def _get_arch(self, macho, arch_offset, arch_size): arch = { 'macho': macho, 'arch_offset': arch_offset, 'arch_size': arch_size } arch['cmds'] = {} for cmd in macho.commands: name = cmd.cmd arch['cmds'][name] = cmd codesig_data = None if 'LC_CODE_SIGNATURE' in arch['cmds']: arch['lc_codesig'] = arch['cmds']['LC_CODE_SIGNATURE'] codesig_offset = arch['macho'].macho_start + arch[ 'lc_codesig'].data.dataoff self.f.seek(codesig_offset) codesig_data = self.f.read(arch['lc_codesig'].data.datasize) # log.debug("codesig len: {0}".format(len(codesig_data))) else: log.info("signing from scratch!") self.sign_from_scratch = True entitlements_file = self.bundle.get_entitlements_path( ) #'/path/to/some/entitlements.plist' # Stage 1: Fake signature fake_codesig_data = make_signature( macho, arch_offset, arch_size, arch['cmds'], self.f, entitlements_file, 0, self.signer, self.bundle.get_info_prop('CFBundleIdentifier')) macho.ncmds -= 1 macho.commands = macho.commands[:-1] # Get the length fake_codesig = Codesig(self, fake_codesig_data) fake_codesig.set_signature(self.signer) fake_codesig.update_offsets() fake_codesig_length = len(fake_codesig.build_data()) log.debug("fake codesig length: {}".format(fake_codesig_length)) # stage 2: real signature codesig_data = make_signature( macho, arch_offset, arch_size, arch['cmds'], self.f, entitlements_file, fake_codesig_length, self.signer, self.bundle.get_info_prop('CFBundleIdentifier')) arch['lc_codesig'] = arch['cmds']['LC_CODE_SIGNATURE'] arch['codesig'] = Codesig(self, codesig_data) arch['codesig_len'] = len(codesig_data) if self.sign_from_scratch: arch['codesig_data'] = codesig_data return arch
def _get_arch(self, macho, macho_end): arch = {'macho': macho, 'macho_end': macho_end} arch['cmds'] = {} for cmd in macho.commands: name = cmd.cmd arch['cmds'][name] = cmd if 'LC_CODE_SIGNATURE' in arch['cmds']: arch['lc_codesig'] = arch['cmds']['LC_CODE_SIGNATURE'] codesig_offset = arch['macho'].macho_start + arch[ 'lc_codesig'].data.dataoff self.f.seek(codesig_offset) codesig_data = self.f.read(arch['lc_codesig'].data.datasize) # log.debug("codesig len: {0}".format(len(codesig_data))) else: log.info("signing from scratch!") entitlements_file = '/Users/neilk/projects/ios-apps/unsigned_entitlements.plist' codesig_data = make_signature(macho, macho_end, arch['cmds'], self.f, entitlements_file) arch['lc_codesig'] = arch['cmds']['LC_CODE_SIGNATURE'] arch['codesig'] = Codesig(self, codesig_data) arch['codesig_len'] = len(codesig_data) return arch
def _get_arch(self, macho, macho_end): arch = {'macho': macho, 'macho_end': macho_end} arch['cmds'] = {} for cmd in macho.commands: name = cmd.cmd arch['cmds'][name] = cmd if 'LC_CODE_SIGNATURE' in arch['cmds']: arch['lc_codesig'] = arch['cmds']['LC_CODE_SIGNATURE'] codesig_offset = arch['macho'].macho_start + arch[ 'lc_codesig'].data.dataoff self.f.seek(codesig_offset) codesig_data = self.f.read(arch['lc_codesig'].data.datasize) log.debug("codesig len: {0}".format(len(codesig_data))) else: raise Exception('At this time, isign cannot sign an unsigned app.') # log.info("signing from scratch!") # entitlements_file = '/path/to/some/entitlements.plist' # codesig_data = make_signature(macho, macho_end, arch['cmds'], self.f, entitlements_file) # arch['lc_codesig'] = arch['cmds']['LC_CODE_SIGNATURE'] arch['codesig'] = Codesig(self, codesig_data) arch['codesig_len'] = len(codesig_data) return arch
def _get_arch(self, macho, macho_end): arch = {'macho': macho, 'macho_end': macho_end} arch['cmds'] = {} for cmd in macho.commands: name = cmd.cmd arch['cmds'][name] = cmd if 'LC_CODE_SIGNATURE' in arch['cmds']: arch['lc_codesig'] = arch['cmds']['LC_CODE_SIGNATURE'] codesig_offset = arch['macho'].macho_start + arch['lc_codesig'].data.dataoff self.f.seek(codesig_offset) codesig_data = self.f.read(arch['lc_codesig'].data.datasize) arch['codesig_len'] = len(codesig_data) log.debug("codesig len: {0}".format(len(codesig_data))) else: raise Exception("signing without existing codesig is not implemented") # TODO: this doesn't actually work :( # see the makesig.py library, this was begun but not finished arch['codesig'] = Codesig(self, codesig_data) return arch