openhaystack
openhaystack copied to clipboard
seemoo-lab
private key for shared AirTags (only key provided is peerTrustSharedSecret)
The decrypted plist for an AirTag that has been shared with me is below. This is incompatible with the current library due to not having a private key. Yes, I've tried using the peerTrustSharedSecret as the private key, it doesn't work as-is.
Seems like a good way to implement this would be to examine the traffic to Apple servers when examining the location of a shared AirTag via the FindMy application. It may use a different endpoint for an intermediary step between peerTrustSharedSecret and privateKey.
Does anyone know how to get the privateKey for these devices that are shared?
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>cloudKitMetadata</key>
<data>
#Base64 blob here#
</data>
<key>communicationsIdentifier</key>
<dict>
<key>ids</key>
<dict>
<key>correlationIdentifier</key>
<string>#uuid (unknown what it is) here#</string>
<key>destination</key>
<dict>
<key>destination</key>
<string>mailto:#Owner email here#</string>
<key>type</key>
<integer>0</integer>
</dict>
</dict>
</dict>
<key>displayIdentifier</key>
<string>#Owner email here#</string>
<key>identifier</key>
<string>#baUUID here#</string>
<key>peerTrustSharedSecret</key>
<dict>
<key>key</key>
<dict>
<key>data</key>
<data>
#INSERT KEY HERE#
</data>
</dict>
</dict>
<key>type</key>
<integer>1</integer>
</dict>
</plist>
length of peerTrustSharedSecret is 44 base64'ed or 32 raw. This is the same as the sharedSecret and secondarySharedSecret.