@basmilius/apple-companion-link 0.0.2 → 0.0.4

package/src/protocol/verify/companionLink.ts

@@ -1,185 +0,0 @@
-import tweetnacl, { type BoxKeyPair } from 'tweetnacl';
-import { debug } from '@/cli';
-import { decryptChacha20, encryptChacha20, generateCurve25519KeyPair, generateCurve25519SharedSecKey, hkdf } from '@/crypto';
-import { bailTlv, decodeTlv, encodeTlv, TlvState, TlvValue } from '@/encoding';
-import { CompanionLinkFrameType, CompanionLinkSocket } from '@/socket';
-import CompanionLink from '../companionLink';
-
-export default class {
-    readonly #protocol: CompanionLink;
-    readonly #socket: CompanionLinkSocket;
-    readonly #ephemeralKeyPair: BoxKeyPair;
-
-    constructor(protocol: CompanionLink, socket: CompanionLinkSocket) {
-        this.#protocol = protocol;
-        this.#socket = socket;
-        this.#ephemeralKeyPair = generateCurve25519KeyPair();
-    }
-
-    async start(credentials: Credentials): Promise<AccessoryKeys> {
-        const m1 = await this.#m1();
-        const m2 = await this.#m2(credentials.accessoryIdentifier, credentials.accessoryLongTermPublicKey, m1);
-
-        await this.#m3(credentials.pairingId, credentials.secretKey, m2);
-
-        return await this.#m4(m2);
-    }
-
-    async #m1(): Promise<M1> {
-        const [, response] = await this.#socket.exchange(CompanionLinkFrameType.PV_Start, {
-            _pd: encodeTlv([
-                [TlvValue.State, TlvState.M1],
-                [TlvValue.PublicKey, Buffer.from(this.#ephemeralKeyPair.publicKey)]
-            ]),
-            _auTy: 4
-        });
-
-        const data = this.#tlv(response);
-        const serverPublicKey = data.get(TlvValue.PublicKey);
-        const encryptedData = data.get(TlvValue.EncryptedData);
-
-        return {
-            encryptedData,
-            serverPublicKey
-        };
-    }
-
-    async #m2(localAccessoryIdentifier: string, longTermPublicKey: Buffer, m1: M1): Promise<M2> {
-        const sharedSecret = Buffer.from(generateCurve25519SharedSecKey(
-            this.#ephemeralKeyPair.secretKey,
-            m1.serverPublicKey
-        ));
-
-        const sessionKey = hkdf({
-            hash: 'sha512',
-            key: sharedSecret,
-            length: 32,
-            salt: Buffer.from('Pair-Verify-Encrypt-Salt'),
-            info: Buffer.from('Pair-Verify-Encrypt-Info')
-        });
-
-        const encryptedData = m1.encryptedData.subarray(0, -16);
-        const encryptedTag = m1.encryptedData.subarray(-16);
-
-        const data = decryptChacha20(sessionKey, Buffer.from('PV-Msg02'), null, encryptedData, encryptedTag);
-        const tlv = decodeTlv(data);
-
-        const accessoryIdentifier = tlv.get(TlvValue.Identifier);
-        const accessorySignature = tlv.get(TlvValue.Signature);
-
-        if (accessoryIdentifier.toString() !== localAccessoryIdentifier) {
-            throw new Error(`Invalid accessory identifier. Expected ${accessoryIdentifier.toString()} to be ${localAccessoryIdentifier}.`);
-        }
-
-        const accessoryInfo = Buffer.concat([
-            m1.serverPublicKey,
-            accessoryIdentifier,
-            this.#ephemeralKeyPair.publicKey
-        ]);
-
-        if (!tweetnacl.sign.detached.verify(accessoryInfo, accessorySignature, longTermPublicKey)) {
-            throw new Error('Invalid accessory signature.');
-        }
-
-        return {
-            serverEphemeralPublicKey: m1.serverPublicKey,
-            sessionKey,
-            sharedSecret
-        };
-    }
-
-    async #m3(pairingId: Buffer, secretKey: Buffer, m2: M2): Promise<M3> {
-        const iosDeviceInfo = Buffer.concat([
-            this.#ephemeralKeyPair.publicKey,
-            pairingId,
-            m2.serverEphemeralPublicKey
-        ]);
-
-        const iosDeviceSignature = Buffer.from(tweetnacl.sign.detached(iosDeviceInfo, secretKey));
-
-        const innerTlv = encodeTlv([
-            [TlvValue.Identifier, pairingId],
-            [TlvValue.Signature, iosDeviceSignature]
-        ]);
-
-        const {authTag, ciphertext} = encryptChacha20(m2.sessionKey, Buffer.from('PV-Msg03'), null, innerTlv);
-        const encrypted = Buffer.concat([ciphertext, authTag]);
-
-        const [, response] = await this.#socket.exchange(CompanionLinkFrameType.PV_Next, {
-            _pd: encodeTlv([
-                [TlvValue.State, TlvState.M3],
-                [TlvValue.EncryptedData, encrypted]
-            ]),
-            _auTy: 4
-        });
-
-        console.log(this.#tlv(response));
-
-        return {};
-    }
-
-    async #m4(m2: M2): Promise<AccessoryKeys> {
-        const accessoryToControllerKey = hkdf({
-            hash: 'sha512',
-            key: m2.sharedSecret,
-            length: 32,
-            salt: Buffer.alloc(0),
-            info: Buffer.from('ServerEncrypt-main')
-        });
-
-        const controllerToAccessoryKey = hkdf({
-            hash: 'sha512',
-            key: m2.sharedSecret,
-            length: 32,
-            salt: Buffer.alloc(0),
-            info: Buffer.from('ClientEncrypt-main')
-        });
-
-        return {
-            accessoryToControllerKey,
-            controllerToAccessoryKey
-        };
-    }
-
-    #tlv(response: unknown): Map<number, Buffer> {
-        if (typeof response !== 'object' || response === null) {
-            throw new Error('Invalid response from receiver.');
-        }
-
-        const data = decodeTlv(response['_pd']);
-
-        if (data.has(TlvValue.Error)) {
-            bailTlv(data);
-        }
-
-        debug('Decoded TLV', data);
-
-        return data;
-    }
-}
-
-type Credentials = {
-    readonly accessoryIdentifier: string;
-    readonly accessoryLongTermPublicKey: Buffer;
-    readonly pairingId: Buffer;
-    readonly publicKey: Buffer;
-    readonly secretKey: Buffer;
-};
-
-type M1 = {
-    readonly encryptedData: Buffer;
-    readonly serverPublicKey: Buffer;
-};
-
-type M2 = {
-    readonly serverEphemeralPublicKey: Buffer;
-    readonly sessionKey: Buffer;
-    readonly sharedSecret: Buffer;
-};
-
-type M3 = {};
-
-type AccessoryKeys = {
-    readonly accessoryToControllerKey: Buffer;
-    readonly controllerToAccessoryKey: Buffer;
-};

package/src/socket/base.ts

@@ -1,21 +0,0 @@
-export default class BaseSocket extends EventTarget {
-    get address(): string {
-        return this.#address;
-    }
-
-    get port(): number {
-        return this.#port;
-    }
-
-    readonly #address: string;
-    readonly #port: number;
-
-    constructor(address: string, port: number) {
-        super();
-        this.#address = address;
-        this.#port = port;
-    }
-
-    async connect(): Promise<void> {
-    }
-}

package/src/socket/companionLink.ts

@@ -1,249 +0,0 @@
-import { randomInt } from 'node:crypto';
-import { Socket } from 'node:net';
-import { debug } from '@/cli';
-import { decryptChacha20, encryptChacha20 } from '@/crypto';
-import { decodeOPack, encodeOPack, opackSizedInt } from '@/encoding';
-import BaseSocket from './base';
-
-export default class extends BaseSocket {
-    get isEncrypted(): boolean {
-        return !!this.#readKey && !!this.#writeKey;
-    }
-
-    readonly #socket: Socket;
-    readonly #queue: Record<number, Function> = {};
-    #buffer: Buffer = Buffer.alloc(0);
-    #readCount: number;
-    #readKey?: Buffer;
-    #writeCount: number;
-    #writeKey?: Buffer;
-    #xid: number;
-
-    constructor(address: string, port: number) {
-        super(address, port);
-
-        this.#xid = randomInt(0, 2 ** 16);
-
-        this.onClose = this.onClose.bind(this);
-        this.onConnect = this.onConnect.bind(this);
-        this.onData = this.onData.bind(this);
-        this.onEnd = this.onEnd.bind(this);
-        this.onError = this.onError.bind(this);
-
-        this.#socket = new Socket();
-        this.#socket.on('close', this.onClose);
-        this.#socket.on('connect', this.onConnect);
-        this.#socket.on('data', this.onData);
-        this.#socket.on('end', this.onEnd);
-        this.#socket.on('error', this.onError);
-    }
-
-    async connect(): Promise<void> {
-        debug(`Connecting to ${this.address}:${this.port}...`);
-
-        return await new Promise(resolve => {
-            this.#socket.connect({
-                host: this.address,
-                port: this.port,
-                keepAlive: true
-            }, resolve);
-        });
-    }
-
-    async enableEncryption(readKey: Buffer, writeKey: Buffer): Promise<void> {
-        this.#readKey = readKey;
-        this.#writeKey = writeKey;
-        this.#readCount = 0;
-        this.#writeCount = 0;
-    }
-
-    async exchange(type: number, obj: Record<string, unknown>): Promise<[number, unknown]> {
-        const _x = this.#xid;
-
-        return new Promise<[number, number]>((resolve, reject) => {
-            if (PairFrameTypes.includes(type)) {
-                this.#queue[-1] = resolve;
-            } else {
-                this.#queue[_x] = resolve;
-            }
-
-            this.send(type, obj).catch(reject);
-        });
-    }
-
-    async send(type: number, obj: Record<string, unknown>): Promise<void> {
-        const _x = this.#xid++;
-        obj._x ??= opackSizedInt(_x, 8);
-
-        let payload = Buffer.from(encodeOPack(obj));
-        let payloadLength = payload.byteLength;
-
-        if (this.isEncrypted && payloadLength > 0) {
-            payloadLength += 16;
-        }
-
-        const header = Buffer.alloc(4);
-        header.writeUint8(type, 0);
-        header.writeUintBE(payloadLength, 1, 3);
-
-        let data: Buffer;
-
-        if (this.isEncrypted) {
-            const nonce = Buffer.alloc(12);
-            nonce.writeBigUInt64LE(BigInt(this.#writeCount++), 0);
-
-            const encrypted = encryptChacha20(this.#writeKey, nonce, header, payload);
-            data = Buffer.concat([header, encrypted.ciphertext, encrypted.authTag]);
-        } else {
-            data = Buffer.concat([header, payload]);
-        }
-
-        debug('Send data frame', this.isEncrypted, Buffer.from(data).toString('hex'), obj);
-
-        return new Promise((resolve, reject) => {
-            this.#socket.write(data, err => err && reject(err));
-            resolve();
-        });
-    }
-
-    async onClose(): Promise<void> {
-        debug(`Connection closed from ${this.address}:${this.port}`);
-    }
-
-    async onConnect(): Promise<void> {
-        debug(`Connected to ${this.address}:${this.port}`);
-    }
-
-    async onData(buffer: Buffer): Promise<void> {
-        // debug('Received data frame', buffer.toString('hex'));
-
-        this.#buffer = Buffer.concat([this.#buffer, buffer]);
-
-        while (this.#buffer.byteLength >= 4) {
-            const header = this.#buffer.subarray(0, 4);
-            const payloadLength = header.readUintBE(1, 3);
-
-            if (this.#buffer.byteLength < payloadLength) {
-                debug('Not enough data yet, waiting on the next frame..');
-                break;
-            }
-
-            let data = this.#buffer.subarray(0, 4 + payloadLength);
-            data = await this.#decrypt(data);
-
-            this.#buffer = this.#buffer.subarray(data.byteLength);
-
-            let payload = data.subarray(4);
-
-            if (OPackFrameTypes.includes(header.readInt8())) {
-                [payload] = decodeOPack(payload);
-            }
-
-            debug('Decoded OPACK', {header, payload});
-
-            if ('_x' in payload) {
-                const _x = (payload as any)._x;
-
-                if (_x in this.#queue) {
-                    const resolve = this.#queue[_x] ?? null;
-                    resolve?.([header, payload]);
-
-                    delete this.#queue[_x];
-                } else {
-                    // probably an event
-                    const content = payload['_c'];
-                    const keys = Object.keys(content).map(k => k.substring(0, -3));
-
-                    for (const key of keys) {
-                        this.dispatchEvent(new CustomEvent(key, {detail: content[key]}));
-                    }
-                }
-            } else if (this.#queue[-1]) {
-                const _x = -1;
-                const resolve = this.#queue[_x] ?? null;
-                resolve?.([header, payload]);
-
-                delete this.#queue[_x];
-            } else {
-                debug('No handler for message', [header, payload]);
-            }
-        }
-    }
-
-    async onEnd(): Promise<void> {
-        debug('Connection ended');
-    }
-
-    async onError(err: Error): Promise<void> {
-        debug('Error received', err);
-    }
-
-    async #decrypt(data: Buffer): Promise<Buffer> {
-        if (!this.isEncrypted) {
-            return data;
-        }
-
-        const header = data.subarray(0, 4);
-        const payloadLength = header.readUintBE(1, 3);
-
-        const payload = data.subarray(4, payloadLength + 16);
-        const authTag = payload.subarray(payload.byteLength - 16);
-        const ciphertext = payload.subarray(0, payload.byteLength - 16);
-
-        const nonce = Buffer.alloc(12);
-        nonce.writeBigUint64LE(BigInt(this.#readCount++), 0);
-
-        const decrypted = decryptChacha20(this.#readKey, nonce, header, ciphertext, authTag);
-
-        return Buffer.concat([header, decrypted, authTag]);
-    }
-}
-
-export const FrameType = {
-    Unknown: 0,
-    Noop: 1,
-
-    PS_Start: 3,
-    PS_Next: 4,
-    PV_Start: 5,
-    PV_Next: 6,
-
-    U_OPACK: 7,
-    E_OPACK: 8,
-    P_OPACK: 9,
-
-    PA_Request: 10,
-    PA_Response: 11,
-
-    SessionStartRequest: 16,
-    SessionStartResponse: 17,
-    SessionData: 18,
-
-    FamilyIdentityRequest: 32,
-    FamilyIdentityResponse: 33,
-    FamilyIdentityUpdate: 34
-} as const;
-
-export const MessageType = {
-    Event: 1,
-    Request: 2,
-    Response: 3
-} as const;
-
-export const OPackFrameTypes: number[] = [
-    FrameType.PS_Start,
-    FrameType.PS_Next,
-    FrameType.PV_Start,
-    FrameType.PV_Next,
-
-    FrameType.U_OPACK,
-    FrameType.E_OPACK,
-    FrameType.P_OPACK
-];
-
-const PairFrameTypes: number[] = [
-    FrameType.PS_Start,
-    FrameType.PS_Next,
-    FrameType.PV_Start,
-    FrameType.PV_Next
-];

package/src/socket/index.ts

@@ -1,2 +0,0 @@
-export type { default as BaseSocket } from './base';
-export { default as CompanionLinkSocket, FrameType as CompanionLinkFrameType, MessageType as CompanionLinkMessageType } from './companionLink';

package/src/test.ts

@@ -1,109 +0,0 @@
-import { write } from 'bun';
-import { debug, prompt, waitFor } from '@/cli';
-import { Discovery } from '@/discovery';
-import { parseBinaryPlist } from '@/encoding';
-import { CompanionLink } from '@/protocol';
-
-const discovery = Discovery.companionLink();
-const device = await discovery.findUntil('Woonkamer TV._companion-link._tcp.local');
-
-const protocol = new CompanionLink(device);
-await protocol.connect();
-
-async function pair(): Promise<void> {
-    await protocol.pairing.start();
-    const credentials = await protocol.pairing.pin(async () => await prompt('Enter PIN'));
-
-    console.log({
-        accessoryIdentifier: credentials.accessoryIdentifier,
-        accessoryLongTermPublicKey: credentials.accessoryLongTermPublicKey.toString('hex'),
-        pairingId: credentials.pairingId.toString('hex'),
-        publicKey: credentials.publicKey.toString('hex'),
-        secretKey: credentials.secretKey.toString('hex')
-    });
-}
-
-async function verify(): Promise<void> {
-    const credentials = {
-        accessoryIdentifier: '7EEEA518-06CC-486C-A8B8-4A07CDBE6267',
-        accessoryLongTermPublicKey: Buffer.from('cfb3fb0e0eb494d9058d5051c94400b35251e3faad66542b9551a1496570628d', 'hex'),
-        pairingId: Buffer.from('31343733314638332d334438422d344242362d393530302d433544464243383737443735', 'hex'),
-        publicKey: Buffer.from('4b7707b544e9c3b7a3609d0c9f7c9f013a71b415568bff597013d65e14d88918', 'hex'),
-        secretKey: Buffer.from('3933f2526014609fc437d2b0c7968b476f3ee0fd2d836fc5e97971fbd26adae04b7707b544e9c3b7a3609d0c9f7c9f013a71b415568bff597013d65e14d88918', 'hex')
-    };
-
-    const keys = await protocol.verify.start(credentials);
-
-    await waitFor(250);
-
-    await protocol.socket.enableEncryption(
-        keys.accessoryToControllerKey,
-        keys.controllerToAccessoryKey
-    );
-
-    await protocol.api._systemInfo(credentials.pairingId);
-    await protocol.api._touchStart();
-    await protocol.api._sessionStart();
-    await protocol.api._tvrcSessionStart();
-
-    await protocol.api._unsubscribe('_iMC');
-    await protocol.api._subscribe('TVSystemStatus', (e: CustomEvent) => debug(e));
-
-    // await protocol.api._subscribe('NowPlayingInfo', handleNowPlayingInfo);
-    // await protocol.api.fetchNowPlayingInfo();
-
-    // await protocol.api._subscribe('SupportedActions', (e: CustomEvent) => debug(e));
-    // await protocol.api.fetchSupportedActions();
-
-    // await protocol.api._subscribe('PushSiriRemoteInfo', (e: CustomEvent) => debug(e));
-    // const data = await protocol.api.getSiriRemoteInfo();
-    // debug(data);
-
-    // await protocol.api._subscribe('MediaControlStatus', (e: CustomEvent) => debug(e));
-    // const data = await protocol.api.fetchMediaControlStatus();
-    // debug(data);
-
-    // debug('Attention state', await protocol.api.getAttentionState());
-    // debug('Launchable apps', await protocol.api.getLaunchableApps());
-    // debug('Available user accounts', await protocol.api.getUserAccounts());
-
-    // await protocol.api.launchApp('com.apple.TVMusic');
-    // await protocol.api.launchUrl('nflx://www.netflix.com/title/70291117');
-    // await protocol.api.switchUserAccount('71A6CA15-5268-4820-9DD8-1C53F980C149');
-
-    // await protocol.api.pressButton('Select');
-    // await protocol.api.pressButton('VolumeDown');
-
-    // await protocol.api.mediaControlCommand('Pause');
-    // await waitFor(2000);
-    // await protocol.api.mediaControlCommand('Play');
-
-    // await protocol.api.pressButton('PageUp');
-}
-
-async function handleNowPlayingInfo(evt: CustomEvent): Promise<void> {
-    const {detail: nowPlaying} = evt;
-    const parsed = parseBinaryPlist(Buffer.from(nowPlaying).buffer) as any;
-
-    if (!parsed.$objects[15]) {
-        try {
-            await write('./artwork.png', parsed.$objects[14]);
-        } catch (_) {
-        }
-    }
-
-    if (parsed.$objects[4]) {
-        debug(`Now playing ${parsed.$objects[8]} on Apple TV.`);
-    } else {
-        debug('Not playing?');
-    }
-
-    // debug(parsed);
-    // debug('Keys', parsed.$objects[1]);
-    // debug('Image data is placeholder', parsed.$objects[15]);
-    // debug('metadata', parsed.$objects[6]);
-    // debug('playback state', parsed.$objects[4]);
-}
-
-// await pair();
-await verify();

package/src/transient.ts

@@ -1,64 +0,0 @@
-import { randomInt } from 'node:crypto';
-import { Discovery } from '@/discovery';
-import { CompanionLink } from '@/protocol';
-import { CompanionLinkFrameType, CompanionLinkMessageType } from '@/socket';
-
-const discovery = Discovery.companionLink();
-const device = await discovery.findUntil('Woonkamer HomePod (3)._companion-link._tcp.local');
-
-const protocol = new CompanionLink(device);
-await protocol.connect();
-
-async function pair(): Promise<void> {
-    await protocol.pairing.start();
-    const keys = await protocol.pairing.transient();
-
-    await protocol.socket.enableEncryption(
-        keys.accessoryToControllerKey,
-        keys.controllerToAccessoryKey
-    );
-
-    const [, _ss] = await protocol.socket.sendLRCP(CompanionLinkFrameType.E_OPACK, {
-        _i: '_sessionStart',
-        _t: CompanionLinkMessageType.Request,
-        _c: {
-            _srvT: 'com.apple.tvremoteservices',
-            _sid: randomInt(0, 2 ** 32 - 1)
-        }
-    });
-
-    console.log(_ss);
-
-    const [, _si] = await protocol.socket.sendLRCP(CompanionLinkFrameType.E_OPACK, {
-        _i: '_systemInfo',
-        _t: CompanionLinkMessageType.Request,
-        _c: {
-            _bf: 0,
-            _cf: 512,
-            _clFl: 128,
-            _i: '',
-            _idsID: keys.pairingId.toString('hex'),
-            _pubID: 'FF:70:79:61:74:76',
-            _sf: 256,
-            _sv: '170.18',
-            model: 'iPhone10,6',
-            nmae: 'iPhone van Bas'
-        }
-    });
-
-    console.log(_si);
-
-    const [, _ts] = await protocol.socket.send(CompanionLinkFrameType.E_OPACK, {
-        _i: '_touchStart',
-        _t: CompanionLinkMessageType.Request,
-        _c: {
-            _height: 1000.0,
-            _width: 1000.0,
-            _tFl: 0
-        }
-    });
-
-    console.log(_ts);
-}
-
-await pair();

package/src/types.d.ts

@@ -1,40 +0,0 @@
-declare module 'chacha' {
-    declare class Cipher {
-        setAAD(aad: Buffer): void;
-        getAuthTag(): Buffer;
-        setAuthTag(tag: Buffer): void;
-        _final(): void;
-        _update(chunk: Buffer): Buffer;
-    }
-
-    export function createCipher(key: Buffer, nonce: Buffer): Cipher;
-
-    export function createDecipher(key: Buffer, nonce: Buffer): Cipher;
-}
-
-declare module 'node-dns-sd' {
-    export function discover(opts: {
-        readonly name: string;
-    }): Promise<Result[]>;
-
-    export type Result = {
-        readonly fqdn: string;
-        readonly address: string;
-        readonly modelName: string;
-        readonly familyName: string | null;
-        readonly service: {
-            readonly port: number;
-            readonly protocol: 'tcp' | 'udp';
-            readonly type: string;
-        };
-        readonly packet: {
-            readonly address: string;
-            readonly header: Record<string, number>;
-            readonly questions: Array;
-            readonly answers: Array;
-            readonly authorities: Array;
-            readonly additionals: [];
-        };
-        readonly [key: string]: unknown;
-    };
-}