Updated AppleNotesEmbeddedObject to test for the right cryptographic settings when multiple possibilities exist.

threeplanetssoftware · threeplanetssoftware · commit d4a0d86a6288 · 2024-12-05T10:07:47.000-05:00
diff --git a/lib/AppleNotesEmbeddedObject.rb b/lib/AppleNotesEmbeddedObject.rb
@@ -96,6 +96,7 @@ def version=(version)
   ##
   # This function adds cryptographic settings to the AppleNoteEmbeddedObject. 
   def add_cryptographic_settings
+    @crypto_password = @note.crypto_password
     unapplied_encrypted_record_column = "ZUNAPPLIEDENCRYPTEDRECORD"
     unapplied_encrypted_record_column = unapplied_encrypted_record_column + "DATA" if @version >= AppleNoteStoreVersion::IOS_VERSION_18
 
@@ -107,8 +108,20 @@ def add_cryptographic_settings
                       "WHERE Z_PK=?",
                       @primary_key) do |row|
 
+      @crypto_iv = row["ZCRYPTOINITIALIZATIONVECTOR"]
+      @crypto_tag = row["ZCRYPTOTAG"]
+      @crypto_salt = row["ZCRYPTOSALT"]
+      @crypto_iterations = row["ZCRYPTOITERATIONCOUNT"]
+      @crypto_key = row["ZCRYPTOVERIFIER"] if row["ZCRYPTOVERIFIER"]
+      @crypto_key = row["ZCRYPTOWRAPPEDKEY"] if row["ZCRYPTOWRAPPEDKEY"]
+
+      correct_settings = @backup.decrypter.check_cryptographic_settings(@crypto_password,
+                                                                        @crypto_salt,
+                                                                        @crypto_iterations,
+                                                                        @crypto_key)
+
       # If there is a blob in ZUNAPPLIEDENCRYPTEDRECORD, we need to use it instead of the database values
-      if row[unapplied_encrypted_record_column]
+      if row[unapplied_encrypted_record_column] and !correct_settings
         keyed_archive = KeyedArchive.new(:data => row[unapplied_encrypted_record_column])
         unpacked_top = keyed_archive.unpacked_top()
         ns_keys = unpacked_top["root"]["ValueStore"]["RecordValues"]["NS.keys"]
@@ -118,17 +131,9 @@ def add_cryptographic_settings
         @crypto_salt = ns_values[ns_keys.index("CryptoSalt")]
         @crypto_iterations = ns_values[ns_keys.index("CryptoIterationCount")]
         @crypto_key = ns_values[ns_keys.index("CryptoWrappedKey")]
-      else 
-        @crypto_iv = row["ZCRYPTOINITIALIZATIONVECTOR"]
-        @crypto_tag = row["ZCRYPTOTAG"]
-        @crypto_salt = row["ZCRYPTOSALT"]
-        @crypto_iterations = row["ZCRYPTOITERATIONCOUNT"]
-        @crypto_key = row["ZCRYPTOVERIFIER"] if row["ZCRYPTOVERIFIER"]
-        @crypto_key = row["ZCRYPTOWRAPPEDKEY"] if row["ZCRYPTOWRAPPEDKEY"]
       end
     end
 
-    @crypto_password = @note.crypto_password
   end
 
   ##
