micro-tss 0.1.0

A simple implementation of a Tatsu Signing Server.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

use image4::Tag;

/// Map for tags that are used object properties.
pub const OBJECT_TAG_MAP: phf::Map<&'static str, Tag> = phf::phf_map! {
    "Ap,LocalPolicy" => Tag::from_bytes(*b"lpol"),
    "KernelCache" => Tag::from_bytes(*b"krnl"),
    "DeviceTree" => Tag::from_bytes(*b"dtre"),
    "LLB" => Tag::from_bytes(*b"illb"),
    "RestoreDeviceTree" => Tag::from_bytes(*b"rdtr"),
    "RestoreKernelCache" => Tag::from_bytes(*b"rkrn"),
    "RestoreLogo" => Tag::from_bytes(*b"rlgo"),
    "RestoreRamDisk" => Tag::from_bytes(*b"rdsk"),
    "RestoreTrustCache" => Tag::from_bytes(*b"rtsc"),
    "StaticTrustCache" => Tag::from_bytes(*b"trst"),
    "BaseSystemVolume" => Tag::from_bytes(*b"csys"),
    "iBEC" => Tag::from_bytes(*b"ibec"),
    "iBSS" => Tag::from_bytes(*b"ibss"),
    "iBoot" => Tag::from_bytes(*b"ibot"),
    "Ap,BaseSystemTrustCache" => Tag::from_bytes(*b"bstc"),
    "Ap,SystemVolumeCanonicalMetadata" => Tag::from_bytes(*b"msys"),
    "Ap,rOSLogo1" => Tag::from_bytes(*b"rlg1"),
    "Ap,rOSLogo2" => Tag::from_bytes(*b"rlg2"),
    "AppleLogo" => Tag::from_bytes(*b"logo"),
    "RecoveryMode" => Tag::from_bytes(*b"recm"),
    "OS" => Tag::from_bytes(*b"rosi"),
    "SystemVolume" => Tag::from_bytes(*b"isys"),

    "Cryptex1,AppOS" => Tag::from_bytes(*b"caos"),
    "Cryptex1,AppTrustCache" => Tag::from_bytes(*b"trca"),
    "Cryptex1,AppVolume" => Tag::from_bytes(*b"casy"),
    "Cryptex1,SystemOS" => Tag::from_bytes(*b"csos"),
    "Cryptex1,SystemTrustCache" => Tag::from_bytes(*b"trcs"),
    "Cryptex1,SystemVolume" => Tag::from_bytes(*b"cssy"),
};

/// Map for tags that are used in manifest properties.
pub const MANIFEST_PROPERTY_TAG_MAP: phf::Map<&'static str, Tag> = phf::phf_map! {
    "ApECID" => Tag::from_bytes(*b"ECID"),
    "ApChipID" => Tag::from_bytes(*b"CHIP"),
    "ApBoardID" => Tag::from_bytes(*b"BORD"),
    "ApSecurityDomain" => Tag::from_bytes(*b"SDOM"),
    "ApNonce" => Tag::from_bytes(*b"BNCH"),
    "ApSecurityMode" => Tag::from_bytes(*b"CSEC"),
    "ApProductionMode" => Tag::from_bytes(*b"CPRO"),
    "Ap,NextStageIM4MHash" => Tag::from_bytes(*b"nsih"),
    "Ap,RecoveryOSPolicyNonceHash" => Tag::from_bytes(*b"ronh"),
    "Ap,VolumeUUID" => Tag::from_bytes(*b"vuid"),
    "Ap,LocalBoot" => Tag::from_bytes(*b"lobo"),
    "Ap,OSLongVersion" => Tag::from_bytes(*b"love"),
    "SepNonce" => Tag::from_bytes(*b"snon"),

    "Cryptex1,ChipID" => Tag::from_bytes(*b"fchp"),
    "Cryptex1,Nonce" => Tag::from_bytes(*b"cnch"), // just a guess, exists
    "Cryptex1,Type" => Tag::from_bytes(*b"type"),
    "Cryptex1,SubType" => Tag::from_bytes(*b"styp"),
    "Cryptex1,ProductClass" => Tag::from_bytes(*b"clas"), // almost certain about this one
    "Cryptex1,UseProductClass" => Tag::from_bytes(*b"clas"), // just a guess
    "Cryptex1,NonceDomain" => Tag::from_bytes(*b"ndom"), // just a guess, exists
    "Cryptex1,Version" => Tag::from_bytes(*b"vnum"), // just a guess, exists
    "Cryptex1,PreauthorizationVersion" => Tag::from_bytes(*b"pave"), // just a guess, exists
    "Cryptex1,UDID" => Tag::from_bytes(*b"UDID"), // mostly a guess
    "Cryptex1,ProductionMode" => Tag::from_bytes(*b"fpro"), // just a guess
    "Cryptex1,FakeRoot" => Tag::from_bytes(*b"fake"), // just a guess
};

pub const IGNORED_PROPERTIES: phf::Set<&'static str> = phf::phf_set! {
    "UniqueBuildID"
};