Enum apple_codesign::code_requirement::CodeRequirementExpression

source · []
pub enum CodeRequirementExpression<'a> {

Show 24 variants    False,
    True,
    Identifier(Cow<'a, str>),
    AnchorApple,
    AnchorCertificateHash(i32Cow<'a, [u8]>),
    InfoKeyValueLegacy(Cow<'a, str>, Cow<'a, str>),
    And(Box<CodeRequirementExpression<'a>>, Box<CodeRequirementExpression<'a>>),
    Or(Box<CodeRequirementExpression<'a>>, Box<CodeRequirementExpression<'a>>),
    CodeDirectoryHash(Cow<'a, [u8]>),
    Not(Box<CodeRequirementExpression<'a>>),
    InfoPlistKeyField(Cow<'a, str>, CodeRequirementMatchExpression<'a>),
    CertificateField(i32Cow<'a, str>, CodeRequirementMatchExpression<'a>),
    CertificateTrusted(i32),
    AnchorTrusted,
    CertificateGeneric(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>),
    AnchorAppleGeneric,
    EntitlementsKey(Cow<'a, str>, CodeRequirementMatchExpression<'a>),
    CertificatePolicy(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>),
    NamedAnchor(Cow<'a, str>),
    NamedCode(Cow<'a, str>),
    Platform(u32),
    Notarized,
    CertificateFieldDate(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>),
    LegacyDeveloperId,

}
Expand description

Defines a code requirement expression.

Variants

False

False

false

No payload.

True

True

true

No payload.

Identifier(Cow<'a, str>)

Signing identifier.

identifier <string>

4 bytes length followed by C string.

AnchorApple

The certificate chain must lead to an Apple root.

anchor apple

No payload.

AnchorCertificateHash(i32Cow<'a, [u8]>)

The certificate chain must anchor to a certificate with specified SHA-1 hash.

anchor <slot> H"<hash>"

4 bytes slot number, 4 bytes hash length, hash value.

InfoKeyValueLegacy(Cow<'a, str>, Cow<'a, str>)

Info.plist key value (legacy).

info[<key>] = <value>

2 pairs of (length + value).

And(Box<CodeRequirementExpression<'a>>, Box<CodeRequirementExpression<'a>>)

Logical and.

expr0 and expr1

Payload consists of 2 sub-expressions with no additional encoding.

Or(Box<CodeRequirementExpression<'a>>, Box<CodeRequirementExpression<'a>>)

Logical or.

expr0 or expr1

Payload consists of 2 sub-expressions with no additional encoding.

CodeDirectoryHash(Cow<'a, [u8]>)

Code directory hash.

`cdhash H“

4 bytes length followed by raw digest value.

Not(Box<CodeRequirementExpression<'a>>)

Logical not.

!expr

Payload is 1 sub-expression.

InfoPlistKeyField(Cow<'a, str>, CodeRequirementMatchExpression<'a>)

Info plist key field.

info [key] match expression

e.g. info [CFBundleName] exists

4 bytes key length, key string, then match expression.

CertificateField(i32Cow<'a, str>, CodeRequirementMatchExpression<'a>)

Certificate field matches.

certificate <slot> [<field>] match expression

Slot i32, 4 bytes field length, field string, then match expression.

CertificateTrusted(i32)

Certificate in position is trusted for code signing.

certificate <position> trusted

4 bytes certificate position.

AnchorTrusted

The certificate chain must lead to a trusted root.

anchor trusted

No payload.

CertificateGeneric(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>)

Certificate field matches by OID.

certificate <slot> [field.<oid>] match expression

Slot i32, 4 bytes OID length, OID raw bytes, match expression.

AnchorAppleGeneric

For code signed by Apple, including from code signing certificates issued by Apple.

anchor apple generic

No payload.

EntitlementsKey(Cow<'a, str>, CodeRequirementMatchExpression<'a>)

Value associated with specified key in signature’s embedded entitlements dictionary.

entitlement [<key>] match expression

4 bytes key length, key bytes, match expression.

CertificatePolicy(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>)

OID associated with certificate in a given slot.

It is unknown what the OID means.

certificate <slot> [policy.<oid>] match expression

NamedAnchor(Cow<'a, str>)

A named Apple anchor.

anchor apple <name>

4 bytes name length, name bytes.

NamedCode(Cow<'a, str>)

Named code.

(<name>)

4 bytes name length, name bytes.

Platform(u32)

Platform value.

platform = <value>

Payload is a u32.

Notarized

Binary is notarized.

notarized

No Payload.

CertificateFieldDate(i32Oid<&'a [u8]>, CodeRequirementMatchExpression<'a>)

Certificate field date.

Unknown what the OID corresponds to.

certificate <slot> [timestamp.<oid>] match expression

LegacyDeveloperId

Legacy developer ID used.

Implementations

Construct an expression element by reading from a slice.

Returns the newly constructed element and remaining data in the slice.

Write binary representation of this expression to a destination.

Produce the binary serialization of this expression.

The blob header/magic is not included.

Trait Implementations

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

Formats the value using the given formatter. Read more

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=.

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Converts self into T using Into<T>. Read more

Causes self to use its Binary implementation when Debug-formatted. Read more

Causes self to use its Display implementation when Debug-formatted. Read more

Causes self to use its LowerExp implementation when Debug-formatted. Read more

Causes self to use its LowerHex implementation when Debug-formatted. Read more

Causes self to use its Octal implementation when Debug-formatted. Read more

Causes self to use its Pointer implementation when Debug-formatted. Read more

Causes self to use its UpperExp implementation when Debug-formatted. Read more

Causes self to use its UpperHex implementation when Debug-formatted. Read more

Formats each item in a sequence. Read more

Returns the argument unchanged.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Pipes by value. This is generally the method you want to use. Read more

Borrows self and passes that borrow into the pipe function. Read more

Mutably borrows self and passes that borrow into the pipe function. Read more

Borrows self, then passes self.borrow() into the pipe function. Read more

Mutably borrows self, then passes self.borrow_mut() into the pipe function. Read more

Borrows self, then passes self.as_ref() into the pipe function.

Mutably borrows self, then passes self.as_mut() into the pipe function. Read more

Borrows self, then passes self.deref() into the pipe function.

Mutably borrows self, then passes self.deref_mut() into the pipe function. Read more

Should always be Self

Immutable access to a value. Read more

Mutable access to a value. Read more

Immutable access to the Borrow<B> of a value. Read more

Mutable access to the BorrowMut<B> of a value. Read more

Immutable access to the AsRef<R> view of a value. Read more

Mutable access to the AsMut<R> view of a value. Read more

Immutable access to the Deref::Target of a value. Read more

Mutable access to the Deref::Target of a value. Read more

Calls .tap() only in debug builds, and is erased in release builds.

Calls .tap_mut() only in debug builds, and is erased in release builds. Read more

Calls .tap_borrow() only in debug builds, and is erased in release builds. Read more

Calls .tap_borrow_mut() only in debug builds, and is erased in release builds. Read more

Calls .tap_ref() only in debug builds, and is erased in release builds. Read more

Calls .tap_ref_mut() only in debug builds, and is erased in release builds. Read more

Calls .tap_deref() only in debug builds, and is erased in release builds. Read more

Calls .tap_deref_mut() only in debug builds, and is erased in release builds. Read more

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

Uses borrowed data to replace owned data, usually by cloning. Read more

Converts the given value to a String. Read more

Attempts to convert self into T using TryInto<T>. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more