diff options
Diffstat (limited to 'trustcache.1')
-rw-r--r-- | trustcache.1 | 146 |
1 files changed, 146 insertions, 0 deletions
diff --git a/trustcache.1 b/trustcache.1 new file mode 100644 index 0000000..68ec6e5 --- /dev/null +++ b/trustcache.1 @@ -0,0 +1,146 @@ +.\"- +.\" Copyright (c) 2022 Cameron Katri. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY CAMERON KATRI AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL CAMERON KATRI OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.Dd May 19, 2022 +.Dt TRUSTCACHE 1 +.Os +.Sh NAME +.Nm trustcache +.Nd Create and interact with trustcaches +.Sh SYNOPSIS +.Nm +.Cm append +.Op Fl f Ar flags +.Op Fl u Ar uuid | 0 +.Ar infile +.Ar +.Nm +.Cm create +.Op Fl u Ar uuid +.Op Fl v Ar version +.Ar outfile +.Ar +.Nm +.Cm info +.Op Fl c +.Op Fl h +.Op Fl e Ar entrynum +.Ar file +.Nm +.Cm remove +.Op Fl k +.Ar file +.Ar hash ... +.Sh DESCRIPTION +The +.Nm +utility is used to get info about and modify Apple trustcaches. +.Pp +The following commands are supported by +.Nm : +.Bl -tag -width create +.It Xo +.Cm append +.Op Fl f Ar flags +.Op Fl u Ar uuid | 0 +.Ar infile +.Ar +.Xc +Modify the trustcache at +.Ar infile +to include each signed Mach-O at the specified paths. +If +.Ar file +is both 40 characters and hexadecimal, that hash will be added to the cache. +.Ar uuid +is used to specify a custom uuid to be used. +If it is +.Ar 0 , +the uuid will be left the same, otherwise, it will be regenerated. +If +.Fl f +is specified, any new entries with have the flags specified at +.Ar flags . +.It Xo +.Cm create +.Op Fl u Ar uuid +.Op Fl v Ar version +.Ar outfile +.Ar +.Xc +Create a trustcache at +.Ar outfile . +Each Mach-O found in the specified inputs will be scanned for +a code signature and hashed. +Any malformed or unsigned Mach-O will be ignored. +Each slice of a FAT binary will have its hash included. +Versions 0 and 1 are supported, if not specified, 1 is assumed. +If +.Ar uuid +is specified, that will be used instead of a randomly generated one. +.It Xo +.Cm info +.Op Fl c +.Op Fl h +.Op Fl e Ar entrynum +.Ar file +.Xc +Print information about +.Ar file . +The output for each hash will be in the format: +.Pp +.Dl <cdhash> <flags> [<hash_type>] +.Pp +If the +.Fl c +is given, only the hashes will be printed. +If +.Fl h +is given, only the header will be printed. +If +.Ar entrynum +is specified, only that entry will be printed. +.It Xo +.Cm remove +.Op Fl k +.Ar file +.Ar hash ... +.Xc +Remove each specified hash from +.Ar file . +If +.Fl k +is specified, the uuid will not be regenerated. +The number of removed entries will be printed. +.El +.Sh EXIT STATUS +.Ex -std +.Sh SEE ALSO +.Xr cryptex-dump-trust-cache 1 , +.Xr cryptex-generate-trust-cache 1 +.Sh HISTORY +The +.Nm +utility was written by +.An Cameron Katri Aq Mt me@cameronkatri.com . |