Skip to content

Commit

Permalink
Security.framework example to list valid development team names and ids
Browse files Browse the repository at this point in the history
  • Loading branch information
yury committed Dec 5, 2024
1 parent 406f677 commit 1ef660f
Show file tree
Hide file tree
Showing 4 changed files with 96 additions and 27 deletions.
2 changes: 1 addition & 1 deletion cidre/examples/am-device-mount-dev-image/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ mod macos {

const DEVICE_ID: &str = "00008120-000168A20210C01E";

extern "C" fn callback(info: &NotificationInfo, _context: *mut c_void) {
extern "C" fn _callback(info: &NotificationInfo, _context: *mut c_void) {
match info.safe() {
am::device::discovery::SafeInfo::Attached(device) => {
let id = device.id().to_string();
Expand Down
90 changes: 90 additions & 0 deletions cidre/examples/sec-dev-teams/main.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,90 @@
#[cfg(target_os = "macos")]
mod macos {
use std::collections::HashMap;

use cidre::{arc, cf, sec};

pub(crate) fn main() {
let now = cf::Date::new();
let query = cf::DictionaryOf::with_keys_values(
&[
sec::class_key(),
sec::match_keys::limit(),
sec::match_keys::subject_starts_with(),
sec::match_keys::valid_on_date(),
],
&[
sec::class::certificate().as_type_ref(),
sec::match_limit::all(),
cf::str!(c"Apple Development:"),
&now,
],
);
let certs = sec::item_matching(&query).unwrap();

assert_eq!(certs.get_type_id(), cf::Array::type_id());
let certs: arc::R<cf::ArrayOf<sec::Cert>> = unsafe { std::mem::transmute(certs) };

let mut map = HashMap::new();
let subject_key = sec::cert_oids::x509_v1_subject_name();
let org_name_label = sec::cert_oids::organization_name();
let unit_name_label = sec::cert_oids::organizational_unit_name();
let prop_value_key = sec::prop_keys::value();
let prop_label_key = sec::prop_keys::label();
let keys = cf::ArrayOf::from_slice(&[subject_key]);
for cert in certs.iter() {
let Ok(vals) = cert.values(&keys) else {
continue;
};
let Some(value) = vals.get(subject_key) else {
continue;
};
let Some(section) = value.get(prop_value_key) else {
continue;
};
assert_eq!(section.get_type_id(), cf::Array::type_id());

let section: &cf::ArrayOf<cf::DictionaryOf<cf::String, cf::Type>> =
unsafe { std::mem::transmute(section) };

let mut team_id = None;
let mut team_name = None;
for dict in section.iter() {
let Some(label) = dict.get(prop_label_key) else {
continue;
};
let Some(value) = dict.get(prop_value_key) else {
continue;
};
if value.get_type_id() != cf::String::type_id() {
continue;
}

let value: &cf::String = unsafe { std::mem::transmute(value) };

if label.equal(org_name_label) {
team_name = Some(value);
} else if label.equal(unit_name_label) {
team_id = Some(value);
}
}

if let (Some(id), Some(name)) = (team_id, team_name) {
let id = id.to_string();
let name = name.to_string();
map.insert(id, name);
}
}
for (id, name) in map {
println!("{name} ({id})");
}
}
}

#[cfg(target_os = "macos")]
use macos::main;

#[cfg(not(target_os = "macos"))]
fn main() {
todo!()
}
7 changes: 5 additions & 2 deletions cidre/src/cf/array.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
use crate::{arc, cf, define_cf_type};
use crate::{
arc::{self, Retain},
cf, define_cf_type,
};

use super::{Allocator, Index, String, Type, TypeId};
use std::{ffi::c_void, intrinsics::transmute, marker::PhantomData};
Expand Down Expand Up @@ -182,7 +185,7 @@ where
#[repr(transparent)]
pub struct ArrayOfMut<T>(ArrayMut, PhantomData<T>);

impl<T> ArrayOfMut<T> {
impl<T: Retain> ArrayOfMut<T> {
#[inline]
pub fn new() -> arc::R<ArrayOfMut<T>> {
Self::with_capacity(0)
Expand Down
24 changes: 0 additions & 24 deletions cidre/src/sec/item.rs
Original file line number Diff line number Diff line change
Expand Up @@ -337,28 +337,4 @@ mod tests {
assert!(!vals.is_empty());
}
}

// #[test]
// fn basics_identities() {
// let query = cf::DictionaryOf::with_keys_values(
// &[
// sec::class_key(),
// sec::match_keys::limit(),
// sec::match_keys::subject_whole_string(),
// ],
// &[
// sec::class::certificate().as_type_ref(),
// sec::match_limit::all(),
// cf::str!(c"Apple Worldwide Developer Relations Certification Authority"),
// // cf::str!(c"Apple Root CA"),
// ],
// );
// let ids = sec::item_matching(&query).unwrap();
// ids.show();
// assert_eq!(ids.get_type_id(), cf::Array::type_id());
// // let ids: arc::R<cf::ArrayOf<sec::Identity>> = unsafe { std::mem::transmute(ids) };
// // for id in ids.iter() {
// // id.show();
// // }
// }
}

0 comments on commit 1ef660f

Please sign in to comment.