1  //
 2  //  gkunpack - an ad-hoc tool for unpacking certain binary data from a detached code signature
 3  //
 4  //	gkunpack <detached_signature_data >prescreen_filter_data
 5  //
 6  #include <security_utilities/macho++.h>
 7  #include <security_codesigning/codedirectory.h>
 8  #include <security_codesigning/sigblob.h>
 9  
10  using namespace CodeSigning;
11  
12  
13  int main(int argc, const char * argv[])
14  {
15  	if (const EmbeddedSignatureBlob *top = (const EmbeddedSignatureBlob *)BlobCore::readBlob(stdin)) {
16  		if (top->magic() == DetachedSignatureBlob::typeMagic) {	// multiple architectures - pick the native one
17  			Architecture local = Architecture::local();
18  			const EmbeddedSignatureBlob *sig = EmbeddedSignatureBlob::specific(top->find(local.cpuType()));
19  			if (!sig)
20  				sig = EmbeddedSignatureBlob::specific(top->find(local.cpuType() & ~CPU_ARCH_MASK));
21  			top = sig;
22  		}
23  		if (top)
24  			if (const CodeDirectory *cd = top->find<const CodeDirectory>(cdCodeDirectorySlot)) {
25  				printf("%s\n", cd->screeningCode().c_str());
26  				exit(0);
27  			}
28  	}
29  	fprintf(stderr, "Invalid signature structure\n");
30  	exit(1);
31  }