Struct tugger_apple_codesign::MachOSigner[][src]

pub struct MachOSigner<'data> { /* fields omitted */ }
Expand description

Mach-O binary signer.

This type provides a high-level interface for signing Mach-O binaries. It handles parsing and rewriting Mach-O binaries and contains most of the functionality for producing signatures for individual Mach-O binaries.

Signing of both single architecture and fat/universal binaries is supported.

Circular Dependency

There is a circular dependency between the generation of the Code Directory present in the embedded signature and the Mach-O binary. See the note in crate::specification for the gory details. The tl;dr is the Mach-O data up to the signature data needs to be digested. But that digested data contains load commands that reference the signature data and its size, which can’t be known until the Code Directory, CMS blob, and SuperBlob are all created.

Our solution to this problem is to estimate the size of the embedded signature data and then pad the unused data will 0s.

Implementations

Construct a new instance from unparsed data representing a Mach-O binary.

The data will be parsed as a Mach-O binary (either single arch or fat/universal) and validated that we are capable of signing it.

Write signed Mach-O data to the given writer using signing settings.

Create data constituting the SuperBlob to be embedded in the __LINKEDIT segment.

The superblob contains the code directory, any extra blobs, and an optional CMS structure containing a cryptographic signature.

This takes an explicit Mach-O to operate on due to a circular dependency between writing out the Mach-O and digesting its content. See the note in MachOSigner for details.

Create a CMS SignedData structure containing a cryptographic signature.

This becomes the content of the EmbeddedSignature blob in the Signature slot.

This function will error if a signing key has not been specified.

This takes an explicit Mach-O to operate on due to a circular dependency between writing out the Mach-O and digesting its content. See the note in MachOSigner for details.

Create the CodeDirectory for the current configuration.

This takes an explicit Mach-O to operate on due to a circular dependency between writing out the Mach-O and digesting its content. See the note in MachOSigner for details.

Create blobs that need to be written given the current configuration.

This emits all blobs except CodeDirectory and Signature, which are special since they are derived from the blobs emitted here.

The goal of this function is to emit data to facilitate the creation of a CodeDirectory, which requires hashing blobs.

Trait Implementations

Formats the value using the given formatter. Read more

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Performs the conversion.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Performs the conversion.

Should always be Self

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more