More insights

[janbrodhaecker]

Hi! Can you give some more insights on the idea of how this should work with a raspberry?

[45clouds]

Hi Jan! I would like to put RPi3 into armrest base box. I have 2 USB ports there (both of them are CarPlay enabled). One of them will be directly connected to RPi3 using USB-A cable (male on both sides). Another one will be used as a power supply to RPI3. There are some presentations available on apple.com website that describe pairing process. Part1: https://developer.apple.com/videos/play/wwdc2016/722/ and part2: https://developer.apple.com/videos/play/wwdc2016/723/. The first step is to manage bluetooth connection between iPhone and RPi3 and after successful pairing the wireless connection should be established. Unfortunately bluezd stack doesn't support iAP2 profile. That's why I'm trying to implement part of Accessory SDK available from Apple to certified MFi hardware developers.

[45clouds]

You can read this article: https://blog.csdn.net/huangke2012hk/article/details/51240615 (please use google translate).

[45clouds]

And here is bluetooth part: https://blog.csdn.net/huangke2012hk/article/details/51226220

[janbrodhaecker]

Wow! Thank you really much for the input! I am also really interested in achieving the same as you. I did not even had an idea where to start, but this helped me a lot. I will dive into the resources, you provided.

[45clouds]

Ok. I've a small gift for you. Please look at carplay.pdf in this repo :)

[janbrodhaecker]

Oh my god! Thank you so much! Just seems like the holy grail for me! Thank you so much!!!

[janbrodhaecker]

Unfortunately bluezd stack doesn't support iAP2 profile. That's why I'm trying to implement part of Accessory SDK available from Apple to certified MFi hardware developers.

Do you have already any idea where to start here?

[45clouds]

Hi Jan,

I have to talk to this man. Please read: https://hackernoon.com/building-an-ios-hardware-app-401eb4869012

[janbrodhaecker]

Hi! Thanks for your answer, I really appreciate that you are sharing your information on that topic!

I just investigated a bit for an hour or so and I think without the accessory specification we will not get to manage it. To use iAP2 we would need to use the software authentication as we do not have any access to the Apple Authentication Coprocessor - but there is no documentation about that available for non-MFi people.

[45clouds]

Yes.... this topic is quite difficult as I see. I committed some new documentation directly from Apple. Look at Accessory Authentication (most important part), Authentication Coprocessor, Bluetooth Accessories and Device Authentication. Let me know if you will have some ideas because I'm a little bit lost right now.

[janbrodhaecker]

Thanks! I see, this documentation is "free" available on the internet - I guess this is too old, as the the software authentication was introduced one year ago (as far as I understood it from the posts).

We would need a more recent documentation, I guess.

[45clouds]

I will talk to Chinese friends regarding new version. Meanwhile I noticed this:

https://www.microchipdirect.com/product/rn42apl-i/rm550

This chip is Bluetooth RN-42 module with Apple Level A firmware. Latest firmware 5.50 contains iAP2 support. I would prefer to have clean RPi-only solution but maybe I will purchase this chip to make some debugging.

[janbrodhaecker]

Regarding the new version, maybe this link is helpful: https://download.csdn.net/download/SJno111/11984618

But I am not able to download ... and I am also not sure if this helps or not.

[45clouds]

Hi Jan. I got this file. It seems that Apple removed whole Chapter 23 (CarPlay) from this document. Please contact me directly and I will share this file with you.

[Vulpecula-nl]

I also interested in Apple Carplay on a raspberry pi. Do you have anything working to show?

[45clouds]

Hi,

Unfortunately we are still in early stage. The most important and interesting part is to establish BLE connection between iPhone and Raspberry which is iAP2 authenticated. Normally you need Apple Authentication Coprocessor which is available only for companies that have MFI certification. But it seems that some Chinese companies have a workaround.

Cheers,

Wiadomość napisana przez Vulpecula notifications@github.com w dniu 06.02.2020, o godz. 21:37:

I also interested in Apple Carplay on a raspberry pi. Do you have anything working to show?

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/45clouds/WirelessCarPlay/issues/1?email_source=notifications&email_token=AD5QRZHBHX5AEA4OV7V7DX3RBRYG5A5CNFSM4KC3V3SKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOELAWD3I#issuecomment-583098861, or unsubscribe https://github.com/notifications/unsubscribe-auth/AD5QRZAAA7CXUWI23WDU4Q3RBRYG5ANCNFSM4KC3V3SA.

[janbrodhaecker]

But it seems that some Chinese companies have a workaround.

If so, this would be amazing! I guess, once the authentication is bypassed, the rest is quite easy to implement (compared to the authentication ;) )

[fboulegue]

damn nice project if we can support you somehow let me know!

[lodi12]

Hi, Unfortunately we are still in early stage. The most important and interesting part is to establish BLE connection between iPhone and Raspberry which is iAP2 authenticated. Normally you need Apple Authentication Coprocessor which is available only for companies that have MFI certification. But it seems that some Chinese companies have a workaround. Cheers, …

As far as I know, now Apple MFI uses software authentication but I cannot find any documentations online. To obtain the documentations for CarPlay you must enroll the MFi Program (https://developer.apple.com/programs/mfi/).

[janbrodhaecker]

There is no proper source on the fact, that Apple uses software authentication from now on. The only thing I could find out is, that HomeKit devices do not need an hardware authentication any longer. For all other devices, there is still the hardware authentication (afaik).

[hbouhadji]

I think we should reverse the iOS frameworks source code of the mfi protocol (using ida/hopper/radare2). You can find the binaries here (of the xcode simulator):

/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Library/Developer/CoreSimulator/Profiles/Runtimes/iOS.simruntime/Contents/Resources/RuntimeRoot/System/Library/PrivateFrameworks/
/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Library/Developer/CoreSimulator/Profiles/Runtimes/iOS.simruntime/Contents/Resources/RuntimeRoot/System/Library/Frameworks/

Imo the best solution is to make an iOS tweak (require device jailbroken) to bypass the MFi authentication, but that's difficult too. I already lost so much time trying to do this

[AngrySKL]

Hi! First i wanna say this is a great project, it give me the ability to build my own wireless carplay. But to be honest, i'm still a little not sure about what should I do. So the basic idea is transfer carplay data through wifi but do wifi connection through bluetooth right? So if I have a rip3 chip with wifi and bluetooth module and configure wifi on AP mode -> connect my iphone to the bluetooth of the rip3 chip and then this project will take care of all the rest things automaticlly?

[savent404]

If u guys wanna do this on RPi3, crash the MFi first.

[WifiHero91]

Check this guys for MFI hack.: Link to PPT http://2013.hackitoergosum.org

Other things.: If you use BLE no MFI needed.

[sa7mon]

Hi all - just checking in. Has anyone got this working with any Raspberry Pi models? I see there are binaries in the repo. If they do work can someone post some general instructions on using them? Thanks!

[maaiika]

hey，u can buy a carplay dongle 。thats much easy https://github.com/electric-monk/pycarplay

[TimorYang]

Check this guys for MFI hack.: Link to PPT http://2013.hackitoergosum.org

Other things.: If you use BLE no MFI needed.

According to the document, you need to connect via Bluetooth, and then transmit the WI-FI license certificate through IAP2 protocol to connect to Wi-Fi. SO, We can’t get around IPA2.

[rgoggy]

Any update here? I would like to have wireless car play, but the dongles always produce an own WiFi. So I can not use the wifi of the car. I would like to have the rpi as Converter that uses the same wifi

[janbrodhaecker]

there is currently no official way to authenticate the raspberry against the iPhone ... so IAP2 is not possible.

still wondering how all the available dongles from china can handle this ...

[cuongnv]

Anything update on this project?

[Edgy1337]

there is currently no official way to authenticate the raspberry against the iPhone ... so IAP2 is not possible.

still wondering how all the available dongles from china can handle this ...

Something they probably are never gonna share. I wish the good old days where things would be open sourced and could be build on top off.

[qdk0901]

All the things about IAP2 chip authentication have been located under AccessorySDK/Support/MFiServerPlatformLinux.c

Just put the MFI CPIC (buy one from AliExpress) on to rpi board with i2c bus, the IAP2 auth stuffs should work

[janbrodhaecker]

@qdk0901 could you provide more info on the MFI CPIC? Maybe a direct link?

[qdk0901]

https://github.com/ludwig-v/wireless-carplay-dongle-reverse-engineering/discussions/55

The MFi auth process read certificate or make challenge response from MFi CPIC through i2c bus， some code in AccessorySDK/Support/MFiServerPlatformLinux.c

#define kMFiAuthDevicePath                  "/dev/i2c-1"
...
// Write the data to sign.
    // Note: writes to the size register auto-increment to the data register that follows it.

    require_action( inDigestLen == 20, exit, err = kSizeErr );
    buf[ 0 ] = (uint8_t)( ( inDigestLen >> 8 ) & 0xFF );
    buf[ 1 ] = (uint8_t)(   inDigestLen        & 0xFF );
    memcpy( &buf[ 2 ], inDigestPtr, inDigestLen );
    err = _DoI2C( fd, kMFiAuthReg_ChallengeSize, buf, 2 + inDigestLen, NULL, 0 );
    require_noerr( err, exit );

[hbouhadji]

I think this is it -> https://www.alibaba.com/product-detail/Original-integrated-circuit-APN-337S3959-QFN_1600293330738.html

[Luccifer]

https://github.com/ludwig-v/wireless-carplay-dongle-reverse-engineering

[mcr-ksh]

MFI CPIC

What are keywords to look for on ali? (just MFi and CPIC is way too generic) Anyone found some I2C ready boards to attach to the RPi?

[hbouhadji]

I got it working by making an iOS tweak (jailbroken device required) to bypass the mfi authentication and tweaking a lot of other stuff on the program. probably can be done with a custom pcb and soldering a mfi chip on it.

[mcr-ksh]

I can confirm it works with a custom pcb and MFI chip. We got it working that way On 30. Jul 2022, 10:16 +0100, Hakim @.***>, wrote:

I got it working by making an iOS tweak (jailbroken device required) to bypass the mfi authentication and tweaking a lot of other stuff on the program. probably can be done with a custom pcb and soldering a mfi chip on it. — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you commented.Message ID: @.***>

[ChrisKader]

MFI

Would a custom PCB even be needed? The RPI has GPIO headers that can be used to communicate with it. Further, with the firmware dumps provided by this repo we have what we would need to use a MFI chip with a pi.

[ChrisKader]

Would it be possible to pass the auth straight to the radio?

[mcr-ksh]

No idea what you mean with "pass the auth to the radio". You see the post from qdk0901 above that has a code snippet of the Apple MFi code, which directly references to the i2c device.

[hbouhadji]

I can confirm it works with a custom pcb and MFI chip. We got it working that way … On 30. Jul 2022, 10:16 +0100, Hakim @.>, wrote: I got it working by making an iOS tweak (jailbroken device required) to bypass the mfi authentication and tweaking a lot of other stuff on the program. probably can be done with a custom pcb and soldering a mfi chip on it. — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you commented.Message ID: @.>

nice, but this need some soldering skill which i don't have

[ChrisKader]

No idea what you mean with "pass the auth to the radio". You see the post from qdk0901 above that has a code snippet of the Apple MFi code, which directly references to the i2c device.

So the mfi IC doesn’t care that it’s doing a challenge response for a device it wasn’t programmed for. Makes sense especially since CarPlay works without internet.

By radio, I mean the head unit. Treat our device as a pass through and act like it’s not even there. If an auth iap2 request comes in, we send it to the head unit and have it reply.

[ChrisKader]

Since the head unit is CarPlay ready, it has the IC and such needed to iap2 auth with a phone. When the phone connects to our Pi’s Bluetooth and starts the iap2 procedure, we pass the requests to the CayPlay head unit and in turn pass the replies to the phone.

[ChrisKader]

[ChrisKader]

I also like the idea of this: https://github.com/OMGsus/MFiWrapper Its for controllers but the idea in general is solid.

Also, it looks like we can piggy back off the MFI chip that the cars head unit uses. We can even modify the Capabilities data sent back from the head unit to make it look like it supports bluetooth carplay natively and then use our device as a middle man instead of an accessory.

[herenickname]

Some Chinese manufacturers of head units have a mfi chip inside and an application for wireless CarPlay. For example, here is an application from Teyes head unit: https://www.file.io/S4fj/download/E1QzuTsie5NV Perhaps this will help you understand the issue faster.

Personally, Im interested in getting CarPlay video stream on the screen of my RPi :) I would like to know what is your progress now? @ChrisKader @qdk0901 @mcr-ksh

[Wh1terat]

Plenty of MFI ICs available from questionable sources in China.

Paid $245 a few years ago to get 20 boards made up, that included pcb, component sourcing, assembly and shipping. Not bad given the low quantity.

[liuwentai]

尊敬的客户： 您的报装材料已成功发送，我们将尽快审核，请您耐心等待，期间如有任何疑问，请联系您的专属客户经理14795510147。