X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..7e6b461318c8a779d91381531435a68ee4e8b6ed:/OSX/libsecurity_codesigning/lib/reqdumper.cpp?ds=inline diff --git a/OSX/libsecurity_codesigning/lib/reqdumper.cpp b/OSX/libsecurity_codesigning/lib/reqdumper.cpp index c7e180f6..f0fc8dd5 100644 --- a/OSX/libsecurity_codesigning/lib/reqdumper.cpp +++ b/OSX/libsecurity_codesigning/lib/reqdumper.cpp @@ -25,7 +25,9 @@ // reqdumper - Requirement un-parsing (disassembly) // #include "reqdumper.h" +#if TARGET_OS_OSX #include // OID encoder +#endif #include namespace Security { @@ -121,10 +123,8 @@ string Dumper::dump(const BlobCore *req, bool debug /* = false */) switch (req->magic()) { case Requirement::typeMagic: return dump(static_cast(req), debug); - break; case Requirements::typeMagic: return dump(static_cast(req), debug); - break; default: return "invalid data type"; } @@ -199,22 +199,35 @@ void Dumper::expr(SyntaxLevel level) case opCertField: print("certificate"); certSlot(); print("["); dotString(); print("]"); match(); break; + case opCertFieldDate: + print("certificate"); certSlot(); print("["); +#if TARGET_OS_OSX + { + const unsigned char *data; size_t length; + getData(data, length); + print("timestamp.%s", CssmOid((unsigned char *)data, length).toOid().c_str()); + } +#endif case opCertGeneric: print("certificate"); certSlot(); print("["); +#if TARGET_OS_OSX { const unsigned char *data; size_t length; getData(data, length); print("field.%s", CssmOid((unsigned char *)data, length).toOid().c_str()); } +#endif print("]"); match(); break; case opCertPolicy: print("certificate"); certSlot(); print("["); +#if TARGET_OS_OSX { const unsigned char *data; size_t length; getData(data, length); print("policy.%s", CssmOid((unsigned char *)data, length).toOid().c_str()); } +#endif print("]"); match(); break; case opTrustedCert: @@ -232,6 +245,12 @@ void Dumper::expr(SyntaxLevel level) case opPlatform: print("platform = %d", get()); break; + case opNotarized: + print("notarized"); + break; + case opLegacyDevID: + print("legacy"); + break; default: if (op & opGenericFalse) { print(" false /* opcode %d */", op & ~opFlagMask); @@ -267,6 +286,9 @@ void Dumper::match() case matchExists: print(" /* exists */"); break; + case matchAbsent: + print(" absent "); + break; case matchEqual: print(" = "); data(); break; @@ -291,6 +313,21 @@ void Dumper::match() case matchGreaterThan: print(" > "); data(); break; + case matchOn: + print(" = "); timestamp(); + break; + case matchBefore: + print(" < "); timestamp(); + break; + case matchAfter: + print(" > "); timestamp(); + break; + case matchOnOrBefore: + print(" <= "); timestamp(); + break; + case matchOnOrAfter: + print(" >= "); timestamp(); + break; default: print("MATCH OPCODE %d NOT UNDERSTOOD", op); break; @@ -333,7 +370,7 @@ void Dumper::data(PrintMode bestMode /* = isSimple */, bool dotOkay /* = false * switch (bestMode) { case isSimple: - print("%.*s", length, data); + print("%.*s", (int)length, data); break; case isPrintable: print("\""); @@ -355,6 +392,16 @@ void Dumper::data(PrintMode bestMode /* = isSimple */, bool dotOkay /* = false * break; } } + +void Dumper::timestamp() +{ + CFAbsoluteTime at = static_cast(get()); + CFRef date = CFDateCreate(NULL, at); + + CFRef str = CFCopyDescription(date); + + print("<%s>", cfString(str).c_str()); +} void Dumper::printBytes(const Byte *data, size_t length) {