Fix installing of partially-decrypted IPAs

This commit is contained in:
alfiecg24 2024-01-12 15:56:11 +00:00
parent b700590174
commit d66d45fd9a
2 changed files with 38 additions and 5 deletions

View File

@ -570,6 +570,11 @@ int signApp(NSString* appPath)
// while we're fixing entitlements // while we're fixing entitlements
BOOL requiresDevMode = NO; BOOL requiresDevMode = NO;
// The majority of IPA decryption utilities only decrypt the main executable of the app bundle
// As a result, we cannot bail on the entire app if an additional binary is encrypted (e.g. app extensions)
// Instead, we will display a warning to the user, and warn them that the app may not work properly
BOOL hasAdditionalEncryptedBinaries = NO;
NSURL* fileURL; NSURL* fileURL;
NSDirectoryEnumerator *enumerator; NSDirectoryEnumerator *enumerator;
@ -693,8 +698,16 @@ int signApp(NSString* appPath)
} }
else if (r == 2) { else if (r == 2) {
NSLog(@"[%@] Cannot apply CoreTrust bypass on an encrypted binary!", filePath); NSLog(@"[%@] Cannot apply CoreTrust bypass on an encrypted binary!", filePath);
fat_free(fat); // Check if the second-to-last path component ends with .app
return 180; // If it is, the main binary is encrypted
// If not, it's likely an extension or plugin, which can remain encrypted
if ([filePath.pathComponents[filePath.pathComponents.count - 2] hasSuffix:@".app"]) {
NSLog(@"[%@] Main binary is encrypted, cannot continue!", filePath);
fat_free(fat);
return 180;
}
hasAdditionalEncryptedBinaries = YES;
} }
else { else {
NSLog(@"[%@] CoreTrust bypass failed!!! :(", filePath); NSLog(@"[%@] CoreTrust bypass failed!!! :(", filePath);
@ -716,6 +729,10 @@ int signApp(NSString* appPath)
return 182; return 182;
} }
if (hasAdditionalEncryptedBinaries) {
return 184;
}
return 0; return 0;
} }
#endif #endif
@ -775,7 +792,9 @@ void applyPatchesToInfoDictionary(NSString* appPath)
// 172: no info.plist found in app // 172: no info.plist found in app
// 173: app is not signed and cannot be signed because ldid not installed or didn't work // 173: app is not signed and cannot be signed because ldid not installed or didn't work
// 174: // 174:
// 180: tried to sign encrypted binary // 180: tried to sign app where the main binary is encrypted
// 184: tried to sign app where an additional binary is encrypted
int installApp(NSString* appPackagePath, BOOL sign, BOOL force, BOOL isTSUpdate, BOOL useInstalldMethod) int installApp(NSString* appPackagePath, BOOL sign, BOOL force, BOOL isTSUpdate, BOOL useInstalldMethod)
{ {
NSLog(@"[installApp force = %d]", force); NSLog(@"[installApp force = %d]", force);
@ -801,14 +820,18 @@ int installApp(NSString* appPackagePath, BOOL sign, BOOL force, BOOL isTSUpdate,
} }
BOOL requiresDevMode = NO; BOOL requiresDevMode = NO;
BOOL hasAdditionalEncryptedBinaries = NO;
if(sign) if(sign)
{ {
int signRet = signApp(appBundleToInstallPath); int signRet = signApp(appBundleToInstallPath);
// 182: app requires developer mode; non-fatal // 182: app requires developer mode; non-fatal
// 184: app has additional encrypted binaries; non-fatal
if(signRet != 0) { if(signRet != 0) {
if (signRet == 182) { if (signRet == 182) {
requiresDevMode = YES; requiresDevMode = YES;
} else if (signRet == 184) {
hasAdditionalEncryptedBinaries = YES;
} else { } else {
return signRet; return signRet;
} }
@ -975,6 +998,13 @@ int installApp(NSString* appPackagePath, BOOL sign, BOOL force, BOOL isTSUpdate,
return 183; return 183;
} }
} }
if (hasAdditionalEncryptedBinaries) {
NSLog(@"[installApp] app has additional encrypted binaries");
// non-fatal
return 184;
}
return 0; return 0;
} }
@ -1079,7 +1109,8 @@ int uninstallAppById(NSString* appId, BOOL useCustomMethod)
// 166: IPA does not exist or is not accessible // 166: IPA does not exist or is not accessible
// 167: IPA does not appear to contain an app // 167: IPA does not appear to contain an app
// 180: IPA contains an encrypted binary // 180: IPA's main binary is encrypted
// 184: IPA contains additional encrypted binaries
int installIpa(NSString* ipaPath, BOOL force, BOOL useInstalldMethod) int installIpa(NSString* ipaPath, BOOL force, BOOL useInstalldMethod)
{ {
cleanRestrictions(); cleanRestrictions();

View File

@ -75,7 +75,7 @@ extern NSUserDefaults* trollStoreUserDefaults();
errorDescription = @"The app you tried to install has the same identifier as a system app already installed on the device. The installation has been prevented to protect you from possible bootloops or other issues."; errorDescription = @"The app you tried to install has the same identifier as a system app already installed on the device. The installation has been prevented to protect you from possible bootloops or other issues.";
break; break;
case 180: case 180:
errorDescription = @"The app you tried to install contains encrypted binaries, which cannot have the CoreTrust bypass applied to them. Please ensure you install decrypted apps."; errorDescription = @"The app you tried to install has an encrypted main binary, which cannot have the CoreTrust bypass applied to it. Please ensure you install decrypted apps.";
break; break;
case 181: case 181:
errorDescription = @"Failed to add app to icon cache."; errorDescription = @"Failed to add app to icon cache.";
@ -86,6 +86,8 @@ extern NSUserDefaults* trollStoreUserDefaults();
case 183: case 183:
errorDescription = @"Failed to enable developer mode."; errorDescription = @"Failed to enable developer mode.";
break; break;
case 184:
errorDescription = @"The app was installed successfully, but has additional binaries that are encrypted (e.g. extensions, plugins). The app itself should work, but you may experience broken functionality as a result.";
} }
NSError* error = [NSError errorWithDomain:TrollStoreErrorDomain code:code userInfo:@{NSLocalizedDescriptionKey : errorDescription}]; NSError* error = [NSError errorWithDomain:TrollStoreErrorDomain code:code userInfo:@{NSLocalizedDescriptionKey : errorDescription}];