feat: add ability to ipsw mount encrypted DMGs with --key flag OR --lookup them from TheAppleWiki 🇦🇷

blacktop · blacktop · commit 69f5d5c94738 · 2025-02-26T21:44:54.000-07:00
diff --git a/api/server/routes/mount/mount.go b/api/server/routes/mount/mount.go
@@ -74,7 +74,7 @@ func AddRoutes(rg *gin.RouterGroup, pemDB string) {
 			c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": "invalid dmg type: must be app, sys, or fs"})
 			return
 		}
-		ctx, err := mount.DmgInIPSW(ipswPath, dmgType, pemDbPath)
+		ctx, err := mount.DmgInIPSW(ipswPath, dmgType, pemDbPath, nil)
 		if err != nil {
 			if errors.Unwrap(err) == info.ErrorCryptexNotFound {
 				c.AbortWithError(http.StatusNotFound, err)
diff --git a/cmd/ipsw/cmd/mount.go b/cmd/ipsw/cmd/mount.go
@@ -26,17 +26,22 @@ import (
 	"os"
 	"os/signal"
 	"path/filepath"
+	"regexp"
+	"strings"
 	"syscall"
 
 	"github.com/apex/log"
 	"github.com/blacktop/ipsw/internal/commands/mount"
+	"github.com/blacktop/ipsw/internal/download"
 	"github.com/blacktop/ipsw/internal/utils"
 	"github.com/spf13/cobra"
 )
 
 func init() {
 	rootCmd.AddCommand(mountCmd)
 
+	mountCmd.Flags().StringP("key", "k", "", "DMG key")
+	mountCmd.Flags().Bool("lookup", false, "Lookup DMG keys on theapplewiki.com")
 	mountCmd.Flags().String("pem-db", "", "AEA pem DB JSON file")
 }
 
@@ -54,15 +59,60 @@ var mountCmd = &cobra.Command{
 		}
 		return []string{"ipsw"}, cobra.ShellCompDirectiveFilterFileExt
 	},
-	RunE: func(cmd *cobra.Command, args []string) error {
-
+	RunE: func(cmd *cobra.Command, args []string) (err error) {
+		// set log level
 		if Verbose {
 			log.SetLevel(log.DebugLevel)
 		}
 
+		// flags
+		key, _ := cmd.Flags().GetString("key")
+		lookupKeys, _ := cmd.Flags().GetBool("lookup")
 		pemDB, _ := cmd.Flags().GetString("pem-db")
+		// validate flags
+		if len(key) > 0 && lookupKeys {
+			return fmt.Errorf("cannot use --key AND --lookup flags together")
+		}
+
+		var keys any
+		if lookupKeys {
+			var (
+				device  string
+				version string
+				build   string
+			)
+			re := regexp.MustCompile(`^.*/(?P<device>.+)_(?P<version>.+)_(?P<build>.+)_(?i)Restore\.ipsw$`)
+			if re.MatchString(args[1]) {
+				matches := re.FindStringSubmatch(args[1])
+				if len(matches) < 4 {
+					return fmt.Errorf("failed to parse IPSW filename: %s", args[1])
+				}
+				device = matches[1]
+				version = matches[2]
+				build = matches[3]
+			} else {
+				return fmt.Errorf("failed to parse IPSW filename: %s", args[1])
+			}
+			if device == "" || build == "" {
+				return fmt.Errorf("device or build information is missing from IPSW filename (required for key lookup)")
+			}
+			log.Info("Downloading Keys...")
+			wikiKeys, err := download.GetWikiFirmwareKeys(&download.WikiConfig{
+				Keys:    true,
+				Device:  strings.Replace(device, "ip", "iP", 1),
+				Version: version,
+				Build:   strings.ToUpper(build),
+				// Beta:    viper.GetBool("download.key.beta"),
+			}, "", false)
+			if err != nil {
+				return fmt.Errorf("failed querying theapplewiki.com: %v", err)
+			}
+			keys = wikiKeys
+		} else if len(key) > 0 {
+			keys = key
+		}
 
-		mctx, err := mount.DmgInIPSW(args[1], args[0], pemDB)
+		mctx, err := mount.DmgInIPSW(args[1], args[0], pemDB, keys)
 		if err != nil {
 			return fmt.Errorf("failed to mount %s DMG: %v", args[0], err)
 		}
diff --git a/internal/commands/dsc/dsc.go b/internal/commands/dsc/dsc.go
@@ -774,7 +774,7 @@ func GetUserAgent(f *dyld.File, sysVer *plist.SystemVersion) (string, error) {
 }
 
 func OpenFromIPSW(ipswPath, pemDB string, driverKit, all bool) (*mount.Context, []*dyld.File, error) {
-	ctx, err := mount.DmgInIPSW(ipswPath, "sys", pemDB)
+	ctx, err := mount.DmgInIPSW(ipswPath, "sys", pemDB, nil)
 	if err != nil {
 		return nil, nil, fmt.Errorf("failed to mount IPSW: %v", err)
 	}
diff --git a/internal/commands/mount/mount.go b/internal/commands/mount/mount.go
@@ -11,6 +11,9 @@ import (
 	"time"
 
 	"github.com/apex/log"
+	"github.com/blacktop/go-apfs/pkg/disk/dmg"
+	"github.com/blacktop/ipsw/internal/download"
+	"github.com/blacktop/ipsw/internal/magic"
 	"github.com/blacktop/ipsw/internal/utils"
 	"github.com/blacktop/ipsw/pkg/aea"
 	"github.com/blacktop/ipsw/pkg/info"
@@ -42,7 +45,7 @@ func (c Context) Unmount() error {
 }
 
 // DmgInIPSW will mount a DMG from an IPSW
-func DmgInIPSW(path, typ, pemDbPath string) (*Context, error) {
+func DmgInIPSW(path, typ, pemDbPath string, keys any) (*Context, error) {
 	ipswPath := filepath.Clean(path)
 
 	i, err := info.Parse(ipswPath)
@@ -110,6 +113,39 @@ func DmgInIPSW(path, typ, pemDbPath string) (*Context, error) {
 			return nil, fmt.Errorf("failed to parse AEA encrypted DMG: %v", err)
 		}
 	}
+	if isEncrypted, err := magic.IsEncryptedDMG(extractedDMG); err != nil {
+		return nil, fmt.Errorf("failed to check if DMG is encrypted: %v", err)
+	} else if isEncrypted {
+		var key string
+		switch v := keys.(type) {
+		case string:
+			key = v
+		case map[string]download.WikiFWKeys:
+			if len(v) == 0 {
+				return nil, fmt.Errorf("DMG is encrypted, please provide a key")
+			}
+			for _, wk := range v {
+				if strings.EqualFold(wk.Filename[0], filepath.Base(extractedDMG)) {
+					key = wk.Key[0]
+					break
+				}
+			}
+			if key == "" {
+				return nil, fmt.Errorf("key not found for DMG '%s' in theapplewiki lookup results", extractedDMG)
+			}
+		}
+		log.Info("Decrypting DMG...")
+		if dmg, err := dmg.Open(extractedDMG, &dmg.Config{
+			Key: key,
+		}); err != nil {
+			return nil, fmt.Errorf("failed to open DMG '%s': %v", extractedDMG, err)
+		} else {
+			defer dmg.Close()
+			if err := os.Rename(dmg.DecryptedTemp(), extractedDMG); err != nil {
+				return nil, fmt.Errorf("failed to overwrite encrypted DMG with the decrypted one: %v", err)
+			}
+		}
+	}
 
 	mp, am, err := utils.MountDMG(extractedDMG)
 	if err != nil {
diff --git a/internal/utils/macos.go b/internal/utils/macos.go
@@ -488,6 +488,22 @@ func Mount(image, mountPoint string) error {
 	return nil
 }
 
+func MountEncrypted(image, mountPoint, password string) error {
+	if runtime.GOOS == "darwin" {
+		cmd := exec.Command("/usr/bin/hdiutil", "attach", "-noverify", "-mountpoint", mountPoint, "-stdinpass", image)
+		cmd.Stdin = strings.NewReader(password)
+		out, err := cmd.CombinedOutput()
+		if err != nil {
+			if strings.Contains(string(out), "hdiutil: mount failed - Resource busy") {
+				return ErrMountResourceBusy
+			}
+			return fmt.Errorf("%v: %s", err, out)
+		}
+		return nil
+	}
+	return fmt.Errorf("only supported on macOS")
+}
+
 func IsAlreadyMounted(image, mountPoint string) (string, bool, error) {
 	if runtime.GOOS == "darwin" {
 		info, err := MountInfo()

Original file line number	Diff line number	Diff line change
`@@ -74,7 +74,7 @@ func AddRoutes(rg *gin.RouterGroup, pemDB string) {`
`74`	`74`	`c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": "invalid dmg type: must be app, sys, or fs"})`
`75`	`75`	`return`
`76`	`76`	`}`
`77`		`- ctx, err := mount.DmgInIPSW(ipswPath, dmgType, pemDbPath)`
	`77`	`+ ctx, err := mount.DmgInIPSW(ipswPath, dmgType, pemDbPath, nil)`
`78`	`78`	`if err != nil {`
`79`	`79`	`if errors.Unwrap(err) == info.ErrorCryptexNotFound {`
`80`	`80`	`c.AbortWithError(http.StatusNotFound, err)`
Original file line number	Diff line number	Diff line change
`@@ -774,7 +774,7 @@ func GetUserAgent(f dyld.File, sysVer plist.SystemVersion) (string, error) {`
`774`	`774`	`}`
`775`	`775`
`776`	`776`	`func OpenFromIPSW(ipswPath, pemDB string, driverKit, all bool) (mount.Context, []dyld.File, error) {`
`777`		`- ctx, err := mount.DmgInIPSW(ipswPath, "sys", pemDB)`
	`777`	`+ ctx, err := mount.DmgInIPSW(ipswPath, "sys", pemDB, nil)`
`778`	`778`	`if err != nil {`
`779`	`779`	`return nil, nil, fmt.Errorf("failed to mount IPSW: %v", err)`
`780`	`780`	`}`