7

I have app signed. I created an identity and used codesign to sign my app as per Apple's Code Signing Guide.

Now, how do I check the signature from within my application?

I need to verify this on Cocoa apps (Objective-C) and apps written in C.

Deduplicator
  • 44,692
  • 7
  • 66
  • 118
Mr Aleph
  • 1,887
  • 5
  • 28
  • 44
  • I'm not trying to prevent anything, I just want to verify my won signature from within the app. – Mr Aleph Jan 10 '12 at 21:34
  • I'm not sure I understand your question. I just need to check the signature from within the app. I DONT care what will happen with that check, I just need to verify it. If you know how to do it I'd appreciate your help. – Mr Aleph Jan 10 '12 at 21:50
  • 3
    @sosborn because is a requirement of the code I am writing. A lot of people ask a lot of questions but don't give any solutions and it only ads noise to the question so I try to always avoid answering those irrelevant questions. The question I asked is a very direct, very easy to understand question. I can publish here the requirements of what I am coding but that wouldn't give you any more information that what I already said. So what's the point of asking "why" all the time. thanks – Mr Aleph Jan 11 '12 at 14:48
  • 1
    @Mr Aleph, I know it sounds condescending when people ask "why", but we see a lot of questions where if the why was properly answered in the original question then the answers would take a different approach that actually solved the poster's problem. Ben S was just trying to save you some trouble. In your case it is a requirement so there is nothing else that needs to be said since you don't have much of a choice. – sosborn Jan 11 '12 at 23:59

3 Answers3

4

You could use NSTask and run "codesign --verify" and check the exit status. Of corse if the program was altered it could be altered to remove the check, so I'm not sure what that buys you.

If you are not worried about directed tampering (like the kind that might remove your check of the signature) you can use the codesign "kill" option, if you do merely executing means the signature is valid (at least for all pages that have been executed so far...but if a not-yet-resident page has been tampered with you will get killed when that one is read in anyway).

Maybe if you could explain a little more about why you want to verify the signature a better answer could be formed.

Stripes
  • 4,161
  • 2
  • 25
  • 29
4

Note: Currently MacOS X does not verify signed code prior to execution. This may be different for sandboxed code, and it would seem sensible that it is otherwise anybody could edit the entitlements.

To check an applications signature from within the application itself you use the Code Signing Services. In particular look at SecCodeCheckValidity. The code to do the checking is not long, but there is quite a bit to understand so I won't give a code sample - you need to read and understand the documentation.

Checking the signature allows your application to detect changes to its code & resources and report it is "damaged" (it may well be, not all changes are malicious) and refuse to run. Adding such code does not of course guarantee your code is not damaged, but certainly it does raise the barrier higher against intentional damage (and if MacOS X starts doing the check itself then there will be a big win).

CRD
  • 52,522
  • 5
  • 70
  • 86
  • Great thanks. I've been trying to use `SecStaticCodeCheckValidity` but the function you mentioned makes more sense. My problem is understanding whether I need to keep a copy of the certificate inside my app in order to verify it or not. A snippet of code would help – Mr Aleph Jan 11 '12 at 14:44
-1

The way signiture verification is implemented on iOS is that when an application is being launched, the launchd daemon decrypts the binary using that device's specific private key (this is why you can't just decompile apps or copy-paste them from one device to another), if the decryption fails, the application fails to launch.

The native tools that do this are not available within applications due to the iOS sandboxing.

If you're simply attempting to track if someone has modified your binary, you can perform an MD5 or SHA1 hash of it, store it in NSUserDefaults and compare it at each app start. If the hash changes between executions you know it has been modified (possibly by a legitimate application update or possibly nefariously.)

Here's an example on how to get the hash of an NSData.

The binary file you're looking for is: AppName.app/AppName

Ben S
  • 68,394
  • 30
  • 171
  • 212
  • 3
    This is for a Mac OS X app, not an iOS. Thanks though for the help. And I need to verify the signature on an app, not simply CRC it – Mr Aleph Jan 10 '12 at 21:59
  • This also works for iOS. The `.app` format is shared between the two. If you're looking to strictly verify the signature that was created and used with the codesign tool, that isn't possible. – Ben S Jan 10 '12 at 22:06
  • On the Mac, the binary is actually `AppName.app/Contents/MacOS/AppName`, however. – Wevah Jan 10 '12 at 23:32
  • Will this work with an app that has BitCode enabled? – C0D3 Apr 04 '19 at 14:27