First work on integrating with new CoreTrust bypass

This commit is contained in:
opa334
2023-11-26 17:43:01 +01:00
parent 3d89c079a2
commit e672aaebd5
49 changed files with 5348 additions and 2 deletions
+3 -2
View File
@@ -5,8 +5,9 @@ include $(THEOS)/makefiles/common.mk
TOOL_NAME = trollstorehelper
trollstorehelper_FILES = $(wildcard *.m) $(wildcard ../Shared/*.m)
trollstorehelper_CFLAGS = -fobjc-arc -I../Shared
trollstorehelper_FILES = $(wildcard *.m) $(wildcard ../Shared/*.m) ../Exploits/fastPathSign/src/coretrust_bug.c ../Exploits/fastPathSign/src/adhoc.m
trollstorehelper_CFLAGS = -fobjc-arc -I../Shared $(shell pkg-config --cflags libcrypto) -Iexternal/include -I../Exploits/fastPathSign/src
trollstorehelper_LDFLAGS = -Lexternal/lib -lcrypto -lchoma
trollstorehelper_CODESIGN_FLAGS = -Sentitlements.plist -K../cert.p12
trollstorehelper_INSTALL_PATH = /usr/local/bin
trollstorehelper_LIBRARIES = archive
+11
View File
@@ -0,0 +1,11 @@
#ifndef BASE64_H
#define BASE64_H
#include <stdint.h>
#include <stdlib.h>
char *base64_encode(const unsigned char *data,
size_t input_length,
size_t *output_length);
#endif // BASE64_H
+19
View File
@@ -0,0 +1,19 @@
#ifndef BUFFERED_STREAM_H
#define BUFFERED_STREAM_H
#include "MemoryStream.h"
#include <stdbool.h>
#define BUFFERED_STREAM_FLAG_AUTO_EXPAND (1 << 0)
typedef struct BufferedStreamContext {
uint8_t *buffer;
size_t bufferSize;
uint32_t subBufferStart;
size_t subBufferSize;
} BufferedStreamContext;
MemoryStream *buffered_stream_init_from_buffer_nocopy(void *buffer, size_t bufferSize, uint32_t flags);
MemoryStream *buffered_stream_init_from_buffer(void *buffer, size_t bufferSize, uint32_t flags);
#endif // BUFFERED_STREAM_H
+108
View File
@@ -0,0 +1,108 @@
#ifndef CS_BLOB_H
#define CS_BLOB_H
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <stdbool.h>
#include "FAT.h"
#include "MachO.h"
#include "MemoryStream.h"
// Blob index
typedef struct __BlobIndex {
uint32_t type;
uint32_t offset;
} CS_BlobIndex;
// CMS superblob
typedef struct __SuperBlob {
uint32_t magic;
uint32_t length;
uint32_t count;
CS_BlobIndex index[];
} CS_SuperBlob;
typedef struct __GenericBlob {
uint32_t magic; /* magic number */
uint32_t length; /* total length of blob */
char data[];
} CS_GenericBlob;
// CMS blob magic types
enum {
CSBLOB_REQUIREMENT = 0xfade0c00,
CSBLOB_REQUIREMENTS = 0xfade0c01,
CSBLOB_CODEDIRECTORY = 0xfade0c02,
CSBLOB_EMBEDDED_SIGNATURE = 0xfade0cc0,
CSBLOB_DETACHED_SIGNATURE = 0xfade0cc1,
CSBLOB_ENTITLEMENTS = 0xfade7171,
CSBLOB_DER_ENTITLEMENTS = 0xfade7172,
CSBLOB_SIGNATURE_BLOB = 0xfade0b01
} CS_BlobType;
enum {
CSSLOT_CODEDIRECTORY = 0,
CSSLOT_INFOSLOT = 1,
CSSLOT_REQUIREMENTS = 2,
CSSLOT_RESOURCEDIR = 3,
CSSLOT_APPLICATION = 4,
CSSLOT_ENTITLEMENTS = 5,
CSSLOT_DER_ENTITLEMENTS = 7,
CSSLOT_ALTERNATE_CODEDIRECTORIES = 0x1000,
CSSLOT_ALTERNATE_CODEDIRECTORY_MAX = 5,
CSSLOT_ALTERNATE_CODEDIRECTORY_LIMIT = CSSLOT_ALTERNATE_CODEDIRECTORIES + CSSLOT_ALTERNATE_CODEDIRECTORY_MAX,
CSSLOT_SIGNATURESLOT = 0x10000
} CS_SlotType;
typedef struct s_CS_DecodedBlob {
struct s_CS_DecodedBlob *next;
uint32_t type;
MemoryStream *stream;
} CS_DecodedBlob;
typedef struct s_CS_DecodedSuperBlob {
uint32_t magic;
struct s_CS_DecodedBlob *firstBlob;
} CS_DecodedSuperBlob;
// Convert blob magic to readable blob type string
char *cs_blob_magic_to_string(int magic);
// Extract Code Signature to file
int macho_extract_cs_to_file(MachO *macho, CS_SuperBlob *superblob);
void macho_find_code_signature_bounds(MachO *macho, uint32_t *offsetOut, uint32_t *sizeOut);
CS_SuperBlob *macho_read_code_signature(MachO *macho);
int macho_replace_code_signature(MachO *macho, CS_SuperBlob *superblob);
int update_load_commands(MachO *macho, CS_SuperBlob *superblob, uint64_t originalSize);
CS_DecodedBlob *csd_blob_init(uint32_t type, CS_GenericBlob *blobData);
int csd_blob_read(CS_DecodedBlob *blob, uint64_t offset, size_t size, void *outBuf);
int csd_blob_write(CS_DecodedBlob *blob, uint64_t offset, size_t size, const void *inBuf);
int csd_blob_insert(CS_DecodedBlob *blob, uint64_t offset, size_t size, const void *inBuf);
int csd_blob_delete(CS_DecodedBlob *blob, uint64_t offset, size_t size);
int csd_blob_read_string(CS_DecodedBlob *blob, uint64_t offset, char **outString);
int csd_blob_write_string(CS_DecodedBlob *blob, uint64_t offset, const char *string);
int csd_blob_get_size(CS_DecodedBlob *blob);
uint32_t csd_blob_get_type(CS_DecodedBlob *blob);
void csd_blob_set_type(CS_DecodedBlob *blob, uint32_t type);
void csd_blob_free(CS_DecodedBlob *blob);
CS_DecodedSuperBlob *csd_superblob_decode(CS_SuperBlob *superblob);
CS_SuperBlob *csd_superblob_encode(CS_DecodedSuperBlob *decodedSuperblob);
CS_DecodedBlob *csd_superblob_find_blob(CS_DecodedSuperBlob *superblob, uint32_t type, uint32_t *indexOut);
int csd_superblob_insert_blob_after_blob(CS_DecodedSuperBlob *superblob, CS_DecodedBlob *blobToInsert, CS_DecodedBlob *afterBlob);
int csd_superblob_insert_blob_at_index(CS_DecodedSuperBlob *superblob, CS_DecodedBlob *blobToInsert, uint32_t atIndex);
int csd_superblob_append_blob(CS_DecodedSuperBlob *superblob, CS_DecodedBlob *blobToAppend);
int csd_superblob_remove_blob(CS_DecodedSuperBlob *superblob, CS_DecodedBlob *blobToRemove); // <- Important: When calling this, caller is responsible for freeing blobToRemove
int csd_superblob_remove_blob_at_index(CS_DecodedSuperBlob *superblob, uint32_t atIndex);
int csd_superblob_print_content(CS_DecodedSuperBlob *decodedSuperblob, MachO *macho, bool printAllSlots, bool verifySlots);
void csd_superblob_free(CS_DecodedSuperBlob *decodedSuperblob);
#endif // CS_BLOB_H
+53
View File
@@ -0,0 +1,53 @@
#ifndef CODE_DIRECTORY_H
#define CODE_DIRECTORY_H
#include <stdint.h>
#include <math.h>
#include <CommonCrypto/CommonDigest.h>
#include "MachO.h"
#include "CSBlob.h"
#include "FAT.h"
#include "MachOByteOrder.h"
#include "MachOLoadCommand.h"
#include "MemoryStream.h"
// Code directory blob header
typedef struct __CodeDirectory {
uint32_t magic;
uint32_t length;
uint32_t version;
uint32_t flags;
uint32_t hashOffset;
uint32_t identOffset;
uint32_t nSpecialSlots;
uint32_t nCodeSlots;
uint32_t codeLimit;
uint8_t hashSize;
uint8_t hashType;
uint8_t spare1;
uint8_t pageSize;
uint32_t spare2;
uint32_t scatterOffset;
uint32_t teamOffset;
} CS_CodeDirectory;
enum CS_HashType {
CS_HASHTYPE_SHA160_160 = 1,
CS_HASHTYPE_SHA256_256 = 2,
CS_HASHTYPE_SHA256_160 = 3,
CS_HASHTYPE_SHA384_384 = 4,
};
char *csd_code_directory_copy_identity(CS_DecodedBlob *codeDirBlob, uint32_t *offsetOut);
char *csd_code_directory_copy_team_id(CS_DecodedBlob *codeDirBlob, uint32_t *offsetOut);
int csd_code_directory_set_team_id(CS_DecodedBlob *codeDirBlob, char *newTeamID);
uint32_t csd_code_directory_get_flags(CS_DecodedBlob *codeDirBlob);
void csd_code_directory_set_flags(CS_DecodedBlob *codeDirBlob, uint32_t flags);
uint8_t csd_code_directory_get_hash_type(CS_DecodedBlob *codeDirBlob);
void csd_code_directory_set_hash_type(CS_DecodedBlob *codeDirBlob, uint8_t hashType);
int csd_code_directory_print_content(CS_DecodedBlob *codeDirBlob, MachO *macho, bool printSlots, bool verifySlots);
void csd_code_directory_update(CS_DecodedBlob *codeDirBlob, MachO *macho);
#endif // CODE_DIRECTORY_H
+41
View File
@@ -0,0 +1,41 @@
#ifndef MACHO_H
#define MACHO_H
#include <stdio.h>
#include <libkern/OSByteOrder.h>
#include <mach/mach.h>
#include <mach-o/loader.h>
#include <mach-o/fat.h>
#include <sys/stat.h>
#include "MemoryStream.h"
typedef struct MachO MachO;
// A FAT structure can either represent a FAT file with multiple slices, in which the slices will be loaded into the slices attribute
// Or a single slice MachO, in which case it serves as a compatibility layer and the single slice will also be loaded into the slices attribute
typedef struct FAT
{
MemoryStream *stream;
MachO **slices;
uint32_t slicesCount;
int fileDescriptor;
} FAT;
int fat_read_at_offset(FAT *fat, uint64_t offset, size_t size, void *outBuf);
MemoryStream *fat_get_stream(FAT *fat);
// Initialise a FAT structure from a memory stream
FAT *fat_init_from_memory_stream(MemoryStream *stream);
// Initialise a FAT structure using the path to the file
FAT *fat_init_from_path(const char *filePath);
//FAT *fat_init_from_path_for_writing(const char *filePath);
// Find macho with cputype and cpusubtype in FAT, returns NULL if not found
MachO *fat_find_slice(FAT *fat, cpu_type_t cputype, cpu_subtype_t cpusubtype);
// Free all elements of the FAT structure
void fat_free(FAT *fat);
#endif // MACHO_H
+21
View File
@@ -0,0 +1,21 @@
#ifndef FILE_STREAM_H
#define FILE_STREAM_H
#include "MemoryStream.h"
#define FILE_STREAM_SIZE_AUTO 0
#define FILE_STREAM_FLAG_WRITABLE (1 << 0)
#define FILE_STREAM_FLAG_AUTO_EXPAND (1 << 1)
typedef struct FileStreamContext {
int fd;
size_t fileSize;
uint32_t bufferStart;
size_t bufferSize;
} FileStreamContext;
MemoryStream *file_stream_init_from_file_descriptor_nodup(int fd, uint32_t bufferStart, size_t bufferSize, uint32_t flags);
MemoryStream *file_stream_init_from_file_descriptor(int fd, uint32_t bufferStart, size_t bufferSize, uint32_t flags);
MemoryStream *file_stream_init_from_path(const char *path, uint32_t bufferStart, size_t bufferSize, uint32_t flags);
#endif // FILE_STREAM_H
+10
View File
@@ -0,0 +1,10 @@
#ifndef HOST_H
#define HOST_H
#include "FAT.h"
// Retrieve the preferred MachO slice from a FAT
// Preferred slice as in the slice that the kernel would use when loading the file
MachO *fat_find_preferred_slice(FAT *fat);
#endif // HOST_H
+62
View File
@@ -0,0 +1,62 @@
#ifndef MACHO_SLICE_H
#define MACHO_SLICE_H
#include <stdbool.h>
#include <mach-o/fat.h>
#include <mach-o/loader.h>
#include "MemoryStream.h"
#include "FAT.h"
typedef struct MachOSegment
{
struct segment_command_64 command;
struct section_64 sections[];
} __attribute__((__packed__)) MachOSegment;
typedef struct FilesetMachO {
char *entry_id;
uint64_t vmaddr;
uint64_t fileoff;
FAT *underlyingMachO;
} FilesetMachO;
typedef struct MachO {
MemoryStream *stream;
bool isSupported;
struct mach_header_64 machHeader;
struct fat_arch_64 archDescriptor;
uint32_t filesetCount;
FilesetMachO *filesetMachos;
uint32_t segmentCount;
MachOSegment **segments;
} MachO;
// Read data from a MachO at a specified offset
int macho_read_at_offset(MachO *macho, uint64_t offset, size_t size, void *outBuf);
// Write data from a MachO at a specified offset, auto expands, only works if opened via macho_init_for_writing
int macho_write_at_offset(MachO *macho, uint64_t offset, size_t size, void *inBuf);
MemoryStream *macho_get_stream(MachO *macho);
uint32_t macho_get_filetype(MachO *macho);
// Perform translation between file offsets and virtual addresses
int macho_translate_fileoff_to_vmaddr(MachO *macho, uint64_t fileoff, uint64_t *vmaddrOut, MachOSegment **segmentOut);
int macho_translate_vmaddr_to_fileoff(MachO *macho, uint64_t vmaddr, uint64_t *fileoffOut, MachOSegment **segmentOut);
// Read data from a MachO at a specified virtual address
int macho_read_at_vmaddr(MachO *macho, uint64_t vmaddr, size_t size, void *outBuf);
int macho_enumerate_load_commands(MachO *macho, void (^enumeratorBlock)(struct load_command loadCommand, uint64_t offset, void *cmd, bool *stop));
// Initialise a MachO object from a MemoryStream and it's corresponding FAT arch descriptor
MachO *macho_init(MemoryStream *stream, struct fat_arch_64 archDescriptor);
// Initialize a single slice macho for writing to it
MachO *macho_init_for_writing(const char *filePath);
void macho_free(MachO *macho);
#endif // MACHO_SLICE_H
+164
View File
@@ -0,0 +1,164 @@
#ifndef MACHO_BYTE_ORDER_H
#define MACHO_BYTE_ORDER_H
#include <stdio.h>
#include <stdlib.h>
// 8-bit integers needed for CodeDirectory
#define BIG_TO_HOST(n) _Generic((n), \
int8_t: n, \
uint8_t: n, \
int16_t: OSSwapBigToHostInt16(n), \
uint16_t: OSSwapBigToHostInt16(n), \
int32_t: OSSwapBigToHostInt32(n), \
uint32_t: OSSwapBigToHostInt32(n), \
int64_t: OSSwapBigToHostInt64(n), \
uint64_t: OSSwapBigToHostInt64(n) \
)
#define HOST_TO_BIG(n) _Generic((n), \
int8_t: n, \
uint8_t: n, \
uint16_t: OSSwapHostToBigInt16(n), \
int16_t: OSSwapHostToBigInt16(n), \
int32_t: OSSwapHostToBigInt32(n), \
uint32_t: OSSwapHostToBigInt32(n), \
int64_t: OSSwapHostToBigInt64(n), \
uint64_t: OSSwapHostToBigInt64(n) \
)
#define LITTLE_TO_HOST(n) _Generic((n), \
int8_t: n, \
uint8_t: n, \
int16_t: OSSwapLittleToHostInt16(n), \
uint16_t: OSSwapLittleToHostInt16(n), \
int32_t: OSSwapLittleToHostInt32(n), \
uint32_t: OSSwapLittleToHostInt32(n), \
int64_t: OSSwapLittleToHostInt64(n), \
uint64_t: OSSwapLittleToHostInt64(n) \
)
#define HOST_TO_LITTLE(n) _Generic((n), \
int8_t: n, \
uint8_t: n, \
int16_t: OSSwapHostToLittleInt16(n), \
uint16_t: OSSwapHostToLittleInt16(n), \
int32_t: OSSwapHostToLittleInt32(n), \
uint32_t: OSSwapHostToLittleInt32(n), \
int64_t: OSSwapHostToLittleInt64(n), \
uint64_t: OSSwapHostToLittleInt64(n) \
)
#define HOST_TO_LITTLE_APPLIER(instance, member) \
(instance)->member = HOST_TO_LITTLE((instance)->member)
#define HOST_TO_BIG_APPLIER(instance, member) \
(instance)->member = HOST_TO_BIG((instance)->member)
#define LITTLE_TO_HOST_APPLIER(instance, member) \
(instance)->member = LITTLE_TO_HOST((instance)->member)
#define BIG_TO_HOST_APPLIER(instance, member) \
(instance)->member = BIG_TO_HOST((instance)->member)
#define FAT_HEADER_APPLY_BYTE_ORDER(fh, applier) \
applier(fh, magic); \
applier(fh, nfat_arch);
#define FAT_ARCH_APPLY_BYTE_ORDER(arch, applier) \
applier(arch, cputype); \
applier(arch, cpusubtype); \
applier(arch, offset); \
applier(arch, size); \
applier(arch, align); \
#define FAT_ARCH_64_APPLY_BYTE_ORDER(arch, applier) \
applier(arch, cputype); \
applier(arch, cpusubtype); \
applier(arch, offset); \
applier(arch, size); \
applier(arch, align); \
applier(arch, reserved); \
#define MACH_HEADER_APPLY_BYTE_ORDER(mh, applier) \
applier(mh, magic); \
applier(mh, cputype); \
applier(mh, cpusubtype); \
applier(mh, filetype); \
applier(mh, ncmds); \
applier(mh, sizeofcmds); \
applier(mh, reserved);
#define LOAD_COMMAND_APPLY_BYTE_ORDER(lc, applier) \
applier(lc, cmd); \
applier(lc, cmdsize);
#define LINKEDIT_DATA_COMMAND_APPLY_BYTE_ORDER(lc, applier) \
applier(lc, cmd); \
applier(lc, cmdsize); \
applier(lc, dataoff); \
applier(lc, datasize);
#define BLOB_INDEX_APPLY_BYTE_ORDER(bi, applier) \
applier(bi, type); \
applier(bi, offset);
#define SUPERBLOB_APPLY_BYTE_ORDER(sb, applier) \
applier(sb, magic); \
applier(sb, length); \
applier(sb, count);
#define GENERIC_BLOB_APPLY_BYTE_ORDER(gb, applier) \
applier(gb, magic); \
applier(gb, length);
#define CODE_DIRECTORY_APPLY_BYTE_ORDER(cd, applier) \
applier(cd, magic); \
applier(cd, length); \
applier(cd, version); \
applier(cd, flags); \
applier(cd, hashOffset); \
applier(cd, identOffset); \
applier(cd, nSpecialSlots); \
applier(cd, nCodeSlots); \
applier(cd, codeLimit); \
applier(cd, hashSize); \
applier(cd, hashType); \
applier(cd, spare1); \
applier(cd, pageSize); \
applier(cd, spare2); \
applier(cd, scatterOffset); \
applier(cd, teamOffset);
#define SEGMENT_COMMAND_64_APPLY_BYTE_ORDER(sc64, applier) \
applier(sc64, cmd); \
applier(sc64, cmdsize); \
applier(sc64, fileoff); \
applier(sc64, filesize); \
applier(sc64, vmaddr); \
applier(sc64, vmsize); \
applier(sc64, flags); \
applier(sc64, initprot); \
applier(sc64, maxprot); \
applier(sc64, nsects);
#define SECTION_64_APPLY_BYTE_ORDER(sc64, applier) \
applier(sc64, addr); \
applier(sc64, align); \
applier(sc64, flags); \
applier(sc64, nreloc); \
applier(sc64, offset); \
applier(sc64, reserved1); \
applier(sc64, reserved2); \
applier(sc64, reserved3); \
applier(sc64, size);
#define FILESET_ENTRY_COMMAND_APPLY_BYTE_ORDER(fse, applier) \
applier(fse, cmd); \
applier(fse, cmdsize); \
applier(fse, vmaddr); \
applier(fse, fileoff); \
applier(fse, entry_id.offset); \
applier(fse, reserved); \
#endif // MACHO_BYTE_ORDER_H
+16
View File
@@ -0,0 +1,16 @@
#ifndef MACHO_LOAD_COMMAND_H
#define MACHO_LOAD_COMMAND_H
#include <mach-o/loader.h>
#include "MachO.h"
#include "CSBlob.h"
#include "FileStream.h"
#include "MachOByteOrder.h"
// Convert load command to load command name
char *load_command_to_string(int loadCommand);
void update_segment_command_64(MachO *macho, const char *segmentName, uint64_t vmaddr, uint64_t vmsize, uint64_t fileoff, uint64_t filesize);
void update_lc_code_signature(MachO *macho, uint64_t size);
int update_load_commands_for_coretrust_bypass(MachO *macho, CS_SuperBlob *superblob, uint64_t originalCodeSignatureSize, uint64_t originalMachOSize);
#endif // MACHO_LOAD_COMMAND_H
+60
View File
@@ -0,0 +1,60 @@
#ifndef MEMORY_STREAM_H
#define MEMORY_STREAM_H
#include <stdio.h>
#include <stdlib.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <string.h>
#include <unistd.h>
#include <stdbool.h>
#define MEMORY_STREAM_FLAG_OWNS_DATA (1 << 0)
#define MEMORY_STREAM_FLAG_MUTABLE (1 << 1)
#define MEMORY_STREAM_FLAG_AUTO_EXPAND (1 << 2)
#define MEMORY_STREAM_SIZE_INVALID (size_t)-1
// A generic memory IO interface that is used throughout this project
// Can be backed by anything, just the functions have to be implemented
typedef struct s_MemoryStream {
void *context;
uint32_t flags;
int (*read)(struct s_MemoryStream *stream, uint64_t offset, size_t size, void *outBuf);
int (*write)(struct s_MemoryStream *stream, uint64_t offset, size_t size, const void *inBuf);
int (*getSize)(struct s_MemoryStream *stream, size_t *sizeOut);
uint8_t *(*getRawPtr)(struct s_MemoryStream *stream);
int (*trim)(struct s_MemoryStream *stream, size_t trimAtStart, size_t trimAtEnd);
int (*expand)(struct s_MemoryStream *stream, size_t expandAtStart, size_t expandAtEnd);
struct s_MemoryStream *(*hardclone)(struct s_MemoryStream *stream);
struct s_MemoryStream *(*softclone)(struct s_MemoryStream *stream);
void (*free)(struct s_MemoryStream *stream);
} MemoryStream;
int memory_stream_read(MemoryStream *stream, uint64_t offset, size_t size, void *outBuf);
int memory_stream_write(MemoryStream *stream, uint64_t offset, size_t size, const void *inBuf);
int memory_stream_insert(MemoryStream *stream, uint64_t offset, size_t size, const void *inBuf);
int memory_stream_delete(MemoryStream *stream, uint64_t offset, size_t size);
int memory_stream_read_string(MemoryStream *stream, uint64_t offset, char **outString);
int memory_stream_write_string(MemoryStream *stream, uint64_t offset, const char *string);
size_t memory_stream_get_size(MemoryStream *stream);
uint8_t *memory_stream_get_raw_pointer(MemoryStream *stream);
uint32_t memory_stream_get_flags(MemoryStream *stream);
MemoryStream *memory_stream_softclone(MemoryStream *stream);
MemoryStream *memory_stream_hardclone(MemoryStream *stream);
int memory_stream_trim(MemoryStream *stream, size_t trimAtStart, size_t trimAtEnd);
int memory_stream_expand(MemoryStream *stream, size_t expandAtStart, size_t expandAtEnd);
void memory_stream_free(MemoryStream *stream);
int memory_stream_copy_data(MemoryStream *originStream, uint64_t originOffset, MemoryStream *targetStream, uint64_t targetOffset, size_t size);
int memory_stream_find_memory(MemoryStream *stream, uint64_t searchOffset, size_t searchSize, void *bytes, void *mask, size_t nbytes, uint16_t alignment, uint64_t *foundOffsetOut);
#endif // MEMORY_STREAM_H
+44
View File
@@ -0,0 +1,44 @@
#include <stdint.h>
#include "MachO.h"
#define METRIC_TYPE_PATTERN 1
#define METRIC_TYPE_STRING_XREF 2
#define METRIC_TYPE_FUNCTION_XREF 3
typedef struct PFSection {
uint64_t fileoff;
uint64_t vmaddr;
uint64_t size;
uint8_t *cache;
bool ownsCache;
} PFSection;
PFSection *macho_patchfinder_create_section(MachO *macho, const char *filesetEntryId, const char *segName, const char *sectName);
int macho_patchfinder_cache_section(PFSection *section, MachO *fromMacho);
void macho_patchfinder_section_free(PFSection *section);
typedef struct MetricShared {
uint32_t type;
PFSection *section;
} MetricShared;
typedef enum {
BYTE_PATTERN_ALIGN_8_BIT,
BYTE_PATTERN_ALIGN_16_BIT,
BYTE_PATTERN_ALIGN_32_BIT,
BYTE_PATTERN_ALIGN_64_BIT,
} BytePatternAlignment;
typedef struct BytePatternMetric {
MetricShared shared;
void *bytes;
void *mask;
size_t nbytes;
BytePatternAlignment alignment;
} BytePatternMetric;
BytePatternMetric *macho_patchfinder_create_byte_pattern_metric(PFSection *section, void *bytes, void *mask, size_t nbytes, BytePatternAlignment alignment);
void macho_patchfinder_run_metric(MachO *macho, void *metric, void (^matchBlock)(uint64_t vmaddr, bool *stop));
+145
View File
@@ -0,0 +1,145 @@
unsigned char ca_key[] = {
0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x50,
0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4b, 0x45, 0x59, 0x2d, 0x2d,
0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x49, 0x49, 0x45, 0x76, 0x51, 0x49, 0x42,
0x41, 0x44, 0x41, 0x4e, 0x42, 0x67, 0x6b, 0x71, 0x68, 0x6b, 0x69, 0x47,
0x39, 0x77, 0x30, 0x42, 0x41, 0x51, 0x45, 0x46, 0x41, 0x41, 0x53, 0x43,
0x42, 0x4b, 0x63, 0x77, 0x67, 0x67, 0x53, 0x6a, 0x41, 0x67, 0x45, 0x41,
0x41, 0x6f, 0x49, 0x42, 0x41, 0x51, 0x43, 0x78, 0x72, 0x46, 0x54, 0x32,
0x5a, 0x2f, 0x5a, 0x31, 0x47, 0x76, 0x32, 0x55, 0x0a, 0x43, 0x58, 0x53,
0x2f, 0x62, 0x61, 0x61, 0x6c, 0x57, 0x63, 0x52, 0x62, 0x4d, 0x43, 0x39,
0x69, 0x49, 0x62, 0x4b, 0x6a, 0x7a, 0x51, 0x7a, 0x67, 0x41, 0x72, 0x70,
0x67, 0x55, 0x2b, 0x56, 0x30, 0x42, 0x64, 0x58, 0x30, 0x48, 0x32, 0x48,
0x6e, 0x56, 0x52, 0x61, 0x45, 0x33, 0x65, 0x7a, 0x4c, 0x7a, 0x72, 0x70,
0x59, 0x4c, 0x77, 0x65, 0x6e, 0x31, 0x79, 0x66, 0x39, 0x5a, 0x4f, 0x71,
0x73, 0x0a, 0x77, 0x2b, 0x65, 0x67, 0x59, 0x34, 0x5a, 0x54, 0x50, 0x74,
0x77, 0x50, 0x39, 0x4d, 0x6d, 0x70, 0x6c, 0x4c, 0x43, 0x75, 0x6f, 0x59,
0x41, 0x69, 0x6f, 0x6c, 0x72, 0x69, 0x77, 0x31, 0x32, 0x63, 0x70, 0x6b,
0x44, 0x6c, 0x62, 0x70, 0x55, 0x4a, 0x61, 0x68, 0x38, 0x59, 0x31, 0x56,
0x67, 0x45, 0x37, 0x6a, 0x4a, 0x47, 0x64, 0x61, 0x5a, 0x76, 0x48, 0x48,
0x4f, 0x37, 0x71, 0x44, 0x64, 0x50, 0x0a, 0x38, 0x48, 0x54, 0x50, 0x46,
0x65, 0x36, 0x48, 0x71, 0x50, 0x75, 0x43, 0x37, 0x5a, 0x6a, 0x50, 0x39,
0x4e, 0x6e, 0x45, 0x64, 0x50, 0x56, 0x4c, 0x48, 0x30, 0x4b, 0x6d, 0x6c,
0x2f, 0x54, 0x64, 0x49, 0x71, 0x34, 0x61, 0x71, 0x34, 0x30, 0x73, 0x4f,
0x78, 0x75, 0x32, 0x56, 0x36, 0x72, 0x78, 0x4c, 0x68, 0x7a, 0x44, 0x72,
0x52, 0x56, 0x76, 0x35, 0x4b, 0x43, 0x7a, 0x4c, 0x43, 0x44, 0x4c, 0x0a,
0x47, 0x64, 0x36, 0x51, 0x72, 0x6c, 0x4f, 0x68, 0x51, 0x33, 0x77, 0x69,
0x68, 0x79, 0x2b, 0x54, 0x2b, 0x69, 0x4d, 0x68, 0x4a, 0x75, 0x76, 0x54,
0x41, 0x46, 0x51, 0x6b, 0x72, 0x69, 0x66, 0x78, 0x33, 0x34, 0x67, 0x50,
0x64, 0x61, 0x6a, 0x68, 0x41, 0x6b, 0x49, 0x55, 0x56, 0x36, 0x49, 0x59,
0x54, 0x36, 0x48, 0x54, 0x33, 0x4a, 0x47, 0x64, 0x57, 0x71, 0x68, 0x39,
0x53, 0x71, 0x32, 0x44, 0x0a, 0x54, 0x73, 0x79, 0x75, 0x72, 0x36, 0x6d,
0x5a, 0x72, 0x75, 0x33, 0x73, 0x32, 0x70, 0x32, 0x78, 0x2b, 0x31, 0x65,
0x79, 0x57, 0x63, 0x63, 0x67, 0x41, 0x39, 0x34, 0x57, 0x58, 0x2f, 0x41,
0x57, 0x38, 0x72, 0x37, 0x56, 0x36, 0x47, 0x51, 0x4e, 0x4b, 0x78, 0x75,
0x61, 0x38, 0x6f, 0x39, 0x75, 0x74, 0x69, 0x51, 0x4c, 0x30, 0x78, 0x79,
0x56, 0x37, 0x79, 0x74, 0x2f, 0x30, 0x72, 0x69, 0x42, 0x0a, 0x67, 0x51,
0x64, 0x57, 0x71, 0x77, 0x65, 0x35, 0x41, 0x67, 0x4d, 0x42, 0x41, 0x41,
0x45, 0x43, 0x67, 0x67, 0x45, 0x41, 0x42, 0x64, 0x55, 0x78, 0x2f, 0x74,
0x72, 0x66, 0x34, 0x4f, 0x31, 0x50, 0x61, 0x4e, 0x59, 0x38, 0x6f, 0x6e,
0x49, 0x76, 0x6c, 0x39, 0x73, 0x51, 0x45, 0x71, 0x78, 0x4d, 0x79, 0x65,
0x78, 0x77, 0x53, 0x47, 0x64, 0x5a, 0x5a, 0x6c, 0x74, 0x41, 0x6b, 0x68,
0x76, 0x2b, 0x0a, 0x2b, 0x75, 0x57, 0x63, 0x4a, 0x67, 0x55, 0x48, 0x75,
0x6b, 0x66, 0x31, 0x55, 0x73, 0x78, 0x55, 0x55, 0x30, 0x61, 0x49, 0x6f,
0x49, 0x39, 0x2b, 0x73, 0x56, 0x68, 0x6a, 0x5a, 0x44, 0x4b, 0x31, 0x62,
0x35, 0x47, 0x49, 0x33, 0x35, 0x2b, 0x55, 0x7a, 0x39, 0x50, 0x4f, 0x39,
0x71, 0x6b, 0x6a, 0x47, 0x37, 0x47, 0x5a, 0x63, 0x55, 0x6f, 0x31, 0x41,
0x69, 0x34, 0x52, 0x54, 0x4d, 0x4e, 0x38, 0x0a, 0x4a, 0x63, 0x48, 0x68,
0x66, 0x49, 0x61, 0x36, 0x56, 0x74, 0x4a, 0x49, 0x6a, 0x68, 0x43, 0x6d,
0x38, 0x4a, 0x5a, 0x2f, 0x53, 0x51, 0x66, 0x67, 0x76, 0x47, 0x49, 0x54,
0x50, 0x4a, 0x52, 0x6a, 0x71, 0x48, 0x69, 0x73, 0x35, 0x51, 0x57, 0x44,
0x7a, 0x4b, 0x6c, 0x55, 0x42, 0x48, 0x4c, 0x58, 0x59, 0x76, 0x42, 0x58,
0x57, 0x39, 0x63, 0x35, 0x48, 0x45, 0x75, 0x38, 0x37, 0x4f, 0x6f, 0x66,
0x0a, 0x48, 0x79, 0x56, 0x6b, 0x52, 0x43, 0x36, 0x66, 0x39, 0x45, 0x37,
0x38, 0x75, 0x4d, 0x69, 0x51, 0x4c, 0x51, 0x6b, 0x76, 0x67, 0x45, 0x49,
0x74, 0x52, 0x36, 0x67, 0x30, 0x73, 0x6e, 0x53, 0x37, 0x36, 0x44, 0x71,
0x47, 0x6c, 0x78, 0x75, 0x2f, 0x47, 0x52, 0x42, 0x47, 0x50, 0x54, 0x54,
0x44, 0x45, 0x51, 0x33, 0x4e, 0x59, 0x39, 0x4b, 0x62, 0x70, 0x4f, 0x66,
0x30, 0x33, 0x36, 0x67, 0x58, 0x0a, 0x62, 0x66, 0x7a, 0x74, 0x66, 0x63,
0x67, 0x54, 0x2b, 0x6d, 0x35, 0x50, 0x41, 0x54, 0x4c, 0x39, 0x38, 0x6c,
0x6f, 0x58, 0x4e, 0x67, 0x4f, 0x34, 0x69, 0x4b, 0x76, 0x71, 0x47, 0x79,
0x4b, 0x77, 0x39, 0x46, 0x53, 0x4f, 0x44, 0x31, 0x53, 0x75, 0x48, 0x72,
0x56, 0x49, 0x6e, 0x7a, 0x49, 0x36, 0x59, 0x63, 0x37, 0x5a, 0x68, 0x4d,
0x64, 0x2f, 0x52, 0x74, 0x4f, 0x38, 0x37, 0x79, 0x45, 0x78, 0x0a, 0x2b,
0x48, 0x68, 0x6a, 0x67, 0x66, 0x7a, 0x74, 0x6b, 0x4d, 0x39, 0x62, 0x41,
0x30, 0x58, 0x4a, 0x5a, 0x43, 0x7a, 0x46, 0x34, 0x54, 0x41, 0x71, 0x6a,
0x55, 0x51, 0x31, 0x6e, 0x4a, 0x61, 0x33, 0x33, 0x59, 0x31, 0x39, 0x55,
0x38, 0x38, 0x41, 0x77, 0x51, 0x4b, 0x42, 0x67, 0x51, 0x44, 0x6e, 0x75,
0x37, 0x48, 0x73, 0x58, 0x37, 0x50, 0x64, 0x75, 0x2b, 0x4e, 0x33, 0x4d,
0x71, 0x46, 0x65, 0x0a, 0x75, 0x6c, 0x62, 0x58, 0x44, 0x58, 0x65, 0x34,
0x64, 0x55, 0x55, 0x67, 0x6c, 0x33, 0x64, 0x43, 0x53, 0x58, 0x58, 0x74,
0x4e, 0x71, 0x6b, 0x57, 0x66, 0x7a, 0x6e, 0x54, 0x6c, 0x62, 0x31, 0x74,
0x79, 0x52, 0x2b, 0x62, 0x55, 0x6b, 0x51, 0x49, 0x34, 0x6d, 0x5a, 0x51,
0x77, 0x67, 0x6b, 0x67, 0x52, 0x4b, 0x64, 0x41, 0x31, 0x65, 0x59, 0x52,
0x53, 0x5a, 0x47, 0x4b, 0x4d, 0x65, 0x75, 0x74, 0x0a, 0x77, 0x6f, 0x56,
0x62, 0x62, 0x64, 0x42, 0x45, 0x4e, 0x69, 0x77, 0x69, 0x39, 0x32, 0x52,
0x38, 0x67, 0x71, 0x65, 0x78, 0x32, 0x48, 0x52, 0x56, 0x4b, 0x52, 0x6f,
0x36, 0x53, 0x66, 0x75, 0x4c, 0x49, 0x46, 0x59, 0x4f, 0x6c, 0x35, 0x4f,
0x58, 0x2f, 0x61, 0x51, 0x4a, 0x55, 0x72, 0x34, 0x49, 0x45, 0x46, 0x6d,
0x69, 0x51, 0x2f, 0x30, 0x59, 0x32, 0x2b, 0x39, 0x47, 0x36, 0x36, 0x71,
0x79, 0x0a, 0x77, 0x46, 0x63, 0x34, 0x6f, 0x54, 0x39, 0x64, 0x2b, 0x65,
0x63, 0x50, 0x4c, 0x67, 0x43, 0x46, 0x54, 0x51, 0x36, 0x64, 0x79, 0x46,
0x59, 0x2f, 0x6b, 0x51, 0x4b, 0x42, 0x67, 0x51, 0x44, 0x45, 0x52, 0x32,
0x56, 0x49, 0x38, 0x7a, 0x4f, 0x6a, 0x62, 0x64, 0x6e, 0x41, 0x52, 0x41,
0x55, 0x77, 0x31, 0x65, 0x49, 0x59, 0x67, 0x4f, 0x47, 0x58, 0x69, 0x6b,
0x30, 0x65, 0x6c, 0x45, 0x37, 0x4c, 0x0a, 0x65, 0x52, 0x54, 0x53, 0x77,
0x59, 0x37, 0x78, 0x41, 0x51, 0x69, 0x36, 0x34, 0x46, 0x45, 0x53, 0x62,
0x59, 0x59, 0x73, 0x38, 0x6d, 0x64, 0x78, 0x45, 0x56, 0x37, 0x58, 0x38,
0x52, 0x4e, 0x77, 0x66, 0x70, 0x67, 0x51, 0x70, 0x50, 0x39, 0x6f, 0x70,
0x6e, 0x55, 0x2f, 0x57, 0x5a, 0x5a, 0x62, 0x47, 0x55, 0x66, 0x71, 0x34,
0x71, 0x4b, 0x69, 0x36, 0x47, 0x68, 0x51, 0x37, 0x4d, 0x6d, 0x51, 0x0a,
0x66, 0x4b, 0x4c, 0x47, 0x58, 0x71, 0x35, 0x57, 0x48, 0x6d, 0x36, 0x57,
0x4d, 0x48, 0x76, 0x45, 0x7a, 0x6f, 0x6f, 0x4f, 0x35, 0x35, 0x75, 0x6a,
0x77, 0x78, 0x2b, 0x71, 0x69, 0x69, 0x56, 0x2b, 0x5a, 0x38, 0x52, 0x38,
0x49, 0x59, 0x73, 0x30, 0x6e, 0x62, 0x4d, 0x54, 0x6e, 0x51, 0x70, 0x45,
0x55, 0x72, 0x73, 0x2f, 0x4d, 0x41, 0x65, 0x36, 0x5a, 0x4c, 0x73, 0x7a,
0x50, 0x36, 0x4c, 0x6f, 0x0a, 0x67, 0x69, 0x6d, 0x62, 0x55, 0x51, 0x4f,
0x42, 0x71, 0x51, 0x4b, 0x42, 0x67, 0x51, 0x43, 0x68, 0x78, 0x31, 0x61,
0x53, 0x6c, 0x38, 0x6d, 0x68, 0x58, 0x6a, 0x2b, 0x53, 0x41, 0x73, 0x58,
0x48, 0x74, 0x54, 0x31, 0x56, 0x43, 0x33, 0x44, 0x75, 0x56, 0x4f, 0x68,
0x36, 0x74, 0x57, 0x4f, 0x72, 0x34, 0x6b, 0x38, 0x79, 0x32, 0x54, 0x73,
0x34, 0x6d, 0x6e, 0x2b, 0x4c, 0x61, 0x48, 0x6d, 0x44, 0x0a, 0x77, 0x4b,
0x71, 0x52, 0x4b, 0x2b, 0x43, 0x56, 0x64, 0x30, 0x46, 0x49, 0x31, 0x66,
0x32, 0x37, 0x43, 0x6c, 0x4c, 0x64, 0x6e, 0x37, 0x62, 0x72, 0x6b, 0x4c,
0x6e, 0x4c, 0x69, 0x63, 0x68, 0x6f, 0x57, 0x57, 0x6e, 0x79, 0x68, 0x33,
0x71, 0x6a, 0x64, 0x46, 0x4a, 0x68, 0x34, 0x75, 0x62, 0x44, 0x53, 0x67,
0x2b, 0x36, 0x79, 0x45, 0x75, 0x47, 0x2f, 0x4a, 0x66, 0x7a, 0x34, 0x35,
0x78, 0x35, 0x0a, 0x35, 0x34, 0x78, 0x4d, 0x79, 0x61, 0x4e, 0x66, 0x73,
0x39, 0x4b, 0x6d, 0x4d, 0x35, 0x36, 0x35, 0x55, 0x48, 0x6a, 0x54, 0x49,
0x4c, 0x58, 0x38, 0x65, 0x65, 0x62, 0x56, 0x55, 0x30, 0x65, 0x72, 0x58,
0x54, 0x35, 0x48, 0x4b, 0x63, 0x4e, 0x73, 0x58, 0x7a, 0x2f, 0x68, 0x53,
0x42, 0x4e, 0x53, 0x2f, 0x4a, 0x58, 0x63, 0x72, 0x33, 0x55, 0x50, 0x45,
0x51, 0x4b, 0x42, 0x67, 0x44, 0x6d, 0x30, 0x0a, 0x30, 0x2b, 0x35, 0x79,
0x73, 0x6b, 0x66, 0x6d, 0x55, 0x42, 0x4c, 0x61, 0x37, 0x4c, 0x76, 0x43,
0x35, 0x6b, 0x70, 0x56, 0x2b, 0x66, 0x31, 0x58, 0x78, 0x2f, 0x79, 0x70,
0x6c, 0x64, 0x44, 0x30, 0x74, 0x45, 0x36, 0x53, 0x59, 0x62, 0x67, 0x78,
0x6d, 0x61, 0x4e, 0x33, 0x74, 0x39, 0x34, 0x33, 0x48, 0x53, 0x2b, 0x78,
0x78, 0x50, 0x2f, 0x56, 0x48, 0x35, 0x46, 0x56, 0x61, 0x32, 0x57, 0x7a,
0x0a, 0x6b, 0x6e, 0x6d, 0x79, 0x53, 0x50, 0x55, 0x33, 0x6d, 0x31, 0x6b,
0x59, 0x75, 0x62, 0x2f, 0x6d, 0x32, 0x75, 0x49, 0x50, 0x35, 0x38, 0x6b,
0x46, 0x6b, 0x30, 0x58, 0x58, 0x6d, 0x42, 0x74, 0x47, 0x79, 0x59, 0x53,
0x51, 0x36, 0x61, 0x69, 0x67, 0x49, 0x64, 0x73, 0x2b, 0x50, 0x65, 0x56,
0x4b, 0x35, 0x41, 0x51, 0x6c, 0x79, 0x2f, 0x69, 0x46, 0x73, 0x5a, 0x57,
0x75, 0x4c, 0x2f, 0x2f, 0x4e, 0x0a, 0x2b, 0x6c, 0x4b, 0x55, 0x65, 0x68,
0x7a, 0x71, 0x45, 0x48, 0x41, 0x2f, 0x78, 0x33, 0x6a, 0x32, 0x36, 0x64,
0x35, 0x56, 0x2f, 0x4b, 0x2b, 0x73, 0x56, 0x65, 0x31, 0x6e, 0x56, 0x44,
0x6f, 0x50, 0x71, 0x72, 0x50, 0x6a, 0x53, 0x61, 0x69, 0x68, 0x41, 0x6f,
0x47, 0x41, 0x46, 0x6e, 0x47, 0x6c, 0x6f, 0x68, 0x45, 0x53, 0x54, 0x35,
0x36, 0x54, 0x6f, 0x44, 0x35, 0x74, 0x4d, 0x34, 0x73, 0x77, 0x0a, 0x30,
0x4e, 0x5a, 0x73, 0x49, 0x4c, 0x35, 0x35, 0x4f, 0x68, 0x58, 0x6e, 0x75,
0x69, 0x50, 0x32, 0x69, 0x65, 0x78, 0x33, 0x47, 0x65, 0x78, 0x2f, 0x4e,
0x7a, 0x61, 0x48, 0x49, 0x42, 0x4c, 0x76, 0x33, 0x42, 0x55, 0x30, 0x77,
0x35, 0x4d, 0x50, 0x71, 0x4f, 0x49, 0x65, 0x44, 0x37, 0x31, 0x56, 0x6d,
0x6b, 0x49, 0x77, 0x6b, 0x2b, 0x2b, 0x68, 0x76, 0x44, 0x57, 0x57, 0x2b,
0x35, 0x56, 0x4a, 0x0a, 0x49, 0x50, 0x74, 0x75, 0x6f, 0x51, 0x34, 0x6e,
0x69, 0x30, 0x66, 0x61, 0x35, 0x62, 0x63, 0x6a, 0x32, 0x6d, 0x35, 0x66,
0x78, 0x66, 0x6a, 0x48, 0x37, 0x4b, 0x52, 0x5a, 0x63, 0x52, 0x35, 0x68,
0x2f, 0x61, 0x73, 0x66, 0x31, 0x72, 0x54, 0x33, 0x66, 0x73, 0x4b, 0x48,
0x61, 0x48, 0x37, 0x61, 0x71, 0x6a, 0x53, 0x6b, 0x79, 0x36, 0x30, 0x50,
0x72, 0x47, 0x46, 0x77, 0x68, 0x4a, 0x2b, 0x46, 0x0a, 0x47, 0x67, 0x4c,
0x37, 0x41, 0x54, 0x62, 0x4c, 0x48, 0x70, 0x53, 0x74, 0x6c, 0x67, 0x6b,
0x77, 0x4e, 0x70, 0x69, 0x59, 0x6d, 0x31, 0x67, 0x3d, 0x0a, 0x2d, 0x2d,
0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x50, 0x52, 0x49, 0x56, 0x41,
0x54, 0x45, 0x20, 0x4b, 0x45, 0x59, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a
};
unsigned int ca_key_len = 1704;
+16
View File
@@ -0,0 +1,16 @@
#ifndef SIGN_OSSL_H
#define SIGN_OSSL_H
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include <openssl/sha.h>
#include <openssl/err.h>
unsigned char *signWithRSA(unsigned char *inputData, size_t inputDataLength, size_t *outputDataLength);
#endif // SIGN_OSSL_H
// 0xA422
+12
View File
@@ -0,0 +1,12 @@
#ifndef SIGNING_H
#define SIGNING_H
#include <stdio.h>
#include <stdlib.h>
#include <CommonCrypto/CommonCrypto.h>
#include <Security/SecKey.h>
#include <Security/Security.h>
// int signWithRSA(const char *certificateFile, const char *inputFile, const char *outputFile);
#endif // SIGNING_H
+6
View File
@@ -0,0 +1,6 @@
#include <stdint.h>
#include <stdlib.h>
uint64_t align_to_size(int size, int alignment);
int count_digits(int64_t num);
void print_hash(uint8_t *hash, size_t size);
Binary file not shown.
Binary file not shown.
+2
View File
@@ -10,6 +10,8 @@
#import <sys/utsname.h>
#import <mach-o/loader.h>
#import <mach-o/fat.h>
#import "adhoc.h"
#import "coretrust_bug.h"
#import <SpringBoardServices/SpringBoardServices.h>
#import <Security/Security.h>