签名验证失败时阻止加载配置文件

Author: clansty

MaiChartManager/Controllers/Mod/ConfigurationController.cs

@@ -3,6 +3,7 @@
 using AquaMai.Config.HeadlessLoader;
 using AquaMai.Config.Interfaces;
 using MaiChartManager.Models;
+using MaiChartManager.Utils;
 using Microsoft.AspNetCore.Mvc;
 using Mono.Cecil;
 using YamlDotNet.Serialization;
@@ -19,6 +20,8 @@ public class ConfigCorruptedException() : Exception(Locale.AquaMaiConfigCorrupte
 
     public class AquaMaiNotInstalledException() : Exception(Locale.AquaMaiNotInstalled);
 
+    public class AquaMaiSignatureVerificationFailedException() : Exception("AquaMaiSignatureVerificationFailed");
+
     [NonAction]
     private static void CheckConfigApiVersion(HeadlessConfigInterface configInterface)
     {
@@ -36,14 +39,23 @@ private static void CheckConfigApiVersion(HeadlessConfigInterface configInterfac
     }
 
     [NonAction]
-    public static IConfig GetCurrentAquaMaiConfig(bool forceDefault = false)
+    public static IConfig GetCurrentAquaMaiConfig(bool forceDefault = false, bool skipSignatureCheck = false)
     {
         if (!System.IO.File.Exists(ModPaths.AquaMaiDllInstalledPath))
         {
             throw new AquaMaiNotInstalledException();
         }
 
-        var configInterface = HeadlessConfigLoader.LoadFromPacked(ModPaths.AquaMaiDllInstalledPath);
+        var binary = System.IO.File.ReadAllBytes(ModPaths.AquaMaiDllInstalledPath);
+        if (!skipSignatureCheck)
+        {
+            var sigResult = AquaMaiSignatureV2.VerifySignature(binary);
+            if (sigResult.Status != AquaMaiSignatureV2.VerifyStatus.Valid)
+            {
+                throw new AquaMaiSignatureVerificationFailedException();
+            }
+        }
+        var configInterface = HeadlessConfigLoader.LoadFromPacked(binary);
         var config = configInterface.CreateConfig();
         CheckConfigApiVersion(configInterface);
         if (System.IO.File.Exists(ModPaths.AquaMaiConfigPath) && !forceDefault)
@@ -61,6 +73,7 @@ public static IConfig GetCurrentAquaMaiConfig(bool forceDefault = false)
 
                 var parser = configInterface.GetConfigParser();
                 parser.Parse(config, view);
+                StaticSettings.UpdateAssetPathsFromAquaMaiConfig(config);
             }
             catch (Exception ex)
             {
@@ -80,7 +93,7 @@ public static IConfig GetCurrentAquaMaiConfig(bool forceDefault = false)
     }
 
     [HttpGet]
-    public AquaMaiConfigDto.ConfigDto GetAquaMaiConfig(bool forceDefault = false)
+    public AquaMaiConfigDto.ConfigDto GetAquaMaiConfig(bool forceDefault = false, bool skipSignatureCheck = false)
     {
         Dictionary<string, string[]>? configSort = null;
         using (var stream = new FileStream(ModPaths.AquaMaiDllInstalledPath, FileMode.Open, FileAccess.Read, FileShare.ReadWrite))
@@ -95,7 +108,7 @@ public AquaMaiConfigDto.ConfigDto GetAquaMaiConfig(bool forceDefault = false)
                 configSort = deserializer.Deserialize<Dictionary<string, string[]>>(yaml);
             }
         }
-        var config = GetCurrentAquaMaiConfig(forceDefault);
+        var config = GetCurrentAquaMaiConfig(forceDefault, skipSignatureCheck);
         return new AquaMaiConfigDto.ConfigDto(
             config.ReflectionManager.Sections.Select(section =>
             {

MaiChartManager/Front/src/client/apiGen.ts

@@ -1002,6 +1002,8 @@ export class Api<SecurityDataType extends unknown> extends HttpClient<SecurityDa
       query?: {
         /** @default false */
         forceDefault?: boolean;
+        /** @default false */
+        skipSignatureCheck?: boolean;
       },
       params: RequestParams = {},
     ) =>

MaiChartManager/Front/src/components/ModManager/AquaMaiSignatureStatusDisplay.tsx

@@ -2,11 +2,13 @@ import { defineComponent, PropType, ref, computed, watch } from 'vue';
 import { NFlex, NPopover } from 'naive-ui';
 import { modInfo } from '@/store/refs';
 import { PubKeyId, VerifyStatus } from '@/client/apiGen';
+import { useI18n } from 'vue-i18n';
 
 export default defineComponent({
   // props: {
   // },
   setup(props, { emit }) {
+    const { t } = useI18n();
 
     return () => modInfo.value?.signature && <NPopover trigger="hover">
       {{
@@ -15,13 +17,13 @@ export default defineComponent({
           : <div class="text-red-5 i-tabler:certificate-off text-2em" />,
         default: () => <NFlex vertical>
           {modInfo.value?.signature?.status === VerifyStatus.Valid && modInfo.value.signature?.keyId === PubKeyId.Local &&
-            <div>已验证的 AquaMai 官方版本</div>}
+            <div>{t('mod.signature.verifiedOfficial')}</div>}
           {modInfo.value?.signature?.status === VerifyStatus.Valid && modInfo.value.signature?.keyId === PubKeyId.CI &&
-            <div>已验证的 AquaMai 官方持续集成构建</div>}
+            <div>{t('mod.signature.verifiedCI')}</div>}
           {modInfo.value?.signature?.status === VerifyStatus.NotFound &&
-            <div>这个 AquaMai 没有有效的签名，很可能不是官方版本</div>}
+            <div>{t('mod.signature.notFound')}</div>}
           {modInfo.value?.signature?.status === VerifyStatus.InvalidSignature &&
-            <div>这个 AquaMai 的签名无效，很可能不是官方版本</div>}
+            <div>{t('mod.signature.invalid')}</div>}
         </NFlex>
       }}
     </NPopover>;

MaiChartManager/Front/src/components/ModManager/ConfigEditor.tsx

@@ -29,15 +29,13 @@ export default defineComponent({
     const installingMelonLoader = ref(false)
     const message = useMessage();
     const { t } = useI18n();
-    const isConfigCorrupted = ref(false);
     const errTitle = ref('');
 
-    const updateAquaMaiConfig = async (forceDefault = false) => {
+    const updateAquaMaiConfig = async (forceDefault = false, skipSignatureCheck = false) => {
       try {
         configReadErr.value = ''
         configReadErrTitle.value = ''
-        config.value = (await api.GetAquaMaiConfig({forceDefault})).data;
-        isConfigCorrupted.value = false;
+        config.value = (await api.GetAquaMaiConfig({forceDefault, skipSignatureCheck})).data;
       } catch (err: any) {
         errTitle.value = t('mod.needInstallOrUpdate');
         if (err instanceof Response && !err.bodyUsed) {
@@ -53,9 +51,6 @@ export default defineComponent({
               if(configReadErrTitle.value === 'System.Reflection.TargetInvocationException' && compareVersions(modInfo.value?.aquaMaiVersion || '0.0.0', '1.6.0') < 0) {
                 configReadErr.value = t('mod.versionTooLow');
               }
-              if(configReadErrTitle.value.includes('ConfigCorruptedException')) {
-                isConfigCorrupted.value = true;
-              }
               if(configReadErr.value.includes('Could not migrate the config')) {
                 errTitle.value = t('mod.configVersionHigher');
               }
@@ -114,11 +109,15 @@ export default defineComponent({
       await saveImpl();
     }
 
+    const loadConfigIgnoreSignature = async () => {
+      await updateAquaMaiConfig(false, true);
+    }
+
 
     return () => {
 
       let editorPart = <></>;
-      if (isConfigCorrupted.value) {
+      if (configReadErrTitle.value.includes('ConfigCorruptedException')) {
         editorPart = <NFlex vertical justify="center" align="center" class="min-h-100">
           <div class="text-8">{t('mod.configCorrupted')}</div>
           <div class="c-gray-5 text-lg">{t('mod.configCorruptedMessage')}</div>
@@ -129,6 +128,17 @@ export default defineComponent({
           </div>
         </NFlex>
       }
+      else if (configReadErrTitle.value.includes('AquaMaiSignatureVerificationFailedException')) {
+        editorPart = <NFlex vertical justify="center" align="center" class="min-h-100">
+          <div class="text-8">{t('mod.aquaMaiSignatureVerificationFailed')}</div>
+          <div class="c-gray-5 text-lg">{t('mod.aquaMaiSignatureVerificationFailedMessage')}</div>
+          <div>
+            <NButton secondary onClick={loadConfigIgnoreSignature}>
+              {t('mod.loadConfigIgnoreSignature')}
+            </NButton>
+          </div>
+        </NFlex>
+      }
       else if (configReadErr.value) {
         editorPart = <NFlex vertical justify="center" align="center" class="min-h-100">
           <div class="text-8">{errTitle.value}</div>

MaiChartManager/Front/src/locales/en.yaml

@@ -358,6 +358,18 @@ mod:
 
       If your cabinet has corresponding host software, it's recommended to use
       it for adjustments
+  configCorrupted: AquaMai config file corrupted
+  configCorruptedMessage: Please manually check AquaMai.toml and try to fix possible issues
+  resetToDefault: Reset to default settings
+  configVersionHigher: Config file version higher than AquaMai version
+  aquaMaiSignatureVerificationFailed: AquaMai signature verification failed
+  aquaMaiSignatureVerificationFailedMessage: Unable to verify AquaMai is from official source. Loading config requires executing code in it, which may pose security risks.
+  loadConfigIgnoreSignature: Ignore signature verification and load
+  signature:
+    verifiedOfficial: Verified official AquaMai version
+    verifiedCI: Verified official AquaMai CI build
+    notFound: This AquaMai has no valid signature, likely not an official version
+    invalid: This AquaMai has an invalid signature, likely not an official version
 tools:
   title: Tools
   audioConvert: Audio Convert (ACB + AWB)

MaiChartManager/Front/src/locales/zh-TW.yaml

@@ -323,6 +323,18 @@ mod:
       使用自訂的觸控靈敏度
       這裡啟用之後 Test 裡的設定就不再起作用了，不過還是可以使用 Test 測試（使用測試需要關閉 1P 模式）
       如果你的手台有對應的上位機，建議使用上位機調整
+  configCorrupted: AquaMai 設定檔損壞
+  configCorruptedMessage: 請手動檢查 AquaMai.toml 並嘗試修復可能的問題
+  resetToDefault: 重設回預設設定
+  configVersionHigher: 設定檔版本高於 AquaMai 版本
+  aquaMaiSignatureVerificationFailed: AquaMai 簽章驗證失敗
+  aquaMaiSignatureVerificationFailedMessage: 無法驗證 AquaMai 來自官方來源。載入設定需要執行其中的程式碼，這可能存在安全風險。
+  loadConfigIgnoreSignature: 忽略簽章驗證並載入
+  signature:
+    verifiedOfficial: 已驗證的 AquaMai 官方版本
+    verifiedCI: 已驗證的 AquaMai 官方持續整合建置
+    notFound: 這個 AquaMai 沒有有效的簽章，很可能不是官方版本
+    invalid: 這個 AquaMai 的簽章無效，很可能不是官方版本
 tools:
   title: 工具
   audioConvert: 音訊轉換（ACB + AWB）

MaiChartManager/Front/src/locales/zh.yaml

@@ -327,6 +327,14 @@ mod:
   configCorruptedMessage: 请手动检查 AquaMai.toml 并尝试修复可能的问题
   resetToDefault: 重置回默认设置
   configVersionHigher: 配置文件版本高于 AquaMai 版本
+  aquaMaiSignatureVerificationFailed: AquaMai 签名验证失败
+  aquaMaiSignatureVerificationFailedMessage: 无法验证 AquaMai 来自官方来源。加载配置需要执行其中的代码，这可能存在安全风险。
+  loadConfigIgnoreSignature: 忽略签名验证并加载
+  signature:
+    verifiedOfficial: 已验证的 AquaMai 官方版本
+    verifiedCI: 已验证的 AquaMai 官方持续集成构建
+    notFound: 这个 AquaMai 没有有效的签名，很可能不是官方版本
+    invalid: 这个 AquaMai 的签名无效，很可能不是官方版本
 tools:
   title: 工具
   audioConvert: 音频转换（ACB + AWB）