Enum apple_codesign::code_requirement::CodeRequirementExpression

source · []
pub enum CodeRequirementExpression<'a> {

Show 24 variants    False,
    True,
    Identifier(Cow<'a, str>),
    AnchorApple,
    AnchorCertificateHash(i32Cow<'a, [u8]>),
    InfoKeyValueLegacy(Cow<'a, str>, Cow<'a, str>),
    And(Box<CodeRequirementExpression<'a>>, Box<CodeRequirementExpression<'a>>),
    Or(Box<CodeRequirementExpression<'a>>, Box<CodeRequirementExpression<'a>>),
    CodeDirectoryHash(Cow<'a, [u8]>),
    Not(Box<CodeRequirementExpression<'a>>),
    InfoPlistKeyField(Cow<'a, str>, CodeRequirementMatchExpression<'a>),
    CertificateField(i32Cow<'a, str>, CodeRequirementMatchExpression<'a>),
    CertificateTrusted(i32),
    AnchorTrusted,
    CertificateGeneric(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>),
    AnchorAppleGeneric,
    EntitlementsKey(Cow<'a, str>, CodeRequirementMatchExpression<'a>),
    CertificatePolicy(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>),
    NamedAnchor(Cow<'a, str>),
    NamedCode(Cow<'a, str>),
    Platform(u32),
    Notarized,
    CertificateFieldDate(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>),
    LegacyDeveloperId,

}
Expand description

Defines a code requirement expression.

Variants

False

False

false

No payload.

True

True

true

No payload.

Identifier(Cow<'a, str>)

Signing identifier.

identifier <string>

4 bytes length followed by C string.

AnchorApple

The certificate chain must lead to an Apple root.

anchor apple

No payload.

AnchorCertificateHash(i32Cow<'a, [u8]>)

The certificate chain must anchor to a certificate with specified SHA-1 hash.

anchor <slot> H"<hash>"

4 bytes slot number, 4 bytes hash length, hash value.

InfoKeyValueLegacy(Cow<'a, str>, Cow<'a, str>)

Info.plist key value (legacy).

info[<key>] = <value>

2 pairs of (length + value).

And(Box<CodeRequirementExpression<'a>>, Box<CodeRequirementExpression<'a>>)

Logical and.

expr0 and expr1

Payload consists of 2 sub-expressions with no additional encoding.

Or(Box<CodeRequirementExpression<'a>>, Box<CodeRequirementExpression<'a>>)

Logical or.

expr0 or expr1

Payload consists of 2 sub-expressions with no additional encoding.

CodeDirectoryHash(Cow<'a, [u8]>)

Code directory hash.

`cdhash H“

4 bytes length followed by raw digest value.

Not(Box<CodeRequirementExpression<'a>>)

Logical not.

!expr

Payload is 1 sub-expression.

InfoPlistKeyField(Cow<'a, str>, CodeRequirementMatchExpression<'a>)

Info plist key field.

info [key] match expression

e.g. info [CFBundleName] exists

4 bytes key length, key string, then match expression.

CertificateField(i32Cow<'a, str>, CodeRequirementMatchExpression<'a>)

Certificate field matches.

certificate <slot> [<field>] match expression

Slot i32, 4 bytes field length, field string, then match expression.

CertificateTrusted(i32)

Certificate in position is trusted for code signing.

certificate <position> trusted

4 bytes certificate position.

AnchorTrusted

The certificate chain must lead to a trusted root.

anchor trusted

No payload.

CertificateGeneric(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>)

Certificate field matches by OID.

certificate <slot> [field.<oid>] match expression

Slot i32, 4 bytes OID length, OID raw bytes, match expression.

AnchorAppleGeneric

For code signed by Apple, including from code signing certificates issued by Apple.

anchor apple generic

No payload.

EntitlementsKey(Cow<'a, str>, CodeRequirementMatchExpression<'a>)

Value associated with specified key in signature’s embedded entitlements dictionary.

entitlement [<key>] match expression

4 bytes key length, key bytes, match expression.

CertificatePolicy(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>)

OID associated with certificate in a given slot.

It is unknown what the OID means.

certificate <slot> [policy.<oid>] match expression

NamedAnchor(Cow<'a, str>)

A named Apple anchor.

anchor apple <name>

4 bytes name length, name bytes.

NamedCode(Cow<'a, str>)

Named code.

(<name>)

4 bytes name length, name bytes.

Platform(u32)

Platform value.

platform = <value>

Payload is a u32.

Notarized

Binary is notarized.

notarized

No Payload.

CertificateFieldDate(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>)

Certificate field date.

Unknown what the OID corresponds to.

certificate <slot> [timestamp.<oid>] match expression

LegacyDeveloperId

Legacy developer ID used.

Implementations

Construct an expression element by reading from a slice.

Returns the newly constructed element and remaining data in the slice.

Write binary representation of this expression to a destination.

Produce the binary serialization of this expression.

The blob header/magic is not included.

Trait Implementations

Returns a copy of the value. Read more
Performs copy-assignment from source. Read more
Formats the value using the given formatter. Read more
Formats the value using the given formatter. Read more
This method tests for self and other values to be equal, and is used by ==. Read more
This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason. Read more

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more
Converts self into T using Into<T>. Read more
Causes self to use its Binary implementation when Debug-formatted. Read more
Causes self to use its Display implementation when Debug-formatted. Read more
Causes self to use its LowerExp implementation when Debug-formatted. Read more
Causes self to use its LowerHex implementation when Debug-formatted. Read more
Causes self to use its Octal implementation when Debug-formatted. Read more
Causes self to use its Pointer implementation when Debug-formatted. Read more
Causes self to use its UpperExp implementation when Debug-formatted. Read more
Causes self to use its UpperHex implementation when Debug-formatted. Read more
Formats each item in a sequence. Read more

Returns the argument unchanged.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Pipes by value. This is generally the method you want to use. Read more
Borrows self and passes that borrow into the pipe function. Read more
Mutably borrows self and passes that borrow into the pipe function. Read more
Borrows self, then passes self.borrow() into the pipe function. Read more
Mutably borrows self, then passes self.borrow_mut() into the pipe function. Read more
Borrows self, then passes self.as_ref() into the pipe function.
Mutably borrows self, then passes self.as_mut() into the pipe function. Read more
Borrows self, then passes self.deref() into the pipe function.
Mutably borrows self, then passes self.deref_mut() into the pipe function. Read more
The alignment of pointer.
The type for initializers.
Initializes a with the given initializer. Read more
Dereferences the given pointer. Read more
Mutably dereferences the given pointer. Read more
Drops the object pointed to by the given pointer. Read more
Should always be Self
Immutable access to a value. Read more
Mutable access to a value. Read more
Immutable access to the Borrow<B> of a value. Read more
Mutable access to the BorrowMut<B> of a value. Read more
Immutable access to the AsRef<R> view of a value. Read more
Mutable access to the AsMut<R> view of a value. Read more
Immutable access to the Deref::Target of a value. Read more
Mutable access to the Deref::Target of a value. Read more
Calls .tap() only in debug builds, and is erased in release builds.
Calls .tap_mut() only in debug builds, and is erased in release builds. Read more
Calls .tap_borrow() only in debug builds, and is erased in release builds. Read more
Calls .tap_borrow_mut() only in debug builds, and is erased in release builds. Read more
Calls .tap_ref() only in debug builds, and is erased in release builds. Read more
Calls .tap_ref_mut() only in debug builds, and is erased in release builds. Read more
Calls .tap_deref() only in debug builds, and is erased in release builds. Read more
Calls .tap_deref_mut() only in debug builds, and is erased in release builds. Read more
The resulting type after obtaining ownership.
Creates owned data from borrowed data, usually by cloning. Read more
Uses borrowed data to replace owned data, usually by cloning. Read more
Converts the given value to a String. Read more
Attempts to convert self into T using TryInto<T>. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more