search

blacktop / ipsw

iOS/macOS Research Swiss Army Knife
https://blacktop.github.io/ipsw
MIT License
1.78k stars 139 forks source link

New `ipsw verify` command? #482

Open justtryingthingsout opened 3 months ago

justtryingthingsout commented 3 months ago

Is your feature request related to a problem? Please describe.

There is currently no way that I know of that allows for the verification of the disks inside of a IPSW using the root hashes, mtrees, and integrity catalogs, apart from a verification by a tool such as img4tool, which might be something worth implementing

Describe the solution you'd like

A ipsw verify command that allows for the verification of the dmgs inside of the ipsws, using the mtree, root hash, and integrity catalogs, as is done by Apple themselves. Could also include other ways of verification, such as the one implemented in img4tool.

Describe alternatives you've considered

Having no command for this, which is fine as well, as this might be a gimmick if img4tool suffices.

Search

Code of Conduct

Additional context

No response

blacktop commented 3 months ago

I have also been thinking about verification cmds

1)

Add calculated as well as reported hashes in the code signature for MachOs and the DSC (only w/ a flag or -V as it'll be SLOW for DSC etc) 2) Add a ipsw macho sign --verify cmd OR a ipsw verify macho subcmd if it makes more sense to have a verify category w/ subcmds