X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/8e292c995b66f335f19def2bcdd227168935ede0..313fa17b58b78d3c26fb986be9e8fce975cec88c:/libsecurity_codesigning/gke/gkgenerate

diff --git a/libsecurity_codesigning/gke/gkgenerate b/libsecurity_codesigning/gke/gkgenerate
index b62383f1..127d9b0c 100755
--- a/libsecurity_codesigning/gke/gkgenerate
+++ b/libsecurity_codesigning/gke/gkgenerate
@@ -22,7 +22,6 @@ import uuid
 authfile = "gke.auth"
 sigfile = "gke.dsig"
 
-
 #
 # Usage and fail
 #
@@ -49,6 +48,20 @@ authfile = args.output + ".auth"
 sigsfile = args.output + ".sigs"
 
 
+#
+# Augment a snippet record
+#
+def augment(data):
+	for auth in data.authority.values():
+		if auth.path in data.signatures:
+			signature = data.signatures[auth.path].signature.data
+			unpack = subprocess.Popen(["/usr/local/bin/gkunpack"], stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+			(stdout, stderr) = unpack.communicate(input=signature)
+			if stderr:
+				fail("signature unpack failed for %s" % auth.path)
+			auth.screen = stdout.rstrip();
+
+
 #
 # Start by collecting authority evidence from the authority records
 #
@@ -57,10 +70,12 @@ sigs = { }
 for source in args.source:
 	if source[0] == '+':
 		data = plistlib.readPlist(source[1:])
+		augment(data)
 		auth.update(data["authority"])
 		sigs.update(data["signatures"])
 	else:
 		data = plistlib.readPlist(source)
+		augment(data)
 		auth.update(data["authority"])
 
 if not auth and not args.empty: