•   
  • 1
  • 12
  • 13
  • 14(current)
  • 15
  • 16
  • 43
  •   
Help us solving the AirPlay issue when using iOS7 devices
Complete stream(s) (binary crap Smile ), even some data at the end, but file was so small that I didn't cut it.

https://mega.co.nz/#!9EgjXaaI!ZaXJmQ08fZ...XN3aUZB9xI
Reply
(2014-01-12, 16:05)Memphiz Wrote: I guess it is this implementation they are using:

https://github.com/nto/AirSpeaker/blob/m...ler.m#L236

Whoa.. So there is an open source FairPlay audio implementation!
Nod

But it is in objective-C... But its going to be helpful, right?
Reply
Its not the complete fairplay ... only the handshake ... obj-c is no problem for me Wink
AppleTV4/iPhone/iPod/iPad: HowTo find debug logs and everything else which the devs like so much: click here
HowTo setup NFS for Kodi: NFS (wiki)
HowTo configure avahi (zeroconf): Avahi_Zeroconf (wiki)
READ THE IOS FAQ!: iOS FAQ (wiki)
Reply
Ok i've implemented the handshake - but it doesn't work. Problem is - the protocol is not encrypted - but the audio data (same with rsa before). And there is one slight difference:

from the wireshark dump:

without fairplay
Code:
rsaaeskey:ew1rNDhfRdo3HcVOaN+6zbRdhdYInQZbCZcSIBeYEbqJI6eaRja4Q86YnxGtAqe5FkGOQQff0bKvB+w2Pwp+R3aMX3AoZrHq6Iw/ulvxP4iEInMPJjzH7avEZYJc9Yx09jQQpzURe0ZNyOpq60tnkH3AzvWIkpbhcWT339nmWywZUNMBxj2+MobwgsSxlpjToRzq1QCgc8kGXFzsr+juIdBKRjSf2BV9F0QVEmt0hS4jKRoIlFY8JogCVJUBKpG3HPA+s/eyD2Boqe5PTu+Un9C1TUhiqU1AIxlYDVC/Yfb7fvXf6yUfmSwrVv0XoLDEYht/9uUl97gFlrDuBks0uA==

with fairplay
Code:
fpaeskey:RlBMWQECAQAAAAA8AAAAAPH9/06uRz+d3RJIW2/P0mUAAAAQ6DMV57epTW6ALhiHQ/zP8yF1/9qjnn/dvJucxDGUuGfww2c1

I just handled the fpaeskey same as the rasaeskey and fed it into the rsa decryption routines - but this just crashes ...

So i would say - yes airserver is either using the some OS or iTunes methods for that or they got fp cracked. Might even be that in that fpaeskey the real rsakey is encrypted and from that on everything is like before - no clue. Its way over my head.

So at least that handshake code works - i got the known protocol afterwards ... but i crash because of an invalid keylength (which is encrypted and can't be decoded with rsa).

For documentation purposes - here is the ported code as patch against libshairplay:

https://github.com/Memphiz/xbmc/commit/b...0a27d8f111

I have given that information to the shairplay dev too of course.
AppleTV4/iPhone/iPod/iPad: HowTo find debug logs and everything else which the devs like so much: click here
HowTo setup NFS for Kodi: NFS (wiki)
HowTo configure avahi (zeroconf): Avahi_Zeroconf (wiki)
READ THE IOS FAQ!: iOS FAQ (wiki)
Reply
Aes keys may have different lenghts. But I am not so sure why they call the first keys rsaaes, I thought rsa and aes were separate things.

An aes implementation for the correct keylength is worth a try in my opinion.
Reply
Are you sure you know what you are talking about? Cause i am not sure what i just said with those keys as said - this is over my head...Wink

well if so - there is the place where it has to be implemented:

https://github.com/juhovh/shairplay/blob...key.c#L296

That is the method that gives back a len of -5 on that key ...
AppleTV4/iPhone/iPod/iPad: HowTo find debug logs and everything else which the devs like so much: click here
HowTo setup NFS for Kodi: NFS (wiki)
HowTo configure avahi (zeroconf): Avahi_Zeroconf (wiki)
READ THE IOS FAQ!: iOS FAQ (wiki)
Reply
Rsaaeskey could mean that the aes key is rsa encrypted. Would be a bit strange if the fpaes was "just" aes. What do you do with the rsaaeskey? First a rsa decode and then use the output as an aes key? How about just using the fp aes without rsa decrypt
Reply
I'm having a really hard time understanding what is going on there.
So, you are not expecting to get -5 back? It may be that one variables you send aren't right(SHERLOCK...) or that is not the method you actually need.

You have iOS 6 devices right? Could you test if those get better results than iOS 7 devices with 'my' airplay.xml

I wish you the nerves to get trough that FairPlay stuff Smile , even tough i think iOS 7 implemented a new way of communicating with AirPlay Receivers, since nothing seems to work.
Reply
You both get me wrong. Fairplay rsa, aes - thats all in the scop of libshairplay. Thats where my region ends guys. I don't have any clue about encryption and i also don't know what shairplay does with that key. Thats where one needs to start to read the shairplay code or contact the shairplay dev (which i did).

My ios6 devices work all fine with most of these airplay.xml files ... (100% for the version of airplay.xml which i checked in into github for the last testbuild ...).
AppleTV4/iPhone/iPod/iPad: HowTo find debug logs and everything else which the devs like so much: click here
HowTo setup NFS for Kodi: NFS (wiki)
HowTo configure avahi (zeroconf): Avahi_Zeroconf (wiki)
READ THE IOS FAQ!: iOS FAQ (wiki)
Reply
answer from upstream dev

"Sorry for a bit slow reply. I think this is probably the wrong path, I would really want to do the fairplay handshake instead of RSA handshake because it would allow to do airplay mirroring, but no one has published how to decrypt the fpaeskey."

I pointed him to this thread because he proposed to change the bonjour announcements until it falls back to non encrypted. (basically what we are trying here atm).

From that answer i read that it really might "only" be the issue to decode the aes key. While the key was encoded via rsa before its now encoded via apples proprietary fairplay. (just an assumption based on the answer though).
AppleTV4/iPhone/iPod/iPad: HowTo find debug logs and everything else which the devs like so much: click here
HowTo setup NFS for Kodi: NFS (wiki)
HowTo configure avahi (zeroconf): Avahi_Zeroconf (wiki)
READ THE IOS FAQ!: iOS FAQ (wiki)
Reply
So the fpaes was not "just" aes thenSmile It never is as easy as it seemsSmile
Reply
Would it be beneficial to reverse engineer AirServer to extract whatever keys it may be using? I can take a look at the Mac version of AirServer since I use OS X. I've also got some "friends" who do reverse engineering on OS X as well
Reply
Well it would of course be benefitical - but i fear they use osx api to decode the key (which is not a platform independend solution...). Better would be to capture one of those airserver devs and then "ask" him ;o) *bruhhahahhaa*
AppleTV4/iPhone/iPod/iPad: HowTo find debug logs and everything else which the devs like so much: click here
HowTo setup NFS for Kodi: NFS (wiki)
HowTo configure avahi (zeroconf): Avahi_Zeroconf (wiki)
READ THE IOS FAQ!: iOS FAQ (wiki)
Reply
Probably not interesting, but here's where they handle /fp-setup, /fp-setup2 stuff http://pastebin.com/Svb5PcaM
Im thinking this is what they're using for mirroring http://pastebin.com/np6A3bxV as they reference setting it as the mirroring header which oddly enough I believe is also part of their licensing scheme.
Reply
(2014-01-13, 00:42)Memphiz Wrote: Well it would of course be benefitical - but i fear they use osx api to decode the key (which is not a platform independend solution...). Better would be to capture one of those airserver devs and then "ask" him ;o) *bruhhahahhaa*

osx api? In windows?
Reply
  •   
  • 1
  • 12
  • 13
  • 14(current)
  • 15
  • 16
  • 43
  •   



Logout Mark Read Team Forum Stats Members Help
Help us solving the AirPlay issue when using iOS7 devices7
This forum uses Lukasz Tkacz MyBB addons.