Enum tugger_apple_codesign::code_requirement::CodeRequirementExpression[][src]

pub enum CodeRequirementExpression<'a> {
    False,
    True,
    Identifier(Cow<'a, str>),
    AnchorApple,
    AnchorCertificateHash(i32Cow<'a, [u8]>),
    InfoKeyValueLegacy(Cow<'a, str>, Cow<'a, str>),
    And(Box<CodeRequirementExpression<'a>>, Box<CodeRequirementExpression<'a>>),
    Or(Box<CodeRequirementExpression<'a>>, Box<CodeRequirementExpression<'a>>),
    CodeDirectoryHash(Cow<'a, [u8]>),
    Not(Box<CodeRequirementExpression<'a>>),
    InfoPlistKeyField(Cow<'a, str>, CodeRequirementMatchExpression<'a>),
    CertificateField(i32Cow<'a, str>, CodeRequirementMatchExpression<'a>),
    CertificateTrusted(i32),
    AnchorTrusted,
    CertificateGeneric(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>),
    AnchorAppleGeneric,
    EntitlementsKey(Cow<'a, str>, CodeRequirementMatchExpression<'a>),
    CertificatePolicy(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>),
    NamedAnchor(Cow<'a, str>),
    NamedCode(Cow<'a, str>),
    Platform(u32),
    Notarized,
    CertificateFieldDate(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>),
    LegacyDeveloperId,
}

Defines a code requirement expression.

Variants

False

False

false

No payload.

True

True

true

No payload.

Identifier(Cow<'a, str>)

Signing identifier.

identifier <string>

4 bytes length followed by C string.

AnchorApple

The certificate chain must lead to an Apple root.

anchor apple

No payload.

AnchorCertificateHash(i32Cow<'a, [u8]>)

The certificate chain must anchor to a certificate with specified SHA-1 hash.

anchor <slot> H"<hash>"

4 bytes slot number, 4 bytes hash length, hash value.

InfoKeyValueLegacy(Cow<'a, str>, Cow<'a, str>)

Info.plist key value (legacy).

info[<key>] = <value>

2 pairs of (length + value).

Logical and.

expr0 and expr1

Payload consists of 2 sub-expressions with no additional encoding.

Logical or.

expr0 or expr1

Payload consists of 2 sub-expressions with no additional encoding.

CodeDirectoryHash(Cow<'a, [u8]>)

Code directory hash.

`cdhash H“

4 bytes length followed by raw digest value.

Logical not.

!expr

Payload is 1 sub-expression.

InfoPlistKeyField(Cow<'a, str>, CodeRequirementMatchExpression<'a>)

Info plist key field.

info [key] match expression

e.g. info [CFBundleName] exists

4 bytes key length, key string, then match expression.

CertificateField(i32Cow<'a, str>, CodeRequirementMatchExpression<'a>)

Certificate field matches.

certificate <slot> [<field>] match expression

Slot i32, 4 bytes field length, field string, then match expression.

CertificateTrusted(i32)

Certificate in position is trusted for code signing.

certificate <position> trusted

4 bytes certificate position.

AnchorTrusted

The certificate chain must lead to a trusted root.

anchor trusted

No payload.

CertificateGeneric(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>)

Certificate field matches by OID.

certificate <slot> [field.<oid>] match expression

Slot i32, 4 bytes OID length, OID raw bytes, match expression.

AnchorAppleGeneric

For code signed by Apple, including from code signing certificates issued by Apple.

anchor apple generic

No payload.

EntitlementsKey(Cow<'a, str>, CodeRequirementMatchExpression<'a>)

Value associated with specified key in signature’s embedded entitlements dictionary.

entitlement [<key>] match expression

4 bytes key length, key bytes, match expression.

CertificatePolicy(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>)

OID associated with certificate in a given slot.

It is unknown what the OID means.

certificate <slot> [policy.<oid>] match expression

NamedAnchor(Cow<'a, str>)

A named Apple anchor.

anchor apple <name>

4 bytes name length, name bytes.

NamedCode(Cow<'a, str>)

Named code.

(<name>)

4 bytes name length, name bytes.

Platform(u32)

Platform value.

platform = <value>

Payload is a u32.

Notarized

Binary is notarized.

notarized

No Payload.

CertificateFieldDate(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>)

Certificate field date.

Unknown what the OID corresponds to.

certificate <slot> [timestamp.<oid>] match expression

LegacyDeveloperId

Legacy developer ID used.

Implementations

impl<'a> CodeRequirementExpression<'a>[src]

pub fn from_bytes(
    data: &'a [u8]
) -> Result<(Self, &'a [u8]), AppleCodesignError>[src]

Construct an expression element by reading from a slice.

Returns the newly constructed element and remaining data in the slice.

pub fn write_to(&self, dest: &mut impl Write) -> Result<(), AppleCodesignError>[src]

Write binary representation of this expression to a destination.

pub fn to_bytes(&self) -> Result<Vec<u8>, AppleCodesignError>[src]

Produce the binary serialization of this expression.

The blob header/magic is not included.

Trait Implementations

impl<'a> Clone for CodeRequirementExpression<'a>[src]

impl<'a> Debug for CodeRequirementExpression<'a>[src]

impl<'a> Display for CodeRequirementExpression<'a>[src]

impl<'a> PartialEq<CodeRequirementExpression<'a>> for CodeRequirementExpression<'a>[src]

impl<'a> StructuralPartialEq for CodeRequirementExpression<'a>[src]

Auto Trait Implementations

Blanket Implementations

impl<T> Any for T where
    T: 'static + ?Sized[src]

impl<T> Borrow<T> for T where
    T: ?Sized[src]

impl<T> BorrowMut<T> for T where
    T: ?Sized[src]

impl<T> From<T> for T[src]

impl<T> Instrument for T[src]

impl<T, U> Into<U> for T where
    U: From<T>, [src]

impl<T> SendSyncUnwindSafe for T where
    T: Send + Sync + UnwindSafe + ?Sized[src]

impl<T> ToOwned for T where
    T: Clone[src]

type Owned = T

The resulting type after obtaining ownership.

impl<T> ToString for T where
    T: Display + ?Sized[src]

impl<T, U> TryFrom<U> for T where
    U: Into<T>, [src]

type Error = Infallible

The type returned in the event of a conversion error.

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>, [src]

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.