Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IOS/ES: Add signature verification #5612

Merged
merged 12 commits into from Jun 16, 2017
Merged

IOS/ES: Add signature verification #5612

merged 12 commits into from Jun 16, 2017

Conversation

leoetlino
Copy link
Member

This adds signature verification to ES. Required for #5610 as we can't use HTTPS when downloading metadata or contents from NUS.

Note that signature checks are intentionally omitted from ES_DiVerify, as we don't want to block unsigned disc images.

JosJuice
JosJuice reviewed Jun 15, 2017
View reviewed changes
Source/Core/Core/ConfigManager.cpp Outdated
@@ -608,6 +609,7 @@ void SConfig::LoadCoreSettings(IniFile& ini)
core->Get("EnableCustomRTC", &bEnableCustomRTC, false);
// Default to seconds between 1.1.1970 and 1.1.2000
core->Get("CustomRTCValue", &m_customRTCValue, 946684800);
core->Get("DisableSignatureChecks", &m_disable_signature_checks, false);

This comment was marked as off-topic.

Sign in to view

Source/Core/UICommon/WiiUtils.cpp Outdated
{
if (!checks_disabled && ret == IOS::HLE::IOSC_FAIL_CHECKVALUE &&
AskYesNoT("This WAD does not have a valid signature. Continue to import?"))

This comment was marked as off-topic.

Sign in to view

This comment was marked as off-topic.

Sign in to view

BhaaLseN
BhaaLseN reviewed Jun 15, 2017
View reviewed changes
Source/Core/Core/IOS/ES/ES.cpp Outdated
if (certs.find(cert.GetName()) != certs.end())
return IPC_SUCCESS;

store_file.Seek(0, SEEK_END);

This comment was marked as off-topic.

Sign in to view

This comment was marked as off-topic.

Sign in to view

Source/Core/Core/IOS/ES/ES.cpp Outdated
// IOS assumes that the CA cert will always be signed by the root certificate,
// and that the issuer is signed by the CA.
IOSC& iosc = m_ios.GetIOSC();
IOSC::Handle handle, issuer_handle;

This comment was marked as off-topic.

Sign in to view

This comment was marked as off-topic.

Sign in to view

Source/Core/Core/IOS/ES/TitleManagement.cpp Outdated
context.title_import.tmd, cert_store);
if (ret != IPC_SUCCESS)
{
context.title_import.tmd.SetBytes({});

This comment was marked as off-topic.

Sign in to view

This comment was marked as off-topic.

Sign in to view

Starsam80
Starsam80 reviewed Jun 15, 2017
View reviewed changes
Source/Core/Core/IOS/ES/ES.cpp Outdated
const IOS::ES::SignedBlobReader& signed_blob,
const std::vector<u8>& cert_chain, u32 iosc_handle)
{
if (SConfig::GetInstance().m_enable_signature_checks)

This comment was marked as off-topic.

Sign in to view

This comment was marked as off-topic.

Sign in to view

riking
riking reviewed Jun 16, 2017
View reviewed changes
Source/Core/Core/IOS/ES/ES.cpp Outdated
if (mode == VerifyMode::UpdateCertStore)
{
ret = WriteNewCertToStore(issuer_cert);
ret = WriteNewCertToStore(ca_cert);

This comment was marked as off-topic.

Sign in to view

This comment was marked as off-topic.

Sign in to view

@leoetlino
IOS: Correct ES return code names about signatures
34c9bf3 
-1027 is used when ES cannot find the issuer of a certificate.

-1012 is used when the signature type is invalid.
@leoetlino leoetlino force-pushed the verify-signatures branch 2 times, most recently from 03401d7 to c321ff8 Compare June 16, 2017 14:15
@leoetlino
IOS/ES: Add VerifyContainer
88348e2 
Will be used from several functions to verify the signatures for
different containers (TMDs, tickets, device signed blobs).

An option was added to disable signature checks, because that could be
useful for people trying to import unsigned stuff.
@leoetlino
IOS/ES: Add helper function ReadCertStore
f3bf1d6
@leoetlino
IOS/ES: Create missing directories at boot
07d83ad 
Something that IOS does and that Dolphin doesn't, for whatever reason.
@leoetlino
IOS/ES: Verify containers in ImportTicket
719af1a
@leoetlino
IOS/ES: Verify containers in ImportTitleInit
8a49e1f
@leoetlino
IOS/ES: Add note about verification in DiVerify
54025da 
We probably don't want to verify containers there because it might
result in patched/custom games failing the check.
@leoetlino
IOS/ES: Verify containers in ImportTmd
36c5caa
@leoetlino
IOS/ES: Verify containers in SetUpStreamKey
d77b7ac
@leoetlino
IOS/ES: Verify containers in GetTMDStoredContents
c08806d
@leoetlino
Allow the user to ignore signature issues during WAD import
6503a9f 
Improves usability with signature checks.
@leoetlino
IOS/ES: Fix formatting
6249244
@leoetlino leoetlino merged commit 37208d2 into dolphin-emu:master Jun 16, 2017
@leoetlino leoetlino deleted the verify-signatures branch June 16, 2017 14:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@riking riking riking left review comments

@Starsam80 Starsam80 Starsam80 left review comments

@JosJuice JosJuice JosJuice left review comments

@BhaaLseN BhaaLseN BhaaLseN approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
5 participants
@leoetlino @riking @BhaaLseN @Starsam80 @JosJuice