Skip integrity check failure

asakaev commented 11 months ago

This PR fixes #9 and #10. Tested on macOS 10.13 x86 and 13.6 M1.

molmar commented 3 months ago

Hey @asakaev I'm trying to test this on 13.6 and 14.5, 2017 and 2020 MacbookPro respectively, but I'm still getting AESUnwrap: integrity check FAIL.

On 13.6 with the 2017 machine:

 [-] Decrypted Key : 5fb3xxxxxxxxxxxxxxxxxxxxx
[+] Table Name : Generic Password
AESUnwrap: integrity check FAIL, wrong kek ? 13967x
AESUnwrap: integrity check FAIL, wrong kek ? 11450xx
AESUnwrap: integrity check FAIL, wrong kek ? 15485xx
AESUnwrap: integrity check FAIL, wrong kek ? 14650x
AESUnwrap: integrity check FAIL, wrong kek ? 19038x
...

It seems to fail for each item, while on the 2020 it fails directly after Device key:

[*] The Device key : d8ea50xxxxxxxxxxxxxxxxxx
AESUnwrap: integrity check FAIL, wrong kek ? 7167xx
Traceback (most recent call last):
  File "iChainbreaker.py", line 271, in <module>
    main()
  File "iChainbreaker.py", line 126, in main
    bresult = keybag.device_key_validation()
  File "/Users/marcellmolnar/keychainstuff/iChainbreaker/keybag.py", line 358, in device_key_validation
    sigcheck = hmac.new(key=hmackey, msg=self.keybag['data'], digestmod=sha1).digest()
  File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/hmac.py", line 136, in new
    return HMAC(key, msg, digestmod)
  File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/hmac.py", line 71, in __init__
    if len(key) > blocksize:
TypeError: object of type 'NoneType' has no len()

Is this because of the T1/T2 chip? Any idea why it interferes with the decryption and the M1 doesn't?

asakaev commented 3 months ago

@molmar Sorry, I haven't tried it with T1/T2 chips — I don't know. There is a hint here: https://github.com/n0fate/iChainbreaker/issues/9#issuecomment-599230679. You can ask @n0fate why it works like that.

n0fate / iChainbreaker

Skip integrity check failure #11