]> git.saurik.com Git - apple/security.git/blob - SecurityTool/sharedTool/trust_update.m
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Security-59754.41.1.tar.gz
[apple/security.git] / SecurityTool / sharedTool / trust_update.m
1 /*
2 * Copyright (c) 2017 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 *
23 * trust_update.m
24 */
25
26 #import <Foundation/Foundation.h>
27
28 #import <utilities/SecCFWrappers.h>
29 #import <Security/SecTrustPriv.h>
30
31 #include "SecurityCommands.h"
32
33 static int check_OTA_Supplementals_asset(void) {
34 CFErrorRef error = NULL;
35 uint64_t version = SecTrustOTAPKIGetUpdatedAsset(&error);
36 if (error) {
37 CFStringRef errorDescription = CFErrorCopyDescription(error);
38 if (errorDescription) {
39 char *errMsg = CFStringToCString(errorDescription);
40 fprintf(stdout, "Update failed: %s\n", errMsg);
41 if (errMsg) { free(errMsg); }
42 CFRelease(errorDescription);
43 } else {
44 fprintf(stdout, "Update failed: no description\n");
45 }
46 CFRelease(error);
47 } else {
48 fprintf(stdout, "Updated succeeded\n");
49 }
50 if (version != 0) {
51 fprintf(stdout, "Asset Content Version: %llu\n", version);
52 } else {
53 return 1;
54 }
55 return 0;
56 }
57
58 static int check_OTA_sec_experiment_asset(void) {
59 CFErrorRef error = NULL;
60 uint64_t version = SecTrustOTASecExperimentGetUpdatedAsset(&error);
61 if (error) {
62 CFStringRef errorDescription = CFErrorCopyDescription(error);
63 if (errorDescription) {
64 char *errMsg = CFStringToCString(errorDescription);
65 fprintf(stdout, "Update failed: %s\n", errMsg);
66 if (errMsg) { free(errMsg); }
67 CFRelease(errorDescription);
68 } else {
69 fprintf(stdout, "Update failed: no description\n");
70 }
71 CFRelease(error);
72 } else {
73 fprintf(stdout, "Updated succeeded\n");
74 }
75 if (version != 0) {
76 fprintf(stdout, "Asset Content Version: %llu\n", version);
77 } else {
78 return 1;
79 }
80 return 0;
81 }
82
83 static int check_valid_update(void) {
84 CFErrorRef error = NULL;
85 bool result = SecTrustTriggerValidUpdate(&error);
86 if (!result) {
87 CFStringRef errorDescription = error ? CFErrorCopyDescription(error) : NULL;
88 if (errorDescription) {
89 char *errMsg = CFStringToCString(errorDescription);
90 fprintf(stdout, "Update failed: %s\n", errMsg ? errMsg : "no error message");
91 free(errMsg);
92 CFRelease(errorDescription);
93 } else {
94 fprintf(stdout, "Update failed: no description\n");
95 }
96 CFReleaseNull(error);
97 } else {
98 fprintf(stdout, "Updated triggered\n");
99 }
100 return 0;
101 }
102
103 int check_trust_update(int argc, char * const *argv) {
104 int arg;
105
106 if (argc == 1) {
107 return SHOW_USAGE_MESSAGE;
108 }
109
110 while ((arg = getopt(argc, argv, "ser")) != -1) {
111 switch(arg) {
112 case 's':
113 return check_OTA_Supplementals_asset();
114 case 'e':
115 return check_OTA_sec_experiment_asset();
116 case 'r':
117 return check_valid_update();
118 case '?':
119 default:
120 return SHOW_USAGE_MESSAGE;
121 }
122 }
123
124 return 0;
125 }
mirror of Security