Code signing validation

[[EMAIL PROTECTED]]

Hello list

Having implemented code signing for my app I wanted to be able to do a  
quick visual check that things were as they should be.
I used the following to display a code signing validation  message in  
the app About window for both the application bundle and a couple of  
auxiliary executables.

Has anyone else done anything similar, or hopefully, better?
It would probably be a good idea to also check the signing identity.


#import <Cocoa/Cocoa.h>

typedef enum {
        CodesignUnrecognised = -2,
        CodesignError = -1,
        CodesignOkay = 0,
        CodesignFail = 1,
        CodesignInvalidArgs = 2,
        CodesignFailedRequirement = 3,
} CodesignResult;

@interface MGSCodeSigning : NSObject {
        NSString *_resultString;
}

@property (copy) NSString *resultString;

- (CodesignResult)validateExecutable;
- (CodesignResult)validatePath:(NSString *)path;
- (CodesignResult)validateApplication;

@end

#import "MGSCodeSigning.h"
#include <dlfcn.h>

@implementation MGSCodeSigning

@synthesize resultString = _resultString;

/*

 validate executable

 */
- (CodesignResult)validateExecutable
{
    Dl_info info;       
        int errDlAddr = dladdr( (const void *)__func__, &info );
    if(errDlAddr == 0) {
                return CodesignError;
    }
        char *exec_path = (char *)(info.dli_fname);
        
	NSString *path = [NSString stringWithCString:exec_path  
encoding:NSUTF8StringEncoding];
        return [self validatePath:path];
}
/*

 validate this application

 */
- (CodesignResult)validateApplication
{
        return [self validatePath:[[NSBundle mainBundle] bundlePath]];
}
/*

 validate path

 */
- (CodesignResult)validatePath:(NSString *)path
{
        self.resultString = nil;
        int status = CodesignError;
        
        @try {
		NSArray *arguments = [NSArray arrayWithObjects: @"--verify", path,   
nil];
                NSTask *task = [[NSTask alloc] init];
                
                [task setArguments:arguments];
                [task setLaunchPath:@"/usr/bin/codesign"];
                [task setStandardOutput:[NSFileHandle 
fileHandleWithNullDevice]];       
                [task setStandardError:[NSFileHandle 
fileHandleWithNullDevice]];        
                [task launch];
                [task waitUntilExit];
                status = [task terminationStatus];
                
                switch (status) {
                        case CodesignOkay:
                                self.resultString = NSLocalizedString(@"Valid", 
@"Codesign okay.");
                                break;
                                
                        case CodesignFail:
				self.resultString = NSLocalizedString(@"Invalid", @"Codesign  
failed.");
                                break;
                                
                        case CodesignInvalidArgs:
				self.resultString = NSLocalizedString(@"Invalid arguments",  
@"Codesign invalid arguments");
                                break;
                                
                        case CodesignFailedRequirement:
				self.resultString = NSLocalizedString(@"Failed requirement",  
@"Codesign failed requirement.");
                                break;
                        
                        default:
				self.resultString = NSLocalizedString(@"Unrecognised response",  
@"Codesign unrecognised response.");
                                status = CodesignUnrecognised;
                                break;
                                
                }
                
                if (status != CodesignOkay) {
                        NSLog(@"codesign failure: %@", self.resultString);
                }
                
                
        [EMAIL PROTECTED] (NSException *e) {
                NSLog(@"Exception launching codesign: %@", [e reason]);
                return CodesignError;
        }
        
        return status;
}

@end





_______________________________________________

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to [EMAIL PROTECTED]