mirror of
https://github.com/dolphin-emu/dolphin.git
synced 2024-11-14 21:37:52 -07:00
Merge pull request #8255 from JosJuice/remove-unsigned-warning
Remove "not signed by Nintendo" warning when installing WADs
This commit is contained in:
commit
2a95227f64
@ -102,8 +102,6 @@ const ConfigInfo<std::string> MAIN_PERF_MAP_DIR{{System::Main, "Core", "PerfMapD
|
||||
const ConfigInfo<bool> MAIN_CUSTOM_RTC_ENABLE{{System::Main, "Core", "EnableCustomRTC"}, false};
|
||||
// Default to seconds between 1.1.1970 and 1.1.2000
|
||||
const ConfigInfo<u32> MAIN_CUSTOM_RTC_VALUE{{System::Main, "Core", "CustomRTCValue"}, 946684800};
|
||||
const ConfigInfo<bool> MAIN_ENABLE_SIGNATURE_CHECKS{{System::Main, "Core", "EnableSignatureChecks"},
|
||||
true};
|
||||
const ConfigInfo<bool> MAIN_REDUCE_POLLING_RATE{{System::Main, "Core", "ReducePollingRate"}, false};
|
||||
const ConfigInfo<bool> MAIN_AUTO_DISC_CHANGE{{System::Main, "Core", "AutoDiscChange"}, false};
|
||||
|
||||
|
@ -76,7 +76,6 @@ extern const ConfigInfo<std::string> MAIN_GPU_DETERMINISM_MODE;
|
||||
extern const ConfigInfo<std::string> MAIN_PERF_MAP_DIR;
|
||||
extern const ConfigInfo<bool> MAIN_CUSTOM_RTC_ENABLE;
|
||||
extern const ConfigInfo<u32> MAIN_CUSTOM_RTC_VALUE;
|
||||
extern const ConfigInfo<bool> MAIN_ENABLE_SIGNATURE_CHECKS;
|
||||
extern const ConfigInfo<bool> MAIN_REDUCE_POLLING_RATE;
|
||||
extern const ConfigInfo<bool> MAIN_AUTO_DISC_CHANGE;
|
||||
|
||||
|
@ -242,7 +242,6 @@ void SConfig::SaveCoreSettings(IniFile& ini)
|
||||
core->Set("PerfMapDir", m_perfDir);
|
||||
core->Set("EnableCustomRTC", bEnableCustomRTC);
|
||||
core->Set("CustomRTCValue", m_customRTCValue);
|
||||
core->Set("EnableSignatureChecks", m_enable_signature_checks);
|
||||
}
|
||||
|
||||
void SConfig::SaveMovieSettings(IniFile& ini)
|
||||
@ -529,7 +528,6 @@ void SConfig::LoadCoreSettings(IniFile& ini)
|
||||
core->Get("EnableCustomRTC", &bEnableCustomRTC, false);
|
||||
// Default to seconds between 1.1.1970 and 1.1.2000
|
||||
core->Get("CustomRTCValue", &m_customRTCValue, 946684800);
|
||||
core->Get("EnableSignatureChecks", &m_enable_signature_checks, true);
|
||||
}
|
||||
|
||||
void SConfig::LoadMovieSettings(IniFile& ini)
|
||||
|
@ -167,8 +167,6 @@ struct SConfig
|
||||
std::set<std::pair<u16, u16>> m_usb_passthrough_devices;
|
||||
bool IsUSBDeviceWhitelisted(std::pair<u16, u16> vid_pid) const;
|
||||
|
||||
bool m_enable_signature_checks = true;
|
||||
|
||||
// Fifo Player related settings
|
||||
bool bLoopFifoReplay = true;
|
||||
|
||||
|
@ -842,9 +842,6 @@ static const std::string CERT_STORE_PATH = "/sys/cert.sys";
|
||||
|
||||
ReturnCode ES::ReadCertStore(std::vector<u8>* buffer) const
|
||||
{
|
||||
if (!SConfig::GetInstance().m_enable_signature_checks)
|
||||
return IPC_SUCCESS;
|
||||
|
||||
const auto store_file =
|
||||
m_ios.GetFS()->OpenFile(PID_KERNEL, PID_KERNEL, CERT_STORE_PATH, FS::Mode::Read);
|
||||
if (!store_file)
|
||||
@ -885,9 +882,6 @@ ReturnCode ES::VerifyContainer(VerifyContainerType type, VerifyMode mode,
|
||||
const IOS::ES::SignedBlobReader& signed_blob,
|
||||
const std::vector<u8>& cert_chain, u32* issuer_handle_out)
|
||||
{
|
||||
if (!SConfig::GetInstance().m_enable_signature_checks)
|
||||
return IPC_SUCCESS;
|
||||
|
||||
if (!signed_blob.IsSignatureValid())
|
||||
return ES_EINVAL;
|
||||
|
||||
|
@ -110,11 +110,18 @@ public:
|
||||
// Ticket is unpersonalised, so ignore any console specific decryption data.
|
||||
Unpersonalised,
|
||||
};
|
||||
enum class VerifySignature
|
||||
{
|
||||
No,
|
||||
Yes,
|
||||
};
|
||||
ReturnCode ImportTicket(const std::vector<u8>& ticket_bytes, const std::vector<u8>& cert_chain,
|
||||
TicketImportType type = TicketImportType::PossiblyPersonalised);
|
||||
TicketImportType type = TicketImportType::PossiblyPersonalised,
|
||||
VerifySignature verify_signature = VerifySignature::Yes);
|
||||
ReturnCode ImportTmd(Context& context, const std::vector<u8>& tmd_bytes);
|
||||
ReturnCode ImportTitleInit(Context& context, const std::vector<u8>& tmd_bytes,
|
||||
const std::vector<u8>& cert_chain);
|
||||
const std::vector<u8>& cert_chain,
|
||||
VerifySignature verify_signature = VerifySignature::Yes);
|
||||
ReturnCode ImportContentBegin(Context& context, u64 title_id, u32 content_id);
|
||||
ReturnCode ImportContentData(Context& context, u32 content_fd, const u8* data, u32 data_size);
|
||||
ReturnCode ImportContentEnd(Context& context, u32 content_fd);
|
||||
|
@ -120,12 +120,6 @@ IPCCommandResult ES::Sign(const IOCtlVRequest& request)
|
||||
ReturnCode ES::VerifySign(const std::vector<u8>& hash, const std::vector<u8>& ecc_signature,
|
||||
const std::vector<u8>& certs_bytes)
|
||||
{
|
||||
if (!SConfig::GetInstance().m_enable_signature_checks)
|
||||
{
|
||||
WARN_LOG(IOS_ES, "VerifySign: signature checks are disabled. Skipping.");
|
||||
return IPC_SUCCESS;
|
||||
}
|
||||
|
||||
const std::map<std::string, IOS::ES::CertReader> certs = IOS::ES::ParseCertChain(certs_bytes);
|
||||
if (certs.empty())
|
||||
return ES_EINVAL;
|
||||
|
@ -51,7 +51,7 @@ void ES::TitleImportExportContext::DoState(PointerWrap& p)
|
||||
}
|
||||
|
||||
ReturnCode ES::ImportTicket(const std::vector<u8>& ticket_bytes, const std::vector<u8>& cert_chain,
|
||||
TicketImportType type)
|
||||
TicketImportType type, VerifySignature verify_signature)
|
||||
{
|
||||
IOS::ES::TicketReader ticket{ticket_bytes};
|
||||
if (!ticket.IsValid())
|
||||
@ -75,10 +75,13 @@ ReturnCode ES::ImportTicket(const std::vector<u8>& ticket_bytes, const std::vect
|
||||
}
|
||||
}
|
||||
|
||||
const ReturnCode verify_ret =
|
||||
VerifyContainer(VerifyContainerType::Ticket, VerifyMode::UpdateCertStore, ticket, cert_chain);
|
||||
if (verify_ret != IPC_SUCCESS)
|
||||
return verify_ret;
|
||||
if (verify_signature != VerifySignature::No)
|
||||
{
|
||||
const ReturnCode verify_ret = VerifyContainer(VerifyContainerType::Ticket,
|
||||
VerifyMode::UpdateCertStore, ticket, cert_chain);
|
||||
if (verify_ret != IPC_SUCCESS)
|
||||
return verify_ret;
|
||||
}
|
||||
|
||||
const ReturnCode write_ret = WriteTicket(m_ios.GetFS().get(), ticket);
|
||||
if (write_ret != IPC_SUCCESS)
|
||||
@ -206,7 +209,7 @@ static ReturnCode InitTitleImportKey(const std::vector<u8>& ticket_bytes, IOSC&
|
||||
}
|
||||
|
||||
ReturnCode ES::ImportTitleInit(Context& context, const std::vector<u8>& tmd_bytes,
|
||||
const std::vector<u8>& cert_chain)
|
||||
const std::vector<u8>& cert_chain, VerifySignature verify_signature)
|
||||
{
|
||||
INFO_LOG(IOS_ES, "ImportTitleInit");
|
||||
ResetTitleImportContext(&context, m_ios.GetIOSC());
|
||||
@ -220,24 +223,32 @@ ReturnCode ES::ImportTitleInit(Context& context, const std::vector<u8>& tmd_byte
|
||||
// Finish a previous import (if it exists).
|
||||
FinishStaleImport(context.title_import_export.tmd.GetTitleId());
|
||||
|
||||
ReturnCode ret = VerifyContainer(VerifyContainerType::TMD, VerifyMode::UpdateCertStore,
|
||||
context.title_import_export.tmd, cert_chain);
|
||||
if (ret != IPC_SUCCESS)
|
||||
return ret;
|
||||
ReturnCode ret = IPC_SUCCESS;
|
||||
|
||||
if (verify_signature != VerifySignature::No)
|
||||
{
|
||||
ret = VerifyContainer(VerifyContainerType::TMD, VerifyMode::UpdateCertStore,
|
||||
context.title_import_export.tmd, cert_chain);
|
||||
if (ret != IPC_SUCCESS)
|
||||
return ret;
|
||||
}
|
||||
|
||||
const auto ticket = FindSignedTicket(context.title_import_export.tmd.GetTitleId());
|
||||
if (!ticket.IsValid())
|
||||
return ES_NO_TICKET;
|
||||
|
||||
std::vector<u8> cert_store;
|
||||
ret = ReadCertStore(&cert_store);
|
||||
if (ret != IPC_SUCCESS)
|
||||
return ret;
|
||||
if (verify_signature != VerifySignature::No)
|
||||
{
|
||||
std::vector<u8> cert_store;
|
||||
ret = ReadCertStore(&cert_store);
|
||||
if (ret != IPC_SUCCESS)
|
||||
return ret;
|
||||
|
||||
ret = VerifyContainer(VerifyContainerType::Ticket, VerifyMode::DoNotUpdateCertStore, ticket,
|
||||
cert_store);
|
||||
if (ret != IPC_SUCCESS)
|
||||
return ret;
|
||||
ret = VerifyContainer(VerifyContainerType::Ticket, VerifyMode::DoNotUpdateCertStore, ticket,
|
||||
cert_store);
|
||||
if (ret != IPC_SUCCESS)
|
||||
return ret;
|
||||
}
|
||||
|
||||
ret = InitTitleImportKey(ticket.GetBytes(), m_ios.GetIOSC(),
|
||||
&context.title_import_export.key_handle);
|
||||
|
@ -46,7 +46,8 @@
|
||||
|
||||
namespace WiiUtils
|
||||
{
|
||||
static bool ImportWAD(IOS::HLE::Kernel& ios, const DiscIO::VolumeWAD& wad)
|
||||
static bool ImportWAD(IOS::HLE::Kernel& ios, const DiscIO::VolumeWAD& wad,
|
||||
IOS::HLE::Device::ES::VerifySignature verify_signature)
|
||||
{
|
||||
if (!wad.GetTicket().IsValid() || !wad.GetTMD().IsValid())
|
||||
{
|
||||
@ -59,28 +60,20 @@ static bool ImportWAD(IOS::HLE::Kernel& ios, const DiscIO::VolumeWAD& wad)
|
||||
|
||||
IOS::HLE::Device::ES::Context context;
|
||||
IOS::HLE::ReturnCode ret;
|
||||
const bool checks_enabled = SConfig::GetInstance().m_enable_signature_checks;
|
||||
|
||||
// Ensure the common key index is correct, as it's checked by IOS.
|
||||
IOS::ES::TicketReader ticket = wad.GetTicketWithFixedCommonKey();
|
||||
|
||||
while ((ret = es->ImportTicket(ticket.GetBytes(), wad.GetCertificateChain(),
|
||||
IOS::HLE::Device::ES::TicketImportType::Unpersonalised)) < 0 ||
|
||||
(ret = es->ImportTitleInit(context, tmd.GetBytes(), wad.GetCertificateChain())) < 0)
|
||||
IOS::HLE::Device::ES::TicketImportType::Unpersonalised,
|
||||
verify_signature)) < 0 ||
|
||||
(ret = es->ImportTitleInit(context, tmd.GetBytes(), wad.GetCertificateChain(),
|
||||
verify_signature)) < 0)
|
||||
{
|
||||
if (checks_enabled && ret == IOS::HLE::IOSC_FAIL_CHECKVALUE &&
|
||||
AskYesNoT("This WAD has not been signed by Nintendo. Continue to import?"))
|
||||
{
|
||||
SConfig::GetInstance().m_enable_signature_checks = false;
|
||||
continue;
|
||||
}
|
||||
|
||||
if (ret != IOS::HLE::IOSC_FAIL_CHECKVALUE)
|
||||
PanicAlertT("WAD installation failed: Could not initialise title import (error %d).", ret);
|
||||
SConfig::GetInstance().m_enable_signature_checks = checks_enabled;
|
||||
return false;
|
||||
}
|
||||
SConfig::GetInstance().m_enable_signature_checks = checks_enabled;
|
||||
|
||||
const bool contents_imported = [&]() {
|
||||
const u64 title_id = tmd.GetTitleId();
|
||||
@ -148,7 +141,8 @@ bool InstallWAD(IOS::HLE::Kernel& ios, const DiscIO::VolumeWAD& wad, InstallType
|
||||
if (previous_temporary_title_id)
|
||||
ios.GetES()->DeleteTitleContent(previous_temporary_title_id);
|
||||
|
||||
if (!ImportWAD(ios, wad))
|
||||
// A lot of people use fakesigned WADs, so disable signature checking when installing a WAD.
|
||||
if (!ImportWAD(ios, wad, IOS::HLE::Device::ES::VerifySignature::No))
|
||||
return false;
|
||||
|
||||
// Keep track of the title ID so this title can be removed to make room for any future install.
|
||||
@ -738,7 +732,8 @@ UpdateResult DiscSystemUpdater::ProcessEntry(u32 type, std::bitset<32> attrs,
|
||||
return UpdateResult::DiscReadFailed;
|
||||
}
|
||||
const DiscIO::VolumeWAD wad{std::move(blob)};
|
||||
return ImportWAD(m_ios, wad) ? UpdateResult::Succeeded : UpdateResult::ImportFailed;
|
||||
const bool success = ImportWAD(m_ios, wad, IOS::HLE::Device::ES::VerifySignature::Yes);
|
||||
return success ? UpdateResult::Succeeded : UpdateResult::ImportFailed;
|
||||
}
|
||||
|
||||
UpdateResult DoOnlineUpdate(UpdateCallback update_callback, const std::string& region)
|
||||
|
Loading…
Reference in New Issue
Block a user