Last active
January 14, 2020 16:44
-
-
Save pudquick/048abed7a62067c0a73705cf0a00bdb9 to your computer and use it in GitHub Desktop.
Obtain codesigning information with pyobjc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import objc | |
from Foundation import NSBundle, NSURL | |
Security = NSBundle.bundleWithIdentifier_('com.apple.security') | |
class StaticCodeError(Exception): | |
pass | |
class SigningInfoError(Exception): | |
pass | |
kSecCSDefaultFlags = 0 | |
kSecCSSigningInformation = 1 << 1 | |
kSecCSRequirementInformation = 1 << 2 | |
kSecCSCalculateCMSDigest = 1 << 6 | |
_f = [ | |
('SecStaticCodeCreateWithPath', 'i@Io^@'), | |
('SecCodeCopySigningInformation', 'i@Io^@'), | |
] | |
objc.loadBundleFunctions(Security, globals(), _f) | |
def codesign_info(path): | |
url = NSURL.fileURLWithPath_(path) | |
err, codeobj = SecStaticCodeCreateWithPath(url, kSecCSDefaultFlags, None) | |
if err != 0: | |
raise StaticCodeError('unable to create SecCodeRef with provided path') | |
flags = kSecCSSigningInformation | kSecCSRequirementInformation | kSecCSCalculateCMSDigest | |
err, codeinfo = SecCodeCopySigningInformation(codeobj, flags, None) | |
if err != 0: | |
raise SigningInfoError('unable to retrieve signing information for SecCodeRef') | |
return codeinfo |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment