mirror of
https://github.com/JJTech0130/pypush.git
synced 2025-01-22 11:18:29 +00:00
more changes still untested
This commit is contained in:
parent
cce6e39079
commit
eee69e17bd
1
demo.py
1
demo.py
@ -92,6 +92,7 @@ async def main():
|
||||
"key": user.push_connection.credentials.private_key,
|
||||
"cert": user.push_connection.credentials.cert,
|
||||
}
|
||||
CONFIG["extra"] = user.extra
|
||||
|
||||
with open("config.json", "w") as f:
|
||||
json.dump(CONFIG, f, indent=4)
|
||||
|
@ -4,7 +4,7 @@ import logging
|
||||
|
||||
import apns
|
||||
|
||||
from . import _helpers, identity, profile, query
|
||||
from . import _helpers, identity, profile, query, encryption
|
||||
from typing import Callable, Any
|
||||
|
||||
class IDSUser:
|
||||
@ -66,6 +66,12 @@ class IDSUser:
|
||||
self.ec_key, self.rsa_key will be set to a randomly gnenerated EC and RSA keypair
|
||||
if they are not already set
|
||||
"""
|
||||
|
||||
|
||||
self.ngm = encryption.NGMIdentity(self.extra.get("device_key"), self.extra.get("prekey"))
|
||||
self.extra["device_key"] = self.ngm.device_key
|
||||
self.extra["prekey"] = self.ngm.pre_key
|
||||
|
||||
cert = identity.register(
|
||||
b64encode(self.push_connection.credentials.token),
|
||||
self.handles,
|
||||
@ -74,13 +80,18 @@ class IDSUser:
|
||||
self._push_keypair,
|
||||
self.encryption_identity,
|
||||
validation_data,
|
||||
self.ngm
|
||||
)
|
||||
self._id_keypair = _helpers.KeyPair(self._auth_keypair.key, cert)
|
||||
|
||||
#self.extra = extra
|
||||
|
||||
def restore_identity(self, id_keypair: _helpers.KeyPair):
|
||||
self._id_keypair = id_keypair
|
||||
|
||||
def auth_and_set_encryption_from_config(self, config: dict[str, dict[str, Any]]):
|
||||
if "extra" in config:
|
||||
self.extra = config["extra"]
|
||||
|
||||
auth = config.get("auth", {})
|
||||
if (
|
||||
|
@ -78,6 +78,28 @@ def create_compact_key():
|
||||
|
||||
return pub, serialize_key(key)
|
||||
|
||||
def compact_key(key: ec.EllipticCurvePrivateKey):
|
||||
from cryptography.hazmat.primitives.asymmetric import ec
|
||||
from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
|
||||
return key.public_key().public_bytes(Encoding.X962, PublicFormat.CompressedPoint)[1:]
|
||||
|
||||
|
||||
def create_compactable_key():
|
||||
# Generate a P256 keypair
|
||||
from cryptography.hazmat.primitives.asymmetric import ec
|
||||
from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
|
||||
|
||||
# Generate keys until we get one that is even
|
||||
key = None
|
||||
|
||||
while True:
|
||||
key = ec.generate_private_key(ec.SECP256R1())
|
||||
pub = key.public_key().public_bytes(Encoding.X962, PublicFormat.CompressedPoint)
|
||||
if pub[0] == 0x02:
|
||||
break
|
||||
|
||||
return serialize_key(key)
|
||||
|
||||
def create_encoded_compact_key() -> tuple[str, str]:
|
||||
pub, key = create_compact_key()
|
||||
# URL-safe base64 encode
|
||||
|
@ -1,8 +1,56 @@
|
||||
from . import ids_pb2, _helpers
|
||||
|
||||
import struct,time
|
||||
|
||||
from cryptography.hazmat.primitives.asymmetric import ec
|
||||
from cryptography.hazmat.primitives import hashes
|
||||
import logging
|
||||
logger = logging.getLogger("ids")
|
||||
|
||||
class NGMIdentity:
|
||||
def __init__(self, device_key: str | None, pre_key: str | None):
|
||||
if device_key is None:
|
||||
device_key = _helpers.create_compactable_key()
|
||||
if pre_key is None:
|
||||
pre_key = _helpers.create_compactable_key()
|
||||
self.device_key = device_key
|
||||
self.pre_key = pre_key
|
||||
|
||||
@staticmethod
|
||||
def serialize_timestamp(timestamp: float):
|
||||
import struct
|
||||
return struct.pack("<d", timestamp)
|
||||
import time
|
||||
time.time()
|
||||
|
||||
|
||||
def sign_prekey(self):
|
||||
timestamp = time.time()
|
||||
to_sign = b"NGMPrekeySignature" + _helpers.compact_key(_helpers.parse_key(self.pre_key)) + struct.pack("<d", timestamp)
|
||||
signed = _helpers.parse_key(self.device_key).sign(to_sign, ec.ECDSA(hashes.SHA256()))
|
||||
|
||||
prekey_signed = ids_pb2.PublicDevicePrekey()
|
||||
prekey_signed.prekeySignature = signed
|
||||
prekey_signed.prekey = _helpers.compact_key(_helpers.parse_key(self.pre_key))
|
||||
prekey_signed.timestamp = timestamp
|
||||
|
||||
return prekey_signed.SerializeToString()
|
||||
|
||||
|
||||
def generate_loggable_data(self):
|
||||
identity = ids_pb2.NgmPublicIdentity()
|
||||
identity.publicKey = _helpers.compact_key(_helpers.parse_key(self.device_key))
|
||||
|
||||
loggable_data = ids_pb2.KeyTransparencyLoggableData()
|
||||
loggable_data.ngmPublicIdentity = identity.SerializeToString()
|
||||
loggable_data.ngmVersion = 12
|
||||
loggable_data.ktVersion = 0
|
||||
|
||||
return loggable_data.SerializeToString()
|
||||
|
||||
|
||||
|
||||
|
||||
def parse_loggable_data(data: bytes):
|
||||
# Parse as a LoggableData
|
||||
loggable_data = ids_pb2.KeyTransparencyLoggableData()
|
||||
@ -30,6 +78,8 @@ def create_loggable_data():
|
||||
|
||||
loggable_data = ids_pb2.KeyTransparencyLoggableData()
|
||||
loggable_data.ngmPublicIdentity = identity.SerializeToString()
|
||||
loggable_data.ngmVersion = 12
|
||||
loggable_data.ktVersion = 5
|
||||
|
||||
|
||||
|
||||
|
148
ids/identity.py
148
ids/identity.py
@ -97,11 +97,16 @@ class IDSIdentity:
|
||||
|
||||
return output.getvalue()
|
||||
|
||||
from . import encryption
|
||||
def register(
|
||||
push_token, handles, user_id, auth_key: KeyPair, push_key: KeyPair, identity: IDSIdentity, validation_data
|
||||
push_token, handles, user_id, auth_key: KeyPair, push_key: KeyPair, identity: IDSIdentity, validation_data, ngm: encryption.NGMIdentity
|
||||
):
|
||||
logger.debug(f"Registering IDS identity for {handles}")
|
||||
uris = [{"uri": handle} for handle in handles]
|
||||
|
||||
from . import encryption
|
||||
data, key = encryption.create_loggable_data()
|
||||
|
||||
import uuid
|
||||
body = {
|
||||
"device-name": "pypush",
|
||||
@ -122,83 +127,82 @@ def register(
|
||||
"com.apple.private.alloy.gamecenter.imessage"],
|
||||
"users": [
|
||||
{
|
||||
# "client-data": {
|
||||
# 'is-c2k-equipment': True,
|
||||
# 'optionally-receive-typing-indicators': True,
|
||||
# 'public-message-identity-key': identity.encode(),
|
||||
# 'public-message-identity-version':2,
|
||||
# 'show-peer-errors': True,
|
||||
# 'supports-ack-v1': True,
|
||||
# 'supports-activity-sharing-v1': True,
|
||||
# 'supports-audio-messaging-v2': True,
|
||||
# "supports-autoloopvideo-v1": True,
|
||||
# 'supports-be-v1': True,
|
||||
# 'supports-ca-v1': True,
|
||||
# 'supports-fsm-v1': True,
|
||||
# 'supports-fsm-v2': True,
|
||||
# 'supports-fsm-v3': True,
|
||||
# 'supports-ii-v1': True,
|
||||
# 'supports-impact-v1': True,
|
||||
# 'supports-inline-attachments': True,
|
||||
# 'supports-keep-receipts': True,
|
||||
# "supports-location-sharing": True,
|
||||
# 'supports-media-v2': True,
|
||||
# 'supports-photos-extension-v1': True,
|
||||
# 'supports-st-v1': True,
|
||||
# 'supports-update-attachments-v1': True,
|
||||
# },
|
||||
"client-data": {
|
||||
'is-c2k-equipment': True,
|
||||
'optionally-receive-typing-indicators': True,
|
||||
'public-message-identity-key': identity.encode(),
|
||||
'public-message-identity-version':2,
|
||||
'show-peer-errors': True,
|
||||
'supports-ack-v1': True,
|
||||
'supports-activity-sharing-v1': True,
|
||||
'supports-audio-messaging-v2': True,
|
||||
"supports-autoloopvideo-v1": True,
|
||||
'supports-be-v1': True,
|
||||
'supports-ca-v1': True,
|
||||
'supports-fsm-v1': True,
|
||||
'supports-fsm-v2': True,
|
||||
'supports-fsm-v3': True,
|
||||
'supports-ii-v1': True,
|
||||
'supports-impact-v1': True,
|
||||
'supports-inline-attachments': True,
|
||||
'supports-keep-receipts': True,
|
||||
"supports-location-sharing": True,
|
||||
'supports-media-v2': True,
|
||||
'supports-photos-extension-v1': True,
|
||||
'supports-st-v1': True,
|
||||
'supports-update-attachments-v1': True,
|
||||
"supports-ack-v1": True,
|
||||
"public-message-identity-key": identity.encode(),
|
||||
"supports-update-attachments-v1": True,
|
||||
"supports-keep-receipts": True,
|
||||
"supports-people-request-messages-v2": True,
|
||||
"supports-people-request-messages-v3": True,
|
||||
"supports-impact-v1": True,
|
||||
"supports-rem": True,
|
||||
"nicknames-version": 1.0,
|
||||
"ec-version": 1.0,
|
||||
"supports-animoji-v2": True,
|
||||
"supports-ii-v1": True,
|
||||
"optionally-receive-typing-indicators": True,
|
||||
"supports-inline-attachments": True,
|
||||
"supports-people-request-messages": True,
|
||||
"supports-cross-platform-sharing": True,
|
||||
"public-message-ngm-device-prekey-data-key": ngm.sign_prekey(),
|
||||
#"public-message-ngm-device-prekey-data-key": b"\n \xb4\\\x15\x8e\xa4\xc8\xe5\x07\x98\tp\xd0\xa4^\x84k\x05#Ep\xa9*\xcd\xadt\xf5\xb0\xfb\xa6_ho\x12@\xe3\xf5\xcaOwh\xfd\xb9\xecD\t\x0e\x9e\xb8\xb0\xa1\x1c=\x92\x9dD/lmL\xde.\\o\xeb\x15>\x9f\xae\xd9\xf9\xd1\x9c*\x8dU\xe0\xd2\xdeo\xb2\xcb\xd8\xf8i\xd4\xd0a^\t!\x0fa\xb2\xddI\xfc_*\x19\xb2\xf0#\x12\xe0@\xd9A",
|
||||
"supports-original-timestamp-v1": True,
|
||||
"supports-sa-v1": True,
|
||||
"supports-photos-extension-v2": True,
|
||||
"supports-photos-extension-v1": True,
|
||||
"prefers-sdr": False,
|
||||
"supports-fsm-v1": True,
|
||||
"supports-fsm-v3": True,
|
||||
"supports-fsm-v2": True,
|
||||
"supports-shared-exp": True,
|
||||
"supports-location-sharing": True,
|
||||
#"device-key-signature": b'0c\x04\x14\x1d\xb02~\xefk&\xf8\r;R\xa4\x95c~\x8a\x90H\x85\xb0\x02\x01\x01\x04H0F\x02!\x00\xa7\x08\xf5"z.3/\xbe\xea\x8c\xce\x8dD\xb6\xf0v\xd0\x030\xac\xd1\xde\x88\x89q\x9ej\x1bJR\xce\x02!\x00\xb8^\xd9\x97`\x19|\xa8\x1d\\\xf9E\x1a`<0\x00\xab\x94\x0bs\xed\x8b\xc4h\xcb\r\x91\xdb\xb0W\xdc',
|
||||
"supports-st-v1": True,
|
||||
"supports-ca-v1": True,
|
||||
"supports-protobuf-payload-data-v2": True,
|
||||
"supports-hdr": True,
|
||||
"supports-media-v2": True,
|
||||
"supports-be-v1": True,
|
||||
"public-message-identity-version": 2.0,
|
||||
"supports-heif": True,
|
||||
"supports-certified-delivery-v1": True,
|
||||
"supports-autoloopvideo-v1": True,
|
||||
"supports-dq-nr": True,
|
||||
"public-message-identity-ngm-version": 12.0,
|
||||
"supports-audio-messaging-v2": True,
|
||||
},
|
||||
"kt-loggable-data": ngm.generate_loggable_data(),
|
||||
"kt-mismatch-account-flag": True,
|
||||
"uris": uris,
|
||||
"user-id": user_id,
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
"client-data": {
|
||||
"supports-ack-v1": True,
|
||||
"public-message-identity-key": identity.encode(),
|
||||
"supports-update-attachments-v1": True,
|
||||
"supports-keep-receipts": True,
|
||||
"supports-people-request-messages-v2": True,
|
||||
"supports-people-request-messages-v3": True,
|
||||
"supports-impact-v1": True,
|
||||
"supports-rem": True,
|
||||
"nicknames-version": 1.0,
|
||||
"ec-version": 1.0,
|
||||
"supports-animoji-v2": True,
|
||||
"supports-ii-v1": True,
|
||||
"optionally-receive-typing-indicators": True,
|
||||
"supports-inline-attachments": True,
|
||||
"supports-people-request-messages": True,
|
||||
"supports-cross-platform-sharing": True,
|
||||
"public-message-ngm-device-prekey-data-key": b"\n \xb4\\\x15\x8e\xa4\xc8\xe5\x07\x98\tp\xd0\xa4^\x84k\x05#Ep\xa9*\xcd\xadt\xf5\xb0\xfb\xa6_ho\x12@\xe3\xf5\xcaOwh\xfd\xb9\xecD\t\x0e\x9e\xb8\xb0\xa1\x1c=\x92\x9dD/lmL\xde.\\o\xeb\x15>\x9f\xae\xd9\xf9\xd1\x9c*\x8dU\xe0\xd2\xdeo\xb2\xcb\xd8\xf8i\xd4\xd0a^\t!\x0fa\xb2\xddI\xfc_*\x19\xb2\xf0#\x12\xe0@\xd9A",
|
||||
"supports-original-timestamp-v1": True,
|
||||
"supports-sa-v1": True,
|
||||
"supports-photos-extension-v2": True,
|
||||
"supports-photos-extension-v1": True,
|
||||
"prefers-sdr": False,
|
||||
"supports-fsm-v1": True,
|
||||
"supports-fsm-v3": True,
|
||||
"supports-fsm-v2": True,
|
||||
"supports-shared-exp": True,
|
||||
"supports-location-sharing": True,
|
||||
"device-key-signature": b'0c\x04\x14\x1d\xb02~\xefk&\xf8\r;R\xa4\x95c~\x8a\x90H\x85\xb0\x02\x01\x01\x04H0F\x02!\x00\xa7\x08\xf5"z.3/\xbe\xea\x8c\xce\x8dD\xb6\xf0v\xd0\x030\xac\xd1\xde\x88\x89q\x9ej\x1bJR\xce\x02!\x00\xb8^\xd9\x97`\x19|\xa8\x1d\\\xf9E\x1a`<0\x00\xab\x94\x0bs\xed\x8b\xc4h\xcb\r\x91\xdb\xb0W\xdc',
|
||||
"supports-st-v1": True,
|
||||
"supports-ca-v1": True,
|
||||
"supports-protobuf-payload-data-v2": True,
|
||||
"supports-hdr": True,
|
||||
"supports-media-v2": True,
|
||||
"supports-be-v1": True,
|
||||
"public-message-identity-version": 2.0,
|
||||
"supports-heif": True,
|
||||
"supports-certified-delivery-v1": True,
|
||||
"supports-autoloopvideo-v1": True,
|
||||
"supports-dq-nr": True,
|
||||
"public-message-identity-ngm-version": 12.0,
|
||||
"supports-audio-messaging-v2": True,
|
||||
},
|
||||
"kt-loggable-data": b'\n"\n \rl\xbe\xca\xf7\xe8\xb2\x89k\x18\x1e\xb9,d\xf8\xe2\n\xbf\x8d\xe1E\xd6\xf3T\xcb\xd9\x99d\xd1mk\xeb\x10\x0c\x18\x05"E\x08\x01\x12A\x04\xe3\xe7Y.zW\x0f\x9d\x95\xc2\xc5\xd9\x9eC\x05\xa0\x95.\xa9DW\xa9\xfb\xa9\xaa\x1a\x868\x0e\xee\xe6\x8f%\x12\xa3\r\x01\xe1\xbb\x97M\x9a\x19\x16\x94D\xcdv\xeb\xefem?\xb3\xefzM#~a\x92\x0fO\xab',
|
||||
"kt-mismatch-account-flag": True,
|
||||
},
|
||||
}
|
||||
],
|
||||
"validation-data": b64decode(validation_data),
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
syntax = "proto3";
|
||||
syntax = "proto2";
|
||||
|
||||
// message InnerMessage {
|
||||
// required bytes message = 1;
|
||||
@ -8,11 +8,17 @@ syntax = "proto3";
|
||||
// }
|
||||
|
||||
message KeyTransparencyLoggableData {
|
||||
bytes ngmPublicIdentity = 1;
|
||||
uint32 ngmVersion = 2;
|
||||
uint32 ktVersion = 3;
|
||||
optional bytes ngmPublicIdentity = 1;
|
||||
optional uint32 ngmVersion = 2;
|
||||
optional uint32 ktVersion = 3;
|
||||
}
|
||||
|
||||
message NgmPublicIdentity {
|
||||
bytes publicKey = 1;
|
||||
optional bytes publicKey = 1;
|
||||
}
|
||||
|
||||
message PublicDevicePrekey {
|
||||
required bytes prekey = 1;
|
||||
required bytes prekeySignature = 2;
|
||||
required double timestamp = 3;
|
||||
}
|
@ -13,7 +13,7 @@ _sym_db = _symbol_database.Default()
|
||||
|
||||
|
||||
|
||||
DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\rids/ids.proto\"_\n\x1bKeyTransparencyLoggableData\x12\x19\n\x11ngmPublicIdentity\x18\x01 \x01(\x0c\x12\x12\n\nngmVersion\x18\x02 \x01(\r\x12\x11\n\tktVersion\x18\x03 \x01(\r\"&\n\x11NgmPublicIdentity\x12\x11\n\tpublicKey\x18\x01 \x01(\x0c\x62\x06proto3')
|
||||
DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\rids/ids.proto\"_\n\x1bKeyTransparencyLoggableData\x12\x19\n\x11ngmPublicIdentity\x18\x01 \x01(\x0c\x12\x12\n\nngmVersion\x18\x02 \x01(\r\x12\x11\n\tktVersion\x18\x03 \x01(\r\"&\n\x11NgmPublicIdentity\x12\x11\n\tpublicKey\x18\x01 \x01(\x0c\"P\n\x12PublicDevicePrekey\x12\x0e\n\x06prekey\x18\x01 \x02(\x0c\x12\x17\n\x0fprekeySignature\x18\x02 \x02(\x0c\x12\x11\n\ttimestamp\x18\x03 \x02(\x01')
|
||||
|
||||
_globals = globals()
|
||||
_builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals)
|
||||
@ -25,4 +25,6 @@ if _descriptor._USE_C_DESCRIPTORS == False:
|
||||
_globals['_KEYTRANSPARENCYLOGGABLEDATA']._serialized_end=112
|
||||
_globals['_NGMPUBLICIDENTITY']._serialized_start=114
|
||||
_globals['_NGMPUBLICIDENTITY']._serialized_end=152
|
||||
_globals['_PUBLICDEVICEPREKEY']._serialized_start=154
|
||||
_globals['_PUBLICDEVICEPREKEY']._serialized_end=234
|
||||
# @@protoc_insertion_point(module_scope)
|
||||
|
33
test.py
33
test.py
@ -1,8 +1,33 @@
|
||||
import ids
|
||||
from ids import encryption
|
||||
|
||||
test = "0a220a200d6cbecaf7e8b2896b181eb92c64f8e20abf8de145d6f354cbd99964d16d6beb100c180522450801124104e3e7592e7a570f9d95c2c5d99e4305a0952ea94457a9fba9aa1a86380eeee68f2512a30d01e1bb974d9a19169444cd76ebef656d3fb3ef7a4d237e61920f4fab"
|
||||
test = bytes.fromhex(test)
|
||||
encryption.parse_loggable_data(test)
|
||||
from rich.logging import RichHandler
|
||||
import logging
|
||||
logging.basicConfig(
|
||||
level=logging.NOTSET, format="%(message)s", datefmt="[%X]", handlers=[RichHandler()]
|
||||
)
|
||||
|
||||
print(encryption.create_loggable_data())
|
||||
# Set sane log levels
|
||||
logging.getLogger("urllib3").setLevel(logging.WARNING)
|
||||
logging.getLogger("py.warnings").setLevel(logging.ERROR) # Ignore warnings from urllib3
|
||||
logging.getLogger("asyncio").setLevel(logging.WARNING)
|
||||
logging.getLogger("jelly").setLevel(logging.INFO)
|
||||
logging.getLogger("nac").setLevel(logging.INFO)
|
||||
logging.getLogger("apns").setLevel(logging.INFO)
|
||||
logging.getLogger("albert").setLevel(logging.INFO)
|
||||
logging.getLogger("ids").setLevel(logging.DEBUG)
|
||||
logging.getLogger("bags").setLevel(logging.INFO)
|
||||
logging.getLogger("imessage").setLevel(logging.INFO)
|
||||
|
||||
logging.captureWarnings(True)
|
||||
|
||||
test = "0a220a200d6cbecaf7e8b2896b181eb92c64f8e20abf8de145d6f354cbd99964d16d6beb100c180522450801124104e3e7592e7a570f9d95c2c5d99e4305a0952ea94457a9fba9aa1a86380eeee68f2512a30d01e1bb974d9a19169444cd76ebef656d3fb3ef7a4d237e61920f4fab"
|
||||
test2 = b'\n"\n \rl\xbe\xca\xf7\xe8\xb2\x89k\x18\x1e\xb9,d\xf8\xe2\n\xbf\x8d\xe1E\xd6\xf3T\xcb\xd9\x99d\xd1mk\xeb\x10\x0c\x18\x05"E\x08\x01\x12A\x04\xe3\xe7Y.zW\x0f\x9d\x95\xc2\xc5\xd9\x9eC\x05\xa0\x95.\xa9DW\xa9\xfb\xa9\xaa\x1a\x868\x0e\xee\xe6\x8f%\x12\xa3\r\x01\xe1\xbb\x97M\x9a\x19\x16\x94D\xcdv\xeb\xefem?\xb3\xefzM#~a\x92\x0fO\xab'
|
||||
print(test2.hex())
|
||||
test3 = b'\n"\n \xa0F\x01\xf7x]\xbb\x11<\x98y\xba\xd3<\xec\xa2s\x95\x02\xc4\x17\x95\xfc\x83!\x88\x96P\xa9\x01\xc2\x9c\x10\x0c\x18\x05'
|
||||
test = bytes.fromhex(test)
|
||||
#encryption.parse_loggable_data(test)
|
||||
print(encryption.parse_loggable_data(test2))
|
||||
print(encryption.parse_loggable_data(test3))
|
||||
|
||||
print(encryption.create_loggable_data()[0])
|
Loading…
Reference in New Issue
Block a user