Re: Code Signing
Re: Code Signing
- Subject: Re: Code Signing
- From: Carl Harris <email@hidden>
- Date: Mon, 07 Sep 2009 09:13:58 -0400
Peter Hudson wrote:
I was looking for a way to observe the code having been hacked - and
if it has been, for the app not to run. What is the kill flag and
how do I set it ?
Could it be reset by someone ?
Take a look at the Code Signing Services Reference: http://developer.apple.com/mac/library/documentation/Security/Reference/CodeSigningRef/Reference/reference.html
Assuming that you want an application to check its own validity, the
basic idea is that you want to get a SecCodeRef for the running app
using SecCodeCopySelf, and then validate it against some requirement
using SecCodeCheckValidity. If you specify no requirement, it
validates only the application's designated requirement.
Using SecCodeCheckValidity, you're validating the application's
dynamic state -- i.e. confirming that it has not been modified while
running. You can also check the static state using
SecStaticCodeCheckValidity.
There was a pretty good presentation on code signing at WWDC'09. If
you have access to the WWDC videos, you might want to check it out.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden