diff --git a/payloads/Config/config.plist b/payloads/Config/config.plist
index 8fb3779fb..a7de48ee2 100644
--- a/payloads/Config/config.plist
+++ b/payloads/Config/config.plist
@@ -1707,6 +1707,60 @@
PlistPath
Contents/Info.plist
+
+ Arch
+ x86_64
+ Comment
+ AppleSSE - T1
+ Enabled
+
+ MaxKernel
+
+ MinKernel
+ 23.0.0
+ BundlePath
+ AppleSSE.kext
+ ExecutablePath
+ Contents/MacOS/AppleSSE
+ PlistPath
+ Contents/Info.plist
+
+
+ Arch
+ x86_64
+ Comment
+ AppleCredentialManager - T1
+ Enabled
+
+ MaxKernel
+
+ MinKernel
+ 23.0.0
+ BundlePath
+ AppleCredentialManager.kext
+ ExecutablePath
+ Contents/MacOS/AppleCredentialManager
+ PlistPath
+ Contents/Info.plist
+
+
+ Arch
+ x86_64
+ Comment
+ AppleKeyStore - T1
+ Enabled
+
+ MaxKernel
+
+ MinKernel
+ 23.0.0
+ BundlePath
+ AppleKeyStore.kext
+ ExecutablePath
+ Contents/MacOS/AppleKeyStore
+ PlistPath
+ Contents/Info.plist
+
Block
@@ -1726,6 +1780,54 @@
Strategy
Exclude
+
+ Arch
+ Any
+ Comment
+ Allow AppleSSE Downgrade
+ Enabled
+
+ Identifier
+ com.apple.driver.AppleSSE
+ MaxKernel
+
+ MinKernel
+ 23.0.0
+ Strategy
+ Exclude
+
+
+ Arch
+ Any
+ Comment
+ Allow AppleCredentialManager Downgrade
+ Enabled
+
+ Identifier
+ com.apple.driver.AppleCredentialManager
+ MaxKernel
+
+ MinKernel
+ 23.0.0
+ Strategy
+ Exclude
+
+
+ Arch
+ Any
+ Comment
+ Allow AppleCredentialManager Downgrade
+ Enabled
+
+ Identifier
+ com.apple.driver.AppleKeyStore
+ MaxKernel
+
+ MinKernel
+ 23.0.0
+ Strategy
+ Exclude
+
Emulate
diff --git a/payloads/Kexts/Misc/AppleCredentialManager-v1.0.0.zip b/payloads/Kexts/Misc/AppleCredentialManager-v1.0.0.zip
new file mode 100644
index 000000000..36271b821
Binary files /dev/null and b/payloads/Kexts/Misc/AppleCredentialManager-v1.0.0.zip differ
diff --git a/payloads/Kexts/Misc/AppleKeyStore-v1.0.0.zip b/payloads/Kexts/Misc/AppleKeyStore-v1.0.0.zip
new file mode 100644
index 000000000..2ee24b55a
Binary files /dev/null and b/payloads/Kexts/Misc/AppleKeyStore-v1.0.0.zip differ
diff --git a/payloads/Kexts/Misc/AppleSSE-v1.0.0.zip b/payloads/Kexts/Misc/AppleSSE-v1.0.0.zip
new file mode 100644
index 000000000..05f515864
Binary files /dev/null and b/payloads/Kexts/Misc/AppleSSE-v1.0.0.zip differ
diff --git a/resources/build/misc.py b/resources/build/misc.py
index fec90eaab..c086a8d36 100644
--- a/resources/build/misc.py
+++ b/resources/build/misc.py
@@ -43,6 +43,7 @@ class BuildMiscellaneous:
self._debug_handling()
self._cpu_friend_handling()
self._general_oc_handling()
+ self._t1_handling()
def _feature_unlock_handling(self) -> None:
@@ -338,4 +339,22 @@ class BuildMiscellaneous:
if self.constants.vault is True and utilities.check_command_line_tools() is True:
logging.info("- Setting Vault configuration")
self.config["Misc"]["Security"]["Vault"] = "Secure"
- support.BuildSupport(self.model, self.constants, self.config).get_efi_binary_by_path("OpenShell.efi", "Misc", "Tools")["Enabled"] = False
\ No newline at end of file
+ support.BuildSupport(self.model, self.constants, self.config).get_efi_binary_by_path("OpenShell.efi", "Misc", "Tools")["Enabled"] = False
+
+
+ def _t1_handling(self) -> None:
+ """
+ T1 Security Chip Handler
+ """
+ if self.model not in ["MacBookPro13,2", "MacBookPro13,3", "MacBookPro14,2", "MacBookPro14,3"]:
+ return
+
+ logging.info("- Enabling T1 Security Chip support")
+
+ support.BuildSupport(self.model, self.constants, self.config).get_item_by_kv(self.config["Kernel"]["Block"], "Identifier", "com.apple.driver.AppleSSE")["Enabled"] = True
+ support.BuildSupport(self.model, self.constants, self.config).get_item_by_kv(self.config["Kernel"]["Block"], "Identifier", "com.apple.driver.AppleCredentialManager")["Enabled"] = True
+ support.BuildSupport(self.model, self.constants, self.config).get_item_by_kv(self.config["Kernel"]["Block"], "Identifier", "com.apple.driver.AppleKeyStore")["Enabled"] = True
+
+ support.BuildSupport(self.model, self.constants, self.config).enable_kext("AppleSSE.kext", self.constants.t1_sse_version, self.constants.t1_sse_path)
+ support.BuildSupport(self.model, self.constants, self.config).enable_kext("AppleCredentialManager.kext", self.constants.t1_credential_version, self.constants.t1_credential_path)
+ support.BuildSupport(self.model, self.constants, self.config).enable_kext("AppleKeyStore.kext", self.constants.t1_key_store_version, self.constants.t1_key_store_path)
\ No newline at end of file
diff --git a/resources/constants.py b/resources/constants.py
index c9d5e0387..c12c6ca3b 100644
--- a/resources/constants.py
+++ b/resources/constants.py
@@ -67,6 +67,9 @@ class Constants:
self.aicpupm_version: str = "1.0.0" # AppleIntelCPUPowerManagement/Client
self.s3x_nvme_version: str = "1.0.0" # IONVMeFamily (14.0 Beta 1, S1X and S3X classes)
self.apple_camera_version: str = "1.0.0" # AppleCameraInterface (14.0 Beta 1)
+ self.t1_credential_version: str = "1.0.0" # AppleCredentialManager (13.5 - T1 support)
+ self.t1_sse_version: str = "1.0.0" # AppleSSE (13.5 - T1 support)
+ self.t1_key_store_version: str = "1.0.0" # AppleKeyStore (13.5 - T1 support)
## Apple - Dortania Modified
self.bcm570_version: str = "1.0.2" # CatalinaBCM5701Ethernet
@@ -430,6 +433,18 @@ class Constants:
def top_case_path(self):
return self.payload_kexts_path / Path(f"Misc/AppleUSBTopCase-v{self.topcase_version}.zip")
+ @property
+ def t1_key_store_path(self):
+ return self.payload_kexts_path / Path(f"Misc/AppleKeyStore-v{self.t1_key_store_version}.zip")
+
+ @property
+ def t1_credential_path(self):
+ return self.payload_kexts_path / Path(f"Misc/AppleCredentialManager-v{self.t1_credential_version}.zip")
+
+ @property
+ def t1_sse_path(self):
+ return self.payload_kexts_path / Path(f"Misc/AppleSSE-v{self.t1_sse_version}.zip")
+
@property
def mousse_path(self):
return self.payload_kexts_path / Path(f"SSE/AAAMouSSE-v{self.mousse_version}.zip")