def to_der(self) -> bytes: """ :return: The private key encoded in DER format. """ pk = ECPrivateKey({ 'version': 'ecPrivkeyVer1', 'private_key': self.to_int(), 'public_key': ECPointBitString(self.public_key.format(compressed=False)), }) return PrivateKeyInfo({ 'version': 0, 'private_key_algorithm': PrivateKeyAlgorithm({ 'algorithm': 'ec', 'parameters': ECDomainParameters(name='named', value='1.3.132.0.10'), }), 'private_key': pk, }).dump()
def apply_sig(filename: str, detach_path: str): """ Attach the signature for the bundle of the same name at the detach_path """ bundle, filepath = get_bundle_exec(filename) detach_bundle = os.path.join(detach_path, os.path.basename(bundle)) bin_code_signers: Dict[str, CodeSigner] = {} for file_path in glob.iglob(os.path.join(detach_bundle, "**"), recursive=True): if os.path.isdir(file_path): continue bundle_relpath = os.path.relpath(file_path, detach_bundle) bundle_path = os.path.join(bundle, bundle_relpath) if os.path.basename(os.path.dirname(file_path)) == "MacOS": # Signature files are only in the MacOS dir if file_path.endswith("sign"): bin_name, ext = os.path.splitext(file_path) bundle_relpath = os.path.relpath(bin_name, detach_bundle) bundle_path = os.path.join(bundle, bundle_relpath) if bin_name not in bin_code_signers: bin_code_signers[bin_name] = CodeSigner( bundle_path, Certificate(), PrivateKeyInfo()) bcs = bin_code_signers[bin_name] # Figure out which index this sig is for idx = 0 macho = bcs.macho if hasattr(bcs.macho, "Fhdr"): if ext == ".sign": raise Exception( "Cannot attach single architecture signature to universal binary" ) arch_type = CPU_NAME_TO_TYPE[ext[1:-4]] for i, h in enumerate(bcs.macho.fh): if h.cputype == arch_type: idx = i macho = bcs.macho.arch[i] break # Create a CodeSignatureAttacher csa = CodeSignatureAttacher(bundle_path, idx, macho, file_path) # Add it to the CodeSigner bcs.code_signers.append(csa) continue # Non-signature files are just copied over os.makedirs(os.path.dirname(bundle_path), exist_ok=True) shutil.copyfile(file_path, bundle_path) # Apply the signature for all CodeSigners for _, cs in bin_code_signers.items(): cs.apply_signature()
def to_der(self): pk = ECPrivateKey( { 'version': ensure_unicode('ecPrivkeyVer1'), 'private_key': self.to_int(), 'public_key': ECPointBitString(self.public_key.format(compressed=False)), } ) return PrivateKeyInfo( { 'version': 0, 'private_key_algorithm': PrivateKeyAlgorithm( { 'algorithm': ensure_unicode('ec'), 'parameters': ECDomainParameters(name='named', value=ensure_unicode('1.3.132.0.10')), } ), 'private_key': pk, } ).dump()