#include <sys/types.h>
#ifndef LDID_NOSMIME
+#include <openssl/opensslv.h>
+# if OPENSSL_VERSION_NUMBER >= 0x30000000
+# include <openssl/provider.h>
+# endif
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/pkcs7.h>
#include <openssl/pkcs12.h>
+#include <openssl/ui.h>
#endif
#ifdef __APPLE__
#define _packed \
__attribute__((packed))
+#ifndef LDID_NOSMIME
+std::string password;
+#endif
+
template <typename Type_>
struct Iterator_ {
typedef typename Type_::const_iterator Result;
#define _scope(function) \
_scope_(__COUNTER__, function)
-#define CPU_ARCH_MASK uint32_t(0xff000000)
-#define CPU_ARCH_ABI64 uint32_t(0x01000000)
+#define CPU_ARCH_MASK uint32_t(0xff000000)
+#define CPU_ARCH_ABI64 uint32_t(0x01000000)
+#define CPU_ARCH_ABI64_32 uint32_t(0x02000000)
#define CPU_TYPE_ANY uint32_t(-1)
#define CPU_TYPE_VAX uint32_t( 1)
#define CPU_TYPE_ARM64 (CPU_ARCH_ABI64 | CPU_TYPE_ARM)
#define CPU_TYPE_POWERPC64 (CPU_ARCH_ABI64 | CPU_TYPE_POWERPC)
#define CPU_TYPE_X86_64 (CPU_ARCH_ABI64 | CPU_TYPE_X86)
+#define CPU_TYPE_ARM64_32 (CPU_TYPE_ARM | CPU_ARCH_ABI64_32)
struct fat_header {
uint32_t magic;
static std::vector<Algorithm *> algorithms;
if (algorithms.empty()) {
- if (do_sha1)
- algorithms.push_back(&sha1);
if (do_sha256)
algorithms.push_back(&sha256);
+ if (do_sha1)
+ algorithms.push_back(&sha1);
}
return algorithms;
break;
case CPU_TYPE_ARM:
case CPU_TYPE_ARM64:
+ case CPU_TYPE_ARM64_32:
align = 0xe;
break;
default:
case CPU_TYPE_ARM64:
arch = "arm64";
break;
+ case CPU_TYPE_ARM64_32:
+ arch = "arm64_32";
+ break;
}
offset = Align(offset, 1 << align);
ca_(NULL)
{
_assert(value_ != NULL);
- _assert(PKCS12_parse(value_, "", &key_, &cert_, &ca_) != 0);
+ if (!PKCS12_verify_mac(value_, "", 0) && password.empty()) {
+ char passbuf[2048];
+ UI_UTIL_read_pw_string(passbuf, 2048, "Enter password: ", 0);
+ password = passbuf;
+ }
+
+ _assert(PKCS12_parse(value_, password.c_str(), &key_, &cert_, &ca_) != 0);
_assert(key_ != NULL);
_assert(cert_ != NULL);
}
static void usage(const char *argv0) {
- fprintf(stderr, "usage: %s -S[entitlements.xml] <binary>\n", argv0);
- fprintf(stderr, " %s -e MobileSafari\n", argv0);
- fprintf(stderr, " %s -S cat\n", argv0);
- fprintf(stderr, " %s -Stfp.xml gdb\n", argv0);
+ fprintf(stderr, "Link Identity Editor %s\n\n", LDID_VERSION);
+ fprintf(stderr, "usage: %s [-Acputype:subtype] [-a]\n", argv0);
+ fprintf(stderr, " [-C[adhoc | enforcement | expires | hard |\n");
+ fprintf(stderr, " host | kill | library-validation | restrict | runtime]] [-D] [-d]\n");
+ fprintf(stderr, " [-e] [-h] [-Kkey.p12 [-Upassword]] [-M] [-P] [-q] [-r | -Sfile | -s]\n");
+ fprintf(stderr, " [-Ttimestamp] [-u] file ...\n\n");
+ fprintf(stderr, "Options:\n");
+ fprintf(stderr, " -S[file.xml] Pseudo-sign using the entitlements in file.xml\n");
+ fprintf(stderr, " -Kkey.p12 Sign using private key in key.p12\n");
+ fprintf(stderr, " -Upassword Use password to unlock key.p12\n");
+ fprintf(stderr, " -M Merge entitlements with any existing\n");
+ fprintf(stderr, " -h Print CDHash of file\n\n");
+ fprintf(stderr, "More information: 'man ldid'\n");
}
#ifndef LDID_NOTOOLS
int main(int argc, char *argv[]) {
#ifndef LDID_NOSMIME
OpenSSL_add_all_algorithms();
+# if OPENSSL_VERSION_NUMBER >= 0x30000000
+ OSSL_PROVIDER *legacy = OSSL_PROVIDER_load(NULL, "legacy");
+ OSSL_PROVIDER *deflt = OSSL_PROVIDER_load(NULL, "default");
+# endif
#endif
union {
flag_M = true;
break;
+ case 'U':
+ password = argv[argi] + 2;
+ break;
+
case 'K':
if (argv[argi][2] != '\0')
key.open(argv[argi] + 2, O_RDONLY, PROT_READ, MAP_PRIVATE);
++filei;
}
+#ifndef LDID_NOSMINE
+# if OPENSSL_VERSION_NUM >= 0x30000000
+ OSSL_PROVIDER_unload(legacy);
+ OSSL_PROVIDER_unload(deflt);
+# endif
+#endif
+
return filee;
}
#endif
git.ckatri.com / ldid.git / blobdiff