2023-12-06 02:23:54 +00:00
|
|
|
// Copyright 2023 Microsoft, Inc.
|
|
|
|
// Copyright 2013 The Chromium Authors
|
|
|
|
// Use of this source code is governed by the MIT license that can be
|
|
|
|
// found in the LICENSE file.
|
|
|
|
|
|
|
|
#include "shell/common/mac/codesign_util.h"
|
|
|
|
|
2024-01-10 22:23:35 +00:00
|
|
|
#include <optional>
|
|
|
|
|
2024-01-04 07:34:08 +00:00
|
|
|
#include "base/apple/foundation_util.h"
|
2023-12-06 02:23:54 +00:00
|
|
|
#include "base/apple/osstatus_logging.h"
|
|
|
|
#include "base/apple/scoped_cftyperef.h"
|
|
|
|
|
|
|
|
#include <CoreFoundation/CoreFoundation.h>
|
|
|
|
#include <Security/Security.h>
|
|
|
|
|
|
|
|
namespace electron {
|
|
|
|
|
2024-01-10 22:23:35 +00:00
|
|
|
std::optional<bool> IsUnsignedOrAdHocSigned(SecCodeRef code) {
|
2024-01-04 07:34:08 +00:00
|
|
|
base::apple::ScopedCFTypeRef<SecStaticCodeRef> static_code;
|
|
|
|
OSStatus status = SecCodeCopyStaticCode(code, kSecCSDefaultFlags,
|
|
|
|
static_code.InitializeInto());
|
|
|
|
if (status == errSecCSUnsigned) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
if (status != errSecSuccess) {
|
|
|
|
OSSTATUS_LOG(ERROR, status) << "SecCodeCopyStaticCode";
|
2024-01-10 22:23:35 +00:00
|
|
|
return std::optional<bool>();
|
2024-01-04 07:34:08 +00:00
|
|
|
}
|
|
|
|
// Copy the signing info from the SecStaticCodeRef.
|
|
|
|
base::apple::ScopedCFTypeRef<CFDictionaryRef> signing_info;
|
|
|
|
status =
|
|
|
|
SecCodeCopySigningInformation(static_code.get(), kSecCSSigningInformation,
|
|
|
|
signing_info.InitializeInto());
|
|
|
|
if (status != errSecSuccess) {
|
|
|
|
OSSTATUS_LOG(ERROR, status) << "SecCodeCopySigningInformation";
|
2024-01-10 22:23:35 +00:00
|
|
|
return std::optional<bool>();
|
2024-01-04 07:34:08 +00:00
|
|
|
}
|
|
|
|
// Look up the code signing flags. If the flags are absent treat this as
|
|
|
|
// unsigned. This decision is consistent with the StaticCode source:
|
|
|
|
// https://github.com/apple-oss-distributions/Security/blob/Security-60157.40.30.0.1/OSX/libsecurity_codesigning/lib/StaticCode.cpp#L2270
|
|
|
|
CFNumberRef signing_info_flags =
|
|
|
|
base::apple::GetValueFromDictionary<CFNumberRef>(signing_info.get(),
|
|
|
|
kSecCodeInfoFlags);
|
|
|
|
if (!signing_info_flags) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
// Using a long long to extract the value from the CFNumberRef to be
|
|
|
|
// consistent with how it was packed by Security.framework.
|
|
|
|
// https://github.com/apple-oss-distributions/Security/blob/Security-60157.40.30.0.1/OSX/libsecurity_utilities/lib/cfutilities.h#L262
|
|
|
|
long long flags;
|
|
|
|
if (!CFNumberGetValue(signing_info_flags, kCFNumberLongLongType, &flags)) {
|
|
|
|
LOG(ERROR) << "CFNumberGetValue";
|
2024-01-10 22:23:35 +00:00
|
|
|
return std::optional<bool>();
|
2024-01-04 07:34:08 +00:00
|
|
|
}
|
|
|
|
if (static_cast<uint32_t>(flags) & kSecCodeSignatureAdhoc) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool ProcessSignatureIsSameWithCurrentApp(pid_t pid) {
|
2023-12-06 02:23:54 +00:00
|
|
|
// Get and check the code signature of current app.
|
|
|
|
base::apple::ScopedCFTypeRef<SecCodeRef> self_code;
|
|
|
|
OSStatus status =
|
|
|
|
SecCodeCopySelf(kSecCSDefaultFlags, self_code.InitializeInto());
|
|
|
|
if (status != errSecSuccess) {
|
|
|
|
OSSTATUS_LOG(ERROR, status) << "SecCodeCopyGuestWithAttributes";
|
|
|
|
return false;
|
|
|
|
}
|
2024-01-10 22:23:35 +00:00
|
|
|
std::optional<bool> not_signed = IsUnsignedOrAdHocSigned(self_code.get());
|
2024-01-04 07:34:08 +00:00
|
|
|
if (!not_signed.has_value()) {
|
|
|
|
// Error happened.
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
if (not_signed.value()) {
|
|
|
|
// Current app is not signed.
|
|
|
|
return true;
|
|
|
|
}
|
2023-12-06 02:23:54 +00:00
|
|
|
// Get the code signature of process.
|
|
|
|
base::apple::ScopedCFTypeRef<CFNumberRef> process_cf(
|
|
|
|
CFNumberCreate(nullptr, kCFNumberIntType, &pid));
|
|
|
|
const void* attribute_keys[] = {kSecGuestAttributePid};
|
|
|
|
const void* attribute_values[] = {process_cf.get()};
|
|
|
|
base::apple::ScopedCFTypeRef<CFDictionaryRef> attributes(CFDictionaryCreate(
|
|
|
|
nullptr, attribute_keys, attribute_values, std::size(attribute_keys),
|
|
|
|
&kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
|
|
|
|
base::apple::ScopedCFTypeRef<SecCodeRef> process_code;
|
|
|
|
status = SecCodeCopyGuestWithAttributes(nullptr, attributes.get(),
|
|
|
|
kSecCSDefaultFlags,
|
|
|
|
process_code.InitializeInto());
|
|
|
|
if (status != errSecSuccess) {
|
|
|
|
OSSTATUS_LOG(ERROR, status) << "SecCodeCopyGuestWithAttributes";
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
// Get the requirement of current app's code signature.
|
|
|
|
base::apple::ScopedCFTypeRef<SecRequirementRef> self_requirement;
|
|
|
|
status = SecCodeCopyDesignatedRequirement(self_code.get(), kSecCSDefaultFlags,
|
|
|
|
self_requirement.InitializeInto());
|
|
|
|
if (status != errSecSuccess) {
|
|
|
|
OSSTATUS_LOG(ERROR, status) << "SecCodeCopyDesignatedRequirement";
|
|
|
|
return false;
|
|
|
|
}
|
2024-01-04 07:34:08 +00:00
|
|
|
DCHECK(self_requirement.get());
|
2023-12-06 02:23:54 +00:00
|
|
|
// Check whether the process meets the signature requirement of current app.
|
|
|
|
status = SecCodeCheckValidity(process_code.get(), kSecCSDefaultFlags,
|
|
|
|
self_requirement.get());
|
2024-01-04 07:34:08 +00:00
|
|
|
if (status != errSecSuccess && status != errSecCSReqFailed) {
|
|
|
|
OSSTATUS_LOG(ERROR, status) << "SecCodeCheckValidity";
|
|
|
|
return false;
|
|
|
|
}
|
2023-12-06 02:23:54 +00:00
|
|
|
return status == errSecSuccess;
|
|
|
|
}
|
|
|
|
|
|
|
|
} // namespace electron
|