namespace ldid {
-void Sign(const void *idata, size_t isize, std::streambuf &output, const std::string &identifier, const std::string &entitlements, const std::string &key, const Slots &slots) {
+void Sign(const void *idata, size_t isize, std::streambuf &output, const std::string &identifier, const std::string &entitlements, const std::string &requirement, const std::string &key, const Slots &slots) {
std::string team;
#ifndef LDID_NOSMIME
special = std::max(special, CSSLOT_REQUIREMENTS);
alloc += sizeof(struct BlobIndex);
- alloc += 0xc;
+ if (!requirement.empty())
+ alloc += 0xc;
+ else
+ alloc += requirement.size();
if (!entitlements.empty()) {
special = std::max(special, CSSLOT_ENTITLEMENTS);
if (true) {
std::stringbuf data;
- Blobs requirements;
- put(data, CSMAGIC_REQUIREMENTS, requirements);
+ if (requirement.empty()) {
+ Blobs requirements;
+ put(data, CSMAGIC_REQUIREMENTS, requirements);
+ } else {
+ put(data, requirement.data(), requirement.size());
+ }
insert(blobs, CSSLOT_REQUIREMENTS, data);
}
};
#ifndef LDID_NOPLIST
-static void Sign(const uint8_t *prefix, size_t size, std::streambuf &buffer, std::vector<char> &hash, std::streambuf &save, const std::string &identifier, const std::string &entitlements, const std::string &key, const Slots &slots) {
+static void Sign(const uint8_t *prefix, size_t size, std::streambuf &buffer, std::vector<char> &hash, std::streambuf &save, const std::string &identifier, const std::string &entitlements, const std::string &requirement, const std::string &key, const Slots &slots) {
// XXX: this is a miserable fail
std::stringbuf temp;
put(temp, prefix, size);
auto data(temp.str());
HashProxy proxy(hash, save);
- Sign(data.data(), data.size(), proxy, identifier, entitlements, key, slots);
+ Sign(data.data(), data.size(), proxy, identifier, entitlements, requirement, key, slots);
}
-std::string Bundle(const std::string &root, Folder &folder, const std::string &key, std::map<std::string, std::vector<char>> &remote, const std::string &entitlements) {
+std::string Bundle(const std::string &root, Folder &folder, const std::string &key, std::map<std::string, std::vector<char>> &remote, const std::string &entitlements, const std::string &requirement) {
std::string executable;
std::string identifier;
return;
auto bundle(root + Split(name).dir);
SubFolder subfolder(folder, bundle);
- Bundle(bundle, subfolder, key, local, "");
+ Bundle(bundle, subfolder, key, local, "", "");
}));
folder.Find("", fun([&](const std::string &name, const Functor<void (const Functor<void (std::streambuf &, std::streambuf &)> &)> &code) {
case MH_MAGIC: case MH_MAGIC_64:
case MH_CIGAM: case MH_CIGAM_64:
Slots slots;
- Sign(header.bytes, size, data, hash, save, identifier, "", key, slots);
+ Sign(header.bytes, size, data, hash, save, identifier, "", "", key, slots);
return;
}
Slots slots;
slots[1] = local.at(info);
slots[3] = local.at(signature);
- Sign(NULL, 0, buffer, local[executable], save, identifier, entitlements, key, slots);
+ Sign(NULL, 0, buffer, local[executable], save, identifier, entitlements, requirement, key, slots);
}));
}));
bool flag_r(false);
bool flag_e(false);
+ bool flag_q(false);
#ifndef LDID_NOFLAGT
bool flag_T(false);
#endif
Map entitlements;
+ Map requirement;
Map key;
ldid::Slots slots;
sha1(slots[number], file.data(), file.size());
} break;
+ case 'q': flag_q = true; break;
+
+ case 'Q': {
+ const char *xml = argv[argi] + 2;
+ requirement.open(xml, O_RDONLY, PROT_READ, MAP_PRIVATE);
+ } break;
+
case 'D': flag_D = true; break;
case 'a': flag_a = true; break;
_assert(!flag_r);
ldid::DiskFolder folder(path);
std::map<std::string, std::vector<char>> hashes;
- path += "/" + Bundle("", folder, key, hashes, entitlements);
+ path += "/" + Bundle("", folder, key, hashes, entitlements, requirement);
#else
_assert(false);
#endif
ldid::Unsign(input.data(), input.size(), output);
else {
std::string identifier(flag_I ?: split.base.c_str());
- ldid::Sign(input.data(), input.size(), output, identifier, entitlements, key, slots);
+ ldid::Sign(input.data(), input.size(), output, identifier, entitlements, requirement, key, slots);
}
Commit(path, temp);
}
}
+ if (flag_q) {
+ _assert(signature != NULL);
+
+ uint32_t data = mach_header.Swap(signature->dataoff);
+
+ uint8_t *top = reinterpret_cast<uint8_t *>(mach_header.GetBase());
+ uint8_t *blob = top + data;
+ struct SuperBlob *super = reinterpret_cast<struct SuperBlob *>(blob);
+
+ for (size_t index(0); index != Swap(super->count); ++index)
+ if (Swap(super->index[index].type) == CSSLOT_REQUIREMENTS) {
+ uint32_t begin = Swap(super->index[index].offset);
+ struct Blob *requirement = reinterpret_cast<struct Blob *>(blob + begin);
+ fwrite(requirement, 1, Swap(requirement->length), stdout);
+ }
+ }
+
if (flag_s) {
_assert(signature != NULL);
projects / ldid.git / commitdiff
