0x4d,
0x0a, 0x32, 0x6b, 0x52, 0x46, 0x50, 0x35, 0x48, 0x62, 0x30, 0x39, 0x79,
0x6c, 0x32, 0x51, 0x6c, 0x50, 0x50, 0x47, 0x48, 0x56, 0x37, 0x42, 0x51,
0x31, 0x55, 0x75, 0x48, 0x50, 0x4b, 0x44, 0x58, 0x74, 0x54, 0x79, 0x47,
0x6f, 0x2f, 0x45, 0x38, 0x57, 0x33, 0x64, 0x77, 0x77, 0x38, 0x6f, 0x70,
0x46, 0x38, 0x6c, 0x46, 0x6f, 0x77, 0x77, 0x36, 0x61, 0x56, 0x62, 0x74,
0x4e, 0x47, 0x76, 0x72, 0x6d, 0x0a, 0x72, 0x31, 0x50, 0x4e, 0x4c, 0x2b,
0x63, 0x55, 0x2b, 0x2b, 0x6a, 0x5a, 0x77, 0x37, 0x47, 0x36, 0x61, 0x65,
0x30, 0x47, 0x31, 0x52, 0x53, 0x7a, 0x55, 0x2b, 0x32, 0x58, 0x4d, 0x36,
0x68, 0x55, 0x35, 0x70, 0x65, 0x71, 0x77, 0x53, 0x6b, 0x43, 0x67, 0x59,
0x45, 0x41, 0x67, 0x37, 0x37, 0x2f, 0x6f, 0x31, 0x67, 0x5a, 0x66, 0x58,
0x69, 0x58, 0x56, 0x69, 0x58, 0x52, 0x75, 0x2b, 0x4a, 0x38, 0x0a, 0x41,
0x30, 0x45, 0x44, 0x52, 0x4d, 0x30, 0x41, 0x43, 0x32, 0x79, 0x39, 0x62,
0x42, 0x75, 0x64, 0x7a, 0x44, 0x46, 0x4a, 0x46, 0x42, 0x47, 0x6b, 0x65,
0x38, 0x44, 0x4d, 0x58, 0x6d, 0x55, 0x62, 0x78, 0x47, 0x63, 0x48, 0x43,
0x62, 0x67, 0x75, 0x6e, 0x31, 0x77, 0x6c, 0x69, 0x4d, 0x44, 0x37, 0x32,
0x48, 0x45, 0x54, 0x62, 0x52, 0x77, 0x2f, 0x38, 0x2b, 0x32, 0x42, 0x6d,
0x55, 0x44, 0x31, 0x0a, 0x77, 0x46, 0x32, 0x38, 0x75, 0x4d, 0x4b, 0x4e,
0x43, 0x51, 0x70, 0x31, 0x2b, 0x6d, 0x44, 0x57, 0x34, 0x77, 0x68, 0x63,
0x31, 0x75, 0x6d, 0x6b, 0x6f, 0x33, 0x43, 0x75, 0x4c, 0x42, 0x42, 0x44,
0x58, 0x7a, 0x41, 0x59, 0x38, 0x4c, 0x30, 0x6e, 0x4d, 0x44, 0x55, 0x52,
0x71, 0x4a, 0x46, 0x69, 0x46, 0x56, 0x45, 0x35, 0x41, 0x47, 0x75, 0x53,
0x4e, 0x52, 0x74, 0x53, 0x50, 0x55, 0x48, 0x46, 0x0a, 0x46, 0x46, 0x6a,
0x6b, 0x37, 0x31, 0x4e, 0x30, 0x47, 0x57, 0x74, 0x64, 0x51, 0x53, 0x6f,
0x76, 0x70, 0x52, 0x2b, 0x47, 0x52, 0x44, 0x45, 0x3d, 0x0a, 0x2d, 0x2d,
0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x50, 0x52, 0x49, 0x56, 0x41,
0x54, 0x45, 0x20, 0x4b, 0x45, 0x59, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a
};
unsigned int CAKeyLength = 1704;

372
Exploits/fastPathSign/src/Templates/TemplateSignatureBlob.h → Exploits/fastPathSign/src/Templates/SignatureBlob.h
View File

@ -1,10 +1,10 @@
unsigned char AppStoreSignatureBlob[] = {
0xfa, 0xde, 0x0b, 0x01, 0x00, 0x00, 0x11, 0x2e, 0x30, 0x80, 0x06, 0x09,
unsigned char TemplateSignatureBlob[] = {
0xfa, 0xde, 0x0b, 0x01, 0x00, 0x00, 0x1a, 0xbd, 0x30, 0x80, 0x06, 0x09,
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0, 0x80, 0x30,
0x80, 0x02, 0x01, 0x01, 0x31, 0x0f, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x30, 0x80, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x00, 0x00,
0xa0, 0x82, 0x0d, 0x2f, 0x30, 0x82, 0x04, 0x24, 0x30, 0x82, 0x03, 0x0c,
0xa0, 0x82, 0x12, 0x53, 0x30, 0x82, 0x04, 0x24, 0x30, 0x82, 0x03, 0x0c,
0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x40, 0x60, 0x57, 0xb3, 0xc9,
0xbf, 0x9d, 0xf0, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x73, 0x31, 0x2d, 0x30, 0x2b,
@ -285,86 +285,290 @@ unsigned char AppStoreSignatureBlob[] = {
0xfb, 0xd8, 0xd5, 0x71, 0x9e, 0x7e, 0xa1, 0x52, 0xb7, 0x1b, 0xbd, 0x93,
0x42, 0x24, 0x12, 0x2a, 0xc7, 0x0f, 0x1d, 0xb6, 0x4d, 0x9c, 0x5e, 0x63,
0xc8, 0x4b, 0x80, 0x17, 0x50, 0xaa, 0x8a, 0xd5, 0xda, 0xe4, 0xfc, 0xd0,
0x09, 0x07, 0x37, 0xb0, 0x75, 0x75, 0x21, 0x31, 0x82, 0x03, 0xb5, 0x30,
0x82, 0x03, 0xb1, 0x02, 0x01, 0x01, 0x30, 0x7f, 0x30, 0x73, 0x31, 0x2d,
0x30, 0x2b, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x24, 0x41, 0x70, 0x70,
0x6c, 0x65, 0x20, 0x69, 0x50, 0x68, 0x6f, 0x6e, 0x65, 0x20, 0x43, 0x65,
0x09, 0x07, 0x37, 0xb0, 0x75, 0x75, 0x21, 0x30, 0x82, 0x05, 0x20, 0x30,
0x82, 0x04, 0x08, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14, 0x18, 0xa5,
0xfe, 0xfd, 0x11, 0xd9, 0xc4, 0xcc, 0x28, 0xd6, 0xf8, 0xff, 0xcf, 0xf4,
0x58, 0x6e, 0xc6, 0xc8, 0x3e, 0xf3, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x81, 0xfc,
0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a,
0x43, 0x61, 0x6c, 0x69, 0x66, 0x6f, 0x72, 0x6e, 0x69, 0x61, 0x31, 0x12,
0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x09, 0x43, 0x75, 0x70,
0x65, 0x72, 0x74, 0x69, 0x6e, 0x6f, 0x31, 0x34, 0x30, 0x32, 0x06, 0x03,
0x55, 0x04, 0x0a, 0x0c, 0x2b, 0x54, 0x72, 0x6f, 0x6c, 0x6c, 0x53, 0x74,
0x6f, 0x72, 0x65, 0x20, 0x32, 0x20, 0x69, 0x50, 0x68, 0x6f, 0x6e, 0x65,
0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69,
0x6f, 0x6e, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79,
0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x2a, 0x54,
0x72, 0x6f, 0x6c, 0x6c, 0x53, 0x74, 0x6f, 0x72, 0x65, 0x20, 0x32, 0x20,
0x69, 0x50, 0x68, 0x6f, 0x6e, 0x65, 0x20, 0x4f, 0x53, 0x20, 0x41, 0x70,
0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x53, 0x69,
0x67, 0x6e, 0x69, 0x6e, 0x67, 0x31, 0x34, 0x30, 0x32, 0x06, 0x03, 0x55,
0x04, 0x03, 0x0c, 0x2b, 0x54, 0x72, 0x6f, 0x6c, 0x6c, 0x53, 0x74, 0x6f,
0x72, 0x65, 0x20, 0x32, 0x20, 0x69, 0x50, 0x68, 0x6f, 0x6e, 0x65, 0x20,
0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f,
0x6e, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x31,
0x23, 0x30, 0x21, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
0x09, 0x01, 0x16, 0x14, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x40, 0x63, 0x6f,
0x72, 0x65, 0x74, 0x72, 0x75, 0x73, 0x74, 0x2e, 0x68, 0x61, 0x78, 0x78,
0x30, 0x1e, 0x17, 0x0d, 0x32, 0x33, 0x31, 0x31, 0x32, 0x36, 0x32, 0x30,
0x31, 0x39, 0x32, 0x36, 0x5a, 0x17, 0x0d, 0x33, 0x33, 0x31, 0x31, 0x32,
0x33, 0x32, 0x30, 0x31, 0x39, 0x32, 0x36, 0x5a, 0x30, 0x81, 0xfc, 0x31,
0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x43,
0x61, 0x6c, 0x69, 0x66, 0x6f, 0x72, 0x6e, 0x69, 0x61, 0x31, 0x12, 0x30,
0x10, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x09, 0x43, 0x75, 0x70, 0x65,
0x72, 0x74, 0x69, 0x6e, 0x6f, 0x31, 0x34, 0x30, 0x32, 0x06, 0x03, 0x55,
0x04, 0x0a, 0x0c, 0x2b, 0x54, 0x72, 0x6f, 0x6c, 0x6c, 0x53, 0x74, 0x6f,
0x72, 0x65, 0x20, 0x32, 0x20, 0x69, 0x50, 0x68, 0x6f, 0x6e, 0x65, 0x20,
0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f,
0x6e, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x31,
0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x2a, 0x54, 0x72,
0x6f, 0x6c, 0x6c, 0x53, 0x74, 0x6f, 0x72, 0x65, 0x20, 0x32, 0x20, 0x69,
0x50, 0x68, 0x6f, 0x6e, 0x65, 0x20, 0x4f, 0x53, 0x20, 0x41, 0x70, 0x70,
0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x53, 0x69, 0x67,
0x6e, 0x69, 0x6e, 0x67, 0x31, 0x34, 0x30, 0x32, 0x06, 0x03, 0x55, 0x04,
0x03, 0x0c, 0x2b, 0x54, 0x72, 0x6f, 0x6c, 0x6c, 0x53, 0x74, 0x6f, 0x72,
0x65, 0x20, 0x32, 0x20, 0x69, 0x50, 0x68, 0x6f, 0x6e, 0x65, 0x20, 0x43,
0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e,
0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x31, 0x23,
0x30, 0x21, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09,
0x01, 0x16, 0x14, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x40, 0x63, 0x6f, 0x72,
0x65, 0x74, 0x72, 0x75, 0x73, 0x74, 0x2e, 0x68, 0x61, 0x78, 0x78, 0x30,
0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30,
0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xbe, 0x13, 0x2e, 0x48,
0x8a, 0x12, 0x98, 0x59, 0x4f, 0x4f, 0x5f, 0x5b, 0xd1, 0x4f, 0x97, 0x5c,
0xed, 0xe8, 0xd6, 0x43, 0xe9, 0x3e, 0x26, 0x82, 0x38, 0x22, 0x18, 0x56,
0x45, 0x21, 0xf6, 0xf0, 0xb8, 0xcf, 0xe3, 0x6a, 0x17, 0xdf, 0xce, 0x72,
0x6d, 0xad, 0xa8, 0x7d, 0x31, 0xf9, 0xa1, 0x4a, 0x73, 0xee, 0x07, 0x4b,
0x95, 0xa8, 0x58, 0x0e, 0x05, 0xd9, 0x07, 0x5b, 0x3d, 0x47, 0xbb, 0xce,
0x7d, 0x7e, 0x4b, 0x30, 0x76, 0xe4, 0xe4, 0x2a, 0x9f, 0x48, 0x46, 0x3c,
0xe8, 0x23, 0xeb, 0x6b, 0xc7, 0xaf, 0xd5, 0x64, 0x23, 0x66, 0xff, 0x25,
0xda, 0x6a, 0x7e, 0x95, 0x3e, 0xc3, 0x0d, 0xe6, 0xc6, 0x06, 0x90, 0xc6,
0x8a, 0x2f, 0x1f, 0xcb, 0x63, 0x88, 0xa0, 0x3c, 0x9d, 0xca, 0x85, 0x67,
0x80, 0x6e, 0xe1, 0x4e, 0xb7, 0x61, 0xfe, 0x81, 0x8b, 0x53, 0x07, 0x34,
0x56, 0x58, 0xa6, 0x46, 0x58, 0x60, 0x24, 0x44, 0xac, 0xa7, 0x5c, 0xba,
0xab, 0xc1, 0x74, 0x6d, 0x5c, 0x81, 0xe2, 0x1b, 0xb8, 0x3a, 0x87, 0xec,
0x08, 0x86, 0x9d, 0x86, 0xf9, 0xc9, 0x0c, 0x5d, 0xf4, 0x5c, 0xd9, 0xf8,
0x7a, 0x7e, 0x20, 0xa5, 0x95, 0x52, 0x70, 0x4b, 0xf4, 0x96, 0x7e, 0xe4,
0x30, 0x11, 0x2f, 0x5c, 0x19, 0x0e, 0xa6, 0x6b, 0x97, 0x52, 0x68, 0xd7,
0xd7, 0x67, 0xe9, 0x91, 0xda, 0xea, 0xcb, 0xd4, 0x70, 0xba, 0x11, 0x08,
0xb8, 0x54, 0xb8, 0x48, 0x61, 0x42, 0xe0, 0xae, 0x53, 0x23, 0xc0, 0x17,
0xbd, 0x6d, 0xb1, 0xa5, 0x13, 0xa0, 0x65, 0xb5, 0xea, 0x91, 0x9a, 0xa5,
0x2f, 0x8e, 0xc2, 0x3b, 0x91, 0x70, 0x9d, 0x9e, 0x6e, 0x9f, 0x3e, 0x67,
0xd3, 0xd7, 0x62, 0x3b, 0xdc, 0x96, 0x1e, 0xf3, 0x0b, 0x47, 0xaf, 0x26,
0x3c, 0xdd, 0x0e, 0x00, 0xbf, 0x6f, 0x24, 0x9e, 0x07, 0x3c, 0xe5, 0x5d,
0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x81, 0x97, 0x30, 0x81, 0x94, 0x30,
0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30,
0x03, 0x01, 0x01, 0xff, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01,
0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x02, 0x84, 0x30, 0x13, 0x06, 0x03,
0x55, 0x1d, 0x25, 0x04, 0x0c, 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01,
0x05, 0x05, 0x07, 0x03, 0x03, 0x30, 0x12, 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x63, 0x64, 0x06, 0x16, 0x01, 0x01, 0xff, 0x04, 0x02, 0x05,
0x00, 0x30, 0x13, 0x06, 0x0a, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x63, 0x64,
0x06, 0x01, 0x03, 0x01, 0x01, 0xff, 0x04, 0x02, 0x05, 0x00, 0x30, 0x14,
0x06, 0x0b, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x63, 0x64, 0x06, 0x01, 0x19,
0x01, 0x01, 0x01, 0xff, 0x04, 0x02, 0x05, 0x00, 0x30, 0x1d, 0x06, 0x03,
0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x97, 0x90, 0xd2, 0x7e, 0x87,
0x35, 0x8a, 0x0b, 0xd1, 0x92, 0xf5, 0xcf, 0xe4, 0xac, 0xd2, 0x14, 0x35,
0x29, 0x08, 0xe2, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xaf,
0xec, 0x00, 0x5b, 0x9f, 0xd7, 0x13, 0x93, 0xed, 0x33, 0xed, 0x89, 0x31,
0xb5, 0x65, 0x98, 0x7d, 0xda, 0x9a, 0x64, 0x39, 0x1d, 0x57, 0x7c, 0x94,
0x15, 0x45, 0x72, 0x2a, 0xcd, 0xa2, 0x27, 0x64, 0xbf, 0xcd, 0x85, 0xfb,
0x31, 0x6f, 0x5c, 0x95, 0x7d, 0xda, 0xcf, 0x45, 0x42, 0x2f, 0x16, 0x1c,
0xcc, 0xbe, 0x04, 0x54, 0xe9, 0x2b, 0xf6, 0xa3, 0xed, 0x39, 0xbf, 0xa9,
0x07, 0x30, 0x2e, 0x7f, 0x7f, 0x4f, 0xf8, 0xe3, 0x57, 0x46, 0x14, 0x13,
0xf2, 0x63, 0xec, 0xeb, 0x6d, 0x45, 0x3e, 0x7b, 0xff, 0xac, 0x12, 0xb0,
0xc5, 0x88, 0x28, 0xd4, 0x90, 0x1f, 0xee, 0xff, 0xbc, 0x44, 0xd3, 0xed,
0x31, 0xb8, 0x9a, 0x97, 0xc9, 0x55, 0xcd, 0x8d, 0x3e, 0x1d, 0x7b, 0x2d,
0xb9, 0x3f, 0x22, 0xbc, 0xf5, 0x0a, 0x03, 0x97, 0x34, 0x5d, 0x7a, 0xc2,
0x76, 0xd6, 0xd9, 0x31, 0x83, 0x9a, 0x0e, 0x0b, 0x37, 0xbb, 0x5f, 0xd6,
0x51, 0xb0, 0xe7, 0x4e, 0xd9, 0x2c, 0xea, 0x1b, 0x09, 0x0f, 0x39, 0x82,
0x33, 0xd2, 0xda, 0x40, 0x1d, 0xce, 0x88, 0xe6, 0x38, 0xa4, 0xb9, 0x5b,
0x19, 0x4a, 0x81, 0x4c, 0xab, 0x5e, 0x26, 0xdf, 0x84, 0xc7, 0x32, 0x53,
0x48, 0x27, 0xce, 0x7e, 0x1c, 0xa8, 0x2d, 0xaa, 0xa9, 0x23, 0x65, 0x36,
0xcd, 0x47, 0x8e, 0x78, 0x2e, 0x50, 0x63, 0x1d, 0x1b, 0xeb, 0x67, 0xa6,
0x52, 0x25, 0x90, 0x17, 0x82, 0x2a, 0xce, 0xda, 0x28, 0x25, 0x81, 0x97,
0xce, 0x6c, 0x78, 0x95, 0x82, 0x61, 0x57, 0xf1, 0x51, 0x01, 0xfe, 0x4d,
0xfa, 0xd7, 0xff, 0xa7, 0xd1, 0x77, 0x95, 0x23, 0xf2, 0xf9, 0x96, 0xfc,
0xed, 0xf5, 0x91, 0x1a, 0x02, 0x6d, 0x73, 0x16, 0xd0, 0x29, 0xe5, 0xb4,
0xc8, 0x8f, 0xa1, 0x44, 0xbc, 0x67, 0x60, 0xf5, 0xac, 0xeb, 0x52, 0x4b,
0xa7, 0x44, 0xa7, 0x31, 0x82, 0x08, 0x20, 0x30, 0x82, 0x04, 0x67, 0x02,
0x01, 0x01, 0x30, 0x82, 0x01, 0x15, 0x30, 0x81, 0xfc, 0x31, 0x0b, 0x30,
0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13,
0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x43, 0x61, 0x6c,
0x69, 0x66, 0x6f, 0x72, 0x6e, 0x69, 0x61, 0x31, 0x12, 0x30, 0x10, 0x06,
0x03, 0x55, 0x04, 0x07, 0x0c, 0x09, 0x43, 0x75, 0x70, 0x65, 0x72, 0x74,
0x69, 0x6e, 0x6f, 0x31, 0x34, 0x30, 0x32, 0x06, 0x03, 0x55, 0x04, 0x0a,
0x0c, 0x2b, 0x54, 0x72, 0x6f, 0x6c, 0x6c, 0x53, 0x74, 0x6f, 0x72, 0x65,
0x20, 0x32, 0x20, 0x69, 0x50, 0x68, 0x6f, 0x6e, 0x65, 0x20, 0x43, 0x65,
0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20,
0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x31, 0x20, 0x30,
0x1e, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x17, 0x43, 0x65, 0x72, 0x74,
0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x41, 0x75,
0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x31, 0x13, 0x30, 0x11, 0x06,
0x03, 0x55, 0x04, 0x0a, 0x0c, 0x0a, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x20,
0x49, 0x6e, 0x63, 0x2e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
0x06, 0x13, 0x02, 0x55, 0x53, 0x02, 0x08, 0x40, 0x60, 0x57, 0xb3, 0xc9,
0xbf, 0x9d, 0xf0, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65,
0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0xa0, 0x82, 0x02, 0x07, 0x30, 0x18,
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x03, 0x31,
0x0b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01,
0x30, 0x2f, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09,
0x04, 0x31, 0x22, 0x04, 0x20, 0xc2, 0x96, 0x8f, 0x4a, 0x63, 0xc0, 0xcf,
0xb6, 0xcd, 0x82, 0xb8, 0x48, 0xe2, 0x04, 0x3d, 0xa0, 0x71, 0xfe, 0xa3,
0x66, 0x32, 0x8c, 0xb4, 0xe0, 0x94, 0x12, 0xdb, 0xb5, 0x73, 0x96, 0xc4,
0xc4, 0x30, 0x5b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x63, 0x64,
0x09, 0x02, 0x31, 0x4e, 0x30, 0x1d, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02,
0x1a, 0x04, 0x14, 0x51, 0xf9, 0xbc, 0xa2, 0x95, 0xbe, 0x9c, 0x2e, 0x1d,
0xee, 0x77, 0xd0, 0x93, 0xce, 0x0f, 0xcf, 0x3f, 0xc9, 0x34, 0x50, 0x30,
0x2d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
0x04, 0x20, 0x93, 0x72, 0x19, 0xc3, 0x98, 0x18, 0xd7, 0x7d, 0x0c, 0x7b,
0x93, 0x6c, 0xba, 0xd6, 0x2c, 0xa4, 0x4c, 0x44, 0xb7, 0xa4, 0xaa, 0x7c,
0x50, 0x40, 0x93, 0x6f, 0x30, 0xb3, 0xe1, 0x19, 0xb0, 0x40, 0x30, 0x82,
0x01, 0x5b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x63, 0x64, 0x09,
0x01, 0x31, 0x82, 0x01, 0x4c, 0x04, 0x82, 0x01, 0x48, 0x3c, 0x3f, 0x78,
0x6d, 0x6c, 0x20, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x3d, 0x22,
0x31, 0x2e, 0x30, 0x22, 0x20, 0x65, 0x6e, 0x63, 0x6f, 0x64, 0x69, 0x6e,
0x67, 0x3d, 0x22, 0x55, 0x54, 0x46, 0x2d, 0x38, 0x22, 0x3f, 0x3e, 0x0a,
0x3c, 0x21, 0x44, 0x4f, 0x43, 0x54, 0x59, 0x50, 0x45, 0x20, 0x70, 0x6c,
0x69, 0x73, 0x74, 0x20, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x20, 0x22,
0x2d, 0x2f, 0x2f, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x2f, 0x2f, 0x44, 0x54,
0x44, 0x20, 0x50, 0x4c, 0x49, 0x53, 0x54, 0x20, 0x31, 0x2e, 0x30, 0x2f,
0x2f, 0x45, 0x4e, 0x22, 0x20, 0x22, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f,
0x2f, 0x77, 0x77, 0x77, 0x2e, 0x61, 0x70, 0x70, 0x6c, 0x65, 0x2e, 0x63,
0x6f, 0x6d, 0x2f, 0x44, 0x54, 0x44, 0x73, 0x2f, 0x50, 0x72, 0x6f, 0x70,
0x65, 0x72, 0x74, 0x79, 0x4c, 0x69, 0x73, 0x74, 0x2d, 0x31, 0x2e, 0x30,
0x2e, 0x64, 0x74, 0x64, 0x22, 0x3e, 0x0a, 0x3c, 0x70, 0x6c, 0x69, 0x73,
0x74, 0x20, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x3d, 0x22, 0x31,
0x2e, 0x30, 0x22, 0x3e, 0x0a, 0x3c, 0x64, 0x69, 0x63, 0x74, 0x3e, 0x0a,
0x09, 0x3c, 0x6b, 0x65, 0x79, 0x3e, 0x63, 0x64, 0x68, 0x61, 0x73, 0x68,
0x65, 0x73, 0x3c, 0x2f, 0x6b, 0x65, 0x79, 0x3e, 0x0a, 0x09, 0x3c, 0x61,
0x72, 0x72, 0x61, 0x79, 0x3e, 0x0a, 0x09, 0x09, 0x3c, 0x64, 0x61, 0x74,
0x61, 0x3e, 0x0a, 0x09, 0x09, 0x55, 0x66, 0x6d, 0x38, 0x6f, 0x70, 0x57,
0x2b, 0x6e, 0x43, 0x34, 0x64, 0x37, 0x6e, 0x66, 0x51, 0x6b, 0x38, 0x34,
0x50, 0x7a, 0x7a, 0x2f, 0x4a, 0x4e, 0x46, 0x41, 0x3d, 0x0a, 0x09, 0x09,
0x3c, 0x2f, 0x64, 0x61, 0x74, 0x61, 0x3e, 0x0a, 0x09, 0x09, 0x3c, 0x64,
0x61, 0x74, 0x61, 0x3e, 0x0a, 0x09, 0x09, 0x6b, 0x33, 0x49, 0x5a, 0x77,
0x35, 0x67, 0x59, 0x31, 0x33, 0x30, 0x4d, 0x65, 0x35, 0x4e, 0x73, 0x75,
0x74, 0x59, 0x73, 0x70, 0x45, 0x78, 0x45, 0x74, 0x36, 0x51, 0x3d, 0x0a,
0x09, 0x09, 0x3c, 0x2f, 0x64, 0x61, 0x74, 0x61, 0x3e, 0x0a, 0x09, 0x3c,
0x2f, 0x61, 0x72, 0x72, 0x61, 0x79, 0x3e, 0x0a, 0x3c, 0x2f, 0x64, 0x69,
0x63, 0x74, 0x3e, 0x0a, 0x3c, 0x2f, 0x70, 0x6c, 0x69, 0x73, 0x74, 0x3e,
0x0a, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
0x01, 0x0b, 0x05, 0x00, 0x04, 0x82, 0x01, 0x00, 0x3b, 0x3d, 0x60, 0x8d,
0xa2, 0x95, 0x1e, 0x5b, 0xa6, 0x02, 0xb4, 0x71, 0xc3, 0xfa, 0x01, 0xf0,
0x1c, 0x1f, 0x15, 0x8d, 0xf0, 0x15, 0xcb, 0x76, 0x6a, 0xfd, 0xb4, 0x95,
0x14, 0x6f, 0xea, 0x4c, 0x1b, 0xf1, 0x32, 0x80, 0xe7, 0x97, 0x04, 0x00,
0x07, 0x4d, 0x86, 0x73, 0xbe, 0x5c, 0xd4, 0x13, 0xe4, 0x31, 0xb7, 0x94,
0xc0, 0x6a, 0xf9, 0x4a, 0x48, 0x7a, 0x44, 0xde, 0x67, 0xc8, 0xb2, 0xcd,
0xed, 0x2c, 0xff, 0x80, 0xec, 0x96, 0xc1, 0x2e, 0x37, 0x13, 0x67, 0x1b,
0xa3, 0x54, 0x63, 0x88, 0x84, 0x5d, 0x1a, 0xca, 0xc9, 0x58, 0xec, 0xca,
0x82, 0x38, 0x8d, 0x29, 0x1c, 0xca, 0x58, 0x50, 0xc4, 0xd0, 0x91, 0xba,
0x22, 0x7e, 0x73, 0x00, 0x58, 0x48, 0x5d, 0x49, 0xbd, 0xe7, 0xde, 0x35,
0x23, 0xfa, 0x60, 0x93, 0x12, 0x98, 0x2f, 0xf6, 0x8b, 0x38, 0x54, 0x32,
0x75, 0x0a, 0x3b, 0xed, 0x7f, 0x6a, 0x78, 0xf7, 0x87, 0x30, 0x49, 0xf4,
0x1f, 0x0d, 0x0a, 0x8b, 0xb7, 0xa7, 0x7e, 0x69, 0x48, 0x34, 0x6c, 0x9b,
0x77, 0xce, 0x0e, 0x68, 0xd9, 0x30, 0xb2, 0xc6, 0xa3, 0x30, 0x8a, 0x87,
0xd9, 0x25, 0xd7, 0x58, 0xc1, 0xae, 0x33, 0x4f, 0xeb, 0x2c, 0xcb, 0xf2,
0xb2, 0xe8, 0x2d, 0xa9, 0x4c, 0xa8, 0xd8, 0x64, 0x8b, 0x91, 0xdc, 0xb6,
0x55, 0x69, 0x84, 0x43, 0x4b, 0x75, 0xe6, 0xba, 0xd6, 0x58, 0x5b, 0x5e,
0xe7, 0x91, 0x5a, 0x69, 0x9b, 0xb6, 0x45, 0x7f, 0x1a, 0x9f, 0x0b, 0x87,
0xac, 0x4c, 0xc8, 0x58, 0x59, 0x18, 0x25, 0x02, 0x6c, 0xb2, 0x66, 0xf1,
0x2c, 0xc7, 0xaf, 0x68, 0x7a, 0x0e, 0x82, 0x93, 0x27, 0xd8, 0x75, 0x01,
0xdf, 0xd4, 0xa7, 0xba, 0xa5, 0x6e, 0xb2, 0x16, 0x49, 0x9a, 0xef, 0xdf,
0xec, 0xa7, 0x15, 0x78, 0x05, 0x68, 0x37, 0xaf, 0xf6, 0xfb, 0xa9, 0x3b,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00
0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x31, 0x33, 0x30,
0x31, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x2a, 0x54, 0x72, 0x6f, 0x6c,
0x6c, 0x53, 0x74, 0x6f, 0x72, 0x65, 0x20, 0x32, 0x20, 0x69, 0x50, 0x68,
0x6f, 0x6e, 0x65, 0x20, 0x4f, 0x53, 0x20, 0x41, 0x70, 0x70, 0x6c, 0x69,
0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x69,
0x6e, 0x67, 0x31, 0x34, 0x30, 0x32, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
0x2b, 0x54, 0x72, 0x6f, 0x6c, 0x6c, 0x53, 0x74, 0x6f, 0x72, 0x65, 0x20,
0x32, 0x20, 0x69, 0x50, 0x68, 0x6f, 0x6e, 0x65, 0x20, 0x43, 0x65, 0x72,
0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x41,
0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x31, 0x23, 0x30, 0x21,
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16,
0x14, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x40, 0x63, 0x6f, 0x72, 0x65, 0x74,
0x72, 0x75, 0x73, 0x74, 0x2e, 0x68, 0x61, 0x78, 0x78, 0x02, 0x14, 0x18,
0xa5, 0xfe, 0xfd, 0x11, 0xd9, 0xc4, 0xcc, 0x28, 0xd6, 0xf8, 0xff, 0xcf,
0xf4, 0x58, 0x6e, 0xc6, 0xc8, 0x3e, 0xf3, 0x30, 0x0d, 0x06, 0x09, 0x60,
0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0xa0, 0x82,
0x02, 0x25, 0x30, 0x18, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
0x01, 0x09, 0x03, 0x31, 0x0b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x0d, 0x01, 0x07, 0x01, 0x30, 0x1c, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x09, 0x05, 0x31, 0x0f, 0x17, 0x0d, 0x32, 0x33, 0x31,
0x31, 0x32, 0x36, 0x32, 0x30, 0x33, 0x34, 0x32, 0x39, 0x5a, 0x30, 0x2f,
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04, 0x31,
0x22, 0x04, 0x20, 0xc2, 0x96, 0x8f, 0x4a, 0x63, 0xc0, 0xcf, 0xb6, 0xcd,
0x82, 0xb8, 0x48, 0xe2, 0x04, 0x3d, 0xa0, 0x71, 0xfe, 0xa3, 0x66, 0x32,
0x8c, 0xb4, 0xe0, 0x94, 0x12, 0xdb, 0xb5, 0x73, 0x96, 0xc4, 0xc4, 0x30,
0x5b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x63, 0x64, 0x09, 0x02,
0x31, 0x4e, 0x30, 0x1d, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x04,
0x14, 0x51, 0xf9, 0xbc, 0xa2, 0x95, 0xbe, 0x9c, 0x2e, 0x1d, 0xee, 0x77,
0xd0, 0x93, 0xce, 0x0f, 0xcf, 0x3f, 0xc9, 0x34, 0x50, 0x30, 0x2d, 0x06,
0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x04, 0x20,
0xb8, 0xca, 0x7d, 0x9d, 0xef, 0xa9, 0xcf, 0xd2, 0x00, 0x90, 0x38, 0x28,
0x1d, 0x0a, 0xa7, 0x2f, 0xca, 0x77, 0xd7, 0xa4, 0x6b, 0xae, 0x73, 0x93,
0x60, 0xf8, 0x61, 0x98, 0xd2, 0x1a, 0x38, 0xe6, 0x30, 0x82, 0x01, 0x5b,
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x63, 0x64, 0x09, 0x01, 0x31,
0x82, 0x01, 0x4c, 0x04, 0x82, 0x01, 0x48, 0x3c, 0x3f, 0x78, 0x6d, 0x6c,
0x20, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x3d, 0x22, 0x31, 0x2e,
0x30, 0x22, 0x20, 0x65, 0x6e, 0x63, 0x6f, 0x64, 0x69, 0x6e, 0x67, 0x3d,
0x22, 0x55, 0x54, 0x46, 0x2d, 0x38, 0x22, 0x3f, 0x3e, 0x0a, 0x3c, 0x21,
0x44, 0x4f, 0x43, 0x54, 0x59, 0x50, 0x45, 0x20, 0x70, 0x6c, 0x69, 0x73,
0x74, 0x20, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x20, 0x22, 0x2d, 0x2f,
0x2f, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x2f, 0x2f, 0x44, 0x54, 0x44, 0x20,
0x50, 0x4c, 0x49, 0x53, 0x54, 0x20, 0x31, 0x2e, 0x30, 0x2f, 0x2f, 0x45,
0x4e, 0x22, 0x20, 0x22, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x77,
0x77, 0x77, 0x2e, 0x61, 0x70, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d,
0x2f, 0x44, 0x54, 0x44, 0x73, 0x2f, 0x50, 0x72, 0x6f, 0x70, 0x65, 0x72,
0x74, 0x79, 0x4c, 0x69, 0x73, 0x74, 0x2d, 0x31, 0x2e, 0x30, 0x2e, 0x64,
0x74, 0x64, 0x22, 0x3e, 0x0a, 0x3c, 0x70, 0x6c, 0x69, 0x73, 0x74, 0x20,
0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x3d, 0x22, 0x31, 0x2e, 0x30,
0x22, 0x3e, 0x0a, 0x3c, 0x64, 0x69, 0x63, 0x74, 0x3e, 0x0a, 0x09, 0x3c,
0x6b, 0x65, 0x79, 0x3e, 0x63, 0x64, 0x68, 0x61, 0x73, 0x68, 0x65, 0x73,
0x3c, 0x2f, 0x6b, 0x65, 0x79, 0x3e, 0x0a, 0x09, 0x3c, 0x61, 0x72, 0x72,
0x61, 0x79, 0x3e, 0x0a, 0x09, 0x09, 0x3c, 0x64, 0x61, 0x74, 0x61, 0x3e,
0x0a, 0x09, 0x09, 0x55, 0x66, 0x6d, 0x38, 0x6f, 0x70, 0x57, 0x2b, 0x6e,
0x43, 0x34, 0x64, 0x37, 0x6e, 0x66, 0x51, 0x6b, 0x38, 0x34, 0x50, 0x7a,
0x7a, 0x2f, 0x4a, 0x4e, 0x46, 0x41, 0x3d, 0x0a, 0x09, 0x09, 0x3c, 0x2f,
0x64, 0x61, 0x74, 0x61, 0x3e, 0x0a, 0x09, 0x09, 0x3c, 0x64, 0x61, 0x74,
0x61, 0x3e, 0x0a, 0x09, 0x09, 0x75, 0x4d, 0x70, 0x39, 0x6e, 0x65, 0x2b,
0x70, 0x7a, 0x39, 0x49, 0x41, 0x6b, 0x44, 0x67, 0x6f, 0x48, 0x51, 0x71,
0x6e, 0x4c, 0x38, 0x70, 0x33, 0x31, 0x36, 0x51, 0x3d, 0x0a, 0x09, 0x09,
0x3c, 0x2f, 0x64, 0x61, 0x74, 0x61, 0x3e, 0x0a, 0x09, 0x3c, 0x2f, 0x61,
0x72, 0x72, 0x61, 0x79, 0x3e, 0x0a, 0x3c, 0x2f, 0x64, 0x69, 0x63, 0x74,
0x3e, 0x0a, 0x3c, 0x2f, 0x70, 0x6c, 0x69, 0x73, 0x74, 0x3e, 0x0a, 0x30,
0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
0x05, 0x00, 0x04, 0x82, 0x01, 0x00, 0x8a, 0x4f, 0xdd, 0xcf, 0x23, 0x66,
0x89, 0x82, 0x87, 0x09, 0x5e, 0x07, 0x11, 0x65, 0x40, 0xb9, 0xb3, 0x8d,
0x01, 0xe1, 0x4d, 0x1b, 0x8e, 0x62, 0x4a, 0x5b, 0x58, 0xeb, 0x47, 0xdc,
0x16, 0xcf, 0x38, 0x9e, 0x58, 0xa5, 0xd5, 0xf4, 0xc5, 0x4f, 0x29, 0x4f,
0x60, 0x33, 0xb0, 0x92, 0x37, 0xb8, 0x09, 0x57, 0x2b, 0x96, 0xac, 0x26,
0xff, 0x16, 0xea, 0x99, 0x5e, 0x59, 0x82, 0x6b, 0xdf, 0x30, 0x74, 0x56,
0x21, 0xf8, 0x74, 0xa7, 0x30, 0xc5, 0x39, 0x51, 0x3e, 0x9f, 0xb4, 0x72,
0x2b, 0xe4, 0x38, 0xba, 0xf7, 0x3e, 0xc4, 0x32, 0x44, 0x26, 0xd7, 0xf9,
0x2e, 0xd3, 0x1b, 0xae, 0x9b, 0x11, 0x53, 0x18, 0x30, 0x62, 0xd9, 0x2f,
0xcf, 0x75, 0x5d, 0x58, 0x96, 0xee, 0x25, 0x1e, 0x1c, 0x56, 0x0a, 0x73,
0xeb, 0x92, 0x36, 0x72, 0x9c, 0x50, 0x6f, 0x95, 0x52, 0xdc, 0xf7, 0xb1,
0xd3, 0xdb, 0x8a, 0x63, 0xa0, 0xaf, 0x92, 0x8a, 0xee, 0x6c, 0xf3, 0xda,
0xe7, 0x80, 0xb5, 0x91, 0x84, 0x44, 0x67, 0xa2, 0xf9, 0x57, 0x3e, 0x32,
0x32, 0x3d, 0xa7, 0x08, 0x49, 0xd2, 0x36, 0xce, 0xd6, 0x80, 0x05, 0x59,
0xe2, 0xa7, 0xc3, 0xcc, 0xa4, 0x03, 0xdd, 0xfd, 0x03, 0x43, 0xa6, 0x40,
0xa1, 0xe0, 0x13, 0x82, 0x00, 0xf9, 0x92, 0x0e, 0x10, 0x21, 0x32, 0xc8,
0x64, 0x04, 0x7d, 0x2c, 0x02, 0x00, 0x45, 0xf8, 0xf1, 0x51, 0x15, 0xc6,
0x5d, 0xed, 0x5b, 0xfa, 0x93, 0x66, 0x92, 0x56, 0xd6, 0xce, 0x71, 0x5b,
0xd3, 0x98, 0xad, 0x6d, 0x65, 0x09, 0xef, 0x4e, 0x32, 0xd7, 0x45, 0x67,
0xdb, 0x98, 0x15, 0x28, 0xfa, 0xa2, 0x1c, 0x10, 0xdb, 0x79, 0x78, 0x0b,
0x10, 0x4c, 0xf7, 0x0e, 0x2a, 0xb6, 0x4a, 0xfb, 0x58, 0x57, 0x5f, 0xd6,
0x06, 0x52, 0x0a, 0xe1, 0xd7, 0xbe, 0x4a, 0xb5, 0x63, 0x48, 0x30, 0x82,
0x03, 0xb1, 0x02, 0x01, 0x01, 0x30, 0x7f, 0x30, 0x73, 0x31, 0x2d, 0x30,
0x2b, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x24, 0x41, 0x70, 0x70, 0x6c,
0x65, 0x20, 0x69, 0x50, 0x68, 0x6f, 0x6e, 0x65, 0x20, 0x43, 0x65, 0x72,
0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x41,
0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x31, 0x20, 0x30, 0x1e,
0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x17, 0x43, 0x65, 0x72, 0x74, 0x69,
0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x41, 0x75, 0x74,
0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03,
0x55, 0x04, 0x0a, 0x0c, 0x0a, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x20, 0x49,
0x6e, 0x63, 0x2e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
0x13, 0x02, 0x55, 0x53, 0x02, 0x08, 0x40, 0x60, 0x57, 0xb3, 0xc9, 0xbf,
0x9d, 0xf0, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
0x04, 0x02, 0x01, 0x05, 0x00, 0xa0, 0x82, 0x02, 0x07, 0x30, 0x18, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x03, 0x31, 0x0b,
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x30,
0x2f, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04,
0x31, 0x22, 0x04, 0x20, 0xc2, 0x96, 0x8f, 0x4a, 0x63, 0xc0, 0xcf, 0xb6,
0xcd, 0x82, 0xb8, 0x48, 0xe2, 0x04, 0x3d, 0xa0, 0x71, 0xfe, 0xa3, 0x66,
0x32, 0x8c, 0xb4, 0xe0, 0x94, 0x12, 0xdb, 0xb5, 0x73, 0x96, 0xc4, 0xc4,
0x30, 0x5b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x63, 0x64, 0x09,
0x02, 0x31, 0x4e, 0x30, 0x1d, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a,
0x04, 0x14, 0x51, 0xf9, 0xbc, 0xa2, 0x95, 0xbe, 0x9c, 0x2e, 0x1d, 0xee,
0x77, 0xd0, 0x93, 0xce, 0x0f, 0xcf, 0x3f, 0xc9, 0x34, 0x50, 0x30, 0x2d,
0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x04,
0x20, 0x93, 0x72, 0x19, 0xc3, 0x98, 0x18, 0xd7, 0x7d, 0x0c, 0x7b, 0x93,
0x6c, 0xba, 0xd6, 0x2c, 0xa4, 0x4c, 0x44, 0xb7, 0xa4, 0xaa, 0x7c, 0x50,
0x40, 0x93, 0x6f, 0x30, 0xb3, 0xe1, 0x19, 0xb0, 0x40, 0x30, 0x82, 0x01,
0x5b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x63, 0x64, 0x09, 0x01,
0x31, 0x82, 0x01, 0x4c, 0x04, 0x82, 0x01, 0x48, 0x3c, 0x3f, 0x78, 0x6d,
0x6c, 0x20, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x3d, 0x22, 0x31,
0x2e, 0x30, 0x22, 0x20, 0x65, 0x6e, 0x63, 0x6f, 0x64, 0x69, 0x6e, 0x67,
0x3d, 0x22, 0x55, 0x54, 0x46, 0x2d, 0x38, 0x22, 0x3f, 0x3e, 0x0a, 0x3c,
0x21, 0x44, 0x4f, 0x43, 0x54, 0x59, 0x50, 0x45, 0x20, 0x70, 0x6c, 0x69,
0x73, 0x74, 0x20, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x20, 0x22, 0x2d,
0x2f, 0x2f, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x2f, 0x2f, 0x44, 0x54, 0x44,
0x20, 0x50, 0x4c, 0x49, 0x53, 0x54, 0x20, 0x31, 0x2e, 0x30, 0x2f, 0x2f,
0x45, 0x4e, 0x22, 0x20, 0x22, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f,
0x77, 0x77, 0x77, 0x2e, 0x61, 0x70, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
0x6d, 0x2f, 0x44, 0x54, 0x44, 0x73, 0x2f, 0x50, 0x72, 0x6f, 0x70, 0x65,
0x72, 0x74, 0x79, 0x4c, 0x69, 0x73, 0x74, 0x2d, 0x31, 0x2e, 0x30, 0x2e,
0x64, 0x74, 0x64, 0x22, 0x3e, 0x0a, 0x3c, 0x70, 0x6c, 0x69, 0x73, 0x74,
0x20, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x3d, 0x22, 0x31, 0x2e,
0x30, 0x22, 0x3e, 0x0a, 0x3c, 0x64, 0x69, 0x63, 0x74, 0x3e, 0x0a, 0x09,
0x3c, 0x6b, 0x65, 0x79, 0x3e, 0x63, 0x64, 0x68, 0x61, 0x73, 0x68, 0x65,
0x73, 0x3c, 0x2f, 0x6b, 0x65, 0x79, 0x3e, 0x0a, 0x09, 0x3c, 0x61, 0x72,
0x72, 0x61, 0x79, 0x3e, 0x0a, 0x09, 0x09, 0x3c, 0x64, 0x61, 0x74, 0x61,
0x3e, 0x0a, 0x09, 0x09, 0x55, 0x66, 0x6d, 0x38, 0x6f, 0x70, 0x57, 0x2b,
0x6e, 0x43, 0x34, 0x64, 0x37, 0x6e, 0x66, 0x51, 0x6b, 0x38, 0x34, 0x50,
0x7a, 0x7a, 0x2f, 0x4a, 0x4e, 0x46, 0x41, 0x3d, 0x0a, 0x09, 0x09, 0x3c,
0x2f, 0x64, 0x61, 0x74, 0x61, 0x3e, 0x0a, 0x09, 0x09, 0x3c, 0x64, 0x61,
0x74, 0x61, 0x3e, 0x0a, 0x09, 0x09, 0x6b, 0x33, 0x49, 0x5a, 0x77, 0x35,
0x67, 0x59, 0x31, 0x33, 0x30, 0x4d, 0x65, 0x35, 0x4e, 0x73, 0x75, 0x74,
0x59, 0x73, 0x70, 0x45, 0x78, 0x45, 0x74, 0x36, 0x51, 0x3d, 0x0a, 0x09,
0x09, 0x3c, 0x2f, 0x64, 0x61, 0x74, 0x61, 0x3e, 0x0a, 0x09, 0x3c, 0x2f,
0x61, 0x72, 0x72, 0x61, 0x79, 0x3e, 0x0a, 0x3c, 0x2f, 0x64, 0x69, 0x63,
0x74, 0x3e, 0x0a, 0x3c, 0x2f, 0x70, 0x6c, 0x69, 0x73, 0x74, 0x3e, 0x0a,
0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
0x0b, 0x05, 0x00, 0x04, 0x82, 0x01, 0x00, 0x3b, 0x3d, 0x60, 0x8d, 0xa2,
0x95, 0x1e, 0x5b, 0xa6, 0x02, 0xb4, 0x71, 0xc3, 0xfa, 0x01, 0xf0, 0x1c,
0x1f, 0x15, 0x8d, 0xf0, 0x15, 0xcb, 0x76, 0x6a, 0xfd, 0xb4, 0x95, 0x14,
0x6f, 0xea, 0x4c, 0x1b, 0xf1, 0x32, 0x80, 0xe7, 0x97, 0x04, 0x00, 0x07,
0x4d, 0x86, 0x73, 0xbe, 0x5c, 0xd4, 0x13, 0xe4, 0x31, 0xb7, 0x94, 0xc0,
0x6a, 0xf9, 0x4a, 0x48, 0x7a, 0x44, 0xde, 0x67, 0xc8, 0xb2, 0xcd, 0xed,
0x2c, 0xff, 0x80, 0xec, 0x96, 0xc1, 0x2e, 0x37, 0x13, 0x67, 0x1b, 0xa3,
0x54, 0x63, 0x88, 0x84, 0x5d, 0x1a, 0xca, 0xc9, 0x58, 0xec, 0xca, 0x82,
0x38, 0x8d, 0x29, 0x1c, 0xca, 0x58, 0x50, 0xc4, 0xd0, 0x91, 0xba, 0x22,
0x7e, 0x73, 0x00, 0x58, 0x48, 0x5d, 0x49, 0xbd, 0xe7, 0xde, 0x35, 0x23,
0xfa, 0x60, 0x93, 0x12, 0x98, 0x2f, 0xf6, 0x8b, 0x38, 0x54, 0x32, 0x75,
0x0a, 0x3b, 0xed, 0x7f, 0x6a, 0x78, 0xf7, 0x87, 0x30, 0x49, 0xf4, 0x1f,
0x0d, 0x0a, 0x8b, 0xb7, 0xa7, 0x7e, 0x69, 0x48, 0x34, 0x6c, 0x9b, 0x77,
0xce, 0x0e, 0x68, 0xd9, 0x30, 0xb2, 0xc6, 0xa3, 0x30, 0x8a, 0x87, 0xd9,
0x25, 0xd7, 0x58, 0xc1, 0xae, 0x33, 0x4f, 0xeb, 0x2c, 0xcb, 0xf2, 0xb2,
0xe8, 0x2d, 0xa9, 0x4c, 0xa8, 0xd8, 0x64, 0x8b, 0x91, 0xdc, 0xb6, 0x55,
0x69, 0x84, 0x43, 0x4b, 0x75, 0xe6, 0xba, 0xd6, 0x58, 0x5b, 0x5e, 0xe7,
0x91, 0x5a, 0x69, 0x9b, 0xb6, 0x45, 0x7f, 0x1a, 0x9f, 0x0b, 0x87, 0xac,
0x4c, 0xc8, 0x58, 0x59, 0x18, 0x25, 0x02, 0x6c, 0xb2, 0x66, 0xf1, 0x2c,
0xc7, 0xaf, 0x68, 0x7a, 0x0e, 0x82, 0x93, 0x27, 0xd8, 0x75, 0x01, 0xdf,
0xd4, 0xa7, 0xba, 0xa5, 0x6e, 0xb2, 0x16, 0x49, 0x9a, 0xef, 0xdf, 0xec,
0xa7, 0x15, 0x78, 0x05, 0x68, 0x37, 0xaf, 0xf6, 0xfb, 0xa9, 0x3b, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00
};
unsigned int AppStoreSignatureBlob_len = 4398;
unsigned int TemplateSignatureBlob_len = 6845;

302
Exploits/fastPathSign/src/coretrust_bug.c
View File

@ -1,218 +1,120 @@
#include <CoreFoundation/CoreFoundation.h>
#include <stddef.h>
#include <stdint.h>
#include <stdio.h>
#include <dirent.h>
#include <sys/stat.h>
#include "CSBlob.h"
#include "MachOByteOrder.h"
#include "MachO.h"
#include "Host.h"
#include "MemoryStream.h"
#include "FileStream.h"
#include "BufferedStream.h"
#include "CodeDirectory.h"
#include "Base64.h"
#include <choma/CSBlob.h>
#include <choma/MachOByteOrder.h>
#include <choma/MachO.h>
#include <choma/Host.h>
#include <choma/MemoryStream.h>
#include <choma/FileStream.h>
#include <choma/BufferedStream.h>
#include <choma/SignOSSL.h>
#include <choma/CodeDirectory.h>
#include <choma/Base64.h>
#include "Templates/AppStoreCodeDirectory.h"
#include "Templates/DERTemplate.h"
#include "Templates/TemplateSignatureBlob.h"
#include "Templates/CADetails.h"
#include <openssl/pem.h>
#include <openssl/err.h>
#include <copyfile.h>
#include <TargetConditionals.h>
#include <openssl/cms.h>
#include "Templates/SignatureBlob.h"
#include "Templates/DecryptedSignature.h"
#include "Templates/PrivateKey.h"
// We can use static offsets here because we use a template signature blob
#define SIGNED_ATTRS_OFFSET 0x13C6 // SignedAttributes sequence
#define HASHHASH_OFFSET 0x1470 // SHA256 hash SignedAttribute
#define BASEBASE_OFFSET 0x15AD // Base64 hash SignedAttribute
#define SIGNSIGN_OFFSET 0x1602 // Signature
#define DECRYPTED_SIGNATURE_HASH_OFFSET 0x13
int update_signature_blob(CS_DecodedSuperBlob *superblob)
{
CS_DecodedBlob *sha1CD = csd_superblob_find_blob(superblob, CSSLOT_CODEDIRECTORY, NULL);
if (!sha1CD) {
printf("Could not find SHA1 CodeDirectory blob!\n");
return -1;
}
CS_DecodedBlob *sha256CD = csd_superblob_find_blob(superblob, CSSLOT_ALTERNATE_CODEDIRECTORIES, NULL);
if (!sha256CD) {
printf("Could not find SHA256 CodeDirectory blob!\n");
printf("Could not find CodeDirectory blob!\n");
return -1;
}
CS_DecodedBlob *signatureBlob = csd_superblob_find_blob(superblob, CSSLOT_SIGNATURESLOT, NULL);
if (!signatureBlob) {
printf("Could not find signature blob!\n");
return -1;
}
uint8_t sha1CDHash[CC_SHA1_DIGEST_LENGTH];
uint8_t sha256CDHash[CC_SHA256_DIGEST_LENGTH];
{
size_t dataSizeToRead = csd_blob_get_size(sha1CD);
uint8_t *data = malloc(dataSizeToRead);
memset(data, 0, dataSizeToRead);
csd_blob_read(sha1CD, 0, dataSizeToRead, data);
CC_SHA1(data, (CC_LONG)dataSizeToRead, sha1CDHash);
free(data);
printf("SHA1 hash: ");
for (int i = 0; i < CC_SHA1_DIGEST_LENGTH; i++) {
printf("%02x", sha1CDHash[i]);
}
printf("\n");
uint8_t fullHash[CC_SHA256_DIGEST_LENGTH];
size_t dataSizeToRead = csd_blob_get_size(sha256CD);
uint8_t *data = malloc(dataSizeToRead);
memset(data, 0, dataSizeToRead);
csd_blob_read(sha256CD, 0, dataSizeToRead, data);
CC_SHA256(data, (CC_LONG)dataSizeToRead, fullHash);
free(data);
uint8_t secondCDSHA256Hash[CC_SHA256_DIGEST_LENGTH];
memcpy(secondCDSHA256Hash, fullHash, CC_SHA256_DIGEST_LENGTH);
// Print the hash
printf("SHA256 hash: ");
for (int i = 0; i < CC_SHA256_DIGEST_LENGTH; i++) {
printf("%02x", secondCDSHA256Hash[i]);
}
printf("\n");
{
size_t dataSizeToRead = csd_blob_get_size(sha256CD);
uint8_t *data = malloc(dataSizeToRead);
memset(data, 0, dataSizeToRead);
csd_blob_read(sha256CD, 0, dataSizeToRead, data);
CC_SHA256(data, (CC_LONG)dataSizeToRead, sha256CDHash);
free(data);
printf("SHA256 hash: ");
for (int i = 0; i < CC_SHA256_DIGEST_LENGTH; i++) {
printf("%02x", sha256CDHash[i]);
}
printf("\n");
}
const uint8_t *cmsDataPtr = AppStoreSignatureBlob + offsetof(CS_GenericBlob, data);
size_t cmsDataSize = AppStoreSignatureBlob_len - sizeof(CS_GenericBlob);
CMS_ContentInfo *cms = d2i_CMS_ContentInfo(NULL, (const unsigned char**)&cmsDataPtr, cmsDataSize);
if (!cms) {
printf("Failed to parse CMS blob: %s!\n", ERR_error_string(ERR_get_error(), NULL));
size_t base64OutLength = 0;
char *newBase64Hash = base64_encode(secondCDSHA256Hash, CC_SHA1_DIGEST_LENGTH, &base64OutLength);
if (!newBase64Hash) {
printf("Failed to base64 encode hash!\n");
return -1;
}
// Load private key
FILE* privateKeyFile = fmemopen(CAKey, CAKeyLength, "r");
if (!privateKeyFile) {
printf("Failed to open private key file!\n");
return -1;
}
EVP_PKEY* privateKey = PEM_read_PrivateKey(privateKeyFile, NULL, NULL, NULL);
fclose(privateKeyFile);
if (!privateKey) {
printf("Failed to read private key file!\n");
return -1;
}
// Print the base64 hash
printf("Base64 hash: %.*s\n", CC_SHA256_DIGEST_LENGTH, newBase64Hash);
// Load certificate
FILE* certificateFile = fmemopen(CACert, CACertLength, "r");
if (!certificateFile) {
printf("Failed to open certificate file!\n");
int ret = csd_blob_write(signatureBlob, HASHHASH_OFFSET, CC_SHA256_DIGEST_LENGTH, secondCDSHA256Hash);
if (ret != 0) {
printf("Failed to write SHA256 hash to signature blob!\n");
free(newBase64Hash);
return -1;
}
X509* certificate = PEM_read_X509(certificateFile, NULL, NULL, NULL);
fclose(certificateFile);
if (!certificate) {
printf("Failed to read certificate file!\n");
return -1;
}
// Add signer
CMS_SignerInfo* newSigner = CMS_add1_signer(cms, certificate, privateKey, EVP_sha256(), CMS_PARTIAL | CMS_REUSE_DIGEST | CMS_NOSMIMECAP);
if (!newSigner) {
printf("Failed to add signer: %s!\n", ERR_error_string(ERR_get_error(), NULL));
return -1;
}
CFMutableArrayRef cdHashesArray = CFArrayCreateMutable(NULL, 2, &kCFTypeArrayCallBacks);
if (!cdHashesArray) {
printf("Failed to create CDHashes array!\n");
return -1;
}
CFDataRef sha1CDHashData = CFDataCreate(NULL, sha1CDHash, CC_SHA1_DIGEST_LENGTH);
if (!sha1CDHashData) {
printf("Failed to create CFData from SHA1 CDHash!\n");
CFRelease(cdHashesArray);
return -1;
}
CFArrayAppendValue(cdHashesArray, sha1CDHashData);
CFRelease(sha1CDHashData);
// In this plist, the SHA256 hash is truncated to SHA1 length
CFDataRef sha256CDHashData = CFDataCreate(NULL, sha256CDHash, CC_SHA1_DIGEST_LENGTH);
if (!sha256CDHashData) {
printf("Failed to create CFData from SHA256 CDHash!\n");
CFRelease(cdHashesArray);
return -1;
}
CFArrayAppendValue(cdHashesArray, sha256CDHashData);
CFRelease(sha256CDHashData);
CFMutableDictionaryRef cdHashesDictionary = CFDictionaryCreateMutable(NULL, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
if (!cdHashesDictionary) {
printf("Failed to create CDHashes dictionary!\n");
CFRelease(cdHashesArray);
return -1;
}
CFDictionarySetValue(cdHashesDictionary, CFSTR("cdhashes"), cdHashesArray);
CFRelease(cdHashesArray);
CFErrorRef error = NULL;
CFDataRef cdHashesDictionaryData = CFPropertyListCreateData(NULL, cdHashesDictionary, kCFPropertyListXMLFormat_v1_0, 0, &error);
CFRelease(cdHashesDictionary);
if (!cdHashesDictionaryData) {
// CFStringGetCStringPtr, unfortunately, does not always work
CFStringRef errorString = CFErrorCopyDescription(error);
CFIndex maxSize = CFStringGetMaximumSizeForEncoding(CFStringGetLength(errorString), kCFStringEncodingUTF8) + 1;
char *buffer = (char *)malloc(maxSize);
if (CFStringGetCString(errorString, buffer, maxSize, kCFStringEncodingUTF8)) {
printf("Failed to encode CDHashes plist: %s\n", buffer);
} else {
printf("Failed to encode CDHashes plist: unserializable error\n");
}
free(buffer);
ret = csd_blob_write(signatureBlob, BASEBASE_OFFSET, base64OutLength, newBase64Hash);
if (ret != 0) {
printf("Failed to write base64 hash to signature blob!\n");
free(newBase64Hash);
return -1;
}
// Add text CDHashes attribute
if (!CMS_signed_add1_attr_by_txt(newSigner, "1.2.840.113635.100.9.1", V_ASN1_OCTET_STRING, CFDataGetBytePtr(cdHashesDictionaryData), CFDataGetLength(cdHashesDictionaryData))) {
printf("Failed to add text CDHashes attribute: %s!\n", ERR_error_string(ERR_get_error(), NULL));
free(newBase64Hash);
unsigned char *newSignature = NULL;
size_t newSignatureSize = 0;
unsigned char newDecryptedSignature[0x33];
memset(newDecryptedSignature, 0, 0x33);
memcpy(newDecryptedSignature, DecryptedSignature, 0x33);
// Get the signed attributes hash
unsigned char signedAttrs[0x229];
memset(signedAttrs, 0, 0x229);
csd_blob_read(signatureBlob, SIGNED_ATTRS_OFFSET, 0x229, signedAttrs);
signedAttrs[0] = 0x31;
// Hash
uint8_t fullAttributesHash[CC_SHA256_DIGEST_LENGTH];
CC_SHA256(signedAttrs, (CC_LONG)0x229, fullAttributesHash);
memcpy(newDecryptedSignature + DECRYPTED_SIGNATURE_HASH_OFFSET, fullAttributesHash, CC_SHA256_DIGEST_LENGTH);
newSignature = signWithRSA(newDecryptedSignature, DecryptedSignature_len, CAKey, CAKeyLength, &newSignatureSize);
if (!newSignature) {
printf("Failed to sign the decrypted signature!\n");
return -1;
}
// Create DER-encoded CDHashes (see DERTemplate.h for details)
uint8_t cdHashesDER[78];
memset(cdHashesDER, 0, sizeof(cdHashesDER));
memcpy(cdHashesDER, CDHashesDERTemplate, sizeof(CDHashesDERTemplate));
memcpy(cdHashesDER + CDHASHES_DER_SHA1_OFFSET, sha1CDHash, CC_SHA1_DIGEST_LENGTH);
memcpy(cdHashesDER + CDHASHES_DER_SHA256_OFFSET, sha256CDHash, CC_SHA256_DIGEST_LENGTH);
// Add DER CDHashes attribute
if (!CMS_signed_add1_attr_by_txt(newSigner, "1.2.840.113635.100.9.2", V_ASN1_SEQUENCE, cdHashesDER, sizeof(cdHashesDER))) {
printf("Failed to add CDHashes attribute: %s!\n", ERR_error_string(ERR_get_error(), NULL));
if (newSignatureSize != 0x100) {
printf("The new signature is not the correct size!\n");
free(newSignature);
return -1;
}
// Sign the CMS structure
if (!CMS_SignerInfo_sign(newSigner)) {
printf("Failed to sign CMS structure: %s!\n", ERR_error_string(ERR_get_error(), NULL));
return -1;
}
// Encode the CMS structure into DER
uint8_t *newCMSData = NULL;
int newCMSDataSize = i2d_CMS_ContentInfo(cms, &newCMSData);
if (newCMSDataSize <= 0) {
printf("Failed to encode CMS structure: %s!\n", ERR_error_string(ERR_get_error(), NULL));
return -1;
}
// Copy CMS data into a new blob
uint32_t newCMSDataBlobSize = sizeof(CS_GenericBlob) + newCMSDataSize;
CS_GenericBlob *newCMSDataBlob = malloc(newCMSDataBlobSize);
newCMSDataBlob->magic = HOST_TO_BIG(CSMAGIC_BLOBWRAPPER);
newCMSDataBlob->length = HOST_TO_BIG(newCMSDataBlobSize);
memcpy(newCMSDataBlob->data, newCMSData, newCMSDataSize);
free(newCMSData);
// Remove old signature blob if it exists
CS_DecodedBlob *oldSignatureBlob = csd_superblob_find_blob(superblob, CSSLOT_SIGNATURESLOT, NULL);
if (oldSignatureBlob) {
csd_superblob_remove_blob(superblob, oldSignatureBlob);
csd_blob_free(oldSignatureBlob);
}
// Append new signature blob
CS_DecodedBlob *signatureBlob = csd_blob_init(CSSLOT_SIGNATURESLOT, newCMSDataBlob);
free(newCMSDataBlob);
// Append new signature blob
return csd_superblob_append_blob(superblob, signatureBlob);
ret = csd_blob_write(signatureBlob, SIGNSIGN_OFFSET, newSignatureSize, newSignature);
free(newSignature);
return ret;
}
int apply_coretrust_bypass(const char *machoPath)
@ -225,18 +127,6 @@ int apply_coretrust_bypass(const char *machoPath)
macho_free(macho);
return 2;
}
if (macho->machHeader.filetype == MH_OBJECT) {
printf("Error: MachO is an object file, please use a MachO executable or dynamic library!\n");
macho_free(macho);
return 3;
}
if (macho->machHeader.filetype == MH_DSYM) {
printf("Error: MachO is a dSYM file, please use a MachO executable or dynamic library!\n");
macho_free(macho);
return 3;
}
CS_SuperBlob *superblob = macho_read_code_signature(macho);
if (!superblob) {
@ -256,7 +146,11 @@ int apply_coretrust_bypass(const char *machoPath)
CS_DecodedBlob *derEntitlementsBlob = csd_superblob_find_blob(decodedSuperblob, CSSLOT_DER_ENTITLEMENTS, NULL);
if (!entitlementsBlob && !derEntitlementsBlob && macho->machHeader.filetype == MH_EXECUTE) {
printf("Warning: Unable to find existing entitlements blobs in executable MachO.\n");
printf("Error: Unable to find existing entitlements blobs in executable MachO, please make sure to ad-hoc sign with entitlements before running the bypass.\n");
csd_blob_free(mainCodeDirBlob);
if (alternateCodeDirBlob) csd_blob_free(alternateCodeDirBlob);
macho_free(macho);
return -1;
}
if (!mainCodeDirBlob) {
@ -300,12 +194,17 @@ int apply_coretrust_bypass(const char *machoPath)
csd_blob_free(signatureBlob);
}
// Append new template blob
signatureBlob = csd_blob_init(CSSLOT_SIGNATURESLOT, (CS_GenericBlob *)TemplateSignatureBlob);
csd_superblob_append_blob(decodedSuperblob, signatureBlob);
// After Modification:
// 1. App Store CodeDirectory (SHA1)
// ?. Requirements
// ?. Entitlements
// ?. DER entitlements
// 5. Actual CodeDirectory (SHA256)
// 6. Signature blob
printf("Updating TeamID...\n");
@ -329,16 +228,6 @@ int apply_coretrust_bypass(const char *machoPath)
// Set flags to 0 to remove any problematic flags (such as the 'adhoc' flag in bit 2)
csd_code_directory_set_flags(realCodeDirBlob, 0);
int ret = 0;
// 6. Signature blob
printf("Doing initial signing to calculate size...\n");
ret = update_signature_blob(decodedSuperblob);
if(ret == -1) {
printf("Error: failed to create new signature blob!\n");
return -1;
}
printf("Encoding unsigned superblob...\n");
CS_SuperBlob *encodedSuperblobUnsigned = csd_superblob_encode(decodedSuperblob);
@ -352,6 +241,7 @@ int apply_coretrust_bypass(const char *machoPath)
printf("Updating code slot hashes...\n");
csd_code_directory_update(realCodeDirBlob, macho);
int ret = 0;
printf("Signing binary...\n");
ret = update_signature_blob(decodedSuperblob);
if(ret == -1) {

0
Exploits/fastPathSign/src/external/.gitignore vendored Normal file
View File

11
Exploits/fastPathSign/src/external/include/choma/Base64.h vendored Normal file
View File

@ -0,0 +1,11 @@
#ifndef BASE64_H
#define BASE64_H
#include <stdint.h>
#include <stdlib.h>
char *base64_encode(const unsigned char *data,
size_t input_length,
size_t *output_length);
#endif // BASE64_H

19
Exploits/fastPathSign/src/external/include/choma/BufferedStream.h vendored Normal file
View File

@ -0,0 +1,19 @@
#ifndef BUFFERED_STREAM_H
#define BUFFERED_STREAM_H
#include "MemoryStream.h"
#include <stdbool.h>
#define BUFFERED_STREAM_FLAG_AUTO_EXPAND (1 << 0)
typedef struct BufferedStreamContext {
uint8_t *buffer;
size_t bufferSize;
uint32_t subBufferStart;
size_t subBufferSize;
} BufferedStreamContext;
MemoryStream *buffered_stream_init_from_buffer_nocopy(void *buffer, size_t bufferSize, uint32_t flags);
MemoryStream *buffered_stream_init_from_buffer(void *buffer, size_t bufferSize, uint32_t flags);
#endif // BUFFERED_STREAM_H

119
Exploits/fastPathSign/src/external/include/choma/CSBlob.h vendored Normal file
View File

@ -0,0 +1,119 @@
#ifndef CS_BLOB_H
#define CS_BLOB_H
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <stdbool.h>
#include "FAT.h"
#include "MachO.h"
#include "MemoryStream.h"
// Blob index
typedef struct __BlobIndex {
uint32_t type;
uint32_t offset;
} CS_BlobIndex;
// CMS superblob
typedef struct __SuperBlob {
uint32_t magic;
uint32_t length;
uint32_t count;
CS_BlobIndex index[];
} CS_SuperBlob;
typedef struct __GenericBlob {
uint32_t magic; /* magic number */
uint32_t length; /* total length of blob */
char data[];
} CS_GenericBlob;
// CMS blob magic types
enum {
CSMAGIC_REQUIREMENT = 0xfade0c00,
CSMAGIC_REQUIREMENTS = 0xfade0c01,
CSMAGIC_CODEDIRECTORY = 0xfade0c02,
CSMAGIC_EMBEDDED_SIGNATURE = 0xfade0cc0,
CSMAGIC_EMBEDDED_SIGNATURE_OLD = 0xfade0b02,
CSMAGIC_EMBEDDED_ENTITLEMENTS = 0xfade7171,
CSMAGIC_EMBEDDED_DER_ENTITLEMENTS = 0xfade7172,
CSMAGIC_DETACHED_SIGNATURE = 0xfade0cc1,
CSMAGIC_BLOBWRAPPER = 0xfade0b01,
CSMAGIC_EMBEDDED_LAUNCH_CONSTRAINT = 0xfade8181,
} CS_BlobMagic;
enum {
CSSLOT_CODEDIRECTORY = 0,
CSSLOT_INFOSLOT = 1,
CSSLOT_REQUIREMENTS = 2,
CSSLOT_RESOURCEDIR = 3,
CSSLOT_APPLICATION = 4,
CSSLOT_ENTITLEMENTS = 5,
CSSLOT_DER_ENTITLEMENTS = 7,
CSSLOT_LAUNCH_CONSTRAINT_SELF = 8,
CSSLOT_LAUNCH_CONSTRAINT_PARENT = 9,
CSSLOT_LAUNCH_CONSTRAINT_RESPONSIBLE = 10,
CSSLOT_LIBRARY_CONSTRAINT = 11,
CSSLOT_ALTERNATE_CODEDIRECTORIES = 0x1000, /* first alternate CodeDirectory, if any */
CSSLOT_ALTERNATE_CODEDIRECTORY_MAX = 5, /* max number of alternate CD slots */
CSSLOT_ALTERNATE_CODEDIRECTORY_LIMIT = CSSLOT_ALTERNATE_CODEDIRECTORIES + CSSLOT_ALTERNATE_CODEDIRECTORY_MAX, /* one past the last */
CSSLOT_SIGNATURESLOT = 0x10000,
CSSLOT_IDENTIFICATIONSLOT = 0x10001,
CSSLOT_TICKETSLOT = 0x10002,
} CS_SlotType;
typedef struct s_CS_DecodedBlob {
struct s_CS_DecodedBlob *next;
uint32_t type;
MemoryStream *stream;
} CS_DecodedBlob;
typedef struct s_CS_DecodedSuperBlob {
uint32_t magic;
struct s_CS_DecodedBlob *firstBlob;
} CS_DecodedSuperBlob;
// Convert blob magic to readable blob type string
const char *cs_blob_magic_to_string(uint32_t magic);
const char *cs_slot_type_to_string(uint32_t slotType);
// Extract Code Signature to file
int macho_extract_cs_to_file(MachO *macho, CS_SuperBlob *superblob);
int macho_find_code_signature_bounds(MachO *macho, uint32_t *offsetOut, uint32_t *sizeOut);
CS_SuperBlob *macho_read_code_signature(MachO *macho);
int macho_replace_code_signature(MachO *macho, CS_SuperBlob *superblob);
int update_load_commands(MachO *macho, CS_SuperBlob *superblob, uint64_t originalSize);
CS_DecodedBlob *csd_blob_init(uint32_t type, CS_GenericBlob *blobData);
int csd_blob_read(CS_DecodedBlob *blob, uint64_t offset, size_t size, void *outBuf);
int csd_blob_write(CS_DecodedBlob *blob, uint64_t offset, size_t size, const void *inBuf);
int csd_blob_insert(CS_DecodedBlob *blob, uint64_t offset, size_t size, const void *inBuf);
int csd_blob_delete(CS_DecodedBlob *blob, uint64_t offset, size_t size);
int csd_blob_read_string(CS_DecodedBlob *blob, uint64_t offset, char **outString);
int csd_blob_write_string(CS_DecodedBlob *blob, uint64_t offset, const char *string);
int csd_blob_get_size(CS_DecodedBlob *blob);
uint32_t csd_blob_get_type(CS_DecodedBlob *blob);
void csd_blob_set_type(CS_DecodedBlob *blob, uint32_t type);
void csd_blob_free(CS_DecodedBlob *blob);
CS_DecodedSuperBlob *csd_superblob_decode(CS_SuperBlob *superblob);
CS_SuperBlob *csd_superblob_encode(CS_DecodedSuperBlob *decodedSuperblob);
CS_DecodedBlob *csd_superblob_find_blob(CS_DecodedSuperBlob *superblob, uint32_t type, uint32_t *indexOut);
int csd_superblob_insert_blob_after_blob(CS_DecodedSuperBlob *superblob, CS_DecodedBlob *blobToInsert, CS_DecodedBlob *afterBlob);
int csd_superblob_insert_blob_at_index(CS_DecodedSuperBlob *superblob, CS_DecodedBlob *blobToInsert, uint32_t atIndex);
int csd_superblob_append_blob(CS_DecodedSuperBlob *superblob, CS_DecodedBlob *blobToAppend);
int csd_superblob_remove_blob(CS_DecodedSuperBlob *superblob, CS_DecodedBlob *blobToRemove); // <- Important: When calling this, caller is responsible for freeing blobToRemove
int csd_superblob_remove_blob_at_index(CS_DecodedSuperBlob *superblob, uint32_t atIndex);
int csd_superblob_print_content(CS_DecodedSuperBlob *decodedSuperblob, MachO *macho, bool printAllSlots, bool verifySlots);
void csd_superblob_free(CS_DecodedSuperBlob *decodedSuperblob);
#endif // CS_BLOB_H

53
Exploits/fastPathSign/src/external/include/choma/CodeDirectory.h vendored Normal file
View File

@ -0,0 +1,53 @@
#ifndef CODE_DIRECTORY_H
#define CODE_DIRECTORY_H
#include <stdint.h>
#include <math.h>
#include <CommonCrypto/CommonDigest.h>
#include "MachO.h"
#include "CSBlob.h"
#include "FAT.h"
#include "MachOByteOrder.h"
#include "MachOLoadCommand.h"
#include "MemoryStream.h"
// Code directory blob header
typedef struct __CodeDirectory {
uint32_t magic;
uint32_t length;
uint32_t version;
uint32_t flags;
uint32_t hashOffset;
uint32_t identOffset;
uint32_t nSpecialSlots;
uint32_t nCodeSlots;
uint32_t codeLimit;
uint8_t hashSize;
uint8_t hashType;
uint8_t spare1;
uint8_t pageSize;
uint32_t spare2;
uint32_t scatterOffset;
uint32_t teamOffset;
} CS_CodeDirectory;
enum CS_HashType {
CS_HASHTYPE_SHA160_160 = 1,
CS_HASHTYPE_SHA256_256 = 2,
CS_HASHTYPE_SHA256_160 = 3,
CS_HASHTYPE_SHA384_384 = 4,
};
char *csd_code_directory_copy_identity(CS_DecodedBlob *codeDirBlob, uint32_t *offsetOut);
char *csd_code_directory_copy_team_id(CS_DecodedBlob *codeDirBlob, uint32_t *offsetOut);
int csd_code_directory_set_team_id(CS_DecodedBlob *codeDirBlob, char *newTeamID);
uint32_t csd_code_directory_get_flags(CS_DecodedBlob *codeDirBlob);
void csd_code_directory_set_flags(CS_DecodedBlob *codeDirBlob, uint32_t flags);
uint8_t csd_code_directory_get_hash_type(CS_DecodedBlob *codeDirBlob);
void csd_code_directory_set_hash_type(CS_DecodedBlob *codeDirBlob, uint8_t hashType);
int csd_code_directory_print_content(CS_DecodedBlob *codeDirBlob, MachO *macho, bool printSlots, bool verifySlots);
void csd_code_directory_update(CS_DecodedBlob *codeDirBlob, MachO *macho);
#endif // CODE_DIRECTORY_H

46
Exploits/fastPathSign/src/external/include/choma/FAT.h vendored Normal file
View File

@ -0,0 +1,46 @@
#ifndef MACHO_H
#define MACHO_H
#include <stdio.h>
#include <libkern/OSByteOrder.h>
#include <mach/mach.h>
#include <mach-o/loader.h>
#include <mach-o/fat.h>
#include <sys/stat.h>
#include "MemoryStream.h"
typedef struct MachO MachO;
// A FAT structure can either represent a FAT file with multiple slices, in which the slices will be loaded into the slices attribute
// Or a single slice MachO, in which case it serves as a compatibility layer and the single slice will also be loaded into the slices attribute
typedef struct FAT
{
MemoryStream *stream;
MachO **slices;
uint32_t slicesCount;
int fileDescriptor;
} FAT;
int fat_read_at_offset(FAT *fat, uint64_t offset, size_t size, void *outBuf);
MemoryStream *fat_get_stream(FAT *fat);
// Initialise a FAT structure from a memory stream
FAT *fat_init_from_memory_stream(MemoryStream *stream);
// Initialise a FAT structure using the path to the file
FAT *fat_init_from_path(const char *filePath);
// Find macho with cputype and cpusubtype in FAT, returns NULL if not found
MachO *fat_find_slice(FAT *fat, cpu_type_t cputype, cpu_subtype_t cpusubtype);
// Create a FAT structure from an array of MachO structures
FAT *fat_create_for_macho_array(char *firstInputPath, MachO **machoArray, int machoArrayCount);
// Add a MachO to the FAT structure
int fat_add_macho(FAT *fat, MachO *macho);
// Free all elements of the FAT structure
void fat_free(FAT *fat);
#endif // MACHO_H

21
Exploits/fastPathSign/src/external/include/choma/FileStream.h vendored Normal file
View File

@ -0,0 +1,21 @@
#ifndef FILE_STREAM_H
#define FILE_STREAM_H
#include "MemoryStream.h"
#define FILE_STREAM_SIZE_AUTO 0
#define FILE_STREAM_FLAG_WRITABLE (1 << 0)
#define FILE_STREAM_FLAG_AUTO_EXPAND (1 << 1)
typedef struct FileStreamContext {
int fd;
size_t fileSize;
uint32_t bufferStart;
size_t bufferSize;
} FileStreamContext;
MemoryStream *file_stream_init_from_file_descriptor_nodup(int fd, uint32_t bufferStart, size_t bufferSize, uint32_t flags);
MemoryStream *file_stream_init_from_file_descriptor(int fd, uint32_t bufferStart, size_t bufferSize, uint32_t flags);
MemoryStream *file_stream_init_from_path(const char *path, uint32_t bufferStart, size_t bufferSize, uint32_t flags);
#endif // FILE_STREAM_H

10
Exploits/fastPathSign/src/external/include/choma/Host.h vendored Normal file
View File

@ -0,0 +1,10 @@
#ifndef HOST_H
#define HOST_H
#include "FAT.h"
// Retrieve the preferred MachO slice from a FAT
// Preferred slice as in the slice that the kernel would use when loading the file
MachO *fat_find_preferred_slice(FAT *fat);
#endif // HOST_H

68
Exploits/fastPathSign/src/external/include/choma/MachO.h vendored Normal file
View File

@ -0,0 +1,68 @@
#ifndef MACHO_SLICE_H
#define MACHO_SLICE_H
#include <stdbool.h>
#include <mach-o/fat.h>
#include <mach-o/loader.h>
#include "MemoryStream.h"
#include "FAT.h"
typedef struct MachOSegment
{
struct segment_command_64 command;
struct section_64 sections[];
} __attribute__((__packed__)) MachOSegment;
typedef struct FilesetMachO {
char *entry_id;
uint64_t vmaddr;
uint64_t fileoff;
FAT *underlyingMachO;
} FilesetMachO;
typedef struct MachO {
MemoryStream *stream;
bool isSupported;
struct mach_header_64 machHeader;
struct fat_arch_64 archDescriptor;
uint32_t filesetCount;
FilesetMachO *filesetMachos;
uint32_t segmentCount;
MachOSegment **segments;
} MachO;
// Read data from a MachO at a specified offset
int macho_read_at_offset(MachO *macho, uint64_t offset, size_t size, void *outBuf);
// Write data from a MachO at a specified offset, auto expands, only works if opened via macho_init_for_writing
int macho_write_at_offset(MachO *macho, uint64_t offset, size_t size, void *inBuf);
MemoryStream *macho_get_stream(MachO *macho);
uint32_t macho_get_filetype(MachO *macho);
// Perform translation between file offsets and virtual addresses
int macho_translate_fileoff_to_vmaddr(MachO *macho, uint64_t fileoff, uint64_t *vmaddrOut, MachOSegment **segmentOut);
int macho_translate_vmaddr_to_fileoff(MachO *macho, uint64_t vmaddr, uint64_t *fileoffOut, MachOSegment **segmentOut);
// Read data from a MachO at a specified virtual address
int macho_read_at_vmaddr(MachO *macho, uint64_t vmaddr, size_t size, void *outBuf);
int macho_enumerate_load_commands(MachO *macho, void (^enumeratorBlock)(struct load_command loadCommand, uint64_t offset, void *cmd, bool *stop));
// Initialise a MachO object from a MemoryStream and it's corresponding FAT arch descriptor
MachO *macho_init(MemoryStream *stream, struct fat_arch_64 archDescriptor);
// Initialize a single slice macho for writing to it
MachO *macho_init_for_writing(const char *filePath);
// Create an array of MachO objects from an array of paths
MachO **macho_array_create_for_paths(char **inputPaths, int inputPathsCount);
// Check if a MachO is encrypted
bool macho_is_encrypted(MachO *macho);
void macho_free(MachO *macho);
#endif // MACHO_SLICE_H

171
Exploits/fastPathSign/src/external/include/choma/MachOByteOrder.h vendored Normal file
View File

@ -0,0 +1,171 @@
#ifndef MACHO_BYTE_ORDER_H
#define MACHO_BYTE_ORDER_H
#include <stdio.h>
#include <stdlib.h>
// 8-bit integers needed for CodeDirectory
#define BIG_TO_HOST(n) _Generic((n), \
int8_t: n, \
uint8_t: n, \
int16_t: OSSwapBigToHostInt16(n), \
uint16_t: OSSwapBigToHostInt16(n), \
int32_t: OSSwapBigToHostInt32(n), \
uint32_t: OSSwapBigToHostInt32(n), \
int64_t: OSSwapBigToHostInt64(n), \
uint64_t: OSSwapBigToHostInt64(n) \
)
#define HOST_TO_BIG(n) _Generic((n), \
int8_t: n, \
uint8_t: n, \
uint16_t: OSSwapHostToBigInt16(n), \
int16_t: OSSwapHostToBigInt16(n), \
int32_t: OSSwapHostToBigInt32(n), \
uint32_t: OSSwapHostToBigInt32(n), \
int64_t: OSSwapHostToBigInt64(n), \
uint64_t: OSSwapHostToBigInt64(n) \
)
#define LITTLE_TO_HOST(n) _Generic((n), \
int8_t: n, \
uint8_t: n, \
int16_t: OSSwapLittleToHostInt16(n), \
uint16_t: OSSwapLittleToHostInt16(n), \
int32_t: OSSwapLittleToHostInt32(n), \
uint32_t: OSSwapLittleToHostInt32(n), \
int64_t: OSSwapLittleToHostInt64(n), \
uint64_t: OSSwapLittleToHostInt64(n) \
)
#define HOST_TO_LITTLE(n) _Generic((n), \
int8_t: n, \
uint8_t: n, \
int16_t: OSSwapHostToLittleInt16(n), \
uint16_t: OSSwapHostToLittleInt16(n), \
int32_t: OSSwapHostToLittleInt32(n), \
uint32_t: OSSwapHostToLittleInt32(n), \
int64_t: OSSwapHostToLittleInt64(n), \
uint64_t: OSSwapHostToLittleInt64(n) \
)
#define HOST_TO_LITTLE_APPLIER(instance, member) \
(instance)->member = HOST_TO_LITTLE((instance)->member)
#define HOST_TO_BIG_APPLIER(instance, member) \
(instance)->member = HOST_TO_BIG((instance)->member)
#define LITTLE_TO_HOST_APPLIER(instance, member) \
(instance)->member = LITTLE_TO_HOST((instance)->member)
#define BIG_TO_HOST_APPLIER(instance, member) \
(instance)->member = BIG_TO_HOST((instance)->member)
#define FAT_HEADER_APPLY_BYTE_ORDER(fh, applier) \
applier(fh, magic); \
applier(fh, nfat_arch);
#define FAT_ARCH_APPLY_BYTE_ORDER(arch, applier) \
applier(arch, cputype); \
applier(arch, cpusubtype); \
applier(arch, offset); \
applier(arch, size); \
applier(arch, align); \
#define FAT_ARCH_64_APPLY_BYTE_ORDER(arch, applier) \
applier(arch, cputype); \
applier(arch, cpusubtype); \
applier(arch, offset); \
applier(arch, size); \
applier(arch, align); \
applier(arch, reserved); \
#define MACH_HEADER_APPLY_BYTE_ORDER(mh, applier) \
applier(mh, magic); \
applier(mh, cputype); \
applier(mh, cpusubtype); \
applier(mh, filetype); \
applier(mh, ncmds); \
applier(mh, sizeofcmds); \
applier(mh, reserved);
#define LOAD_COMMAND_APPLY_BYTE_ORDER(lc, applier) \
applier(lc, cmd); \
applier(lc, cmdsize);
#define LINKEDIT_DATA_COMMAND_APPLY_BYTE_ORDER(lc, applier) \
applier(lc, cmd); \
applier(lc, cmdsize); \
applier(lc, dataoff); \
applier(lc, datasize);
#define ENCRYPTION_INFO_COMMAND_APPLY_BYTE_ORDER(eic, applier) \
applier(eic, cmd); \
applier(eic, cmdsize); \
applier(eic, cryptoff); \
applier(eic, cryptsize); \
applier(eic, cryptid);
#define BLOB_INDEX_APPLY_BYTE_ORDER(bi, applier) \
applier(bi, type); \
applier(bi, offset);
#define SUPERBLOB_APPLY_BYTE_ORDER(sb, applier) \
applier(sb, magic); \
applier(sb, length); \
applier(sb, count);
#define GENERIC_BLOB_APPLY_BYTE_ORDER(gb, applier) \
applier(gb, magic); \
applier(gb, length);
#define CODE_DIRECTORY_APPLY_BYTE_ORDER(cd, applier) \
applier(cd, magic); \
applier(cd, length); \
applier(cd, version); \
applier(cd, flags); \
applier(cd, hashOffset); \
applier(cd, identOffset); \
applier(cd, nSpecialSlots); \
applier(cd, nCodeSlots); \
applier(cd, codeLimit); \
applier(cd, hashSize); \
applier(cd, hashType); \
applier(cd, spare1); \
applier(cd, pageSize); \
applier(cd, spare2); \
applier(cd, scatterOffset); \
applier(cd, teamOffset);
#define SEGMENT_COMMAND_64_APPLY_BYTE_ORDER(sc64, applier) \
applier(sc64, cmd); \
applier(sc64, cmdsize); \
applier(sc64, fileoff); \
applier(sc64, filesize); \
applier(sc64, vmaddr); \
applier(sc64, vmsize); \
applier(sc64, flags); \
applier(sc64, initprot); \
applier(sc64, maxprot); \
applier(sc64, nsects);
#define SECTION_64_APPLY_BYTE_ORDER(sc64, applier) \
applier(sc64, addr); \
applier(sc64, align); \
applier(sc64, flags); \
applier(sc64, nreloc); \
applier(sc64, offset); \
applier(sc64, reserved1); \
applier(sc64, reserved2); \
applier(sc64, reserved3); \
applier(sc64, size);
#define FILESET_ENTRY_COMMAND_APPLY_BYTE_ORDER(fse, applier) \
applier(fse, cmd); \
applier(fse, cmdsize); \
applier(fse, vmaddr); \
applier(fse, fileoff); \
applier(fse, entry_id.offset); \
applier(fse, reserved); \
#endif // MACHO_BYTE_ORDER_H

16
Exploits/fastPathSign/src/external/include/choma/MachOLoadCommand.h vendored Normal file
View File

@ -0,0 +1,16 @@
#ifndef MACHO_LOAD_COMMAND_H
#define MACHO_LOAD_COMMAND_H
#include <mach-o/loader.h>
#include "MachO.h"
#include "CSBlob.h"
#include "FileStream.h"
#include "MachOByteOrder.h"
// Convert load command to load command name
char *load_command_to_string(int loadCommand);
void update_segment_command_64(MachO *macho, const char *segmentName, uint64_t vmaddr, uint64_t vmsize, uint64_t fileoff, uint64_t filesize);
void update_lc_code_signature(MachO *macho, uint64_t size);
int update_load_commands_for_coretrust_bypass(MachO *macho, CS_SuperBlob *superblob, uint64_t originalCodeSignatureSize, uint64_t originalMachOSize);
#endif // MACHO_LOAD_COMMAND_H

60
Exploits/fastPathSign/src/external/include/choma/MemoryStream.h vendored Normal file
View File

@ -0,0 +1,60 @@
#ifndef MEMORY_STREAM_H
#define MEMORY_STREAM_H
#include <stdio.h>
#include <stdlib.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <string.h>
#include <unistd.h>
#include <stdbool.h>
#define MEMORY_STREAM_FLAG_OWNS_DATA (1 << 0)
#define MEMORY_STREAM_FLAG_MUTABLE (1 << 1)
#define MEMORY_STREAM_FLAG_AUTO_EXPAND (1 << 2)
#define MEMORY_STREAM_SIZE_INVALID (size_t)-1
// A generic memory IO interface that is used throughout this project
// Can be backed by anything, just the functions have to be implemented
typedef struct s_MemoryStream {
void *context;
uint32_t flags;
int (*read)(struct s_MemoryStream *stream, uint64_t offset, size_t size, void *outBuf);
int (*write)(struct s_MemoryStream *stream, uint64_t offset, size_t size, const void *inBuf);
int (*getSize)(struct s_MemoryStream *stream, size_t *sizeOut);
uint8_t *(*getRawPtr)(struct s_MemoryStream *stream);
int (*trim)(struct s_MemoryStream *stream, size_t trimAtStart, size_t trimAtEnd);
int (*expand)(struct s_MemoryStream *stream, size_t expandAtStart, size_t expandAtEnd);
struct s_MemoryStream *(*hardclone)(struct s_MemoryStream *stream);
struct s_MemoryStream *(*softclone)(struct s_MemoryStream *stream);
void (*free)(struct s_MemoryStream *stream);
} MemoryStream;
int memory_stream_read(MemoryStream *stream, uint64_t offset, size_t size, void *outBuf);
int memory_stream_write(MemoryStream *stream, uint64_t offset, size_t size, const void *inBuf);
int memory_stream_insert(MemoryStream *stream, uint64_t offset, size_t size, const void *inBuf);
int memory_stream_delete(MemoryStream *stream, uint64_t offset, size_t size);
int memory_stream_read_string(MemoryStream *stream, uint64_t offset, char **outString);
int memory_stream_write_string(MemoryStream *stream, uint64_t offset, const char *string);
size_t memory_stream_get_size(MemoryStream *stream);
uint8_t *memory_stream_get_raw_pointer(MemoryStream *stream);
uint32_t memory_stream_get_flags(MemoryStream *stream);
MemoryStream *memory_stream_softclone(MemoryStream *stream);
MemoryStream *memory_stream_hardclone(MemoryStream *stream);
int memory_stream_trim(MemoryStream *stream, size_t trimAtStart, size_t trimAtEnd);
int memory_stream_expand(MemoryStream *stream, size_t expandAtStart, size_t expandAtEnd);
void memory_stream_free(MemoryStream *stream);
int memory_stream_copy_data(MemoryStream *originStream, uint64_t originOffset, MemoryStream *targetStream, uint64_t targetOffset, size_t size);
int memory_stream_find_memory(MemoryStream *stream, uint64_t searchOffset, size_t searchSize, void *bytes, void *mask, size_t nbytes, uint16_t alignment, uint64_t *foundOffsetOut);
#endif // MEMORY_STREAM_H

47
Exploits/fastPathSign/src/external/include/choma/PatchFinder.h vendored Normal file
View File

@ -0,0 +1,47 @@
#include <stdint.h>
#include "MachO.h"
#define METRIC_TYPE_PATTERN 1
#define METRIC_TYPE_STRING_XREF 2
#define METRIC_TYPE_FUNCTION_XREF 3
typedef struct PFSection {
MachO *macho;
uint64_t fileoff;
uint64_t vmaddr;
uint64_t size;
uint8_t *cache;
bool ownsCache;
} PFSection;
PFSection *pf_section_init_from_macho(MachO *macho, const char *filesetEntryId, const char *segName, const char *sectName);
int pf_section_read_at_relative_offset(PFSection *section, uint64_t rel, size_t size, void *outBuf);
int pf_section_read_at_address(PFSection *section, uint64_t vmaddr, void *outBuf, size_t size);
uint32_t pf_section_read32(PFSection *section, uint64_t vmaddr);
int pf_section_set_cached(PFSection *section, bool cached);
void pf_section_free(PFSection *section);
typedef struct MetricShared {
uint32_t type;
} MetricShared;
typedef enum {
BYTE_PATTERN_ALIGN_8_BIT,
BYTE_PATTERN_ALIGN_16_BIT,
BYTE_PATTERN_ALIGN_32_BIT,
BYTE_PATTERN_ALIGN_64_BIT,
} BytePatternAlignment;
typedef struct BytePatternMetric {
MetricShared shared;
void *bytes;
void *mask;
size_t nbytes;
BytePatternAlignment alignment;
} BytePatternMetric;
BytePatternMetric *pf_create_byte_pattern_metric(void *bytes, void *mask, size_t nbytes, BytePatternAlignment alignment);
void pf_section_run_metric(PFSection *section, void *metric, void (^matchBlock)(uint64_t vmaddr, bool *stop));

16
Exploits/fastPathSign/src/external/include/choma/SignOSSL.h vendored Normal file
View File

@ -0,0 +1,16 @@
#ifndef SIGN_OSSL_H
#define SIGN_OSSL_H
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include <openssl/sha.h>
#include <openssl/err.h>
unsigned char *signWithRSA(unsigned char *inputData, size_t inputDataLength, unsigned char *key, size_t key_len, size_t *outputDataLength);
#endif // SIGN_OSSL_H
// 0xA422

7
Exploits/fastPathSign/src/external/include/choma/Util.h vendored Normal file
View File

@ -0,0 +1,7 @@
#include <stdint.h>
#include <stdlib.h>
int memcmp_masked(const void *str1, const void *str2, unsigned char* mask, size_t n);
uint64_t align_to_size(int size, int alignment);
int count_digits(int64_t num);
void print_hash(uint8_t *hash, size_t size);

BIN
Exploits/fastPathSign/src/external/lib/libchoma.a vendored Normal file
View File

Binary file not shown.

26
Exploits/fastPathSign/src/main.m
View File

@ -1,13 +1,11 @@
#include "codesign.h"
#include "coretrust_bug.h"
#include "FAT.h"
#include "MachO.h"
#include "FileStream.h"
#include "Host.h"
#include <choma/FAT.h>
#include <choma/MachO.h>
#include <choma/FileStream.h>
#include <choma/Host.h>
#include <copyfile.h>
#define CPU_SUBTYPE_ARM64E_ABI_V2 0x80000000
char *extract_preferred_slice(const char *fatPath)
{
FAT *fat = fat_init_from_path(fatPath);
@ -22,15 +20,11 @@ char *extract_preferred_slice(const char *fatPath)
// If that fails, check for regular arm64
macho = fat_find_slice(fat, CPU_TYPE_ARM64, CPU_SUBTYPE_ARM64_ALL);
if (!macho) {
// If that fails, check for arm64e with ABI v2
macho = fat_find_slice(fat, CPU_TYPE_ARM64, CPU_SUBTYPE_ARM64E | CPU_SUBTYPE_ARM64E_ABI_V2);
// If that fails, check for arm64e
macho = fat_find_slice(fat, CPU_TYPE_ARM64, CPU_SUBTYPE_ARM64E);
if (!macho) {
// If that fails, check for arm64e
macho = fat_find_slice(fat, CPU_TYPE_ARM64, CPU_SUBTYPE_ARM64E);
if (!macho) {
fat_free(fat);
return NULL;
}
fat_free(fat);
return NULL;
}
}
}
@ -78,10 +72,6 @@ int main(int argc, char *argv[]) {
}
char *machoPath = extract_preferred_slice(input);
if (!machoPath) {
printf("Failed extracting best slice\n");
return -1;
}
printf("Extracted best slice to %s\n", machoPath);
printf("Applying CoreTrust bypass...\n");

4
LICENSE
View File

@ -4,13 +4,13 @@ Upstream-Contact: opa334 <opa334@protonmail.com>
Source: https://github.com/opa334/TrollStore
Files: *
Copyright: 2022-2024 Lars Fröder
Copyright: 2022-2023 Lars Fröder
License: MIT
Files: RootHelper/uicache.m
Copyright: Copyright (c) 2019 CoolStar,
Modified work Copyright (c) 2020-2022 Procursus Team <team@procurs.us>
Modified work Copyright (c) 2022-2024 Lars Fröder <opa334@protonmail.com>
Modified work Copyright (c) 2022-2023 Lars Fröder <opa334@protonmail.com>
License: BSD-4-Clause
License: BSD-4-Clause

122
Makefile
View File

@ -1,93 +1,77 @@
TOPTARGETS := all clean update
TOPTARGETS := all clean
$(TOPTARGETS): pre_build make_fastPathSign make_roothelper make_trollstore make_trollhelper_embedded make_trollhelper_package assemble_trollstore build_installer15 build_installer64e make_trollstore_lite
$(TOPTARGETS): pre_build make_fastPathSign make_roothelper make_trollstore make_trollhelper_embedded make_trollhelper_package assemble_trollstore build_installer15 build_installer64e
pre_build:
@rm -rf ./_build 2>/dev/null || true
@mkdir -p ./_build
@rm -rf ./_build 2>/dev/null || true
@mkdir -p ./_build
make_fastPathSign:
@$(MAKE) -C ./Exploits/fastPathSign $(MAKECMDGOALS)
@$(MAKE) -C ./Exploits/fastPathSign $(MAKECMDGOALS)
make_roothelper:
@$(MAKE) -C ./RootHelper DEBUG=0 $(MAKECMDGOALS)
@$(MAKE) -C ./RootHelper FINALPACKAGE=1 $(MAKECMDGOALS)
make_trollstore:
@$(MAKE) -C ./TrollStore FINALPACKAGE=1 $(MAKECMDGOALS)
@$(MAKE) -C ./TrollStore FINALPACKAGE=1 $(MAKECMDGOALS)
ifneq ($(MAKECMDGOALS),clean)
make_trollhelper_package:
@$(MAKE) clean -C ./TrollHelper
@cp ./RootHelper/.theos/obj/trollstorehelper ./TrollHelper/Resources/trollstorehelper
@$(MAKE) -C ./TrollHelper FINALPACKAGE=1 package $(MAKECMDGOALS)
@$(MAKE) clean -C ./TrollHelper
@$(MAKE) -C ./TrollHelper THEOS_PACKAGE_SCHEME=rootless FINALPACKAGE=1 package $(MAKECMDGOALS)
@rm ./TrollHelper/Resources/trollstorehelper
@$(MAKE) clean -C ./TrollHelper
@cp ./RootHelper/.theos/obj/trollstorehelper ./TrollHelper/Resources/trollstorehelper
@$(MAKE) -C ./TrollHelper FINALPACKAGE=1 package $(MAKECMDGOALS)
@$(MAKE) clean -C ./TrollHelper
@$(MAKE) -C ./TrollHelper THEOS_PACKAGE_SCHEME=rootless FINALPACKAGE=1 package $(MAKECMDGOALS)
@rm ./TrollHelper/Resources/trollstorehelper
make_trollhelper_embedded:
@$(MAKE) clean -C ./TrollHelper
@$(MAKE) -C ./TrollHelper FINALPACKAGE=1 EMBEDDED_ROOT_HELPER=1 $(MAKECMDGOALS)
@cp ./TrollHelper/.theos/obj/TrollStorePersistenceHelper.app/TrollStorePersistenceHelper ./_build/PersistenceHelper_Embedded
@$(MAKE) clean -C ./TrollHelper
@$(MAKE) -C ./TrollHelper FINALPACKAGE=1 EMBEDDED_ROOT_HELPER=1 LEGACY_CT_BUG=1 $(MAKECMDGOALS)
@cp ./TrollHelper/.theos/obj/TrollStorePersistenceHelper.app/TrollStorePersistenceHelper ./_build/PersistenceHelper_Embedded_Legacy_arm64
@$(MAKE) clean -C ./TrollHelper
@$(MAKE) -C ./TrollHelper FINALPACKAGE=1 EMBEDDED_ROOT_HELPER=1 CUSTOM_ARCHS=arm64e $(MAKECMDGOALS)
@cp ./TrollHelper/.theos/obj/TrollStorePersistenceHelper.app/TrollStorePersistenceHelper ./_build/PersistenceHelper_Embedded_Legacy_arm64e
@$(MAKE) clean -C ./TrollHelper
@$(MAKE) clean -C ./TrollHelper
@$(MAKE) -C ./TrollHelper FINALPACKAGE=1 EMBEDDED_ROOT_HELPER=1 $(MAKECMDGOALS)
@cp ./TrollHelper/.theos/obj/TrollStorePersistenceHelper.app/TrollStorePersistenceHelper ./_build/PersistenceHelper_Embedded
@$(MAKE) clean -C ./TrollHelper
@$(MAKE) -C ./TrollHelper FINALPACKAGE=1 EMBEDDED_ROOT_HELPER=1 LEGACY_CT_BUG=1 $(MAKECMDGOALS)
@cp ./TrollHelper/.theos/obj/TrollStorePersistenceHelper.app/TrollStorePersistenceHelper ./_build/PersistenceHelper_Embedded_Legacy_arm64
@$(MAKE) clean -C ./TrollHelper
@$(MAKE) -C ./TrollHelper FINALPACKAGE=1 EMBEDDED_ROOT_HELPER=1 CUSTOM_ARCHS=arm64e $(MAKECMDGOALS)
@cp ./TrollHelper/.theos/obj/TrollStorePersistenceHelper.app/TrollStorePersistenceHelper ./_build/PersistenceHelper_Embedded_Legacy_arm64e
@$(MAKE) clean -C ./TrollHelper
assemble_trollstore:
@cp ./RootHelper/.theos/obj/trollstorehelper ./TrollStore/.theos/obj/TrollStore.app/trollstorehelper
@cp ./TrollHelper/.theos/obj/TrollStorePersistenceHelper.app/TrollStorePersistenceHelper ./TrollStore/.theos/obj/TrollStore.app/PersistenceHelper
@export COPYFILE_DISABLE=1
@tar -czvf ./_build/TrollStore.tar -C ./TrollStore/.theos/obj TrollStore.app
@cp ./RootHelper/.theos/obj/trollstorehelper ./TrollStore/.theos/obj/TrollStore.app/trollstorehelper
@cp ./TrollHelper/.theos/obj/TrollStorePersistenceHelper.app/TrollStorePersistenceHelper ./TrollStore/.theos/obj/TrollStore.app/PersistenceHelper
@export COPYFILE_DISABLE=1
@tar -czvf ./_build/TrollStore.tar -C ./TrollStore/.theos/obj TrollStore.app
build_installer15:
@mkdir -p ./_build/tmp15
@unzip ./Victim/InstallerVictim.ipa -d ./_build/tmp15
@cp ./_build/PersistenceHelper_Embedded_Legacy_arm64 ./_build/TrollStorePersistenceHelperToInject
@pwnify set-cpusubtype ./_build/TrollStorePersistenceHelperToInject 1
@ldid -s -K./Victim/victim.p12 ./_build/TrollStorePersistenceHelperToInject
APP_PATH=$$(find ./_build/tmp15/Payload -name "*" -depth 1) ; \
APP_NAME=$$(basename $$APP_PATH) ; \
BINARY_NAME=$$(echo "$$APP_NAME" | cut -f 1 -d '.') ; \
echo $$BINARY_NAME ; \
pwnify pwn ./_build/tmp15/Payload/$$APP_NAME/$$BINARY_NAME ./_build/TrollStorePersistenceHelperToInject
@pushd ./_build/tmp15 ; \
zip -vrD ../../_build/TrollHelper_iOS15.ipa * ; \
popd
@rm ./_build/TrollStorePersistenceHelperToInject
@rm -rf ./_build/tmp15
@mkdir -p ./_build/tmp15
@unzip ./Victim/InstallerVictim.ipa -d ./_build/tmp15
@cp ./_build/PersistenceHelper_Embedded_Legacy_arm64 ./_build/TrollStorePersistenceHelperToInject
@pwnify set-cpusubtype ./_build/TrollStorePersistenceHelperToInject 1
@ldid -s -K./Victim/victim.p12 ./_build/TrollStorePersistenceHelperToInject
APP_PATH=$$(find ./_build/tmp15/Payload -name "*" -depth 1) ; \
APP_NAME=$$(basename $$APP_PATH) ; \
BINARY_NAME=$$(echo "$$APP_NAME" | cut -f 1 -d '.') ; \
echo $$BINARY_NAME ; \
pwnify pwn ./_build/tmp15/Payload/$$APP_NAME/$$BINARY_NAME ./_build/TrollStorePersistenceHelperToInject
@pushd ./_build/tmp15 ; \
zip -vrD ../../_build/TrollHelper_iOS15.ipa * ; \
popd
@rm ./_build/TrollStorePersistenceHelperToInject
@rm -rf ./_build/tmp15
build_installer64e:
@mkdir -p ./_build/tmp64e
@unzip ./Victim/InstallerVictim.ipa -d ./_build/tmp64e
APP_PATH=$$(find ./_build/tmp64e/Payload -name "*" -depth 1) ; \
APP_NAME=$$(basename $$APP_PATH) ; \
BINARY_NAME=$$(echo "$$APP_NAME" | cut -f 1 -d '.') ; \
echo $$BINARY_NAME ; \
pwnify pwn64e ./_build/tmp64e/Payload/$$APP_NAME/$$BINARY_NAME ./_build/PersistenceHelper_Embedded_Legacy_arm64e
@pushd ./_build/tmp64e ; \
zip -vrD ../../_build/TrollHelper_arm64e.ipa * ; \
popd
@rm -rf ./_build/tmp64e
make_trollstore_lite:
@$(MAKE) -C ./RootHelper DEBUG=0 TROLLSTORE_LITE=1
@rm -rf ./TrollStoreLite/Resources/trollstorehelper
@cp ./RootHelper/.theos/obj/trollstorehelper_lite ./TrollStoreLite/Resources/trollstorehelper
@$(MAKE) -C ./TrollStoreLite package FINALPACKAGE=1
@$(MAKE) -C ./RootHelper TROLLSTORE_LITE=1 clean
@$(MAKE) -C ./TrollStoreLite clean
@$(MAKE) -C ./RootHelper DEBUG=0 TROLLSTORE_LITE=1 THEOS_PACKAGE_SCHEME=rootless
@rm -rf ./TrollStoreLite/Resources/trollstorehelper
@cp ./RootHelper/.theos/obj/trollstorehelper_lite ./TrollStoreLite/Resources/trollstorehelper
@$(MAKE) -C ./TrollStoreLite package FINALPACKAGE=1 THEOS_PACKAGE_SCHEME=rootless
else
make_trollstore_lite:
@$(MAKE) -C ./TrollStoreLite $(MAKECMDGOALS)
@mkdir -p ./_build/tmp64e
@unzip ./Victim/InstallerVictim.ipa -d ./_build/tmp64e
APP_PATH=$$(find ./_build/tmp64e/Payload -name "*" -depth 1) ; \
APP_NAME=$$(basename $$APP_PATH) ; \
BINARY_NAME=$$(echo "$$APP_NAME" | cut -f 1 -d '.') ; \
echo $$BINARY_NAME ; \
pwnify pwn64e ./_build/tmp64e/Payload/$$APP_NAME/$$BINARY_NAME ./_build/PersistenceHelper_Embedded_Legacy_arm64e
@pushd ./_build/tmp64e ; \
zip -vrD ../../_build/TrollHelper_arm64e.ipa * ; \
popd
@rm -rf ./_build/tmp64e
endif
.PHONY: $(TOPTARGETS) pre_build assemble_trollstore make_trollhelper_package make_trollhelper_embedded build_installer15 build_installer64e

13
README.md
View File

@ -4,13 +4,13 @@ TrollStore is a permasigned jailed app that can permanently install any IPA you
It works because of an AMFI/CoreTrust bug where iOS does not correctly verify code signatures of binaries in which there are multiple signers.
Supported versions: 14.0 beta 2 - 16.6.1, 16.7 RC (20H18), 17.0
Supported versions: 14.0 - 16.6.1, 16.7 RC (20H18), 17.0
## Installing TrollStore
For installing TrollStore, refer to the guides at [ios.cfw.guide](https://ios.cfw.guide/installing-trollstore)
16.7.x (excluding 16.7 RC) and 17.0.1+ will NEVER be supported (unless a third CoreTrust bug is discovered, which is unlikely).
16.7.x (excluding 16.7 RC) and 17.0.1+ will NEVER be supported (unless Apple fucks CoreTrust up a third time...).
## Updating TrollStore
@ -32,10 +32,9 @@ On jailbroken iOS 14 when TrollHelper is used for installation, it is located in
## URL Scheme
As of version 1.3, TrollStore replaces the system URL scheme "apple-magnifier" (this is done so "jailbreak" detections can't detect TrollStore like they could if TrollStore had a unique URL scheme). This URL scheme can be used to install applications right from the browser, or to enable JIT from the app itself (only 2.0.12 and above), the format goes as follows:
As of version 1.3, TrollStore replaces the system URL scheme "apple-magnifier" (this is done so "jailbreak" detections can't detect TrollStore like they could if TrollStore had a unique URL scheme). This URL scheme can be used to install applications right from the browser, the format goes as follows:
- `apple-magnifier://install?url=<URL_to_IPA>`
- `apple-magnifier://enable-jit?bundle-id=<Bundle_ID>`
`apple-magnifier://install?url=<URL_to_IPA>`
On devices that don't have TrollStore (1.3+) installed, this will just open the magnifier app.
@ -109,10 +108,6 @@ Afterwards you can use the [spawnRoot function in TSUtil.m](./Shared/TSUtil.m#L7
- Spawning a launch daemon (Would need `CS_PLATFORMIZED`)
- Injecting a tweak into a system process (Would need `TF_PLATFORM`, a userland PAC bypass and a PMAP trust level bypass)
### Compilation
To compile TrollStore, ensure [theos](https://theos.dev/docs/installation) is installed. Additionaly ensure [brew](https://brew.sh/) is installed and install [libarchive](https://formulae.brew.sh/formula/libarchive) from brew.
## Credits and Further Reading
[@alfiecg_dev](https://twitter.com/alfiecg_dev/) - Found the CoreTrust bug that allows TrollStore to work through patchdiffing and worked on automating the bypass.

0
RootHelper/.gitignore vendored Normal file
View File

35
RootHelper/Makefile
View File

@ -1,36 +1,19 @@
TARGET := iphone:clang:16.5:14.0
ARCHS = arm64
ifdef TROLLSTORE_LITE
HELPER_NAME = trollstorehelper_lite
else
HELPER_NAME = trollstorehelper
TARGET_CODESIGN = ../Exploits/fastPathSign/fastPathSign
endif
include $(THEOS)/makefiles/common.mk
TOOL_NAME = $(HELPER_NAME)
TOOL_NAME = trollstorehelper
$(HELPER_NAME)_FILES = $(wildcard *.m) $(wildcard ../Shared/*.m) $(wildcard ../ChOma/src/*.c)
ifndef TROLLSTORE_LITE
$(HELPER_NAME)_FILES += ../Exploits/fastPathSign/src/coretrust_bug.c ../Exploits/fastPathSign/src/codesign.m
$(HELPER_NAME)_CODESIGN_FLAGS = --entitlements entitlements.plist
$(HELPER_NAME)_LDFLAGS = -L../ChOma/external/ios -lcrypto
else
$(HELPER_NAME)_CODESIGN_FLAGS = -Sentitlements.plist
endif
$(HELPER_NAME)_CFLAGS = -fobjc-arc -I../Shared $(shell pkg-config --cflags libcrypto) -I../ChOma/src -I../Exploits/fastPathSign/src -I$(shell brew --prefix)/opt/libarchive/include
$(HELPER_NAME)_INSTALL_PATH = /usr/local/bin
$(HELPER_NAME)_LIBRARIES = archive
$(HELPER_NAME)_FRAMEWORKS = CoreTelephony
$(HELPER_NAME)_PRIVATE_FRAMEWORKS = SpringBoardServices BackBoardServices MobileContainerManager FrontBoardServices RunningBoardServices
ifdef TROLLSTORE_LITE
$(HELPER_NAME)_CFLAGS += -DTROLLSTORE_LITE -DDISABLE_SIGNING=1
endif
trollstorehelper_FILES = $(wildcard *.m) $(wildcard ../Shared/*.m) ../Exploits/fastPathSign/src/coretrust_bug.c ../Exploits/fastPathSign/src/codesign.m
trollstorehelper_CFLAGS = -fobjc-arc -I../Shared $(shell pkg-config --cflags libcrypto) -Iexternal/include -I../Exploits/fastPathSign/src
trollstorehelper_LDFLAGS = -Lexternal/lib -lcrypto -lchoma
trollstorehelper_CODESIGN_FLAGS = --entitlements entitlements.plist
trollstorehelper_INSTALL_PATH = /usr/local/bin
trollstorehelper_LIBRARIES = archive
trollstorehelper_FRAMEWORKS = CoreTelephony
trollstorehelper_PRIVATE_FRAMEWORKS = SpringBoardServices BackBoardServices MobileContainerManager FrontBoardServices
include $(THEOS_MAKE_PATH)/tool.mk

2
RootHelper/control
View File

@ -1,6 +1,6 @@
Package: com.opa334.trollstoreroothelper
Name: trollstoreroothelper
Version: 2.1
Version: 2.0.9
Architecture: iphoneos-arm
Description: An awesome tool of some sort!!
Maintainer: opa334

10
RootHelper/entitlements.plist
View File

@ -44,11 +44,9 @@
<string>Uninstall</string>
<string>UpdatePlaceholderMetadata</string>
</array>
<key>com.apple.private.amfi.developer-mode-control</key>
<true/>
<key>com.apple.frontboard.shutdown</key>
<true/>
<key>com.apple.runningboard.process-state</key>
<true/>
<key>com.apple.private.amfi.developer-mode-control</key>
<true/>
<key>com.apple.frontboard.shutdown</key>
<true/>
</dict>
</plist>

11
RootHelper/external/include/choma/Base64.h vendored Normal file
View File

@ -0,0 +1,11 @@
#ifndef BASE64_H
#define BASE64_H
#include <stdint.h>
#include <stdlib.h>
char *base64_encode(const unsigned char *data,
size_t input_length,
size_t *output_length);
#endif // BASE64_H

19
RootHelper/external/include/choma/BufferedStream.h vendored Normal file
View File

@ -0,0 +1,19 @@
#ifndef BUFFERED_STREAM_H
#define BUFFERED_STREAM_H
#include "MemoryStream.h"
#include <stdbool.h>
#define BUFFERED_STREAM_FLAG_AUTO_EXPAND (1 << 0)
typedef struct BufferedStreamContext {
uint8_t *buffer;
size_t bufferSize;
uint32_t subBufferStart;
size_t subBufferSize;
} BufferedStreamContext;
MemoryStream *buffered_stream_init_from_buffer_nocopy(void *buffer, size_t bufferSize, uint32_t flags);
MemoryStream *buffered_stream_init_from_buffer(void *buffer, size_t bufferSize, uint32_t flags);
#endif // BUFFERED_STREAM_H

119
RootHelper/external/include/choma/CSBlob.h vendored Normal file
View File

@ -0,0 +1,119 @@
#ifndef CS_BLOB_H
#define CS_BLOB_H
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <stdbool.h>
#include "FAT.h"
#include "MachO.h"
#include "MemoryStream.h"
// Blob index
typedef struct __BlobIndex {
uint32_t type;
uint32_t offset;
} CS_BlobIndex;
// CMS superblob
typedef struct __SuperBlob {
uint32_t magic;
uint32_t length;
uint32_t count;
CS_BlobIndex index[];
} CS_SuperBlob;
typedef struct __GenericBlob {
uint32_t magic; /* magic number */
uint32_t length; /* total length of blob */
char data[];
} CS_GenericBlob;
// CMS blob magic types
enum {
CSMAGIC_REQUIREMENT = 0xfade0c00,
CSMAGIC_REQUIREMENTS = 0xfade0c01,
CSMAGIC_CODEDIRECTORY = 0xfade0c02,
CSMAGIC_EMBEDDED_SIGNATURE = 0xfade0cc0,
CSMAGIC_EMBEDDED_SIGNATURE_OLD = 0xfade0b02,
CSMAGIC_EMBEDDED_ENTITLEMENTS = 0xfade7171,
CSMAGIC_EMBEDDED_DER_ENTITLEMENTS = 0xfade7172,
CSMAGIC_DETACHED_SIGNATURE = 0xfade0cc1,
CSMAGIC_BLOBWRAPPER = 0xfade0b01,
CSMAGIC_EMBEDDED_LAUNCH_CONSTRAINT = 0xfade8181,
} CS_BlobMagic;
enum {
CSSLOT_CODEDIRECTORY = 0,
CSSLOT_INFOSLOT = 1,
CSSLOT_REQUIREMENTS = 2,
CSSLOT_RESOURCEDIR = 3,
CSSLOT_APPLICATION = 4,
CSSLOT_ENTITLEMENTS = 5,
CSSLOT_DER_ENTITLEMENTS = 7,
CSSLOT_LAUNCH_CONSTRAINT_SELF = 8,
CSSLOT_LAUNCH_CONSTRAINT_PARENT = 9,
CSSLOT_LAUNCH_CONSTRAINT_RESPONSIBLE = 10,
CSSLOT_LIBRARY_CONSTRAINT = 11,
CSSLOT_ALTERNATE_CODEDIRECTORIES = 0x1000, /* first alternate CodeDirectory, if any */
CSSLOT_ALTERNATE_CODEDIRECTORY_MAX = 5, /* max number of alternate CD slots */
CSSLOT_ALTERNATE_CODEDIRECTORY_LIMIT = CSSLOT_ALTERNATE_CODEDIRECTORIES + CSSLOT_ALTERNATE_CODEDIRECTORY_MAX, /* one past the last */
CSSLOT_SIGNATURESLOT = 0x10000,
CSSLOT_IDENTIFICATIONSLOT = 0x10001,
CSSLOT_TICKETSLOT = 0x10002,
} CS_SlotType;
typedef struct s_CS_DecodedBlob {
struct s_CS_DecodedBlob *next;
uint32_t type;
MemoryStream *stream;
} CS_DecodedBlob;
typedef struct s_CS_DecodedSuperBlob {
uint32_t magic;
struct s_CS_DecodedBlob *firstBlob;
} CS_DecodedSuperBlob;
// Convert blob magic to readable blob type string
const char *cs_blob_magic_to_string(uint32_t magic);
const char *cs_slot_type_to_string(uint32_t slotType);
// Extract Code Signature to file
int macho_extract_cs_to_file(MachO *macho, CS_SuperBlob *superblob);
int macho_find_code_signature_bounds(MachO *macho, uint32_t *offsetOut, uint32_t *sizeOut);
CS_SuperBlob *macho_read_code_signature(MachO *macho);
int macho_replace_code_signature(MachO *macho, CS_SuperBlob *superblob);
int update_load_commands(MachO *macho, CS_SuperBlob *superblob, uint64_t originalSize);
CS_DecodedBlob *csd_blob_init(uint32_t type, CS_GenericBlob *blobData);
int csd_blob_read(CS_DecodedBlob *blob, uint64_t offset, size_t size, void *outBuf);
int csd_blob_write(CS_DecodedBlob *blob, uint64_t offset, size_t size, const void *inBuf);
int csd_blob_insert(CS_DecodedBlob *blob, uint64_t offset, size_t size, const void *inBuf);
int csd_blob_delete(CS_DecodedBlob *blob, uint64_t offset, size_t size);
int csd_blob_read_string(CS_DecodedBlob *blob, uint64_t offset, char **outString);
int csd_blob_write_string(CS_DecodedBlob *blob, uint64_t offset, const char *string);
int csd_blob_get_size(CS_DecodedBlob *blob);
uint32_t csd_blob_get_type(CS_DecodedBlob *blob);
void csd_blob_set_type(CS_DecodedBlob *blob, uint32_t type);
void csd_blob_free(CS_DecodedBlob *blob);
CS_DecodedSuperBlob *csd_superblob_decode(CS_SuperBlob *superblob);
CS_SuperBlob *csd_superblob_encode(CS_DecodedSuperBlob *decodedSuperblob);
CS_DecodedBlob *csd_superblob_find_blob(CS_DecodedSuperBlob *superblob, uint32_t type, uint32_t *indexOut);
int csd_superblob_insert_blob_after_blob(CS_DecodedSuperBlob *superblob, CS_DecodedBlob *blobToInsert, CS_DecodedBlob *afterBlob);
int csd_superblob_insert_blob_at_index(CS_DecodedSuperBlob *superblob, CS_DecodedBlob *blobToInsert, uint32_t atIndex);
int csd_superblob_append_blob(CS_DecodedSuperBlob *superblob, CS_DecodedBlob *blobToAppend);
int csd_superblob_remove_blob(CS_DecodedSuperBlob *superblob, CS_DecodedBlob *blobToRemove); // <- Important: When calling this, caller is responsible for freeing blobToRemove
int csd_superblob_remove_blob_at_index(CS_DecodedSuperBlob *superblob, uint32_t atIndex);
int csd_superblob_print_content(CS_DecodedSuperBlob *decodedSuperblob, MachO *macho, bool printAllSlots, bool verifySlots);
void csd_superblob_free(CS_DecodedSuperBlob *decodedSuperblob);
#endif // CS_BLOB_H

53
RootHelper/external/include/choma/CodeDirectory.h vendored Normal file
View File

@ -0,0 +1,53 @@
#ifndef CODE_DIRECTORY_H
#define CODE_DIRECTORY_H
#include <stdint.h>
#include <math.h>
#include <CommonCrypto/CommonDigest.h>
#include "MachO.h"
#include "CSBlob.h"
#include "FAT.h"
#include "MachOByteOrder.h"
#include "MachOLoadCommand.h"
#include "MemoryStream.h"
// Code directory blob header
typedef struct __CodeDirectory {
uint32_t magic;
uint32_t length;
uint32_t version;
uint32_t flags;
uint32_t hashOffset;
uint32_t identOffset;
uint32_t nSpecialSlots;
uint32_t nCodeSlots;
uint32_t codeLimit;
uint8_t hashSize;
uint8_t hashType;
uint8_t spare1;
uint8_t pageSize;
uint32_t spare2;
uint32_t scatterOffset;
uint32_t teamOffset;
} CS_CodeDirectory;
enum CS_HashType {
CS_HASHTYPE_SHA160_160 = 1,
CS_HASHTYPE_SHA256_256 = 2,
CS_HASHTYPE_SHA256_160 = 3,
CS_HASHTYPE_SHA384_384 = 4,
};
char *csd_code_directory_copy_identity(CS_DecodedBlob *codeDirBlob, uint32_t *offsetOut);
char *csd_code_directory_copy_team_id(CS_DecodedBlob *codeDirBlob, uint32_t *offsetOut);
int csd_code_directory_set_team_id(CS_DecodedBlob *codeDirBlob, char *newTeamID);
uint32_t csd_code_directory_get_flags(CS_DecodedBlob *codeDirBlob);
void csd_code_directory_set_flags(CS_DecodedBlob *codeDirBlob, uint32_t flags);
uint8_t csd_code_directory_get_hash_type(CS_DecodedBlob *codeDirBlob);
void csd_code_directory_set_hash_type(CS_DecodedBlob *codeDirBlob, uint8_t hashType);
int csd_code_directory_print_content(CS_DecodedBlob *codeDirBlob, MachO *macho, bool printSlots, bool verifySlots);
void csd_code_directory_update(CS_DecodedBlob *codeDirBlob, MachO *macho);
#endif // CODE_DIRECTORY_H

46
RootHelper/external/include/choma/FAT.h vendored Normal file
View File

@ -0,0 +1,46 @@
#ifndef MACHO_H
#define MACHO_H
#include <stdio.h>
#include <libkern/OSByteOrder.h>
#include <mach/mach.h>
#include <mach-o/loader.h>
#include <mach-o/fat.h>
#include <sys/stat.h>
#include "MemoryStream.h"
typedef struct MachO MachO;
// A FAT structure can either represent a FAT file with multiple slices, in which the slices will be loaded into the slices attribute
// Or a single slice MachO, in which case it serves as a compatibility layer and the single slice will also be loaded into the slices attribute
typedef struct FAT
{
MemoryStream *stream;
MachO **slices;
uint32_t slicesCount;
int fileDescriptor;
} FAT;
int fat_read_at_offset(FAT *fat, uint64_t offset, size_t size, void *outBuf);
MemoryStream *fat_get_stream(FAT *fat);
// Initialise a FAT structure from a memory stream
FAT *fat_init_from_memory_stream(MemoryStream *stream);
// Initialise a FAT structure using the path to the file
FAT *fat_init_from_path(const char *filePath);
// Find macho with cputype and cpusubtype in FAT, returns NULL if not found
MachO *fat_find_slice(FAT *fat, cpu_type_t cputype, cpu_subtype_t cpusubtype);
// Create a FAT structure from an array of MachO structures
FAT *fat_create_for_macho_array(char *firstInputPath, MachO **machoArray, int machoArrayCount);
// Add a MachO to the FAT structure
int fat_add_macho(FAT *fat, MachO *macho);
// Free all elements of the FAT structure
void fat_free(FAT *fat);
#endif // MACHO_H

21
RootHelper/external/include/choma/FileStream.h vendored Normal file
View File

@ -0,0 +1,21 @@
#ifndef FILE_STREAM_H
#define FILE_STREAM_H
#include "MemoryStream.h"
#define FILE_STREAM_SIZE_AUTO 0
#define FILE_STREAM_FLAG_WRITABLE (1 << 0)
#define FILE_STREAM_FLAG_AUTO_EXPAND (1 << 1)
typedef struct FileStreamContext {
int fd;
size_t fileSize;
uint32_t bufferStart;
size_t bufferSize;
} FileStreamContext;
MemoryStream *file_stream_init_from_file_descriptor_nodup(int fd, uint32_t bufferStart, size_t bufferSize, uint32_t flags);
MemoryStream *file_stream_init_from_file_descriptor(int fd, uint32_t bufferStart, size_t bufferSize, uint32_t flags);
MemoryStream *file_stream_init_from_path(const char *path, uint32_t bufferStart, size_t bufferSize, uint32_t flags);
#endif // FILE_STREAM_H

10
RootHelper/external/include/choma/Host.h vendored Normal file
View File

@ -0,0 +1,10 @@
#ifndef HOST_H
#define HOST_H
#include "FAT.h"
// Retrieve the preferred MachO slice from a FAT
// Preferred slice as in the slice that the kernel would use when loading the file
MachO *fat_find_preferred_slice(FAT *fat);
#endif // HOST_H

68
RootHelper/external/include/choma/MachO.h vendored Normal file
View File

@ -0,0 +1,68 @@
#ifndef MACHO_SLICE_H
#define MACHO_SLICE_H
#include <stdbool.h>
#include <mach-o/fat.h>
#include <mach-o/loader.h>
#include "MemoryStream.h"
#include "FAT.h"
typedef struct MachOSegment
{
struct segment_command_64 command;
struct section_64 sections[];
} __attribute__((__packed__)) MachOSegment;
typedef struct FilesetMachO {
char *entry_id;
uint64_t vmaddr;
uint64_t fileoff;
FAT *underlyingMachO;
} FilesetMachO;
typedef struct MachO {
MemoryStream *stream;
bool isSupported;
struct mach_header_64 machHeader;
struct fat_arch_64 archDescriptor;
uint32_t filesetCount;
FilesetMachO *filesetMachos;
uint32_t segmentCount;
MachOSegment **segments;
} MachO;
// Read data from a MachO at a specified offset
int macho_read_at_offset(MachO *macho, uint64_t offset, size_t size, void *outBuf);
// Write data from a MachO at a specified offset, auto expands, only works if opened via macho_init_for_writing
int macho_write_at_offset(MachO *macho, uint64_t offset, size_t size, void *inBuf);
MemoryStream *macho_get_stream(MachO *macho);
uint32_t macho_get_filetype(MachO *macho);
// Perform translation between file offsets and virtual addresses
int macho_translate_fileoff_to_vmaddr(MachO *macho, uint64_t fileoff, uint64_t *vmaddrOut, MachOSegment **segmentOut);
int macho_translate_vmaddr_to_fileoff(MachO *macho, uint64_t vmaddr, uint64_t *fileoffOut, MachOSegment **segmentOut);
// Read data from a MachO at a specified virtual address
int macho_read_at_vmaddr(MachO *macho, uint64_t vmaddr, size_t size, void *outBuf);
int macho_enumerate_load_commands(MachO *macho, void (^enumeratorBlock)(struct load_command loadCommand, uint64_t offset, void *cmd, bool *stop));
// Initialise a MachO object from a MemoryStream and it's corresponding FAT arch descriptor
MachO *macho_init(MemoryStream *stream, struct fat_arch_64 archDescriptor);
// Initialize a single slice macho for writing to it
MachO *macho_init_for_writing(const char *filePath);
// Create an array of MachO objects from an array of paths
MachO **macho_array_create_for_paths(char **inputPaths, int inputPathsCount);
// Check if a MachO is encrypted
bool macho_is_encrypted(MachO *macho);
void macho_free(MachO *macho);
#endif // MACHO_SLICE_H

171
RootHelper/external/include/choma/MachOByteOrder.h vendored Normal file
View File

@ -0,0 +1,171 @@
#ifndef MACHO_BYTE_ORDER_H
#define MACHO_BYTE_ORDER_H
#include <stdio.h>
#include <stdlib.h>
// 8-bit integers needed for CodeDirectory
#define BIG_TO_HOST(n) _Generic((n), \
int8_t: n, \
uint8_t: n, \
int16_t: OSSwapBigToHostInt16(n), \
uint16_t: OSSwapBigToHostInt16(n), \
int32_t: OSSwapBigToHostInt32(n), \
uint32_t: OSSwapBigToHostInt32(n), \
int64_t: OSSwapBigToHostInt64(n), \
uint64_t: OSSwapBigToHostInt64(n) \
)
#define HOST_TO_BIG(n) _Generic((n), \
int8_t: n, \
uint8_t: n, \
uint16_t: OSSwapHostToBigInt16(n), \
int16_t: OSSwapHostToBigInt16(n), \
int32_t: OSSwapHostToBigInt32(n), \
uint32_t: OSSwapHostToBigInt32(n), \
int64_t: OSSwapHostToBigInt64(n), \
uint64_t: OSSwapHostToBigInt64(n) \
)
#define LITTLE_TO_HOST(n) _Generic((n), \
int8_t: n, \
uint8_t: n, \
int16_t: OSSwapLittleToHostInt16(n), \
uint16_t: OSSwapLittleToHostInt16(n), \
int32_t: OSSwapLittleToHostInt32(n), \
uint32_t: OSSwapLittleToHostInt32(n), \
int64_t: OSSwapLittleToHostInt64(n), \
uint64_t: OSSwapLittleToHostInt64(n) \
)
#define HOST_TO_LITTLE(n) _Generic((n), \
int8_t: n, \
uint8_t: n, \
int16_t: OSSwapHostToLittleInt16(n), \
uint16_t: OSSwapHostToLittleInt16(n), \
int32_t: OSSwapHostToLittleInt32(n), \
uint32_t: OSSwapHostToLittleInt32(n), \
int64_t: OSSwapHostToLittleInt64(n), \
uint64_t: OSSwapHostToLittleInt64(n) \
)
#define HOST_TO_LITTLE_APPLIER(instance, member) \
(instance)->member = HOST_TO_LITTLE((instance)->member)
#define HOST_TO_BIG_APPLIER(instance, member) \
(instance)->member = HOST_TO_BIG((instance)->member)
#define LITTLE_TO_HOST_APPLIER(instance, member) \
(instance)->member = LITTLE_TO_HOST((instance)->member)
#define BIG_TO_HOST_APPLIER(instance, member) \
(instance)->member = BIG_TO_HOST((instance)->member)
#define FAT_HEADER_APPLY_BYTE_ORDER(fh, applier) \
applier(fh, magic); \
applier(fh, nfat_arch);
#define FAT_ARCH_APPLY_BYTE_ORDER(arch, applier) \
applier(arch, cputype); \
applier(arch, cpusubtype); \
applier(arch, offset); \
applier(arch, size); \
applier(arch, align); \
#define FAT_ARCH_64_APPLY_BYTE_ORDER(arch, applier) \
applier(arch, cputype); \
applier(arch, cpusubtype); \
applier(arch, offset); \
applier(arch, size); \
applier(arch, align); \
applier(arch, reserved); \
#define MACH_HEADER_APPLY_BYTE_ORDER(mh, applier) \
applier(mh, magic); \
applier(mh, cputype); \
applier(mh, cpusubtype); \
applier(mh, filetype); \
applier(mh, ncmds); \
applier(mh, sizeofcmds); \
applier(mh, reserved);
#define LOAD_COMMAND_APPLY_BYTE_ORDER(lc, applier) \
applier(lc, cmd); \
applier(lc, cmdsize);
#define LINKEDIT_DATA_COMMAND_APPLY_BYTE_ORDER(lc, applier) \
applier(lc, cmd); \
applier(lc, cmdsize); \
applier(lc, dataoff); \
applier(lc, datasize);
#define ENCRYPTION_INFO_COMMAND_APPLY_BYTE_ORDER(eic, applier) \
applier(eic, cmd); \
applier(eic, cmdsize); \
applier(eic, cryptoff); \
applier(eic, cryptsize); \
applier(eic, cryptid);
#define BLOB_INDEX_APPLY_BYTE_ORDER(bi, applier) \
applier(bi, type); \
applier(bi, offset);
#define SUPERBLOB_APPLY_BYTE_ORDER(sb, applier) \
applier(sb, magic); \
applier(sb, length); \
applier(sb, count);
#define GENERIC_BLOB_APPLY_BYTE_ORDER(gb, applier) \
applier(gb, magic); \
applier(gb, length);
#define CODE_DIRECTORY_APPLY_BYTE_ORDER(cd, applier) \
applier(cd, magic); \
applier(cd, length); \
applier(cd, version); \
applier(cd, flags); \
applier(cd, hashOffset); \
applier(cd, identOffset); \
applier(cd, nSpecialSlots); \
applier(cd, nCodeSlots); \
applier(cd, codeLimit); \
applier(cd, hashSize); \
applier(cd, hashType); \
applier(cd, spare1); \
applier(cd, pageSize); \
applier(cd, spare2); \
applier(cd, scatterOffset); \
applier(cd, teamOffset);
#define SEGMENT_COMMAND_64_APPLY_BYTE_ORDER(sc64, applier) \
applier(sc64, cmd); \
applier(sc64, cmdsize); \
applier(sc64, fileoff); \
applier(sc64, filesize); \
applier(sc64, vmaddr); \
applier(sc64, vmsize); \
applier(sc64, flags); \
applier(sc64, initprot); \
applier(sc64, maxprot); \
applier(sc64, nsects);
#define SECTION_64_APPLY_BYTE_ORDER(sc64, applier) \
applier(sc64, addr); \
applier(sc64, align); \
applier(sc64, flags); \
applier(sc64, nreloc); \
applier(sc64, offset); \
applier(sc64, reserved1); \
applier(sc64, reserved2); \
applier(sc64, reserved3); \
applier(sc64, size);
#define FILESET_ENTRY_COMMAND_APPLY_BYTE_ORDER(fse, applier) \
applier(fse, cmd); \
applier(fse, cmdsize); \
applier(fse, vmaddr); \
applier(fse, fileoff); \
applier(fse, entry_id.offset); \
applier(fse, reserved); \
#endif // MACHO_BYTE_ORDER_H

16
RootHelper/external/include/choma/MachOLoadCommand.h vendored Normal file
View File

@ -0,0 +1,16 @@
#ifndef MACHO_LOAD_COMMAND_H
#define MACHO_LOAD_COMMAND_H
#include <mach-o/loader.h>
#include "MachO.h"
#include "CSBlob.h"
#include "FileStream.h"
#include "MachOByteOrder.h"
// Convert load command to load command name
char *load_command_to_string(int loadCommand);
void update_segment_command_64(MachO *macho, const char *segmentName, uint64_t vmaddr, uint64_t vmsize, uint64_t fileoff, uint64_t filesize);
void update_lc_code_signature(MachO *macho, uint64_t size);
int update_load_commands_for_coretrust_bypass(MachO *macho, CS_SuperBlob *superblob, uint64_t originalCodeSignatureSize, uint64_t originalMachOSize);
#endif // MACHO_LOAD_COMMAND_H

60
RootHelper/external/include/choma/MemoryStream.h vendored Normal file
View File

@ -0,0 +1,60 @@
#ifndef MEMORY_STREAM_H
#define MEMORY_STREAM_H
#include <stdio.h>
#include <stdlib.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <string.h>
#include <unistd.h>
#include <stdbool.h>
#define MEMORY_STREAM_FLAG_OWNS_DATA (1 << 0)
#define MEMORY_STREAM_FLAG_MUTABLE (1 << 1)
#define MEMORY_STREAM_FLAG_AUTO_EXPAND (1 << 2)
#define MEMORY_STREAM_SIZE_INVALID (size_t)-1
// A generic memory IO interface that is used throughout this project
// Can be backed by anything, just the functions have to be implemented
typedef struct s_MemoryStream {
void *context;
uint32_t flags;
int (*read)(struct s_MemoryStream *stream, uint64_t offset, size_t size, void *outBuf);
int (*write)(struct s_MemoryStream *stream, uint64_t offset, size_t size, const void *inBuf);
int (*getSize)(struct s_MemoryStream *stream, size_t *sizeOut);
uint8_t *(*getRawPtr)(struct s_MemoryStream *stream);
int (*trim)(struct s_MemoryStream *stream, size_t trimAtStart, size_t trimAtEnd);
int (*expand)(struct s_MemoryStream *stream, size_t expandAtStart, size_t expandAtEnd);
struct s_MemoryStream *(*hardclone)(struct s_MemoryStream *stream);
struct s_MemoryStream *(*softclone)(struct s_MemoryStream *stream);
void (*free)(struct s_MemoryStream *stream);
} MemoryStream;
int memory_stream_read(MemoryStream *stream, uint64_t offset, size_t size, void *outBuf);
int memory_stream_write(MemoryStream *stream, uint64_t offset, size_t size, const void *inBuf);
int memory_stream_insert(MemoryStream *stream, uint64_t offset, size_t size, const void *inBuf);
int memory_stream_delete(MemoryStream *stream, uint64_t offset, size_t size);
int memory_stream_read_string(MemoryStream *stream, uint64_t offset, char **outString);
int memory_stream_write_string(MemoryStream *stream, uint64_t offset, const char *string);
size_t memory_stream_get_size(MemoryStream *stream);
uint8_t *memory_stream_get_raw_pointer(MemoryStream *stream);
uint32_t memory_stream_get_flags(MemoryStream *stream);
MemoryStream *memory_stream_softclone(MemoryStream *stream);
MemoryStream *memory_stream_hardclone(MemoryStream *stream);
int memory_stream_trim(MemoryStream *stream, size_t trimAtStart, size_t trimAtEnd);
int memory_stream_expand(MemoryStream *stream, size_t expandAtStart, size_t expandAtEnd);
void memory_stream_free(MemoryStream *stream);
int memory_stream_copy_data(MemoryStream *originStream, uint64_t originOffset, MemoryStream *targetStream, uint64_t targetOffset, size_t size);
int memory_stream_find_memory(MemoryStream *stream, uint64_t searchOffset, size_t searchSize, void *bytes, void *mask, size_t nbytes, uint16_t alignment, uint64_t *foundOffsetOut);
#endif // MEMORY_STREAM_H

47
RootHelper/external/include/choma/PatchFinder.h vendored Normal file
View File

@ -0,0 +1,47 @@
#include <stdint.h>
#include "MachO.h"
#define METRIC_TYPE_PATTERN 1
#define METRIC_TYPE_STRING_XREF 2
#define METRIC_TYPE_FUNCTION_XREF 3
typedef struct PFSection {
MachO *macho;
uint64_t fileoff;
uint64_t vmaddr;
uint64_t size;
uint8_t *cache;
bool ownsCache;
} PFSection;
PFSection *pf_section_init_from_macho(MachO *macho, const char *filesetEntryId, const char *segName, const char *sectName);
int pf_section_read_at_relative_offset(PFSection *section, uint64_t rel, size_t size, void *outBuf);
int pf_section_read_at_address(PFSection *section, uint64_t vmaddr, void *outBuf, size_t size);
uint32_t pf_section_read32(PFSection *section, uint64_t vmaddr);
int pf_section_set_cached(PFSection *section, bool cached);
void pf_section_free(PFSection *section);
typedef struct MetricShared {
uint32_t type;
} MetricShared;
typedef enum {
BYTE_PATTERN_ALIGN_8_BIT,
BYTE_PATTERN_ALIGN_16_BIT,
BYTE_PATTERN_ALIGN_32_BIT,
BYTE_PATTERN_ALIGN_64_BIT,
} BytePatternAlignment;
typedef struct BytePatternMetric {
MetricShared shared;
void *bytes;
void *mask;
size_t nbytes;
BytePatternAlignment alignment;
} BytePatternMetric;
BytePatternMetric *pf_create_byte_pattern_metric(void *bytes, void *mask, size_t nbytes, BytePatternAlignment alignment);
void pf_section_run_metric(PFSection *section, void *metric, void (^matchBlock)(uint64_t vmaddr, bool *stop));

16
RootHelper/external/include/choma/SignOSSL.h vendored Normal file
View File

@ -0,0 +1,16 @@
#ifndef SIGN_OSSL_H
#define SIGN_OSSL_H
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include <openssl/sha.h>
#include <openssl/err.h>
unsigned char *signWithRSA(unsigned char *inputData, size_t inputDataLength, unsigned char *key, size_t key_len, size_t *outputDataLength);
#endif // SIGN_OSSL_H
// 0xA422

7
RootHelper/external/include/choma/Util.h vendored Normal file
View File

@ -0,0 +1,7 @@
#include <stdint.h>
#include <stdlib.h>
int memcmp_masked(const void *str1, const void *str2, unsigned char* mask, size_t n);
uint64_t align_to_size(int size, int alignment);
int count_digits(int64_t num);
void print_hash(uint8_t *hash, size_t size);

BIN
RootHelper/external/lib/libchoma.a vendored Normal file
View File

Binary file not shown.

BIN
RootHelper/external/lib/libcrypto.a vendored Normal file
View File

Binary file not shown.

3
RootHelper/jit.h
View File

@ -1,3 +0,0 @@
#import <Foundation/Foundation.h>
int enableJIT(NSString *bundleID);

45
RootHelper/jit.m
View File

@ -1,45 +0,0 @@
@import Foundation;
@import Darwin;
@interface RBSProcessPredicate
+ (instancetype)predicateMatchingBundleIdentifier:(NSString *)bundleID;
@end
@interface RBSProcessHandle
+ (instancetype)handleForPredicate:(RBSProcessPredicate *)predicate error:(NSError **)error;
- (int)rbs_pid;
@end
#define PT_DETACH 11
#define PT_ATTACHEXC 14
int ptrace(int request, pid_t pid, caddr_t addr, int data);
int enableJIT(NSString *bundleID) {
#ifdef EMBEDDED_ROOT_HELPER
return -1;
#else
RBSProcessPredicate *predicate = [RBSProcessPredicate predicateMatchingBundleIdentifier:bundleID];
RBSProcessHandle* process = [RBSProcessHandle handleForPredicate:predicate error:nil];
int pid = process.rbs_pid;
if (!pid)
{
return ESRCH;
}
int ret = ptrace(PT_ATTACHEXC, pid, 0, 0);
if (ret == -1)
{
return errno;
}
usleep(100000);
ret = ptrace(PT_DETACH, pid, 0, 0);
if (ret == -1)
{
return errno;
}
return 0;
#endif
}

321
RootHelper/main.m
View File

@ -11,20 +11,18 @@
#import <mach-o/loader.h>
#import <mach-o/fat.h>
#import "devmode.h"
#import "jit.h"
#ifndef EMBEDDED_ROOT_HELPER
#import "codesign.h"
#import "coretrust_bug.h"
#import "FAT.h"
#import "MachO.h"
#import "FileStream.h"
#import "Host.h"
#import <choma/FAT.h>
#import <choma/MachO.h>
#import <choma/FileStream.h>
#import <choma/Host.h>
#endif
#import <SpringBoardServices/SpringBoardServices.h>
#import <FrontBoardServices/FBSSystemService.h>
#import <Security/Security.h>
#import <libroot.h>
#ifdef EMBEDDED_ROOT_HELPER
#define MAIN_NAME rootHelperMain
@ -244,21 +242,6 @@ void setTSURLSchemeState(BOOL newState, NSString* customAppPath)
}
}
#ifdef TROLLSTORE_LITE
BOOL isLdidInstalled(void)
{
// Since TrollStore Lite depends on ldid, we assume it exists
return YES;
}
NSString *getLdidPath(void)
{
return JBROOT_PATH(@"/usr/bin/ldid");
}
#else
void installLdid(NSString* ldidToCopyPath, NSString* ldidVersion)
{
if(![[NSFileManager defaultManager] fileExistsAtPath:ldidToCopyPath]) return;
@ -286,16 +269,9 @@ BOOL isLdidInstalled(void)
return [[NSFileManager defaultManager] fileExistsAtPath:ldidPath];
}
NSString *getLdidPath(void)
{
return [trollStoreAppPath() stringByAppendingPathComponent:@"ldid"];
}
#endif
int runLdid(NSArray* args, NSString** output, NSString** errorOutput)
{
NSString* ldidPath = getLdidPath();
NSString* ldidPath = [trollStoreAppPath() stringByAppendingPathComponent:@"ldid"];
NSMutableArray* argsM = args.mutableCopy ?: [NSMutableArray new];
[argsM insertObject:ldidPath.lastPathComponent atIndex:0];
@ -323,7 +299,6 @@ int runLdid(NSArray* args, NSString** output, NSString** errorOutput)
pid_t task_pid;
int status = -200;
NSLog(@"About to spawn ldid (%@) with args %@", ldidPath, args);
int spawnError = posix_spawn(&task_pid, [ldidPath fileSystemRepresentation], &action, NULL, (char* const*)argsC, NULL);
for (NSUInteger i = 0; i < argCount; i++)
{
@ -333,7 +308,7 @@ int runLdid(NSArray* args, NSString** output, NSString** errorOutput)
if(spawnError != 0)
{
NSLog(@"ldid failed to spawn with error %d (%s)\n", spawnError, strerror(spawnError));
NSLog(@"posix_spawn error %d\n", spawnError);
return spawnError;
}
@ -559,7 +534,6 @@ int signApp(NSString* appPath)
if(![[NSFileManager defaultManager] fileExistsAtPath:mainExecutablePath]) return 174;
#ifndef TROLLSTORE_LITE
// Check if the bundle has had a supported exploit pre-applied
EXPLOIT_TYPE declaredPreAppliedExploitType = getDeclaredExploitTypeFromInfoDictionary(appInfoDict);
if(isPlatformVulnerableToExploitType(declaredPreAppliedExploitType))
@ -567,7 +541,7 @@ int signApp(NSString* appPath)
NSLog(@"[signApp] taking fast path for app which declares use of a supported pre-applied exploit (%@)", mainExecutablePath);
return 0;
}
else if (declaredPreAppliedExploitType != 0)
else
{
NSLog(@"[signApp] app (%@) declares use of a pre-applied exploit that is not supported on this device. Proceeding to re-sign...", mainExecutablePath);
}
@ -595,12 +569,6 @@ int signApp(NSString* appPath)
// On iOS 16+, binaries with certain entitlements requires developer mode to be enabled, so we'll check
// while we're fixing entitlements
BOOL requiresDevMode = NO;
#endif
// The majority of IPA decryption utilities only decrypt the main executable of the app bundle
// As a result, we cannot bail on the entire app if an additional binary is encrypted (e.g. app extensions)
// Instead, we will display a warning to the user, and warn them that the app may not work properly
BOOL hasAdditionalEncryptedBinaries = NO;
NSURL* fileURL;
NSDirectoryEnumerator *enumerator;
@ -618,7 +586,6 @@ int signApp(NSString* appPath)
NSString *bundleId = infoDict[@"CFBundleIdentifier"];
NSString *bundleExecutable = infoDict[@"CFBundleExecutable"];
if (!bundleId || !bundleExecutable) continue;
if ([bundleId isEqualToString:@""] || [bundleExecutable isEqualToString:@""]) continue;
NSString *bundleMainExecutablePath = [[filePath stringByDeletingLastPathComponent] stringByAppendingPathComponent:bundleExecutable];
if (![[NSFileManager defaultManager] fileExistsAtPath:bundleMainExecutablePath]) continue;
@ -647,7 +614,6 @@ int signApp(NSString* appPath)
if (!entitlementsToUse) entitlementsToUse = [NSMutableDictionary new];
#ifndef TROLLSTORE_LITE
// Developer mode does not exist before iOS 16
if (@available(iOS 16, *)){
if (!requiresDevMode) {
@ -692,25 +658,15 @@ int signApp(NSString* appPath)
entitlementsToUse[@"com.apple.private.security.container-required"] = bundleId;
}
}
#else
// Since TrollStore Lite adhoc signs stuff, this means that on PMAP_CS devices, it will run with "PMAP_CS_IN_LOADED_TRUST_CACHE" trust level
// We need to overwrite it so that the app runs as expected (Dopamine 2.1.5+ feature)
entitlementsToUse[@"jb.pmap_cs_custom_trust"] = @"PMAP_CS_APP_STORE";
#endif
int r = signAdhoc(bundleMainExecutablePath, entitlementsToUse);
if (r != 0) return r;
signAdhoc(bundleMainExecutablePath, entitlementsToUse);
}
}
// All entitlement related issues should be fixed at this point, so all we need to do is sign the entire bundle
// And then apply the CoreTrust bypass to all executables
// XXX: This only works because we're using ldid at the moment and that recursively signs everything
int r = signAdhoc(appPath, nil);
if (r != 0) return r;
signAdhoc(appPath, nil);
#ifndef TROLLSTORE_LITE
// Apply CoreTrust bypass
enumerator = [[NSFileManager defaultManager] enumeratorAtURL:[NSURL fileURLWithPath:appPath] includingPropertiesForKeys:nil options:0 errorHandler:nil];
while(fileURL = [enumerator nextObject])
{
@ -737,23 +693,13 @@ int signApp(NSString* appPath)
}
else if (r == 2) {
NSLog(@"[%@] Cannot apply CoreTrust bypass on an encrypted binary!", filePath);
if (isSameFile(filePath, mainExecutablePath)) {
// If this is the main binary, this error is fatal
NSLog(@"[%@] Main binary is encrypted, cannot continue!", filePath);
fat_free(fat);
return 180;
}
else {
// If not, we can continue but want to show a warning after the app is installed
hasAdditionalEncryptedBinaries = YES;
}
} else if (r == 3) { // Non-fatal - unsupported MachO type
NSLog(@"[%@] Cannot apply CoreTrust bypass on an unsupported MachO type!", filePath);
fat_free(fat);
return 180;
}
else {
NSLog(@"[%@] CoreTrust bypass failed!!! :(", filePath);
fat_free(fat);
return 185;
return 175;
}
// tempFile is now signed, overwrite original file at filePath with it
@ -769,39 +715,6 @@ int signApp(NSString* appPath)
// Postpone trying to enable dev mode until after the app is (successfully) installed
return 182;
}
#else // TROLLSTORE_LITE
// Just check for whether anything is fairplay encrypted
enumerator = [[NSFileManager defaultManager] enumeratorAtURL:[NSURL fileURLWithPath:appPath] includingPropertiesForKeys:nil options:0 errorHandler:nil];
while(fileURL = [enumerator nextObject])
{
NSString *filePath = fileURL.path;
FAT *fat = fat_init_from_path(filePath.fileSystemRepresentation);
if (fat) {
NSLog(@"%@ is binary", filePath);
MachO *macho = fat_find_preferred_slice(fat);
if (macho) {
if (macho_is_encrypted(macho)) {
NSLog(@"[%@] Cannot apply CoreTrust bypass on an encrypted binary!", filePath);
if (isSameFile(filePath, mainExecutablePath)) {
// If this is the main binary, this error is fatal
NSLog(@"[%@] Main binary is encrypted, cannot continue!", filePath);
fat_free(fat);
return 180;
}
else {
// If not, we can continue but want to show a warning after the app is installed
hasAdditionalEncryptedBinaries = YES;
}
}
}
fat_free(fat);
}
}
#endif
if (hasAdditionalEncryptedBinaries) {
return 184;
}
return 0;
}
@ -862,10 +775,8 @@ void applyPatchesToInfoDictionary(NSString* appPath)
// 172: no info.plist found in app
// 173: app is not signed and cannot be signed because ldid not installed or didn't work
// 174:
// 180: tried to sign app where the main binary is encrypted
// 184: tried to sign app where an additional binary is encrypted
int installApp(NSString* appPackagePath, BOOL sign, BOOL force, BOOL isTSUpdate, BOOL useInstalldMethod, BOOL skipUICache)
// 180: tried to sign encrypted binary
int installApp(NSString* appPackagePath, BOOL sign, BOOL force, BOOL isTSUpdate, BOOL useInstalldMethod)
{
NSLog(@"[installApp force = %d]", force);
@ -890,18 +801,14 @@ int installApp(NSString* appPackagePath, BOOL sign, BOOL force, BOOL isTSUpdate,
}
BOOL requiresDevMode = NO;
BOOL hasAdditionalEncryptedBinaries = NO;
if(sign)
{
int signRet = signApp(appBundleToInstallPath);
// 182: app requires developer mode; non-fatal
// 184: app has additional encrypted binaries; non-fatal
if(signRet != 0) {
if (signRet == 182) {
requiresDevMode = YES;
} else if (signRet == 184) {
hasAdditionalEncryptedBinaries = YES;
} else {
return signRet;
}
@ -919,19 +826,12 @@ int installApp(NSString* appPackagePath, BOOL sign, BOOL force, BOOL isTSUpdate,
NSURL* appBundleURL = findAppURLInBundleURL(bundleContainerURL);
// Make sure the installed app is a TrollStore app or the container is empty (or the force flag is set)
NSURL* trollStoreMarkURL = [bundleContainerURL URLByAppendingPathComponent:TS_ACTIVE_MARKER];
NSURL* trollStoreMarkURL = [bundleContainerURL URLByAppendingPathComponent:@"_TrollStore"];
if(appBundleURL && ![trollStoreMarkURL checkResourceIsReachableAndReturnError:nil] && !force)
{
NSLog(@"[installApp] already installed and not a TrollStore app... bailing out");
return 171;
}
else if (appBundleURL) {
// When overwriting an app that has been installed with a different TrollStore flavor, make sure to remove the marker of said flavor
NSURL *otherMarkerURL = [bundleContainerURL URLByAppendingPathComponent:TS_INACTIVE_MARKER];
if ([otherMarkerURL checkResourceIsReachableAndReturnError:nil]) {
[[NSFileManager defaultManager] removeItemAtURL:otherMarkerURL error:nil];
}
}
// Terminate app if it's still running
if(!isTSUpdate)
@ -1037,7 +937,7 @@ int installApp(NSString* appPackagePath, BOOL sign, BOOL force, BOOL isTSUpdate,
appContainer = [MCMAppContainer containerWithIdentifier:appId createIfNecessary:NO existed:nil error:nil];
// Mark app as TrollStore app
NSURL* trollStoreMarkURL = [appContainer.url URLByAppendingPathComponent:TS_ACTIVE_MARKER];
NSURL* trollStoreMarkURL = [appContainer.url URLByAppendingPathComponent:@"_TrollStore"];
if(![[NSFileManager defaultManager] fileExistsAtPath:trollStoreMarkURL.path])
{
NSError* creationError;
@ -1054,11 +954,9 @@ int installApp(NSString* appPackagePath, BOOL sign, BOOL force, BOOL isTSUpdate,
// Also permissions need to be fixed
NSURL* updatedAppURL = findAppURLInBundleURL(appContainer.url);
fixPermissionsOfAppBundle(updatedAppURL.path);
if (!skipUICache) {
if (!registerPath(updatedAppURL.path, 0, !shouldRegisterAsUserByDefault())) {
[[NSFileManager defaultManager] removeItemAtURL:appContainer.url error:nil];
return 181;
}
if (!registerPath(updatedAppURL.path, 0, YES)) {
[[NSFileManager defaultManager] removeItemAtURL:appContainer.url error:nil];
return 181;
}
// Handle developer mode after installing and registering the app, to ensure that we
@ -1077,13 +975,6 @@ int installApp(NSString* appPackagePath, BOOL sign, BOOL force, BOOL isTSUpdate,
return 183;
}
}
if (hasAdditionalEncryptedBinaries) {
NSLog(@"[installApp] app has additional encrypted binaries");
// non-fatal
return 184;
}
return 0;
}
@ -1188,9 +1079,8 @@ int uninstallAppById(NSString* appId, BOOL useCustomMethod)
// 166: IPA does not exist or is not accessible
// 167: IPA does not appear to contain an app
// 180: IPA's main binary is encrypted
// 184: IPA contains additional encrypted binaries
int installIpa(NSString* ipaPath, BOOL force, BOOL useInstalldMethod, BOOL skipUICache)
// 180: IPA contains an encrypted binary
int installIpa(NSString* ipaPath, BOOL force, BOOL useInstalldMethod)
{
cleanRestrictions();
@ -1209,7 +1099,7 @@ int installIpa(NSString* ipaPath, BOOL force, BOOL useInstalldMethod, BOOL skipU
return 168;
}
int ret = installApp(tmpPackagePath, YES, force, NO, useInstalldMethod, skipUICache);
int ret = installApp(tmpPackagePath, YES, force, NO, useInstalldMethod);
[[NSFileManager defaultManager] removeItemAtPath:tmpPackagePath error:nil];
@ -1312,7 +1202,7 @@ int installTrollStore(NSString* pathToTar)
_installPersistenceHelper(persistenceHelperApp, trollStorePersistenceHelper, trollStoreRootHelper);
}
int ret = installApp(tmpPackagePath, NO, YES, YES, YES, NO);
int ret = installApp(tmpPackagePath, NO, YES, YES, YES);
NSLog(@"[installTrollStore] installApp => %d", ret);
[[NSFileManager defaultManager] removeItemAtPath:tmpPackagePath error:nil];
return ret;
@ -1384,16 +1274,12 @@ BOOL _installPersistenceHelper(LSApplicationProxy* appProxy, NSString* sourcePer
return YES;
}
void installPersistenceHelper(NSString* systemAppId, NSString *persistenceHelperBinary, NSString *rootHelperBinary)
void installPersistenceHelper(NSString* systemAppId)
{
if(findPersistenceHelperApp(PERSISTENCE_HELPER_TYPE_ALL)) return;
if (persistenceHelperBinary == nil) {
persistenceHelperBinary = [trollStoreAppPath() stringByAppendingPathComponent:@"PersistenceHelper"];
}
if (rootHelperBinary == nil) {
rootHelperBinary = [trollStoreAppPath() stringByAppendingPathComponent:@"trollstorehelper"];
}
NSString* persistenceHelperBinary = [trollStoreAppPath() stringByAppendingPathComponent:@"PersistenceHelper"];
NSString* rootHelperBinary = [trollStoreAppPath() stringByAppendingPathComponent:@"trollstorehelper"];
LSApplicationProxy* appProxy = [LSApplicationProxy applicationProxyForIdentifier:systemAppId];
if(!appProxy || ![appProxy.bundleType isEqualToString:@"System"]) return;
@ -1546,9 +1432,8 @@ int MAIN_NAME(int argc, char *argv[], char *envp[])
// use system method when specified, otherwise use custom method
BOOL useInstalldMethod = [args containsObject:@"installd"];
BOOL force = [args containsObject:@"force"];
BOOL skipUICache = [args containsObject:@"skip-uicache"];
NSString* ipaPath = args.lastObject;
ret = installIpa(ipaPath, force, useInstalldMethod, skipUICache);
ret = installIpa(ipaPath, force, useInstalldMethod);
}
else if([cmd isEqualToString:@"uninstall"])
{
@ -1566,105 +1451,6 @@ int MAIN_NAME(int argc, char *argv[], char *envp[])
NSString* appPath = args.lastObject;
ret = uninstallAppByPath(appPath, useCustomMethod);
}
else if([cmd isEqualToString:@"refresh"])
{
refreshAppRegistrations(!shouldRegisterAsUserByDefault());
}
else if([cmd isEqualToString:@"refresh-all"])
{
cleanRestrictions();
//refreshAppRegistrations(NO); // <- fixes app permissions resetting, causes apps to move around on home screen, so I had to disable it
[[NSFileManager defaultManager] removeItemAtPath:@"/var/containers/Shared/SystemGroup/systemgroup.com.apple.lsd.iconscache/Library/Caches/com.apple.IconsCache" error:nil];
[[LSApplicationWorkspace defaultWorkspace] _LSPrivateRebuildApplicationDatabasesForSystemApps:YES internal:YES user:YES];
if (!shouldRegisterAsUserByDefault()) refreshAppRegistrations(YES);
killall(@"backboardd", YES);
}
else if([cmd isEqualToString:@"url-scheme"])
{
if(args.count < 2) return -3;
NSString* modifyArg = args.lastObject;
BOOL newState = [modifyArg isEqualToString:@"enable"];
if(newState == YES || [modifyArg isEqualToString:@"disable"])
{
setTSURLSchemeState(newState, nil);
}
}
else if([cmd isEqualToString:@"reboot"])
{
[[FBSSystemService sharedService] reboot];
// Give the system some time to reboot
sleep(1);
}
else if([cmd isEqualToString:@"enable-jit"])
{
if(args.count < 2) return -3;
NSString* userAppId = args.lastObject;
ret = enableJIT(userAppId);
}
else if([cmd isEqualToString:@"modify-registration"])
{
if(args.count < 3) return -3;
NSString* appPath = args[1];
NSString* newRegistration = args[2];
NSString* trollStoreMark = [[appPath stringByDeletingLastPathComponent] stringByAppendingPathComponent:TS_ACTIVE_MARKER];
if([[NSFileManager defaultManager] fileExistsAtPath:trollStoreMark])
{
registerPath(appPath, NO, [newRegistration isEqualToString:@"System"]);
}
}
else if ([cmd isEqualToString:@"transfer-apps"])
{
bool oneFailed = false;
for (NSString *appBundlePath in trollStoreInactiveInstalledAppBundlePaths()) {
NSLog(@"Transfering %@...", appBundlePath);
// Ldid lacks the entitlement to sign in place
// So copy to /tmp, resign, then replace >.<
NSString *tmpPath = [NSTemporaryDirectory() stringByAppendingPathComponent:[NSUUID UUID].UUIDString];
if (![[NSFileManager defaultManager] createDirectoryAtPath:tmpPath withIntermediateDirectories:YES attributes:nil error:nil]) return -3;
NSString *tmpAppPath = [tmpPath stringByAppendingPathComponent:appBundlePath.lastPathComponent];
if (![[NSFileManager defaultManager] copyItemAtPath:appBundlePath toPath:tmpAppPath error:nil]) {
[[NSFileManager defaultManager] removeItemAtPath:tmpPath error:nil];
oneFailed = true;
continue;
}
NSLog(@"Copied %@ to %@", appBundlePath, tmpAppPath);
int signRet = signApp(tmpAppPath);
NSLog(@"Signing %@ returned %d", tmpAppPath, signRet);
if (signRet == 0 || signRet == 182 || signRet == 184) { // Either 0 or non fatal error codes are fine
[[NSFileManager defaultManager] removeItemAtPath:appBundlePath error:nil];
[[NSFileManager defaultManager] moveItemAtPath:tmpAppPath toPath:appBundlePath error:nil];
[[NSFileManager defaultManager] removeItemAtPath:tmpPath error:nil];
}
else {
[[NSFileManager defaultManager] removeItemAtPath:tmpPath error:nil];
oneFailed = true;
continue;
}
fixPermissionsOfAppBundle(appBundlePath);
NSString *containerPath = [appBundlePath stringByDeletingLastPathComponent];
NSString *activeMarkerPath = [containerPath stringByAppendingPathComponent:TS_ACTIVE_MARKER];
NSString *inactiveMarkerPath = [containerPath stringByAppendingPathComponent:TS_INACTIVE_MARKER];
NSData* emptyData = [NSData data];
[emptyData writeToFile:activeMarkerPath options:0 error:nil];
[[NSFileManager defaultManager] removeItemAtPath:inactiveMarkerPath error:nil];
registerPath(appBundlePath, 0, !shouldRegisterAsUserByDefault());
NSLog(@"Transfered %@!", appBundlePath);
}
if (oneFailed) ret = -1;
}
#ifndef TROLLSTORE_LITE
else if([cmd isEqualToString:@"install-trollstore"])
{
if(args.count < 2) return -3;
@ -1689,18 +1475,24 @@ int MAIN_NAME(int argc, char *argv[], char *envp[])
installLdid(ldidPath, ldidVersion);
//}
}
else if([cmd isEqualToString:@"refresh"])
{
refreshAppRegistrations(YES);
}
else if([cmd isEqualToString:@"refresh-all"])
{
cleanRestrictions();
//refreshAppRegistrations(NO); // <- fixes app permissions resetting, causes apps to move around on home screen, so I had to disable it
[[NSFileManager defaultManager] removeItemAtPath:@"/var/containers/Shared/SystemGroup/systemgroup.com.apple.lsd.iconscache/Library/Caches/com.apple.IconsCache" error:nil];
[[LSApplicationWorkspace defaultWorkspace] _LSPrivateRebuildApplicationDatabasesForSystemApps:YES internal:YES user:YES];
refreshAppRegistrations(YES);
killall(@"backboardd", YES);
}
else if([cmd isEqualToString:@"install-persistence-helper"])
{
if(args.count < 2) return -3;
NSString* systemAppId = args[1];
NSString* persistenceHelperBinary;
NSString* rootHelperBinary;
if (args.count == 4) {
persistenceHelperBinary = args[2];
rootHelperBinary = args[3];
}
installPersistenceHelper(systemAppId, persistenceHelperBinary, rootHelperBinary);
NSString* systemAppId = args.lastObject;
installPersistenceHelper(systemAppId);
}
else if([cmd isEqualToString:@"uninstall-persistence-helper"])
{
@ -1712,6 +1504,28 @@ int MAIN_NAME(int argc, char *argv[], char *envp[])
NSString* userAppId = args.lastObject;
registerUserPersistenceHelper(userAppId);
}
else if([cmd isEqualToString:@"modify-registration"])
{
if(args.count < 3) return -3;
NSString* appPath = args[1];
NSString* newRegistration = args[2];
NSString* trollStoreMark = [[appPath stringByDeletingLastPathComponent] stringByAppendingPathComponent:@"_TrollStore"];
if([[NSFileManager defaultManager] fileExistsAtPath:trollStoreMark])
{
registerPath(appPath, NO, [newRegistration isEqualToString:@"System"]);
}
}
else if([cmd isEqualToString:@"url-scheme"])
{
if(args.count < 2) return -3;
NSString* modifyArg = args.lastObject;
BOOL newState = [modifyArg isEqualToString:@"enable"];
if(newState == YES || [modifyArg isEqualToString:@"disable"])
{
setTSURLSchemeState(newState, nil);
}
}
else if([cmd isEqualToString:@"check-dev-mode"])
{
// switch the result, so 0 is enabled, and 1 is disabled/error
@ -1722,7 +1536,12 @@ int MAIN_NAME(int argc, char *argv[], char *envp[])
// assumes that checkDeveloperMode() has already been called
ret = !armDeveloperMode(NULL);
}
#endif
else if([cmd isEqualToString:@"reboot"])
{
[[FBSSystemService sharedService] reboot];
// Give the system some time to reboot
sleep(1);
}
NSLog(@"trollstorehelper returning %d", ret);
return ret;

4
RootHelper/unarchive.m
View File

@ -1,7 +1,7 @@
#import "unarchive.h"
#include <archive.h>
#include <archive_entry.h>
#include <libarchive/archive.h>
#include <libarchive/archive_entry.h>
static int
copy_data(struct archive *ar, struct archive *aw)

4
Shared/CoreServices.h
View File

@ -37,8 +37,8 @@ extern NSString *LSInstallTypeKey;
@protocol LSApplicationWorkspaceObserverProtocol <NSObject>
@optional
- (void)applicationsDidInstall:(NSArray <LSApplicationProxy *>*)apps;
- (void)applicationsDidUninstall:(NSArray <LSApplicationProxy *>*)apps;
-(void)applicationsDidInstall:(id)arg1;
-(void)applicationsDidUninstall:(id)arg1;
@end
@interface LSEnumerator : NSEnumerator

29
Shared/TSUtil.h
View File

@ -3,28 +3,8 @@
#define TrollStoreErrorDomain @"TrollStoreErrorDomain"
#define TS_MARKER @"_TrollStore"
#define TS_LITE_MARKER @"_TrollStoreLite"
#define TS_NAME @"TrollStore"
#define TS_LITE_NAME @"Trollstore Lite"
#ifdef TROLLSTORE_LITE
#define TS_ACTIVE_MARKER TS_LITE_MARKER
#define TS_INACTIVE_MARKER TS_MARKER
#define APP_ID @"com.opa334.TrollStoreLite"
#define APP_NAME TS_LITE_NAME
#define OTHER_APP_NAME TS_NAME
#else
#define TS_ACTIVE_MARKER TS_MARKER
#define TS_INACTIVE_MARKER TS_LITE_MARKER
#define APP_ID @"com.opa334.TrollStore"
#define APP_NAME TS_NAME
#define OTHER_APP_NAME TS_LITE_NAME
#endif
extern void chineseWifiFixup(void);
extern NSString *getExecutablePath(void);
extern BOOL shouldRegisterAsUserByDefault(void);
extern NSString* rootHelperPath(void);
extern NSString* getNSStringFromFile(int fd);
extern void printMultilineNSString(NSString* stringToPrint);
@ -34,11 +14,10 @@ extern void respring(void);
extern void fetchLatestTrollStoreVersion(void (^completionHandler)(NSString* latestVersion));
extern void fetchLatestLdidVersion(void (^completionHandler)(NSString* latestVersion));
extern NSArray* trollStoreInstalledAppBundlePaths(void);
extern NSArray* trollStoreInactiveInstalledAppBundlePaths(void);
extern NSArray* trollStoreInstalledAppContainerPaths(void);
extern NSString* trollStorePath(void);
extern NSString* trollStoreAppPath(void);
extern NSArray* trollStoreInstalledAppBundlePaths();
extern NSArray* trollStoreInstalledAppContainerPaths();
extern NSString* trollStorePath();
extern NSString* trollStoreAppPath();
extern BOOL isRemovableSystemApp(NSString* appId);

97
Shared/TSUtil.m
View File

@ -4,7 +4,6 @@
#import <spawn.h>
#import <sys/sysctl.h>
#import <mach-o/dyld.h>
#import <libroot.h>
static EXPLOIT_TYPE gPlatformVulnerabilities;
@ -36,25 +35,6 @@ NSString *getExecutablePath(void)
return [NSString stringWithUTF8String:selfPath];
}
#ifdef TROLLSTORE_LITE
BOOL shouldRegisterAsUserByDefault(void)
{
if ([[NSFileManager defaultManager] fileExistsAtPath:JBROOT_PATH(@"/Library/MobileSubstrate/DynamicLibraries/AppSyncUnified-FrontBoard.dylib")]) {
return YES;
}
return NO;
}
#else
BOOL shouldRegisterAsUserByDefault(void)
{
return NO;
}
#endif
#ifdef EMBEDDED_ROOT_HELPER
NSString* rootHelperPath(void)
{
@ -335,7 +315,7 @@ void fetchLatestLdidVersion(void (^completionHandler)(NSString* latestVersion))
github_fetchLatestVersion(@"opa334/ldid", completionHandler);
}
NSArray* trollStoreInstalledAppContainerPathsInternal(NSString *marker)
NSArray* trollStoreInstalledAppContainerPaths()
{
NSMutableArray* appContainerPaths = [NSMutableArray new];
@ -356,12 +336,11 @@ NSArray* trollStoreInstalledAppContainerPathsInternal(NSString *marker)
BOOL exists = [[NSFileManager defaultManager] fileExistsAtPath:containerPath isDirectory:&isDirectory];
if(exists && isDirectory)
{
NSString* trollStoreMark = [containerPath stringByAppendingPathComponent:marker];
NSString* trollStoreMark = [containerPath stringByAppendingPathComponent:@"_TrollStore"];
if([[NSFileManager defaultManager] fileExistsAtPath:trollStoreMark])
{
NSString* trollStoreApp = [containerPath stringByAppendingPathComponent:@"TrollStore.app"];
NSString* trollStoreLiteApp = [containerPath stringByAppendingPathComponent:@"TrollStoreLite.app"];
if(![[NSFileManager defaultManager] fileExistsAtPath:trollStoreApp] && ![[NSFileManager defaultManager] fileExistsAtPath:trollStoreLiteApp])
if(![[NSFileManager defaultManager] fileExistsAtPath:trollStoreApp])
{
[appContainerPaths addObject:containerPath];
}
@ -372,15 +351,10 @@ NSArray* trollStoreInstalledAppContainerPathsInternal(NSString *marker)
return appContainerPaths.copy;
}
NSArray *trollStoreInstalledAppContainerPaths(void)
{
return trollStoreInstalledAppContainerPathsInternal(TS_ACTIVE_MARKER);
}
NSArray* trollStoreInstalledAppBundlePathsInternal(NSString *marker)
NSArray* trollStoreInstalledAppBundlePaths()
{
NSMutableArray* appPaths = [NSMutableArray new];
for(NSString* containerPath in trollStoreInstalledAppContainerPathsInternal(marker))
for(NSString* containerPath in trollStoreInstalledAppContainerPaths())
{
NSArray* items = [[NSFileManager defaultManager] contentsOfDirectoryAtPath:containerPath error:nil];
if(!items) return nil;
@ -396,20 +370,10 @@ NSArray* trollStoreInstalledAppBundlePathsInternal(NSString *marker)
return appPaths.copy;
}
NSArray *trollStoreInstalledAppBundlePaths(void)
{
return trollStoreInstalledAppBundlePathsInternal(TS_ACTIVE_MARKER);
}
NSArray *trollStoreInactiveInstalledAppBundlePaths(void)
{
return trollStoreInstalledAppBundlePathsInternal(TS_INACTIVE_MARKER);
}
NSString* trollStorePath()
{
NSError* mcmError;
MCMAppContainer* appContainer = [MCMAppContainer containerWithIdentifier:APP_ID createIfNecessary:NO existed:NULL error:&mcmError];
MCMAppContainer* appContainer = [MCMAppContainer containerWithIdentifier:@"com.opa334.TrollStore" createIfNecessary:NO existed:NULL error:&mcmError];
if(!appContainer) return nil;
return appContainer.url.path;
}
@ -620,35 +584,26 @@ void determinePlatformVulnerableExploitTypes(void *context) {
}
if(strncmp(os_build, "18A5319i", 8) < 0) {
// Below iOS 14.0 beta 2
gPlatformVulnerabilities = 0;
}
else if(strncmp(os_build, "21A326", 6) >= 0 && strncmp(os_build, "21A331", 6) <= 0)
{
// iOS 17.0 final
gPlatformVulnerabilities = EXPLOIT_TYPE_CMS_SIGNERINFO_V1;
}
else if(strncmp(os_build, "21A5248v", 8) >= 0 && strncmp(os_build, "21A5326a", 8) <= 0)
{
// iOS 17.0 beta 1 - 8
gPlatformVulnerabilities = EXPLOIT_TYPE_CMS_SIGNERINFO_V1;
}
else if(strncmp(os_build, "19G5027e", 8) >= 0 && strncmp(os_build, "19G5063a", 8) <= 0)
{
// iOS 15.6 beta 1 - 5
gPlatformVulnerabilities = (EXPLOIT_TYPE_CUSTOM_ROOT_CERTIFICATE_V1 | EXPLOIT_TYPE_CMS_SIGNERINFO_V1);
}
else if(strncmp(os_build, "19F5070b", 8) <= 0)
{
// iOS 14.0 beta 2 - 15.5 beta 4
gPlatformVulnerabilities = (EXPLOIT_TYPE_CUSTOM_ROOT_CERTIFICATE_V1 | EXPLOIT_TYPE_CMS_SIGNERINFO_V1);
}
else if(strncmp(os_build, "20H18", 5) <= 0)
{
// iOS 14.0 - 16.6.1, 16.7 RC (if CUSTOM_ROOT_CERTIFICATE_V1 not supported)
gPlatformVulnerabilities = EXPLOIT_TYPE_CMS_SIGNERINFO_V1;
}
if(strncmp(os_build, "19F5070b", 8) <= 0)
{
// iOS 14.0 - 15.5 beta 4
gPlatformVulnerabilities = (EXPLOIT_TYPE_CUSTOM_ROOT_CERTIFICATE_V1 | EXPLOIT_TYPE_CMS_SIGNERINFO_V1);
}
else if(strncmp(os_build, "19G5027e", 8) >= 0 && strncmp(os_build, "19G5063a", 8) <= 0)
{
// iOS 15.6 beta 1 - 5
gPlatformVulnerabilities = (EXPLOIT_TYPE_CUSTOM_ROOT_CERTIFICATE_V1 | EXPLOIT_TYPE_CMS_SIGNERINFO_V1);
}
else if(strncmp(os_build, "20G81", 5) <= 0)
{
// iOS 14.0 - 16.6.1
gPlatformVulnerabilities = EXPLOIT_TYPE_CMS_SIGNERINFO_V1;
}
else if(strncmp(os_build, "21A5248v", 8) >= 0 && strncmp(os_build, "21A331", 6) <= 0)
{
// iOS 17.0
gPlatformVulnerabilities = EXPLOIT_TYPE_CMS_SIGNERINFO_V1;
}
free(os_build);
}

2
TrollHelper/Makefile
View File

@ -21,7 +21,7 @@ APPLICATION_NAME = TrollStorePersistenceHelper
TrollStorePersistenceHelper_FILES = $(wildcard *.m) $(wildcard ../Shared/*.m)
TrollStorePersistenceHelper_FRAMEWORKS = UIKit CoreGraphics CoreServices CoreTelephony
TrollStorePersistenceHelper_PRIVATE_FRAMEWORKS = Preferences MobileContainerManager
TrollStorePersistenceHelper_CFLAGS = -fobjc-arc -I../Shared -I$(shell brew --prefix)/opt/libarchive/include
TrollStorePersistenceHelper_CFLAGS = -fobjc-arc -I../Shared
ifeq ($(LEGACY_CT_BUG),1)
TrollStorePersistenceHelper_CODESIGN_FLAGS = -Sentitlements.plist -K../legacy.p12

81
TrollHelper/Resources/Info.plist
View File

@ -52,7 +52,7 @@
<string>iPhoneOS</string>
</array>
<key>CFBundleVersion</key>
<string>2.1</string>
<string>2.0.9</string>
<key>LSRequiresIPhoneOS</key>
<true/>
<key>UIDeviceFamily</key>
@ -62,10 +62,83 @@
</array>
<key>UIRequiredDeviceCapabilities</key>
<array>
<string>arm64</string>
<string>armv7</string>
</array>
<key>UILaunchImageFile</key>
<string>LaunchImage</string>
<key>UILaunchImages</key>
<array>
<dict>
<key>UILaunchImageMinimumOSVersion</key>
<string>7.0</string>
<key>UILaunchImageName</key>
<string>LaunchImage</string>
<key>UILaunchImageOrientation</key>
<string>Portrait</string>
<key>UILaunchImageSize</key>
<string>{320, 480}</string>
</dict>
<dict>
<key>UILaunchImageMinimumOSVersion</key>
<string>7.0</string>
<key>UILaunchImageName</key>
<string>LaunchImage-700-568h</string>
<key>UILaunchImageOrientation</key>
<string>Portrait</string>
<key>UILaunchImageSize</key>
<string>{320, 568}</string>
</dict>
<dict>
<key>UILaunchImageMinimumOSVersion</key>
<string>7.0</string>
<key>UILaunchImageName</key>
<string>LaunchImage-Portrait</string>
<key>UILaunchImageOrientation</key>
<string>Portrait</string>
<key>UILaunchImageSize</key>
<string>{768, 1024}</string>
</dict>
<dict>
<key>UILaunchImageMinimumOSVersion</key>
<string>7.0</string>
<key>UILaunchImageName</key>
<string>LaunchImage-Landscape</string>
<key>UILaunchImageOrientation</key>
<string>Landscape</string>
<key>UILaunchImageSize</key>
<string>{768, 1024}</string>
</dict>
<dict>
<key>UILaunchImageMinimumOSVersion</key>
<string>8.0</string>
<key>UILaunchImageName</key>
<string>LaunchImage-800-667h</string>
<key>UILaunchImageOrientation</key>
<string>Portrait</string>
<key>UILaunchImageSize</key>
<string>{375, 667}</string>
</dict>
<dict>
<key>UILaunchImageMinimumOSVersion</key>
<string>8.0</string>
<key>UILaunchImageName</key>
<string>LaunchImage-800-Portrait-736h</string>
<key>UILaunchImageOrientation</key>
<string>Portrait</string>
<key>UILaunchImageSize</key>
<string>{414, 736}</string>
</dict>
<dict>
<key>UILaunchImageMinimumOSVersion</key>
<string>8.0</string>
<key>UILaunchImageName</key>
<string>LaunchImage-800-Landscape-736h</string>
<key>UILaunchImageOrientation</key>
<string>Landscape</string>
<key>UILaunchImageSize</key>
<string>{414, 736}</string>
</dict>
</array>
<key>UILaunchStoryboardName</key>
<string>LaunchScreen</string>
<key>UISupportedInterfaceOrientations</key>
<array>
<string>UIInterfaceOrientationPortrait</string>

0
TrollHelper/Resources/LaunchImage-700-568h@2x.png Normal file
View File

0
TrollHelper/Resources/LaunchImage-700-Landscape@2x~ipad.png Normal file
View File

0
TrollHelper/Resources/LaunchImage-700-Landscape~ipad.png Normal file
View File

0
TrollHelper/Resources/LaunchImage-700-Portrait@2x~ipad.png Normal file
View File

0
TrollHelper/Resources/LaunchImage-700-Portrait~ipad.png Normal file
View File

0
TrollHelper/Resources/LaunchImage-800-667h@2x.png Normal file
View File

0
TrollHelper/Resources/LaunchImage-800-Landscape-736h@3x.png Normal file
View File

0
TrollHelper/Resources/LaunchImage-800-Portrait-736h@3x.png Normal file
View File

0
TrollHelper/Resources/LaunchImage.png Normal file
View File

0
TrollHelper/Resources/LaunchImage@2x.png Normal file
View File

4
TrollHelper/TSHRootViewController.m
View File

@ -38,9 +38,9 @@
_specifiers = [NSMutableArray new];
#ifdef LEGACY_CT_BUG
NSString* credits = @"Powered by Fugu15 CoreTrust & installd bugs, thanks to @LinusHenze\n\n© 2022-2024 Lars Fröder (opa334)";
NSString* credits = @"Powered by Fugu15 CoreTrust & installd bugs, thanks to @LinusHenze\n\n© 2022-2023 Lars Fröder (opa334)";
#else
NSString* credits = @"Powered by CVE-2023-41991, originally discovered by Google TAG, rediscovered via patchdiffing by @alfiecg_dev\n\n© 2022-2024 Lars Fröder (opa334)";
NSString* credits = @"Powered by CVE-2023-41991, originally discovered by Google TAG, rediscovered via patchdiffing by @alfiecg_dev\n\n© 2022-2023 Lars Fröder (opa334)";
#endif
PSSpecifier* infoGroupSpecifier = [PSSpecifier emptyGroupSpecifier];

2
TrollHelper/control
View File

@ -1,6 +1,6 @@
Package: com.opa334.trollstorehelper
Name: TrollStore Helper
Version: 2.1
Version: 2.0.9
Architecture: iphoneos-arm
Description: Helper utility to install and manage TrollStore!
Maintainer: opa334

2
TrollStore/Makefile
View File

@ -12,7 +12,7 @@ TrollStore_FILES = $(wildcard *.m) $(wildcard ../Shared/*.m)
TrollStore_FRAMEWORKS = UIKit CoreGraphics CoreServices CoreTelephony
TrollStore_PRIVATE_FRAMEWORKS = Preferences MobileIcons MobileContainerManager
TrollStore_LIBRARIES = archive
TrollStore_CFLAGS = -fobjc-arc -I../Shared -I$(shell brew --prefix)/opt/libarchive/include
TrollStore_CFLAGS = -fobjc-arc -I../Shared
TrollStore_CODESIGN_FLAGS = --entitlements entitlements.plist
include $(THEOS_MAKE_PATH)/application.mk

4
TrollStore/Resources/Info.plist
View File

@ -50,7 +50,7 @@
<string>iPhoneOS</string>
</array>
<key>CFBundleVersion</key>
<string>2.1</string>
<string>2.0.9</string>
<key>LSRequiresIPhoneOS</key>
<true/>
<key>UIDeviceFamily</key>
@ -154,7 +154,7 @@
</dict>
</array>
<key>UTExportedTypeDeclarations</key>
<array>
<array>
<dict>
<key>UTTypeIdentifier</key>
<string>com.opa334.trollstore.tipa</string>

5
TrollStore/TSAppInfo.h
View File

@ -6,8 +6,8 @@
//
#import <Foundation/Foundation.h>
#import <archive.h>
#import <archive_entry.h>
#import <libarchive/archive.h>
#import <libarchive/archive_entry.h>
@import UIKit;
@interface TSAppInfo : NSObject
@ -50,7 +50,6 @@
- (NSAttributedString*)detailedInfoTitle;
- (NSAttributedString*)detailedInfoDescription;
//- (UIImage*)image;
- (BOOL)isDebuggable;
- (void)log;
@end

18
TrollStore/TSAppInfo.m
View File

@ -1165,23 +1165,5 @@ extern UIImage* imageWithSize(UIImage* image, CGSize size);
}];
}
- (BOOL)isDebuggable
{
[self loadEntitlements];
__block BOOL debuggable = NO;
[self enumerateAllEntitlements:^(NSString *key, NSObject *value, BOOL *stop)
{
if([key isEqualToString:@"get-task-allow"])
{
NSNumber* valueNum = (NSNumber*)value;
if(valueNum && [valueNum isKindOfClass:NSNumber.class])
{
debuggable = valueNum.boolValue;
*stop = YES;
}
}
}];
return debuggable;
}
@end

67
TrollStore/TSAppTableViewController.m
View File

@ -104,8 +104,7 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
[[NSNotificationCenter defaultCenter] addObserver:self selector:@selector(reloadTable) name:@"ApplicationsChanged" object:nil];
}
- (void)viewDidLoad
{
- (void)viewDidLoad {
[super viewDidLoad];
self.tableView.allowsMultipleSelectionDuringEditing = NO;
@ -188,7 +187,7 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
[TSInstallationController presentInstallationAlertIfEnabledForFile:pathToIPA isRemoteInstall:NO completion:nil];
}
- (void)openAppPressedForRowAtIndexPath:(NSIndexPath*)indexPath enableJIT:(BOOL)enableJIT
- (void)openAppPressedForRowAtIndexPath:(NSIndexPath*)indexPath
{
TSApplicationsManager* appsManager = [TSApplicationsManager sharedInstance];
@ -212,17 +211,6 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
[didFailController addAction:cancelAction];
[TSPresentationDelegate presentViewController:didFailController animated:YES completion:nil];
}
else if (enableJIT)
{
int ret = [appsManager enableJITForBundleID:appId];
if (ret != 0)
{
UIAlertController* errorAlert = [UIAlertController alertControllerWithTitle:@"Error" message:[NSString stringWithFormat:@"Error enabling JIT: trollstorehelper returned %d", ret] preferredStyle:UIAlertControllerStyleAlert];
UIAlertAction* closeAction = [UIAlertAction actionWithTitle:@"Close" style:UIAlertActionStyleDefault handler:nil];
[errorAlert addAction:closeAction];
[TSPresentationDelegate presentViewController:errorAlert animated:YES completion:nil];
}
}
}
- (void)showDetailsPressedForRowAtIndexPath:(NSIndexPath*)indexPath
@ -341,13 +329,11 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
#pragma mark - Table view data source
- (NSInteger)numberOfSectionsInTableView:(UITableView *)tableView
{
- (NSInteger)numberOfSectionsInTableView:(UITableView *)tableView {
return 1;
}
- (NSInteger)tableView:(UITableView *)tableView numberOfRowsInSection:(NSInteger)section
{
- (NSInteger)tableView:(UITableView *)tableView numberOfRowsInSection:(NSInteger)section {
return _cachedAppInfos.count;
}
@ -356,8 +342,7 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
[self reloadTable];
}
- (UITableViewCell *)tableView:(UITableView *)tableView cellForRowAtIndexPath:(NSIndexPath *)indexPath
{
- (UITableViewCell *)tableView:(UITableView *)tableView cellForRowAtIndexPath:(NSIndexPath *)indexPath {
UITableViewCell *cell = [tableView dequeueReusableCellWithIdentifier:@"ApplicationCell"];
if(!cell) {
cell = [[UITableViewCell alloc] initWithStyle:UITableViewCellStyleSubtitle reuseIdentifier:@"ApplicationCell"];
@ -390,15 +375,14 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
cell.imageView.image = _placeholderIcon;
dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^
{
//usleep(1000 * 5000); // (test delay for debugging)
UIImage* iconImage = imageWithSize([UIImage _applicationIconImageForBundleIdentifier:appId format:iconFormatToUse() scale:[UIScreen mainScreen].scale], _placeholderIcon.size);
_cachedIcons[appId] = iconImage;
dispatch_async(dispatch_get_main_queue(), ^{
NSIndexPath *curIndexPath = [NSIndexPath indexPathForRow:[_cachedAppInfos indexOfObject:appInfo] inSection:0];
UITableViewCell *curCell = [tableView cellForRowAtIndexPath:curIndexPath];
if(curCell)
if([tableView.indexPathsForVisibleRows containsObject:indexPath])
{
curCell.imageView.image = iconImage;
[curCell setNeedsLayout];
cell.imageView.image = iconImage;
[cell setNeedsLayout];
}
});
});
@ -416,8 +400,7 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
return cell;
}
- (CGFloat)tableView:(UITableView *)tableView heightForRowAtIndexPath:(NSIndexPath *)indexPath
{
- (CGFloat)tableView:(UITableView *)tableView heightForRowAtIndexPath:(NSIndexPath *)indexPath {
return 80.0f;
}
@ -440,21 +423,11 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
UIAlertAction* openAction = [UIAlertAction actionWithTitle:@"Open" style:UIAlertActionStyleDefault handler:^(UIAlertAction* action)
{
[self openAppPressedForRowAtIndexPath:indexPath enableJIT:NO];
[self openAppPressedForRowAtIndexPath:indexPath];
[self deselectRow];
}];
[appSelectAlert addAction:openAction];
if ([appInfo isDebuggable])
{
UIAlertAction* openWithJITAction = [UIAlertAction actionWithTitle:@"Open with JIT" style:UIAlertActionStyleDefault handler:^(UIAlertAction* action)
{
[self openAppPressedForRowAtIndexPath:indexPath enableJIT:YES];
[self deselectRow];
}];
[appSelectAlert addAction:openWithJITAction];
}
UIAlertAction* showDetailsAction = [UIAlertAction actionWithTitle:@"Show Details" style:UIAlertActionStyleDefault handler:^(UIAlertAction* action)
{
[self showDetailsPressedForRowAtIndexPath:indexPath];
@ -502,26 +475,14 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
[TSPresentationDelegate presentViewController:appSelectAlert animated:YES completion:nil];
}
- (void)purgeCachedIconsForApps:(NSArray <LSApplicationProxy *>*)apps
- (void)applicationsDidInstall:(id)arg1
{
for (LSApplicationProxy *appProxy in apps) {
NSString *appId = appProxy.bundleIdentifier;
if (_cachedIcons[appId]) {
[_cachedIcons removeObjectForKey:appId];
}
}
}
- (void)applicationsDidInstall:(NSArray <LSApplicationProxy *>*)apps
{
[self purgeCachedIconsForApps:apps];
[self reloadTable];
}
- (void)applicationsDidUninstall:(NSArray <LSApplicationProxy *>*)apps
- (void)applicationsDidUninstall:(id)arg1
{
[self purgeCachedIconsForApps:apps];
[self reloadTable];
}
@end
@end

1
TrollStore/TSApplicationsManager.h
View File

@ -16,7 +16,6 @@
- (int)uninstallApp:(NSString*)appId;
- (int)uninstallAppByPath:(NSString*)path;
- (BOOL)openApplicationWithBundleID:(NSString *)appID;
- (int)enableJITForBundleID:(NSString *)appID;
- (int)changeAppRegistration:(NSString*)appPath toState:(NSString*)newState;
@end

14
TrollStore/TSApplicationsManager.m
View File

@ -42,7 +42,7 @@ extern NSUserDefaults* trollStoreUserDefaults();
errorDescription = @"Failed to create container for app bundle.";
break;
case 171:
errorDescription = @"A non "APP_NAME@" or a "OTHER_APP_NAME@" app with the same identifier is already installed. If you are absolutely sure it is not, you can force install it.";
errorDescription = @"A non-TrollStore app with the same identifier is already installed. If you are absolutely sure it is not, you can force install it.";
break;
case 172:
errorDescription = @"The app does not contain an Info.plist file.";
@ -75,7 +75,7 @@ extern NSUserDefaults* trollStoreUserDefaults();
errorDescription = @"The app you tried to install has the same identifier as a system app already installed on the device. The installation has been prevented to protect you from possible bootloops or other issues.";
break;
case 180:
errorDescription = @"The app you tried to install has an encrypted main binary, which cannot have the CoreTrust bypass applied to it. Please ensure you install decrypted apps.";
errorDescription = @"The app you tried to install contains encrypted binaries, which cannot have the CoreTrust bypass applied to them. Please ensure you install decrypted apps.";
break;
case 181:
errorDescription = @"Failed to add app to icon cache.";
@ -86,11 +86,6 @@ extern NSUserDefaults* trollStoreUserDefaults();
case 183:
errorDescription = @"Failed to enable developer mode.";
break;
case 184:
errorDescription = @"The app was installed successfully, but has additional binaries that are encrypted (e.g. extensions, plugins). The app itself should work, but you may experience broken functionality as a result.";
break;
case 185:
errorDescription = @"Failed to sign the app. The CoreTrust bypass returned a non zero status code.";
}
NSError* error = [NSError errorWithDomain:TrollStoreErrorDomain code:code userInfo:@{NSLocalizedDescriptionKey : errorDescription}];
@ -182,11 +177,6 @@ extern NSUserDefaults* trollStoreUserDefaults();
return [[LSApplicationWorkspace defaultWorkspace] openApplicationWithBundleID:appId];
}
- (int)enableJITForBundleID:(NSString *)appId
{
return spawnRoot(rootHelperPath(), @[@"enable-jit", appId], nil, nil);
}
- (int)changeAppRegistration:(NSString*)appPath toState:(NSString*)newState
{
if(!appPath || !newState) return -200;

10
TrollStore/TSInstallationController.m
View File

@ -68,16 +68,6 @@ extern NSUserDefaults* trollStoreUserDefaults(void);
[rebootNotification addAction:rebootAction];
[TSPresentationDelegate presentViewController:rebootNotification animated:YES completion:nil];
} else if (ret == 184) {
// warning
UIAlertController* warningAlert = [UIAlertController alertControllerWithTitle:@"Warning" message:[error localizedDescription] preferredStyle:UIAlertControllerStyleAlert];
UIAlertAction* closeAction = [UIAlertAction actionWithTitle:@"Close" style:UIAlertActionStyleCancel handler:^(UIAlertAction* action)
{
if(completionBlock) completionBlock(YES, nil);
}];
[warningAlert addAction:closeAction];
[TSPresentationDelegate presentViewController:warningAlert animated:YES completion:nil];
} else {
// unrecoverable error
UIAlertController* errorAlert = [UIAlertController alertControllerWithTitle:[NSString stringWithFormat:@"Install Error %d", ret] message:[error localizedDescription] preferredStyle:UIAlertControllerStyleAlert];

56
TrollStore/TSSceneDelegate.m
View File

@ -1,7 +1,6 @@
#import "TSSceneDelegate.h"
#import "TSRootViewController.h"
#import "TSUtil.h"
#import "TSApplicationsManager.h"
#import "TSInstallationController.h"
#import <TSPresentationDelegate.h>
@ -68,69 +67,15 @@
[TSInstallationController handleAppInstallFromRemoteURL:URLToInstall completion:nil];
}
}
else if([components.host isEqualToString:@"enable-jit"])
{
NSString* BundleIDToEnableJIT;
for(NSURLQueryItem* queryItem in components.queryItems)
{
if([queryItem.name isEqualToString:@"bundle-id"])
{
BundleIDToEnableJIT = queryItem.value;
break;
}
}
if(BundleIDToEnableJIT && [BundleIDToEnableJIT isKindOfClass:NSString.class])
{
dispatch_async(dispatch_get_main_queue(), ^
{
[self handleEnableJITForBundleID:BundleIDToEnableJIT];
});
}
}
}
}
}
}
- (void)handleEnableJITForBundleID:(NSString *)appId
{
TSApplicationsManager* appsManager = [TSApplicationsManager sharedInstance];
BOOL didOpen = [appsManager openApplicationWithBundleID:appId];
// if we failed to open the app, show an alert
if(!didOpen)
{
NSString* failMessage = @"";
// we don't have TSAppInfo here so we cannot check the registration state
NSString* failTitle = [NSString stringWithFormat:@"Failed to open %@", appId];
UIAlertController* didFailController = [UIAlertController alertControllerWithTitle:failTitle message:failMessage preferredStyle:UIAlertControllerStyleAlert];
UIAlertAction* cancelAction = [UIAlertAction actionWithTitle:@"Cancel" style:UIAlertActionStyleCancel handler:nil];
[didFailController addAction:cancelAction];
[TSPresentationDelegate presentViewController:didFailController animated:YES completion:nil];
}
else
{
int ret = [appsManager enableJITForBundleID:appId];
if (ret != 0)
{
UIAlertController* errorAlert = [UIAlertController alertControllerWithTitle:@"Error" message:[NSString stringWithFormat:@"Error enabling JIT: trollstorehelper returned %d", ret] preferredStyle:UIAlertControllerStyleAlert];
UIAlertAction* closeAction = [UIAlertAction actionWithTitle:@"Close" style:UIAlertActionStyleDefault handler:nil];
[errorAlert addAction:closeAction];
[TSPresentationDelegate presentViewController:errorAlert animated:YES completion:nil];
}
}
}
// We want to auto install ldid if either it doesn't exist
// or if it's the one from an old TrollStore version that's no longer supported
- (void)handleLdidCheck
{
#ifndef TROLLSTORE_LITE
//if (@available(iOS 16, *)) {} else {
NSString* tsAppPath = [NSBundle mainBundle].bundlePath;
@ -142,7 +87,6 @@
[TSInstallationController installLdid];
}
//}
#endif
}
- (void)scene:(UIScene *)scene willConnectToSession:(UISceneSession *)session options:(UISceneConnectionOptions *)connectionOptions {

5
TrollStore/TSSettingsAdvancedListController.m
View File

@ -1,5 +1,4 @@
#import "TSSettingsAdvancedListController.h"
#import "TSUtil.h"
#import <Preferences/PSSpecifier.h>
extern NSUserDefaults* trollStoreUserDefaults();
@ -40,7 +39,7 @@ extern NSUserDefaults* trollStoreUserDefaults();
edit:nil];
[installationMethodSegmentSpecifier setProperty:@YES forKey:@"enabled"];
installationMethodSegmentSpecifier.identifier = @"installationMethodSegment";
[installationMethodSegmentSpecifier setProperty:APP_ID forKey:@"defaults"];
[installationMethodSegmentSpecifier setProperty:@"com.opa334.TrollStore" forKey:@"defaults"];
[installationMethodSegmentSpecifier setProperty:@"installationMethod" forKey:@"key"];
installationMethodSegmentSpecifier.values = @[@0, @1];
installationMethodSegmentSpecifier.titleDictionary = @{@0 : @"installd", @1 : @"Custom"};
@ -72,7 +71,7 @@ extern NSUserDefaults* trollStoreUserDefaults();
edit:nil];
[uninstallationMethodSegmentSpecifier setProperty:@YES forKey:@"enabled"];
uninstallationMethodSegmentSpecifier.identifier = @"uninstallationMethodSegment";
[uninstallationMethodSegmentSpecifier setProperty:APP_ID forKey:@"defaults"];
[uninstallationMethodSegmentSpecifier setProperty:@"com.opa334.TrollStore" forKey:@"defaults"];
[uninstallationMethodSegmentSpecifier setProperty:@"uninstallationMethod" forKey:@"key"];
uninstallationMethodSegmentSpecifier.values = @[@0, @1];
uninstallationMethodSegmentSpecifier.titleDictionary = @{@0 : @"installd", @1 : @"Custom"};

106
TrollStore/TSSettingsListController.m
View File

@ -20,7 +20,6 @@ extern NSUserDefaults* trollStoreUserDefaults(void);
[[NSNotificationCenter defaultCenter] addObserver:self selector:@selector(reloadSpecifiers) name:UIApplicationWillEnterForegroundNotification object:nil];
[[NSNotificationCenter defaultCenter] addObserver:self selector:@selector(reloadSpecifiers) name:@"TrollStoreReloadSettingsNotification" object:nil];
#ifndef TROLLSTORE_LITE
fetchLatestTrollStoreVersion(^(NSString* latestVersion)
{
NSString* currentVersion = [self getTrollStoreVersion];
@ -65,7 +64,6 @@ extern NSUserDefaults* trollStoreUserDefaults(void);
{
_devModeEnabled = YES;
}
#endif
[self reloadSpecifiers];
}
@ -75,7 +73,6 @@ extern NSUserDefaults* trollStoreUserDefaults(void);
{
_specifiers = [NSMutableArray new];
#ifndef TROLLSTORE_LITE
if(_newerVersion)
{
PSSpecifier* updateTrollStoreGroupSpecifier = [PSSpecifier emptyGroupSpecifier];
@ -114,23 +111,10 @@ extern NSUserDefaults* trollStoreUserDefaults(void);
enableDevModeSpecifier.buttonAction = @selector(enableDevModePressed);
[_specifiers addObject:enableDevModeSpecifier];
}
#endif
PSSpecifier* utilitiesGroupSpecifier = [PSSpecifier emptyGroupSpecifier];
utilitiesGroupSpecifier.name = @"Utilities";
NSString *utilitiesDescription = @"";
#ifdef TROLLSTORE_LITE
if (shouldRegisterAsUserByDefault()) {
utilitiesDescription = @"Apps will be registered as User by default since AppSync Unified is installed.\n\n";
}
else {
utilitiesDescription = @"Apps will be registered as System by default since AppSync Unified is not installed. When apps loose their System registration and stop working, press \"Refresh App Registrations\" here to fix them.\n\n";
}
#endif
utilitiesDescription = [utilitiesDescription stringByAppendingString:@"If an app does not immediately appear after installation, respring here and it should appear afterwards."];
[utilitiesGroupSpecifier setProperty:utilitiesDescription forKey:@"footerText"];
[utilitiesGroupSpecifier setProperty:@"If an app does not immediately appear after installation, respring here and it should appear afterwards." forKey:@"footerText"];
[_specifiers addObject:utilitiesGroupSpecifier];
PSSpecifier* respringButtonSpecifier = [PSSpecifier preferenceSpecifierNamed:@"Respring"
@ -146,19 +130,6 @@ extern NSUserDefaults* trollStoreUserDefaults(void);
[_specifiers addObject:respringButtonSpecifier];
PSSpecifier* refreshAppRegistrationsSpecifier = [PSSpecifier preferenceSpecifierNamed:@"Refresh App Registrations"
target:self
set:nil
get:nil
detail:nil
cell:PSButtonCell
edit:nil];
refreshAppRegistrationsSpecifier.identifier = @"refreshAppRegistrations";
[refreshAppRegistrationsSpecifier setProperty:@YES forKey:@"enabled"];
refreshAppRegistrationsSpecifier.buttonAction = @selector(refreshAppRegistrationsPressed);
[_specifiers addObject:refreshAppRegistrationsSpecifier];
PSSpecifier* rebuildIconCacheSpecifier = [PSSpecifier preferenceSpecifierNamed:@"Rebuild Icon Cache"
target:self
set:nil
@ -172,23 +143,6 @@ extern NSUserDefaults* trollStoreUserDefaults(void);
[_specifiers addObject:rebuildIconCacheSpecifier];
NSArray *inactiveBundlePaths = trollStoreInactiveInstalledAppBundlePaths();
if (inactiveBundlePaths.count > 0) {
PSSpecifier* transferAppsSpecifier = [PSSpecifier preferenceSpecifierNamed:[NSString stringWithFormat:@"Transfer %zu "OTHER_APP_NAME@" %@", inactiveBundlePaths.count, inactiveBundlePaths.count > 1 ? @"Apps" : @"App"]
target:self
set:nil
get:nil
detail:nil
cell:PSButtonCell
edit:nil];
transferAppsSpecifier.identifier = @"transferApps";
[transferAppsSpecifier setProperty:@YES forKey:@"enabled"];
transferAppsSpecifier.buttonAction = @selector(transferAppsPressed);
[_specifiers addObject:transferAppsSpecifier];
}
#ifndef TROLLSTORE_LITE
//if (@available(iOS 16, *)) { } else {
NSString* ldidPath = [NSBundle.mainBundle.bundlePath stringByAppendingPathComponent:@"ldid"];
NSString* ldidVersionPath = [NSBundle.mainBundle.bundlePath stringByAppendingPathComponent:@"ldid.version"];
@ -334,11 +288,10 @@ extern NSUserDefaults* trollStoreUserDefaults(void);
[_specifiers addObject:_installPersistenceHelperSpecifier];
}
}
#endif
PSSpecifier* installationSettingsGroupSpecifier = [PSSpecifier emptyGroupSpecifier];
installationSettingsGroupSpecifier.name = @"Security";
[installationSettingsGroupSpecifier setProperty:@"The URL Scheme, when enabled, will allow apps and websites to trigger TrollStore installations through the apple-magnifier://install?url=<IPA_URL> URL scheme and enable JIT through the apple-magnifier://enable-jit?bundle-id=<BUNDLE_ID> URL scheme." forKey:@"footerText"];
[installationSettingsGroupSpecifier setProperty:@"The URL Scheme, when enabled, will allow apps and websites to trigger TrollStore installations through the apple-magnifier://install?url=<IPA_URL> URL scheme." forKey:@"footerText"];
[_specifiers addObject:installationSettingsGroupSpecifier];
@ -363,14 +316,14 @@ extern NSUserDefaults* trollStoreUserDefaults(void);
installAlertConfigurationSpecifier.detailControllerClass = [PSListItemsController class];
[installAlertConfigurationSpecifier setProperty:@"installationConfirmationValues" forKey:@"valuesDataSource"];
[installAlertConfigurationSpecifier setProperty:@"installationConfirmationNames" forKey:@"titlesDataSource"];
[installAlertConfigurationSpecifier setProperty:APP_ID forKey:@"defaults"];
[installAlertConfigurationSpecifier setProperty:@"com.opa334.TrollStore" forKey:@"defaults"];
[installAlertConfigurationSpecifier setProperty:@"installAlertConfiguration" forKey:@"key"];
[installAlertConfigurationSpecifier setProperty:@0 forKey:@"default"];
[_specifiers addObject:installAlertConfigurationSpecifier];
PSSpecifier* otherGroupSpecifier = [PSSpecifier emptyGroupSpecifier];
[otherGroupSpecifier setProperty:[NSString stringWithFormat:@"%@ %@\n\n© 2022-2024 Lars Fröder (opa334)\n\nTrollStore is NOT for piracy!\n\nCredits:\nGoogle TAG, @alfiecg_dev: CoreTrust bug\n@lunotech11, @SerenaKit, @tylinux, @TheRealClarity, @dhinakg, @khanhduytran0: Various contributions\n@ProcursusTeam: uicache, ldid\n@cstar_ow: uicache\n@saurik: ldid", APP_NAME, [self getTrollStoreVersion]] forKey:@"footerText"];
[otherGroupSpecifier setProperty:[NSString stringWithFormat:@"TrollStore %@\n\n© 2022-2023 Lars Fröder (opa334)\n\nTrollStore is NOT for piracy!\n\nCredits:\nGoogle TAG, @alfiecg_dev: CoreTrust bug\n@lunotech11, @SerenaKit, @tylinux, @TheRealClarity: Various contributions\n@ProcursusTeam: uicache, ldid\n@cstar_ow: uicache\n@saurik: ldid", [self getTrollStoreVersion]] forKey:@"footerText"];
[_specifiers addObject:otherGroupSpecifier];
PSSpecifier* advancedLinkSpecifier = [PSSpecifier preferenceSpecifierNamed:@"Advanced"
@ -395,7 +348,6 @@ extern NSUserDefaults* trollStoreUserDefaults(void);
[donateSpecifier setProperty:@YES forKey:@"enabled"];
[_specifiers addObject:donateSpecifier];
#ifndef TROLLSTORE_LITE
// Uninstall TrollStore
PSSpecifier* uninstallTrollStoreSpecifier = [PSSpecifier preferenceSpecifierNamed:@"Uninstall TrollStore"
target:self
@ -409,7 +361,7 @@ extern NSUserDefaults* trollStoreUserDefaults(void);
[uninstallTrollStoreSpecifier setProperty:NSClassFromString(@"PSDeleteButtonCell") forKey:@"cellClass"];
uninstallTrollStoreSpecifier.buttonAction = @selector(uninstallTrollStorePressed);
[_specifiers addObject:uninstallTrollStoreSpecifier];
#endif
/*PSSpecifier* doTheDashSpecifier = [PSSpecifier preferenceSpecifierNamed:@"Do the Dash"
target:self
set:nil
@ -487,7 +439,7 @@ extern NSUserDefaults* trollStoreUserDefaults(void);
{
if([[NSFileManager defaultManager] fileExistsAtPath:[@"/System/Library/AppSignatures" stringByAppendingPathComponent:appProxy.bundleIdentifier]])
{
NSURL* trollStoreMarkURL = [appProxy.bundleURL.URLByDeletingLastPathComponent URLByAppendingPathComponent:TS_ACTIVE_MARKER];
NSURL* trollStoreMarkURL = [appProxy.bundleURL.URLByDeletingLastPathComponent URLByAppendingPathComponent:@"_TrollStore"];
if(![trollStoreMarkURL checkResourceIsReachableAndReturnError:nil])
{
[appCandidates addObject:appProxy];
@ -519,52 +471,6 @@ extern NSUserDefaults* trollStoreUserDefaults(void);
[TSPresentationDelegate presentViewController:selectAppAlert animated:YES completion:nil];
}
- (void)transferAppsPressed
{
UIAlertController *confirmationAlert = [UIAlertController alertControllerWithTitle:@"Transfer Apps" message:[NSString stringWithFormat:@"This option will transfer %zu apps from "OTHER_APP_NAME@" to "APP_NAME@". Continue?", trollStoreInactiveInstalledAppBundlePaths().count] preferredStyle:UIAlertControllerStyleAlert];
UIAlertAction* transferAction = [UIAlertAction actionWithTitle:@"Transfer" style:UIAlertActionStyleDefault handler:^(UIAlertAction* action)
{
[TSPresentationDelegate startActivity:@"Transfering"];
dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^
{
NSString *log;
int transferRet = spawnRoot(rootHelperPath(), @[@"transfer-apps"], nil, &log);
dispatch_async(dispatch_get_main_queue(), ^
{
[TSPresentationDelegate stopActivityWithCompletion:^
{
[self reloadSpecifiers];
if (transferRet != 0) {
NSArray *remainingApps = trollStoreInactiveInstalledAppBundlePaths();
UIAlertController *errorAlert = [UIAlertController alertControllerWithTitle:@"Transfer Failed" message:[NSString stringWithFormat:@"Failed to transfer %zu %@", remainingApps.count, remainingApps.count > 1 ? @"apps" : @"app"] preferredStyle:UIAlertControllerStyleAlert];
UIAlertAction* copyLogAction = [UIAlertAction actionWithTitle:@"Copy Debug Log" style:UIAlertActionStyleDefault handler:^(UIAlertAction* action)
{
UIPasteboard* pasteboard = [UIPasteboard generalPasteboard];
pasteboard.string = log;
}];
[errorAlert addAction:copyLogAction];
UIAlertAction* closeAction = [UIAlertAction actionWithTitle:@"Close" style:UIAlertActionStyleDefault handler:nil];
[errorAlert addAction:closeAction];
[TSPresentationDelegate presentViewController:errorAlert animated:YES completion:nil];
}
}];
});
});
}];
[confirmationAlert addAction:transferAction];
UIAlertAction* cancelAction = [UIAlertAction actionWithTitle:@"Cancel" style:UIAlertActionStyleCancel handler:nil];
[confirmationAlert addAction:cancelAction];
[TSPresentationDelegate presentViewController:confirmationAlert animated:YES completion:nil];
}
- (id)getURLSchemeEnabledForSpecifier:(PSSpecifier*)specifier
{
BOOL URLSchemeActive = (BOOL)[NSBundle.mainBundle objectForInfoDictionaryKey:@"CFBundleURLTypes"];

2
TrollStore/control
View File

@ -1,6 +1,6 @@
Package: com.opa334.trollstore
Name: TrollStore
Version: 2.1
Version: 2.0.9
Architecture: iphoneos-arm
Description: An awesome application!
Maintainer: opa334

2
TrollStore/main.m
View File

@ -4,7 +4,7 @@
NSUserDefaults* trollStoreUserDefaults(void)
{
return [[NSUserDefaults alloc] initWithSuiteName:[NSHomeDirectory() stringByAppendingPathComponent:[NSString stringWithFormat:@"Library/Preferences/%@.plist", APP_ID]]];
return [[NSUserDefaults alloc] initWithSuiteName:[NSHomeDirectory() stringByAppendingPathComponent:@"Library/Preferences/com.opa334.TrollStore.plist"]];
}
int main(int argc, char *argv[]) {

1
TrollStoreLite/.gitignore vendored
View File

@ -1 +0,0 @@
Resources/trollstorehelper

16
TrollStoreLite/Makefile
View File

@ -1,16 +0,0 @@
TARGET := iphone:clang:16.5:14.0
INSTALL_TARGET_PROCESSES = TrollStoreLite
ARCHS = arm64
include $(THEOS)/makefiles/common.mk
APPLICATION_NAME = TrollStoreLite
TrollStoreLite_FILES = $(wildcard ../TrollStore/*.m) $(wildcard ../Shared/*.m)
TrollStoreLite_FRAMEWORKS = UIKit CoreGraphics CoreServices CoreTelephony
TrollStoreLite_PRIVATE_FRAMEWORKS = Preferences MobileIcons MobileContainerManager
TrollStoreLite_LIBRARIES = archive
TrollStoreLite_CFLAGS = -fobjc-arc -I../Shared -I$(shell brew --prefix)/opt/libarchive/include -DTROLLSTORE_LITE
TrollStoreLite_CODESIGN_FLAGS = -Sentitlements.plist
include $(THEOS_MAKE_PATH)/application.mk

BIN
TrollStoreLite/Resources/AppIcon29x29.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.7 KiB

BIN
TrollStoreLite/Resources/AppIcon29x29@2x.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 4.0 KiB

BIN
TrollStoreLite/Resources/AppIcon29x29@3x.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 6.7 KiB

BIN
TrollStoreLite/Resources/AppIcon40x40.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 2.4 KiB

BIN
TrollStoreLite/Resources/AppIcon40x40@2x.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 5.4 KiB

BIN
TrollStoreLite/Resources/AppIcon40x40@3x.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 9.1 KiB

BIN
TrollStoreLite/Resources/AppIcon50x50.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.3 KiB

BIN
TrollStoreLite/Resources/AppIcon50x50@2x.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 7.0 KiB

BIN
TrollStoreLite/Resources/AppIcon57x57.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.5 KiB

BIN
TrollStoreLite/Resources/AppIcon57x57@2x.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 8.5 KiB

BIN
TrollStoreLite/Resources/AppIcon57x57@3x.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 9.3 KiB

BIN
TrollStoreLite/Resources/AppIcon60x60.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.8 KiB

BIN
TrollStoreLite/Resources/AppIcon60x60@2x.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 9.1 KiB

BIN
TrollStoreLite/Resources/AppIcon60x60@3x.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 17 KiB

BIN
TrollStoreLite/Resources/AppIcon72x72.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 4.5 KiB

Some files were not shown because too many files have changed in this diff Show More