Can't code-signing validate an App's main executable, without its whole bundle.
Can't code-signing validate an App's main executable, without its whole bundle.
- Subject: Can't code-signing validate an App's main executable, without its whole bundle.
- From: Motti Shneor <email@hidden>
- Date: Wed, 27 Apr 2016 15:44:03 +0300
The following simple code will validate the code-signing of any Mac executable file, or App-bundle, or any code-bundle etc.
However, if handed a path to an executable which happens to be the main executable of an App bundle (example `/Applications/Mail.app/Contents/MacOS/Mail`) The SecStaticCodeRef will automatically encompass the whole wrapping bundle. Such bundle could be huge and the verification process can be both CPU and memory intensive.
The documentation of SecStaticCodeCreateWithPath, (see https://developer.apple.com/library/mac/documentation/Security/Reference/CodeSigningRef/#//apple_ref/c/func/SecStaticCodeCreateWithPath <https://developer.apple.com/library/mac/documentation/Security/Reference/CodeSigningRef/#//apple_ref/c/func/SecStaticCodeCreateWithPath>) states that "If you pass a URL to the main executable of a bundle, the bundle as a whole is generally recognized."
My Question: How to 'persuade' either the `SecStaticCodeCreateWithPath` or the `SecStaticCodeCheckValidityWithErrors` to NOT do that - i.e. represent only that main-executable alone, without its bundle. I could not find any flags or attributes to do that, but I’m pretty novice with the Security Framework, and I can’t yet fully grasp the “SecStaticCode” object’s role and use.
Ideas anyone?
void checkFileValidity(CFIndex idx, const char *filePath) {
OSStatus result = noErr;
printf ("Validating %ld: ", idx);
CFURLRef fileRef = CFURLCreateAbsoluteURLWithBytes(kCFAllocatorDefault, (UInt8 *)filePath, strlen(filePath), kCFStringEncodingUTF8, NULL , false);
if (fileRef == NULL)
return;
SecStaticCodeRef staticCode;
result = SecStaticCodeCreateWithPath(fileRef, kSecCSDefaultFlags, &staticCode);
CFRelease(fileRef);
if (result != noErr)
return;
SecCSFlags staticVerifyOptions = kSecCSDefaultFlags; // kSecCSCheckAllArchitectures | kSecCSStrictValidate;
CFErrorRef error = NULL;
result = SecStaticCodeCheckValidityWithErrors(staticCode, staticVerifyOptions, NULL, &error); // Following call leaks memory.
CFRelease(staticCode);
switch (result) {
case errSecSuccess:
printf ("Good. ");
break;
default:
printf ("Failed with code:%d for %s\n", result, filePath);
CFShow(error);
CFRelease(error);
break;
}
}
Motti Shneor
---
Ceterum censeo Microsoftinem delendam esse
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden