v3.1

Makefile

@@ -16,7 +16,6 @@ all: $(TARGET).vpk
 	vita-pack-vpk -s param.sfo -b eboot.bin \
     -a sce_sys/livearea/contents/bg.png=sce_sys/livearea/contents/bg.png \
     -a sce_sys/livearea/contents/template.xml=sce_sys/livearea/contents/template.xml \
-	-a user/itls.suprx=user.suprx \
 	-a kernel/itls.skprx=kernel.skprx \
 	-a misc/compat.suprx=compat.suprx \
 	-a misc/lhttp.suprx=lhttp.suprx \

README.md

@@ -5,8 +5,8 @@ Adds TLS v1.2 to devices with enso installed.
 
 1) Install the provided VPK file.
 
-2) Start the app, select "Install/Uninstall iTLS" and wait til it finishes.
-   - You may want to only install/uninstall the new root certs, to do it select "Install/Uninstall the latest CA certs"
+2) Start the app, select "Install the full iTLS package" and wait til it finishes.
+   - You may want to only install the new root certs, to do it select "Install the iTLS CA certs"
 
 3) Reboot.
 
@@ -18,10 +18,12 @@ Thanks to:
 
 # FAQ
 
-- Can i use it without enso?
+- Can I use it without enso?
   - Yes for browser-only patch, but it is strongly recommended to use enso.
 - Where can I find the CA certs?
   - vs0:/data/external/cert/CA_LIST.cer
+- How can I update the tool?
+  - Uninstall via the previous installer, install via the new one.
 
 # Notes
 - Since version 3.0 iTLS also patches apps-side TLS stuff.

kernel/CMakeLists.txt

@@ -25,6 +25,9 @@ target_link_libraries(itls.elf
 	SceSysclibForDriver_stub
 	SceCpuForDriver_stub
 	taihenModuleUtils_stub
+	taihenForKernel_stub
+	SceSysmemForDriver_stub
+	SceIofilemgrForDriver_stub
 )
 
 set_target_properties(itls.elf

kernel/itls.yml

@@ -2,7 +2,7 @@ itlsKernel:
   attributes: 0
   version:
     major: 1
-    minor: 1
+    minor: 2
   main:
     start: module_start
     stop: module_stop

kernel/main.c

@@ -1,5 +1,5 @@
 /*
-	iTLS-Enso v3.0 by SKGleba
+	iTLS-Enso v3.1 by SKGleba
 	All Rights Reserved
 */
 
@@ -19,17 +19,62 @@ do {                                \
 		ksceKernelCpuUnrestrictedMemcpy((void *)addr, (void *)data, sz);	\
 	}									\
 } while (0)
+
+int ex(char *path) {
+	SceIoStat stat;
+	int stat_ret = ksceIoGetstat(path, &stat);
+	if (stat_ret < 0)
+		return 0;
+	return 1;
+}
+
+uint8_t pmode = 0;
+static char path_k[0x80];
+static int hk;
+static tai_hook_ref_t lum_hook;
+static SceUID lum_patch(char *path, SceSize args, void *argp, int flags, SceKernelLMOption *option, int *status) {
+	int state;
+	ENTER_SYSCALL(state);
+	int pathlen = ksceKernelStrnlenUser((uintptr_t)path, 0x80);
+	if (pathlen < 0x80) {
+		ksceKernelMemcpyUserToKernel(path_k, (uintptr_t)path, pathlen);
+		if (path_k[pathlen - 14] == 0x70 && path_k[pathlen - 13] == 0x32 && path_k[pathlen - 12] == 0x43) {
+			path_k[pathlen - 1] = 0x30;
+			ksceKernelMemcpyKernelToUser((uintptr_t)path, path_k, pathlen);
+		}
+	}
+	EXIT_SYSCALL(state);
+	SceUID ret = TAI_CONTINUE(SceUID, lum_hook, path, args, argp, flags, option, status);
+	return ret;
+}
 
 void _start() __attribute__ ((weak, alias ("module_start")));
 int module_start(SceSize argc, const void *args)
 {
 	char zero[1] = {0x30};
-	INJECT("SceSysmodule", 0x162c, zero, sizeof(zero));
-	INJECT("SceSysmodule", 0x163b, zero, sizeof(zero));
+	if (ex("vs0:/data/external/webcore/ScePsp2Compat.supr0") == 1) {
+		INJECT("SceSysmodule", 0x162c, zero, sizeof(zero));
+		INJECT("SceSysmodule", 0x163b, zero, sizeof(zero));
+		pmode = 1;
+	}
+	if (ex("vs0:/sys/external/libhttp.supr0") == 1) {
+		hk = taiHookFunctionExportForKernel(KERNEL_PID, &lum_hook, "SceKernelModulemgr", TAI_ANY_LIBRARY, 0x60647592, lum_patch);
+		pmode = pmode + 0x10;
+	}
 	return SCE_KERNEL_START_SUCCESS;
 }
 
 int module_stop(SceSize argc, const void *args)
 {
+	if (pmode >= 0x10) {
+		if (hk >= 0)
+			taiHookReleaseForKernel(hk, lum_hook);
+		pmode = pmode - 0x10;
+	}
+	char x[1] = {0x7A};
+	if (pmode == 1) {
+		INJECT("SceSysmodule", 0x162c, x, sizeof(x));
+		INJECT("SceSysmodule", 0x163b, x, sizeof(x));
+	}
 	return SCE_KERNEL_STOP_SUCCESS;
 }

main.c

@@ -1,5 +1,5 @@
 /*
-	iTLS-Enso v3.0 by SKGleba
+	iTLS-Enso v3.1 by SKGleba
 	All Rights Reserved
 */
 
@@ -13,13 +13,17 @@
 #include <psp2/io/stat.h>
 #include "graphics.h"
 
-char mmit[][200] = {" -> Install/Uninstall iTLS"," -> Install/Uninstall the latest CA certs"," -> Exit"};
+#define printf psvDebugScreenPrintf
 
-int optct = 3;
+char mmit[][512] = {" -> Install the full iTLS package"," -> Install the iTLS plugin"," -> Install the iTLS compat module (web-browser)"," -> Install the iTLS http & ssl modules (in-app)"," -> Install the iTLS CA certs"," -> Exit"};
+char mmut[][512] = {" -> Uninstall the full iTLS package"," -> Uninstall the iTLS plugin"," -> Uninstall the iTLS compat module (web-browser)"," -> Uninstall the iTLS http & ssl modules (in-app)"," -> Uninstall the iTLS CA certs"," -> Exit"};
+
+int optct = 6;
 
 int sel = 0;
 int i;
 int shode = 0;
+char cfg[5] = {0, 0, 0, 0, 0};
 
 int ex(const char *fname) {
     FILE *file;
@@ -65,77 +69,117 @@ int fcp(const char *from, const char *to) {
 void smenu(){
 	psvDebugScreenClear(COLOR_BLACK);
 	psvDebugScreenSetFgColor(COLOR_CYAN);
-	psvDebugScreenPrintf("                       iTLS-Enso 3.0.1                           \n");
-	psvDebugScreenPrintf("                         By SKGleba                              \n");
+	printf("                        iTLS-Enso 3.1                            \n");
+	printf("                         By SKGleba                              \n");
 	psvDebugScreenSetFgColor(COLOR_RED);
 	for(i = 0; i < optct; i++){
 		if(sel==i){
 			psvDebugScreenSetFgColor(COLOR_GREEN);
 		}
-		psvDebugScreenPrintf("%s\n", mmit[i]);
+		printf("%s\n", (cfg[i] == 0) ? mmit[i] : mmut[i]);
 		psvDebugScreenSetFgColor(COLOR_RED);
 	}
 	psvDebugScreenSetFgColor(COLOR_GREEN);
 }
 
-int work(int debug){
-	if (sel == 2)
-		sceKernelExitProcess(0);
-	void *buf = malloc(0x100);
-	vshIoUmount(0x300, 0, 0, 0);
-	vshIoUmount(0x300, 1, 0, 0);
-	_vshIoMount(0x300, 0, 2, buf);
-	psvDebugScreenPrintf("Working...\n");
-	if (sel == 0) {
-		if (ex("vs0:/data/external/webcore/ScePsp2Compat.supr0") == 0 && ex("vs0:/sys/external/libhttp.supr0") == 0) {
-			psvDebugScreenPrintf("Installing iTLS... ");
-			fcp("app0:compat.suprx", "vs0:/data/external/webcore/ScePsp2Compat.supr0");
-			fcp("app0:lhttp.suprx", "vs0:/sys/external/libhttp.supr0");
-			fcp("app0:lssl.suprx", "vs0:/sys/external/libssl.supr0");
-			riex("vs0:/data/external/cert/CA_LIST.cer_old");
-			sceIoRename("vs0:/data/external/cert/CA_LIST.cer", "vs0:/data/external/cert/CA_LIST.cer_old");
-			fcp("app0:certs.cer", "vs0:/data/external/cert/CA_LIST.cer");
-			fcp("app0:user.suprx", "ur0:tai/itls.suprx");
+void installPlugin(int ior) {
+	if (cfg[1] == ior || ior == 69) {
+		if (cfg[1] == 1) {
+			printf("Removing the iTLS plugin... \n");
+			riex("ur0:tai/itls.skprx");
+			if (ex("ur0:tai/config_preitls.txt") == 1) {
+				sceIoRemove("ur0:tai/config.txt");
+				sceIoRename("ur0:tai/config_preitls.txt", "ur0:tai/config.txt");
+			}
+		} else {
+			printf("Installing the iTLS plugin... \n");
 			fcp("app0:kernel.skprx", "ur0:tai/itls.skprx");
 			if (ex("ux0:tai/config.txt") == 1 && ex("ux0:tai/config_preitls.txt") == 0)
 				sceIoRename("ux0:tai/config.txt", "ux0:tai/config_preitls.txt");
 			SceUID fd = sceIoOpen("ur0:tai/config_temp.txt", SCE_O_WRONLY | SCE_O_TRUNC | SCE_O_CREAT, 6);
-			sceIoWrite(fd, (void *)"\n# ITLS\n*KERNEL\nur0:tai/itls.skprx\n*ALL\nur0:tai/itls.suprx\n", strlen("\n# ITLS\n*KERNEL\nur0:tai/itls.skprx\n*ALL\nur0:tai/itls.suprx\n"));
+			sceIoWrite(fd, (void *)"\n# ITLS\n*KERNEL\nur0:tai/itls.skprx\n", strlen("\n# ITLS\n*KERNEL\nur0:tai/itls.skprx\n"));
 			sceIoClose(fd);
 			fcp("ur0:tai/config.txt", "ur0:tai/config_preitls.txt");
 			fap("ur0:tai/config_temp.txt", "ur0:tai/config.txt");
 			sceIoRemove("ur0:tai/config_temp.txt");
-		} else {
-			psvDebugScreenPrintf("Uninstalling iTLS... ");
-			if (ex("ur0:tai/config_preitls.txt") == 1) {
-				sceIoRemove("ur0:tai/config.txt");
-				sceIoRename("ur0:tai/config_preitls.txt", "ur0:tai/config.txt");
-			}
-			riex("ur0:tai/itls.suprx");
-			riex("ur0:tai/itls.skprx");
+		}
+	}
+}
+
+void installCompat(int ior) {
+	if (cfg[2] == ior || ior == 69) {
+		if (cfg[2] == 1) {
+			printf("Removing the iTLS compat module... \n");
 			riex("vs0:/data/external/webcore/ScePsp2Compat.supr0");
+		} else {
+			printf("Installing the iTLS compat module... \n");
+			fcp("app0:compat.suprx", "vs0:/data/external/webcore/ScePsp2Compat.supr0");
+		}
+	}
+}
+
+void installIapp(int ior) {
+	if (cfg[3] == ior || ior == 69) {
+		if (cfg[3] == 1) {
+			printf("Removing the iTLS http & ssl modules... \n");
 			riex("vs0:/sys/external/libhttp.supr0");
 			riex("vs0:/sys/external/libssl.supr0");
-			if (ex("vs0:/data/external/cert/CA_LIST.cer_old") == 1) {
-				riex("vs0:/data/external/cert/CA_LIST.cer");
-				sceIoRename("vs0:/data/external/cert/CA_LIST.cer_old", "vs0:/data/external/cert/CA_LIST.cer");
-				riex("vs0:/data/external/cert/CA_LIST.cer_old");
-			}
+		} else {
+			printf("Installing the iTLS http & ssl modules... \n");
+			fcp("app0:lhttp.suprx", "vs0:/sys/external/libhttp.supr0");
+			fcp("app0:lssl.suprx", "vs0:/sys/external/libssl.supr0");
 		}
-	} else if (sel == 1) {
-		if (ex("vs0:/data/external/cert/CA_LIST.cer_old") == 1) {
-			psvDebugScreenPrintf("Removing new CA certs... ");
+	}
+}
+
+void installCerts(int ior) {
+	if (cfg[4] == ior || ior == 69) {
+		if (cfg[4] == 1) {
+			printf("Removing iTLS CA certs... \n");
 			riex("vs0:/data/external/cert/CA_LIST.cer");
 			sceIoRename("vs0:/data/external/cert/CA_LIST.cer_old", "vs0:/data/external/cert/CA_LIST.cer");
 			riex("vs0:/data/external/cert/CA_LIST.cer_old");
 		} else {
-			psvDebugScreenPrintf("Adding new CA certs... ");
+			printf("Adding iTLS CA certs... \n");
 			sceIoRename("vs0:/data/external/cert/CA_LIST.cer", "vs0:/data/external/cert/CA_LIST.cer_old");
 			fcp("app0:certs.cer", "vs0:/data/external/cert/CA_LIST.cer");
 		}
 	}
-	psvDebugScreenPrintf("Done\n");
-	sceKernelDelayThread(1 * 1000 * 1000);
+}
+
+int work(){
+	if (sel == 5)
+		sceKernelExitProcess(0);
+	void *buf = malloc(0x100);
+	vshIoUmount(0x300, 0, 0, 0);
+	vshIoUmount(0x300, 1, 0, 0);
+	_vshIoMount(0x300, 0, 2, buf);
+	printf("Working...\n");
+	if (sel == 0) {
+		if (cfg[0] == 0) {
+			printf("Installing iTLS... \n");
+			installPlugin(0);
+			installCompat(0);
+			installIapp(0);
+			installCerts(0);
+		} else {
+			printf("Uninstalling iTLS... \n");
+			installPlugin(1);
+			installCompat(1);
+			installIapp(1);
+			installCerts(1);
+		}
+	} else if (sel == 1) {
+		installPlugin(69);
+	} else if (sel == 2) {
+		installCompat(69);
+	} else if (sel == 3) {
+		installIapp(69);
+	} else if (sel == 4) {
+		installCerts(69);
+	}
+	printf("Done, please reboot the device\n");
+	sceKernelDelayThread(5 * 1000 * 1000);
 	sceKernelExitProcess(0);
 	return 0;
 }
@@ -149,6 +193,20 @@ int main()
 
 	int l = 1;// happens
 
+	if (ex("ur0:tai/itls.suprx") == 1)
+		sceIoRemove("ur0:tai/itls.suprx");
+	if (ex("ur0:tai/itls.skprx") == 1)
+		cfg[1] = 1;
+	if (ex("vs0:/data/external/webcore/ScePsp2Compat.supr0") == 1)
+		cfg[2] = 1;
+	if (ex("vs0:/sys/external/libhttp.supr0") == 1)
+		cfg[3] = 1;
+	if (ex("vs0:/data/external/cert/CA_LIST.cer_old") == 1)
+		cfg[4] = 1;
+
+	if (cfg[1] == 1 && cfg[2] == 1 && cfg[3] == 1 && cfg[4] == 1)
+		cfg[0] = 1;
+
 	smenu();
 
 	while (l == 1) {
@@ -170,11 +228,6 @@ int main()
 				}
 				smenu();
 				sceKernelDelayThread(0.3 * 1000 * 1000);
-			} else if (pad.buttons == SCE_CTRL_SELECT) {
-				work(1);
-				sel = 0;
-				smenu();
-				sceKernelDelayThread(0.35 * 1000 * 1000);
 			}
 	}