diff options
author | 1Conan <7620342+1Conan@users.noreply.github.com> | 2021-11-05 01:47:21 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-11-04 13:47:21 -0400 |
commit | c1662728c3a87abda8aa737a334539d4189ab18b (patch) | |
tree | d65949caaceb10ee97d2dff2ce75d07e56e56d4c /docs | |
parent | df1cc52eccb739c2561e6002b18dee0c48137f1a (diff) | |
download | ldid-c1662728c3a87abda8aa737a334539d4189ab18b.tar.gz ldid-c1662728c3a87abda8aa737a334539d4189ab18b.tar.zst ldid-c1662728c3a87abda8aa737a334539d4189ab18b.zip |
Cleanup and switch to a Makefile (#7)
Diffstat (limited to 'docs')
-rw-r--r-- | docs/ldid.1 | 164 | ||||
-rw-r--r-- | docs/ldid.1.zh_TW | 168 |
2 files changed, 332 insertions, 0 deletions
diff --git a/docs/ldid.1 b/docs/ldid.1 new file mode 100644 index 0000000..fdab9ed --- /dev/null +++ b/docs/ldid.1 @@ -0,0 +1,164 @@ +.\"- +.\" Copyright (c) 2021 ProcursusTeam +.\" SPDX-License-Identifier: AGPL-3.0-or-later +.\" +.Dd October 8, 2021 +.Dt LDID 1 +.Os +.Sh NAME +.Nm ldid +.Nd Link Identity Editor +.Sh SYNOPSIS +.Nm +.Op Fl A Ns Ar cputype : Ns Ar subtype +.Op Fl a +.Op Fl C Ns Op Ar adhoc | Ar enforcement | Ar expires | Ar hard | Ar host | Ar kill | Ar library-validation | Ar restrict | Ar runtime +.Op Fl D +.Op Fl d +.Op Fl e +.Op Fl h +.Op Fl K Ns Ar key.p12 Op Fl U Ns Ar password +.Op Fl M +.Op Fl P +.Op Fl q +.Op Fl r | Fl S Ns Ar file.xml | Fl s +.Op Fl T Ns Ar timestamp +.Op Fl u +.Ar +.Sh DESCRIPTION +.Nm +adds SHA1 and SHA256 hashes to a Mach-O file so that they can be run on a system that has validation but not signature verification. +.Bl -tag -width -indent +.It Fl a +Print the CPU types and subtypes in hexadecimal. +.It Fl A Ns Ar cputype : Ns Ar subtype +When used with +.Fl a , Fl D , Fl e , Fl h , Fl q , +or +.Fl u , +only act on the slice specified by +.Ar cputype +and +.Ar subtype . +.Ar cputype +and +.Ar subtype +should both be integers. +.It Fl C Ns Op Ar adhoc | Ar enforcement | Ar expires | Ar hard | Ar host | Ar kill | Ar library-validation | Ar restrict | Ar runtime +Specify the option flags to embed in the code signature. +See +.Xr codesign 1 +for details about these options. +.It Fl D +Reset the cryptid. +.It Fl d +Print the cryptid in the binaries if it exists. +For compatibility reasons it also acts as +.Fl h , +but this will be removed in the future. +.It Fl e +Print the entitlements in each slice, or the slice specified by +.Fl A , +to +.Ar stdout . +.It Fl h +Print information about the signature, such as hash types, flags, CDHash, and CodeDirectory version to +.Ar stdout . +.It Fl K Ns Ar key.p12 +Sign using the identity in +.Ar key.p12 . +This will give the binary a valid signature so that it can be run on a system with signature validation. +If +.Ar key.p12 +has a password you will be prompted for it, or you can specify from the command line with +.Fl U . +.It Fl M +When used with +.Fl S , +merge the new and existing entitlements instead of replacing the existing entitlements, this is useful for adding a few specific entitlements to a handful of binaries. +.It Fl P +Mark the Mach-O as a platform binary. +.It Fl Q Ns Ar file +Embed the requirements found in +.Ar file . +.It Fl q +Print embedded requirements of the binaries. +.It Fl r +Remove the signature from the Mach-O. +.It Fl S Ns Op Ar file.xml +Pseudo-sign the Mach-O binaries. +If +.Ar file.xml +is specified then the entitlements found in +.Ar file.xml +will be embedded in the Mach-O. +.It Fl s +Resign the Mach-O binaries while keeping the existing entitlements. +.It Fl T Ns Ar timestamp +When signing a dylib, set the timestamp to +.Ar timestamp . +.Ar timestamp +should be an UNIX timestamp in seconds, if +.Ar timestamp +is a single dash +.Pq Sq Fl , +the timestamp will be set to a hash of the Mach-O header. +.It Fl U Ns Ar password +Use +.Ar password +as the password for the p12 certificate instead of prompting. +.It Fl u +If the binary was linked against UIKit, then print the UIKit version that the Mach-O binaries was linked against. +.El +.Sh EXAMPLES +The command: +.Pp +.Dl "ldid -S file" +.Pp +will fakesign +.Ar file +with no entitlements. +.Pp +The command: +.Pp +.Dl "ldid -Cadhoc -K/path/to/key.p12 -Sent.xml file" +.Pp +will sign +.Ar file +using the key in +.Ar /path/to/key.p12 +with the entitlements found in +.Ar ent.xml , +and mark it as an adhoc signature. +.Pp +The command: +.Pp +.Dl "ldid -Sent.xml -M file" +.Pp +will add the entitlements in +.Ar ent.xml +to the entitlements already in +.Ar file . +.Pp +The command: +.Pp +.Dl "ldid -e file > ent.xml" +.Pp +will save the entitlements found in each slice of +.Ar file +to +.Ar ent.xml . +.Sh SEE ALSO +.Xr codesign 1 +.Sh HISTORY +The +.Nm +utility was written by +.An Jay \*qSaurik\*q Freeman . +iPhoneOS 1.2.0 and 2.0 support was added on April 6, 2008. +.Fl S +was added on June 13, 2008. +SHA256 support was added on August 25, 2016, fixing iOS 11 support. +iOS 14 support was added on July 31, 2020 by +.An Kabir Oberai . +iOS 15 support was added on June 11, 2021. diff --git a/docs/ldid.1.zh_TW b/docs/ldid.1.zh_TW new file mode 100644 index 0000000..257b4b1 --- /dev/null +++ b/docs/ldid.1.zh_TW @@ -0,0 +1,168 @@ +.\"- +.\" Copyright (c) 2021 ProcursusTeam +.\" SPDX-License-Identifier: AGPL-3.0-or-later +.\" +.Dd October 8, 2021 +.Dt LDID 1 +.Os +.Sh 名稱 +.Nm ldid +.Nd 鏈接身份編輯器 +.Sh 語法 +.Nm +.Op Fl A Ns Ar cputype : Ns Ar subtype +.Op Fl a +.Op Fl C Ns Op Ar adhoc | Ar enforcement | Ar expires | Ar hard | Ar host | Ar kill | Ar library-validation | Ar restrict | Ar runtime +.Op Fl D +.Op Fl d +.Op Fl e +.Op Fl h +.Op Fl K Ns Ar key.p12 Op Fl U Ns Ar password +.Op Fl M +.Op Fl P +.Op Fl q +.Op Fl r | Fl S Ns Ar 檔案.xml | Fl s +.Op Fl T Ns Ar timestamp +.Op Fl u +.Ar +.Sh 描述 +.Nm +把SHA1和SHA256雜湊值加入到Mach-O檔案中,讓它們能在有驗證但沒有簽署驗證的系統上運行。 +.Bl -tag -width -indent +.It Fl a +以十六進制印出處理器類型和亞類型。 +.It Fl A Ns Ar cputype : Ns Ar subtype +當和 +.Fl a , Fl D , Fl e , Fl h , Fl q , +或 +.Fl u , +一起被使用時,只作用在被 +.Ar cputype +和 +.Ar subtype . +.Ar cputype +和 +.Ar subtype +指定的部分。它們都應該是整數。 +.It Fl C Ns Op Ar adhoc | Ar enforcement | Ar expires | Ar hard | Ar host | Ar kill | Ar library-validation | Ar restrict | Ar runtime +設定要在檔案中包含的程式碼簽署選項。 +請看 +.Xr codesign 1 +來獲得關於這些選項的更多資訊。 +.It Fl D +重設加密碼 (cryptid)。 +.It Fl d +輸出在二進位檔案中的加密碼。 +由於兼容性原因,這像 +.Fl h , +但在將來這會被移除。 +.It Fl e +把每一部分的權限印出, 或印出 +.Fl A , +所指定的部分的權限 +.Ar 到標準輸出。 +.It Fl h +印出關於簽署的資訊,包括雜湊值的類型,選項,CDHash, 和 CodeDirectory 版本到 +.Ar 標準輸出。 . +.It Fl K Ns Ar key.p12 +用在 +.Ar key.p12 . +的身份簽署。這會給二進位檔案有一個有效的簽署,令它能夠在有簽署驗證的系統上運行。 +如果 +.Ar key.p12 +有密碼的話,你會被詢問。你也可以用 +.Fl U . +.Ar 選項來提供密碼。 . +.It Fl M +當和 +.Fl S , +一起使用時,和現有的權限合併而不是取代它。 這在加入權限時有用。 +.It Fl P +將這個Mach-O二進位檔案標示為系統二進位檔案。 +.It Fl Q Ns Ar 檔案 +把需求嵌入到 +.Ar 檔案 . +中。 +.It Fl q +印出被嵌入在二進位檔案中的需求。 +.It Fl r +從Mach-O檔案中刪除簽署。 +.It Fl S Ns Op Ar 檔案.xml +偽簽署Mach-O檔案。 +如果提供了 +.Ar 檔案.xml +那麼在 +.Ar 檔案.xml +中的權限會被嵌入到Mach-O中。 +.It Fl s +重新簽署Mach-O檔案但保留現有權限。 +.It Fl T Ns Ar 時間印章 +當簽署一個動態鏈結函式庫時,把時間印章設定為 +.Ar 時間印章 . +.Ar 時間印章 +應該是一個以秒作為單位的UNIX時間印章,如果 +.Ar +是一個連字號的話 +.Pq Sq Fl , +時間印章會被設定為Mach-O頭中的時間印章。 +.It Fl U Ns Ar 密碼 +使用 +.Ar 密碼 +作為p12證書的密碼,而不是詢問。 +.It Fl u +如果Mach-O檔案有和UIKit鏈結,印出被鏈結的UIKit版本。 +.El +.Sh 例子 +指令: +.Pp +.Dl "ldid -S 檔案" +.Pp +會偽簽署 +.Ar 檔案 +而且不嵌入任何權限。 +.Pp +指令: +.Pp +.Dl "ldid -Cadhoc -K/path/to/key.p12 -Sent.xml 檔案" +.Pp +會使用 +.Ar /path/to/key.p12 +中的私錀來簽署 +.Ar 檔案 +也會使用在 +.Ar ent.xml , +中的權限並把簽署標示為特別用途 (adhoc) 簽署。. +.Pp +指令: +.Pp +.Dl "ldid -Sent.xml -M 檔案" +.Pp +會把 +.Ar ent.xml +中的權限加入到已經在 +.Ar 檔案 . +中的權限。 +.Pp +指令: +.Pp +.Dl "ldid -e 檔案 > ent.xml" +.Pp +會把在 +.Ar 檔案 +中每一部分的權限儲存到 +.Ar ent.xml . +.Sh 另見 +.Xr codesign 1 +.Sh 歷史 +這個 +.Nm +工具程式是由 +.An Jay \*qSaurik\*q Freeman . 所編寫的。 +對iPhoneOS 1.2.0 和 2.0 的支援在2008年4月6號被加入。 +.Fl S +在2008年6月13日被加入。. +SHA256 支援在2016年8月25日被加入,修正iOS 11支援。 +iOS 14支援在2020年7月31日由 +.An Kabir Oberai . +加入。 +iOS 15支援在2021年6月11日加入。 |