Skip to content

Instantly share code, notes, and snippets.

View mrnerdhair's full-sized avatar

Reid Rankin mrnerdhair

23 followers · 10 following
View GitHub Profile
@gm3197
gm3197 / vas.md
Last active September 26, 2025 22:12
Reverse Engineered Value Added Services Protocol Specification

Reverse Engineered VAS Protocol Specification

Research by Grayson Martin
Last Updated 7/8/23

Introduction

Value Added Services (VAS) is the protocol used by NFC capable passes in Apple Wallet. Access to this protocol is heavily restricted on both the device end (a special certificate issued by Apple is required to create these passes) and the reader end (NDA enforced confidentiality). As such, a desire arose to better understand the protocol in order to explore additional use cases and examine its cryptographic integrity. There are gaps in understanding in certain parts of this protocol, however this document contains the minimum necessary understanding to automatically select, read data from, and decrypt a pass.

Importantly, this specification does not enable a malicious actor to read the data from a pass for which they do not have both the reader's private key, and the pass type identifier. Imp

@mrnerdhair
mrnerdhair / wg-lla.sh
Created June 27, 2020 21:41
Calculates cryptographically-bound IPv6 Link-Local Addresses from WireGuard public keys.
#!/bin/bash -e
blake2s_mix() {
local A_NAME="$1"
local A="$2"
local B_NAME="$3"
local B="$4"
local C_NAME="$5"
local C="$6"
local D_NAME="$7"
@avalko
avalko / Salsa20.cs
Created October 1, 2017 10:08
Salsa20
/*
* This implementation of Salsa20 is ported from the reference implementation
* by D. J. Bernstein, which can be found at:
* http://cr.yp.to/snuffle/salsa20/ref/salsa20.c
*
* This work is hereby released into the Public Domain. To view a copy of the public domain dedication,
* visit http://creativecommons.org/licenses/publicdomain/ or send a letter to
* Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA.
*/