我目前正在开发 Apple MDM 服务,在查看 Apple 的激活锁文档时遇到一些困惑。激活锁涉及两个步骤:
锁定设备: 我使用 Apple 官方文档中提供的示例生成了代码和哈希:激活锁定设备。使用 Apple 的 API(https://mdmenrollment.apple.com/device/activationlock),我通过将哈希值作为 escrow_key 传递来锁定设备。
#import <Foundation/Foundation.h>
#import <CommonCrypto/CommonCrypto.h>
#define MCBYPASS_CODE_LENGTH 31 // Excluding terminating null.
#define MCBYPASS_CODE_BUFFER_LENGTH 32 // Including terminating null.
#define MCBYPASS_RAW_BYTES_LENGTH 16
#define MCBYPASS_HASH_LENGTH CC_SHA256_DIGEST_LENGTH
#define RANDOM_BYTES_LENGTH 16
#define SALT_LENGTH 4
#define INPUT_BITS 128
#define BITS_PER_BYTE 8
#define BITS_PER_SYMBOL 5
NSString* createNewActivationLockBypassCodeOutHash(NSString** outHash);
int main(int argc, const char * argv[]) {
@autoreleasepool {
NSString* outHash = nil;
NSString* code = createNewActivationLockBypassCodeOutHash(&outHash);
NSLog(@"Generated Code: %@", code);
NSLog(@"Generated Hash: %@", outHash);
}
return 0;
}
NSString* createNewActivationLockBypassCodeOutHash(NSString** outHash) {
static const char kSymbols[] = "0123456789ACDEFGHJKLMNPQRTUVWXYZ";
static const int kDashPositions[] = { 5, 10, 14, 18, 22 };
char rawBytes[MCBYPASS_RAW_BYTES_LENGTH];
char code[MCBYPASS_CODE_BUFFER_LENGTH];
uint8_t hash[MCBYPASS_HASH_LENGTH];
uint8_t salt[SALT_LENGTH] = {0, 0, 0, 0};
arc4random_buf(rawBytes, RANDOM_BYTES_LENGTH);
CCKeyDerivationPBKDF(kCCPBKDF2, rawBytes, RANDOM_BYTES_LENGTH, salt, SALT_LENGTH,
kCCPRFHmacAlgSHA256, 50000, hash, CC_SHA256_DIGEST_LENGTH);
if (outHash) {
NSMutableString* str = [NSMutableString stringWithCapacity:MCBYPASS_HASH_LENGTH * 2 + 1];
for (int i = 0; i < MCBYPASS_HASH_LENGTH; i++) {
[str appendFormat:@"%02X", hash[i]];
}
*outHash = [NSString stringWithString:str];
}
int outputCharacterCount = 0;
const int* nextDashPosition = kDashPositions;
char* outputCursor = code;
uint8_t* inputCursor = (uint8_t*)rawBytes;
int bitsProcessed = 0;
int bitOffsetIntoByte = 0;
while (bitsProcessed <= (INPUT_BITS - BITS_PER_SYMBOL)) {
int bitsThisByte = (bitOffsetIntoByte < BITS_PER_BYTE - BITS_PER_SYMBOL ?
BITS_PER_SYMBOL : BITS_PER_BYTE - bitOffsetIntoByte);
int bitsNextByte = (bitsThisByte < BITS_PER_SYMBOL ? BITS_PER_SYMBOL - bitsThisByte : 0);
uint8_t value = (((*inputCursor << bitOffsetIntoByte) & 0xff) >> (BITS_PER_BYTE - bitsThisByte));
bitOffsetIntoByte += BITS_PER_SYMBOL;
if (bitOffsetIntoByte >= BITS_PER_BYTE) {
bitOffsetIntoByte -= BITS_PER_BYTE;
inputCursor++;
}
if (bitsNextByte) {
value <<= bitsNextByte;
value |= (*inputCursor >> (BITS_PER_BYTE - bitsNextByte));
}
*outputCursor++ = kSymbols[value];
if (++outputCharacterCount == *nextDashPosition) {
++nextDashPosition;
*outputCursor++ = '-';
}
bitsProcessed += BITS_PER_SYMBOL;
}
int bitsRemaining = INPUT_BITS - bitsProcessed;
if (bitsRemaining) {
uint8_t value = (((*inputCursor << bitOffsetIntoByte) & 0xff) >> (BITS_PER_BYTE - bitsRemaining));
*outputCursor++ = kSymbols[value];
}
*outputCursor = '\0';
return [NSString stringWithUTF8String:code];
}
解锁设备: 根据Apple的文档:创建和使用旁路代码,通过API在https://deviceservices-external.apple.com/deviceservicesworkers/escrowKeyUnlock提交代码即可解锁设备。 锁定和解锁设备均正常工作。但是,我有一个问题:由于代码是从随机的rawBytes生成的,并且我在锁定设备时只提交哈希(而不是rawBytes),那么Apple服务器在解锁设备时如何验证哈希和代码是否一致?
怎么联系你,有微信或者QQ联系方式吗?我有一些关于 MDM 激活锁的问题想咨询您。