Apple Secure Notes Help

[alreadyvanished]

Hey, first of all, I am new here, I can be wrong by posting it here, but maybe someone will see it. I just needed someone to discuss that occurred to me problem to, bc I am a little bit lost. So, I wanted to hear your opinion on recovering the dropped notes password (password that i had reset through settings) on notes from iCloud. It was just the first impulsive thing that came up to my mind, now I am indeed regretting it, but there’s nothing to change about it now. The confusing me thing is that Notes that had been secured with that password (i am looking just for one) now have zcryptoiterationcount setted to 0 in NoteStore.sqlite db. They have different zcryptosalts in 16 bytes and different zwrappedkeys in 16 bytes, even though it is still the same password. Znotedata is encrypted, they have tags, initialisation vector in there as well, they have no crypto verifier, but I don’t know how was the wrapped key gotten — it’s like a mystery. I have a little acknowledgment to the whole process, I know that they do PBKDF2-SHA256 to a password with a salt and 20000 iterations, with that they get KEK. Then they wrap key with AES key wrap algorithm and, I guess, that’s how they get 24-byte key (by adding an extra 8-bytes on to the key material during wrapping), I have read it all. If I am not right about it — pls, correct me with the explanation about steps in wrapping the key. I have all, literally all the variants of that password (I just don’t know the things like order of upper and lower cases), and I have had a thought that 1) maybe the wrapped 16-bytes (32 symbols in hex) key I saw in NoteStore.sqlite is the result of one-time PBKDF2-SHA256, maybe it was used just once. And I tried to do PBKDF2-SHA256 with one salt on my passwords as well and tried to look for coincidences with that wrapped key I have, the right one from db (to make it clear, i mentioned earlier that notes that have been protected with that one password, they have different pairs of salt and wrapped key, so i used one salt and one wrapped key from one row to that, to see the coincidences) — but all of that didn’t bring me the result I wanted, bc there is no match, so it isn’t right answer. And the second thought was that the wrapped key I saw in db NoteStore.sqlite was just somehow gotten out of salt? Or it’s just indeed the KEK? I can’t see another explanations, but maybe you’ve got something in mind. I haven’t found anything applicable to case in which you did the reset of iCloud Notes password. I would really appreciate any suggestions and I would be more than grateful if you know something and can share it or explain it to me. Cause, guys, these notes, they are life-needing. Please, shine some light on my mind.