Adds Application::entitlements()

rileytestut · rileytestut · commit 0f9fd293f2a8 · 2020-12-17T12:04:35.000-06:00
diff --git a/AltSign/Application.cpp b/AltSign/Application.cpp
@@ -9,9 +9,13 @@
 #include "Application.hpp"
 
 #include "Error.hpp"
+#include "ldid.hpp"
 
 #include <fstream>
 #include <filesystem>
+#include <WinSock2.h>
+
+#define odslog(msg) { std::stringstream ss; ss << msg << std::endl; OutputDebugStringA(ss.str().c_str()); }
 
 extern std::vector<unsigned char> readFile(const char* filename);
 
@@ -23,6 +27,37 @@ Application::Application()
 
 Application::~Application()
 {
+	for (auto& pair : _entitlements)
+	{
+		plist_free(pair.second);
+	}
+}
+
+Application::Application(const Application& app)
+{
+	_name = app.name();
+	_bundleIdentifier = app.bundleIdentifier();
+	_version = app.version();
+	_path = app.path();
+
+	// Don't assign _entitlementsString or _entitlements,
+	// since each copy will create its own entitlements lazily.
+	// Otherwise there might be duplicate frees in deconstructor.
+}
+
+Application& Application::operator=(const Application& app)
+{
+	if (this == &app)
+	{
+		return *this;
+	}
+
+	_name = app.name();
+	_bundleIdentifier = app.bundleIdentifier();
+	_version = app.version();
+	_path = app.path();
+
+	return *this;
 }
 
 Application::Application(std::string appBundlePath)
@@ -136,4 +171,57 @@ std::vector<std::shared_ptr<Application>> Application::appExtensions() const
 	}
 
 	return appExtensions;
+}
+
+std::string Application::entitlementsString()
+{
+	if (_entitlementsString == "")
+	{
+		_entitlementsString = ldid::Entitlements(this->path());
+	}
+
+	return _entitlementsString;
+}
+
+std::map<std::string, plist_t> Application::entitlements()
+{
+	if (_entitlements.size() == 0)
+	{
+		auto rawEntitlements = this->entitlementsString();
+
+		plist_t plist = nullptr;
+		plist_from_memory((const char*)rawEntitlements.data(), (int)rawEntitlements.size(), &plist);
+
+		if (plist != nullptr)
+		{
+			std::map<std::string, plist_t> entitlements;
+			char* key = NULL;
+			plist_t node = NULL;
+
+			plist_dict_iter it = NULL;
+			plist_dict_new_iter(plist, &it);
+			plist_dict_next_item(plist, it, &key, &node);
+
+			while (node != nullptr)
+			{
+				entitlements[key] = plist_copy(node);
+
+				node = NULL;
+				free(key);
+				key = NULL;
+				plist_dict_next_item(plist, it, &key, &node);
+			}
+
+			free(it);
+			plist_free(plist);
+
+			_entitlements = entitlements;
+		}
+		else
+		{
+			odslog("Error parsing entitlements:\n" << rawEntitlements);
+		}
+	}
+
+	return _entitlements;
 }
diff --git a/AltSign/Application.hpp b/AltSign/Application.hpp
@@ -15,6 +15,7 @@
 #include <optional>
 #include <string>
 #include <memory>
+#include <map>
 
 #include <plist/plist.h>
 
@@ -27,6 +28,9 @@ class Application
     ~Application();
     
     Application(std::string appBundlePath) /* throws */;
+
+	Application(const Application& app);
+	Application& operator=(const Application& app);
     
     std::string name() const;
     std::string bundleIdentifier() const;
@@ -35,6 +39,8 @@ class Application
 
 	std::shared_ptr<ProvisioningProfile> provisioningProfile();
 	std::vector<std::shared_ptr<Application>> appExtensions() const;
+
+	std::map<std::string, plist_t> entitlements();
     
     friend std::ostream& operator<<(std::ostream& os, const Application& app);
     
@@ -45,6 +51,11 @@ class Application
     std::string _path;
 
 	std::shared_ptr<ProvisioningProfile> _provisioningProfile;
+
+	std::string _entitlementsString;
+	std::map<std::string, plist_t> _entitlements;
+
+	std::string entitlementsString();
 };
 
 #pragma GCC visibility pop
diff --git a/ldid/ldid.cpp b/ldid/ldid.cpp
@@ -2504,6 +2504,104 @@ namespace ldid {
 	}
 #endif
 
+	// Based heavily on ldid::Sign executable locating logic.
+	std::string ExecutablePath(std::string bundlePath)
+	{
+		auto folder = ldid::DiskFolder(bundlePath);
+
+		std::string executable;
+
+		bool mac(false);
+
+		std::string info("Info.plist");
+		if (!folder.Look(info) && folder.Look("Resources/" + info)) {
+			mac = true;
+			info = "Resources/" + info;
+		}
+
+		folder.Open(info, fun([&](std::streambuf& buffer, size_t length, const void* flag) {
+			plist_d(buffer, length, fun([&](plist_t node) {
+				executable = plist_s(plist_dict_get_item(node, "CFBundleExecutable"));
+				}));
+			}));
+
+		if (!mac && folder.Look("MacOS/" + executable)) {
+			executable = "MacOS/" + executable;
+			mac = true;
+		}
+
+		return executable;
+	}
+
+	// Based heavily on ldid's -e argument logic.
+	std::string Entitlements(std::string path)
+	{
+		struct stat info;
+		_syscall(stat(path.c_str(), &info));
+
+		if (S_ISDIR(info.st_mode))
+		{
+			path += "/" + ExecutablePath(path);
+		}
+
+		std::stringstream stringstream;
+
+		Map mapping(path, false);
+		FatHeader fat_header(mapping.data(), mapping.size());
+
+		_foreach(mach_header, fat_header.GetMachHeaders())
+		{
+			struct linkedit_data_command* signature(NULL);
+
+			_foreach(load_command, mach_header.GetLoadCommands())
+			{
+				uint32_t cmd(mach_header.Swap(load_command->cmd));
+				if (cmd == LC_CODE_SIGNATURE)
+				{
+					signature = reinterpret_cast<struct linkedit_data_command*>(load_command);
+				}
+			}
+
+			if (signature != NULL)
+			{
+				uint32_t data = mach_header.Swap(signature->dataoff);
+
+				uint8_t* top = reinterpret_cast<uint8_t*>(mach_header.GetBase());
+				uint8_t* blob = top + data;
+				struct SuperBlob* super = reinterpret_cast<struct SuperBlob*>(blob);
+
+				for (size_t index(0); index != Swap(super->count); ++index)
+				{
+					if (Swap(super->index[index].type) == CSSLOT_ENTITLEMENTS)
+					{
+						uint32_t begin = Swap(super->index[index].offset);
+						struct Blob* entitlements = reinterpret_cast<struct Blob*>(blob + begin);
+
+						char* bytes = (char*)(entitlements + 1);
+						int size = Swap(entitlements->length) - sizeof(*entitlements);
+
+						for (int i = 0; i < size; i++)
+						{
+							char byte = bytes[i];
+							stringstream << byte;
+						}
+
+						if (size > 0)
+						{
+							auto entitlementsString = stringstream.str();
+
+							// One valid mach_header is all we need to retrieve entitlements, so return to stop iterating over the next ones.
+							return entitlementsString;
+						}
+					}
+				}
+			}
+		}
+
+		// No entitlements found in any mach_header, so return empty string.
+		return "";
+	}
+
 #endif
 }
 
diff --git a/ldid/ldid.hpp b/ldid/ldid.hpp
@@ -154,6 +154,7 @@ typedef std::map<uint32_t, Hash> Slots;
 
 Hash Sign(const void *idata, size_t isize, std::streambuf &output, const std::string &identifier, const std::string &entitlements, const std::string &requirement, const std::string &key, const Slots &slots, const Functor<void (double)> &percent);
 
+__declspec(dllexport) std::string Entitlements(std::string path);
 }
 
 #endif//LDID_HPP

Original file line number	Diff line number	Diff line change
`@@ -154,6 +154,7 @@ typedef std::map<uint32_t, Hash> Slots;`
`154`	`154`
`155`	`155`	`Hash Sign(const void *idata, size_t isize, std::streambuf &output, const std::string &identifier, const std::string &entitlements, const std::string &requirement, const std::string &key, const Slots &slots, const Functor<void (double)> &percent);`
`156`	`156`
	`157`	`+__declspec(dllexport) std::string Entitlements(std::string path);`
`157`	`158`	`}`
`158`	`159`
`159`	`160`	`#endif//LDID_HPP`