OSX/libsecurity_codesigning/gke/gkunpack.cpp

   1 //
   2 //  gkunpack - an ad-hoc tool for unpacking certain binary data from a detached code signature
   3 //
   4 //      gkunpack <detached_signature_data >prescreen_filter_data
   5 //
   6 #include <security_utilities/macho++.h>
   7 #include <security_codesigning/codedirectory.h>
   8 #include <security_codesigning/sigblob.h>
   9
  10 using namespace CodeSigning;
  11
  12
  13 int main(int argc, const char * argv[])
  14 {
  15         if (const EmbeddedSignatureBlob *top = (const EmbeddedSignatureBlob *)BlobCore::readBlob(stdin)) {
  16                 if (top->magic() == DetachedSignatureBlob::typeMagic) { // multiple architectures - pick the native one
  17                         Architecture local = Architecture::local();
  18                         const EmbeddedSignatureBlob *sig = EmbeddedSignatureBlob::specific(top->find(local.cpuType()));
  19                         if (!sig)
  20                                 sig = EmbeddedSignatureBlob::specific(top->find(local.cpuType() & ~CPU_ARCH_MASK));
  21                         top = sig;
  22                 }
  23                 if (top)
  24                         if (const CodeDirectory *cd = top->find<const CodeDirectory>(cdCodeDirectorySlot)) {
  25                                 printf("%s\n", cd->screeningCode().c_str());
  26                                 exit(0);
  27                         }
  28         }
  29         fprintf(stderr, "Invalid signature structure\n");
  30         exit(1);
  31 }