summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2023-09-29tss: Add Ap,SikaFuse to TSS request as seen for iPhone 14/15 devicesGravatar Nikias Bassen1-0/+8
This is currently implemented as a workaround as the evaluation of when this value should be set is unclear. Right now we set it when UID_MODE is set too.
2023-09-14Refactor ipsw code to transparently stream images directly from ZIP or ↵Gravatar Nikias Bassen9-355/+272
extracted ipsw This allows flashing directly from IPSW archive without having to extract it first, and ultimately removes the "Extracting filesystem from IPSW" part. Restoring from extracted IPSW is also supported, just pass the path to the directory that has all the files from a given IPSW.
2023-09-14autoconf: Link against libusbmuxd tooGravatar Nikias Bassen1-0/+2
2023-09-14tss: Make missing ApNonce non-fatal for IMG3Gravatar Nikias Bassen1-2/+1
For IMG3 devices, DFU does not provide ApNonce, but a valid SHSH is needed to boot into iBSS (which then does provide ApNonce). Thanks to @tihmstar for providing the fix!
2023-09-13normal: Don't do unpair before entering recovery mode, remove pairing record ↵Gravatar Nikias Bassen1-6/+4
afterwards instead
2023-09-13restore: Remove plist debug print for non-existent UniqueBuildIDGravatar Nikias Bassen1-1/+4
and print it in a better format if it does exist
2023-09-06fdr: Fix a debug log messageGravatar Nikias Bassen1-1/+1
2023-09-06tss: Bump auth client version to match iOS 16.5Gravatar Daniel VanBritsom1-1/+1
Sourced from the iOS 16.5 UpdateBrain.dylib
2023-07-25Add generic TSS request generatorGravatar Clément Decoodt1-2/+67
This uses the DeviceGeneratedRequest and DeviceGeneratedTags to generate the full TSS request. This allows to have a more future-proof approach to new firmware names they add.
2023-07-25Add SE,ChipID 0x2CGravatar Clément Decoodt1-1/+1
2023-07-25Display iBoot boot stageGravatar Clément Decoodt2-0/+29
This helps debugging cases where the iDevice does not go into stage 2 because of a missing firmware
2023-07-25Add support for incoherent iBoot parametersGravatar Clément Decoodt1-5/+7
Some firmwares to load during iBoot stage 1 can have both: - isLoadedByiBoot = false - isLoadedByiBootStage1 = true This allows to load it at stage 1
2023-05-23Use DeviceGeneratedRequest plist for SE TSS requestsGravatar Clément Decoodt2-8/+22
2023-04-21Updated to use latest libplist APIGravatar Nikias Bassen1-1/+1
2023-04-14Allow setting custom TSS request URL through command line switchGravatar Nikias Bassen2-6/+34
2023-04-13img4: Remove unused debug codeGravatar Nikias Bassen1-31/+0
2022-10-19restore: Fix compilation error due to wrong variable nameGravatar Nikias Bassen1-2/+2
2022-10-19restore: Only print boot object v3/v4 plist in debug modeGravatar Nikias Bassen1-2/+8
2022-10-18Use limera1n_is_supported instead of compatibility check added with previous ↵Gravatar Nikias Bassen1-17/+1
commit
2022-10-12Check if device is limera1n-vulnerable for --pwn optionGravatar Alfie Cockell Gwinnett1-8/+30
2022-10-11recovery: Also send "go" and "reset" commands with bRequest set to 1Gravatar Nikias Bassen1-2/+2
2022-10-08recovery: Send bootx with bRequest set to 1 for all platformsGravatar Nikias Bassen1-1/+1
2022-10-05recovery: set bRequest to 1 when sending bootx commandGravatar Munehisa Kamata1-1/+1
In macOS 13 beta 8 or newer release, bootx seems to fail if bRequest is 0 in the control transfer setup. Then, the device fails to enter restore mode. Seems like something has changed in iBEC since beta 8 and Apple Configurator 2 has set it to 1, so do the same thing. While this could be applied for all *OS variants, it's limited to macOS for now just to be safe. Signed-off-by: Munehisa Kamata <kamatam@amazon.com>
2022-10-04img4: Add support for stitching with additional TBM dataGravatar Nikias Bassen3-7/+191
2022-10-02Reduce memory usage for SourceBootObjectV4 imagesGravatar Nikias Bassen4-91/+201
2022-09-25tss: Add preliminary code to set UID_MODEGravatar Nikias Bassen1-0/+12
2022-09-25tss: Make sure vinyl tags include eUICC,Gold and eUICC,Main digestsGravatar Nikias Bassen1-0/+19
... as well as eUICC,ApProductionMode which was missing before.
2022-09-21img4: Add some more component tagsGravatar Nikias Bassen1-16/+28
2022-09-21tss: Add NeRDEpoch to TSS requests for newer devices (iPhone 13 and up)Gravatar Nikias Bassen1-0/+2
2022-09-20ipsw: Add some NULL checks to ipsw_extract_to_file_with_progress()Gravatar Nikias Bassen1-1/+12
2022-09-16tss: Don't add @BBTicket in tss_request_new()Gravatar Nikias Bassen2-2/+1
2022-09-16Fix Cryptex1 and Cryptex1LocalPolicy TSS request handlingGravatar Nikias Bassen3-15/+74
2022-08-29restore: Add support for Cryptex1LocalPolicy firmware updaterGravatar Nikias Bassen1-10/+23
2022-08-29restore: use an appropriate ticket for Cryptex1 global manifestGravatar Munehisa Kamata1-7/+24
macOS 13 introduced a new global manifest for Cryptex1 and it requires tickets found in Firmware/Manifests/restore/cryptex1/macOS Customer/ inside an IPSW, but we currently do not use the tickets and end up unexpected behavior on a Mac device after restoring, e.g. bputil fails to downgrade security mode due to "Cryptex1 manifest verification failed". This adds a proper handling to use the appropriate tickets. Signed-off-by: Munehisa Kamata <kamatam@amazon.com>
2022-08-23tss: Skip components with IsFTAB:true when adding AP tags to requestGravatar Nikias Bassen1-0/+6
This should fix devices failing to enter restore mode due to an incorrect signature for the repective components.
2022-06-28restore: Don't print 'Attempting to continue after critical error' warning ↵Gravatar Nikias Bassen1-1/+1
when no error was detected This only occurred when using --ignore-errors command line option.
2022-06-28Make sure to exactly match the passed variant when using --variantGravatar Nikias Bassen3-9/+9
2022-06-27Add --variant command line switch to specify build identity to useGravatar Nikias Bassen2-4/+16
2022-06-27Ignore 'Research*' variant in build identity selectionGravatar Nikias Bassen1-2/+2
2022-06-27ipsw: Add workaround for missing RestoreBehavior entries for ipsw infoGravatar Nikias Bassen1-1/+9
2022-06-27Don't print an error message when RestoreBehavior is missingGravatar Nikias Bassen1-13/+6
2022-06-27ipsw: Improve error message when fwrite failsGravatar Nikias Bassen1-2/+2
2022-06-23Support iOS 16.0 Beta 2 (#506)Gravatar Emma Lethaltail1-0/+1
2022-06-20Remove more serial number checks, and get ECID early on in all modesGravatar Nikias Bassen8-135/+31
Some devices seem to not have a serial number, usually in restore mode, which will cause the restore operation to fail since we specifically check for it. An earlier commit already removed the actual comparison in favor of comparing the ECID, but some checks would still result in restore failures as it can't retrieve the serial number on said devices at all. This commit also makes sure to get the ECID in all modes as early as possible and removes all the helper functions for it since they are not needed anymore.
2022-06-20Add support for FirmwareUpdaterPreflight messageGravatar Clément Decoodt1-0/+31
This message seems mandatory on the new versions of MacOS (12+), but it seems an empty response is what's expected.
2022-06-17Use more elegant way to match file name to component nameGravatar Nikias Bassen1-37/+33
2022-06-17restore: Fix memory corruption in restore_get_timer_firmware_dataGravatar Doron Zarhi1-1/+1
2022-06-17Add support for iOS 16Gravatar Doron Zarhi4-21/+157
2022-05-23ipsw: Update to reflect color macro name change in libimobiledevice-glueGravatar Nikias Bassen1-7/+7
2022-04-27Fix restore for devices that don't have eUICCGravatar Nikias Bassen1-1/+1
Because of a default value of (uint64_t)-1LL returned when _plist_dict_get_uint doesn't find the dictionary entry for the given key, a later comparison of that unsigned value against something like >= 5 will result in the condition being true even though it was not supposed to. _plist_dict_get_uint will now return a default value of 0 if the key is not found. Code paths that deal with actual values of 0 vs. non-existent values need to test the existence of the key deal with that; I am currently not aware of anything that would be affected.