diff options
Diffstat (limited to 'platform/macos/export')
| -rw-r--r-- | platform/macos/export/codesign.cpp | 1564 | ||||
| -rw-r--r-- | platform/macos/export/codesign.h | 368 | ||||
| -rw-r--r-- | platform/macos/export/export_plugin.cpp | 549 | ||||
| -rw-r--r-- | platform/macos/export/export_plugin.h | 15 | ||||
| -rw-r--r-- | platform/macos/export/lipo.cpp | 232 | ||||
| -rw-r--r-- | platform/macos/export/lipo.h | 71 | ||||
| -rw-r--r-- | platform/macos/export/logo.svg | 2 | ||||
| -rw-r--r-- | platform/macos/export/macho.cpp | 542 | ||||
| -rw-r--r-- | platform/macos/export/macho.h | 210 | ||||
| -rw-r--r-- | platform/macos/export/plist.cpp | 848 | ||||
| -rw-r--r-- | platform/macos/export/plist.h | 128 | ||||
| -rw-r--r-- | platform/macos/export/run_icon.svg | 2 |
12 files changed, 432 insertions, 4099 deletions
diff --git a/platform/macos/export/codesign.cpp b/platform/macos/export/codesign.cpp deleted file mode 100644 index 2b8898e6a1..0000000000 --- a/platform/macos/export/codesign.cpp +++ /dev/null @@ -1,1564 +0,0 @@ -/**************************************************************************/ -/* codesign.cpp */ -/**************************************************************************/ -/* This file is part of: */ -/* GODOT ENGINE */ -/* https://godotengine.org */ -/**************************************************************************/ -/* Copyright (c) 2014-present Godot Engine contributors (see AUTHORS.md). */ -/* Copyright (c) 2007-2014 Juan Linietsky, Ariel Manzur. */ -/* */ -/* Permission is hereby granted, free of charge, to any person obtaining */ -/* a copy of this software and associated documentation files (the */ -/* "Software"), to deal in the Software without restriction, including */ -/* without limitation the rights to use, copy, modify, merge, publish, */ -/* distribute, sublicense, and/or sell copies of the Software, and to */ -/* permit persons to whom the Software is furnished to do so, subject to */ -/* the following conditions: */ -/* */ -/* The above copyright notice and this permission notice shall be */ -/* included in all copies or substantial portions of the Software. */ -/* */ -/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */ -/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */ -/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. */ -/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */ -/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */ -/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */ -/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ -/**************************************************************************/ - -#include "codesign.h" - -#include "lipo.h" -#include "macho.h" -#include "plist.h" - -#include "core/os/os.h" -#include "editor/editor_paths.h" -#include "editor/editor_settings.h" - -#include "modules/modules_enabled.gen.h" // For regex. - -#include <ctime> - -#ifdef MODULE_REGEX_ENABLED - -/*************************************************************************/ -/* CodeSignCodeResources */ -/*************************************************************************/ - -String CodeSignCodeResources::hash_sha1_base64(const String &p_path) { - Ref<FileAccess> fa = FileAccess::open(p_path, FileAccess::READ); - ERR_FAIL_COND_V_MSG(fa.is_null(), String(), vformat("CodeSign/CodeResources: Can't open file: \"%s\".", p_path)); - - CryptoCore::SHA1Context ctx; - ctx.start(); - - unsigned char step[4096]; - while (true) { - uint64_t br = fa->get_buffer(step, 4096); - if (br > 0) { - ctx.update(step, br); - } - if (br < 4096) { - break; - } - } - - unsigned char hash[0x14]; - ctx.finish(hash); - - return CryptoCore::b64_encode_str(hash, 0x14); -} - -String CodeSignCodeResources::hash_sha256_base64(const String &p_path) { - Ref<FileAccess> fa = FileAccess::open(p_path, FileAccess::READ); - ERR_FAIL_COND_V_MSG(fa.is_null(), String(), vformat("CodeSign/CodeResources: Can't open file: \"%s\".", p_path)); - - CryptoCore::SHA256Context ctx; - ctx.start(); - - unsigned char step[4096]; - while (true) { - uint64_t br = fa->get_buffer(step, 4096); - if (br > 0) { - ctx.update(step, br); - } - if (br < 4096) { - break; - } - } - - unsigned char hash[0x20]; - ctx.finish(hash); - - return CryptoCore::b64_encode_str(hash, 0x20); -} - -void CodeSignCodeResources::add_rule1(const String &p_rule, const String &p_key, int p_weight, bool p_store) { - rules1.push_back(CRRule(p_rule, p_key, p_weight, p_store)); -} - -void CodeSignCodeResources::add_rule2(const String &p_rule, const String &p_key, int p_weight, bool p_store) { - rules2.push_back(CRRule(p_rule, p_key, p_weight, p_store)); -} - -CodeSignCodeResources::CRMatch CodeSignCodeResources::match_rules1(const String &p_path) const { - CRMatch found = CRMatch::CR_MATCH_NO; - int weight = 0; - for (int i = 0; i < rules1.size(); i++) { - RegEx regex = RegEx(rules1[i].file_pattern); - if (regex.search(p_path).is_valid()) { - if (rules1[i].key == "omit") { - return CRMatch::CR_MATCH_NO; - } else if (rules1[i].key == "nested") { - if (weight <= rules1[i].weight) { - found = CRMatch::CR_MATCH_NESTED; - weight = rules1[i].weight; - } - } else if (rules1[i].key == "optional") { - if (weight <= rules1[i].weight) { - found = CRMatch::CR_MATCH_OPTIONAL; - weight = rules1[i].weight; - } - } else { - if (weight <= rules1[i].weight) { - found = CRMatch::CR_MATCH_YES; - weight = rules1[i].weight; - } - } - } - } - return found; -} - -CodeSignCodeResources::CRMatch CodeSignCodeResources::match_rules2(const String &p_path) const { - CRMatch found = CRMatch::CR_MATCH_NO; - int weight = 0; - for (int i = 0; i < rules2.size(); i++) { - RegEx regex = RegEx(rules2[i].file_pattern); - if (regex.search(p_path).is_valid()) { - if (rules2[i].key == "omit") { - return CRMatch::CR_MATCH_NO; - } else if (rules2[i].key == "nested") { - if (weight <= rules2[i].weight) { - found = CRMatch::CR_MATCH_NESTED; - weight = rules2[i].weight; - } - } else if (rules2[i].key == "optional") { - if (weight <= rules2[i].weight) { - found = CRMatch::CR_MATCH_OPTIONAL; - weight = rules2[i].weight; - } - } else { - if (weight <= rules2[i].weight) { - found = CRMatch::CR_MATCH_YES; - weight = rules2[i].weight; - } - } - } - } - return found; -} - -bool CodeSignCodeResources::add_file1(const String &p_root, const String &p_path) { - CRMatch found = match_rules1(p_path); - if (found != CRMatch::CR_MATCH_YES && found != CRMatch::CR_MATCH_OPTIONAL) { - return true; // No match. - } - - CRFile f; - f.name = p_path; - f.optional = (found == CRMatch::CR_MATCH_OPTIONAL); - f.nested = false; - f.hash = hash_sha1_base64(p_root.path_join(p_path)); - print_verbose(vformat("CodeSign/CodeResources: File(V1) %s hash1:%s", f.name, f.hash)); - - files1.push_back(f); - return true; -} - -bool CodeSignCodeResources::add_file2(const String &p_root, const String &p_path) { - CRMatch found = match_rules2(p_path); - if (found == CRMatch::CR_MATCH_NESTED) { - return add_nested_file(p_root, p_path, p_root.path_join(p_path)); - } - if (found != CRMatch::CR_MATCH_YES && found != CRMatch::CR_MATCH_OPTIONAL) { - return true; // No match. - } - - CRFile f; - f.name = p_path; - f.optional = (found == CRMatch::CR_MATCH_OPTIONAL); - f.nested = false; - f.hash = hash_sha1_base64(p_root.path_join(p_path)); - f.hash2 = hash_sha256_base64(p_root.path_join(p_path)); - - print_verbose(vformat("CodeSign/CodeResources: File(V2) %s hash1:%s hash2:%s", f.name, f.hash, f.hash2)); - - files2.push_back(f); - return true; -} - -bool CodeSignCodeResources::add_nested_file(const String &p_root, const String &p_path, const String &p_exepath) { -#define CLEANUP() \ - if (files_to_add.size() > 1) { \ - for (int j = 0; j < files_to_add.size(); j++) { \ - da->remove(files_to_add[j]); \ - } \ - } - - Ref<DirAccess> da = DirAccess::create(DirAccess::ACCESS_FILESYSTEM); - ERR_FAIL_COND_V(da.is_null(), false); - - Vector<String> files_to_add; - if (LipO::is_lipo(p_exepath)) { - String tmp_path_name = EditorPaths::get_singleton()->get_cache_dir().path_join("_lipo"); - Error err = da->make_dir_recursive(tmp_path_name); - ERR_FAIL_COND_V_MSG(err != OK, false, vformat("CodeSign/CodeResources: Failed to create \"%s\" subfolder.", tmp_path_name)); - LipO lip; - if (lip.open_file(p_exepath)) { - for (int i = 0; i < lip.get_arch_count(); i++) { - if (!lip.extract_arch(i, tmp_path_name.path_join("_rqexe_" + itos(i)))) { - CLEANUP(); - ERR_FAIL_V_MSG(false, "CodeSign/CodeResources: Failed to extract thin binary."); - } - files_to_add.push_back(tmp_path_name.path_join("_rqexe_" + itos(i))); - } - } - } else if (MachO::is_macho(p_exepath)) { - files_to_add.push_back(p_exepath); - } - - CRFile f; - f.name = p_path; - f.optional = false; - f.nested = true; - for (int i = 0; i < files_to_add.size(); i++) { - MachO mh; - if (!mh.open_file(files_to_add[i])) { - CLEANUP(); - ERR_FAIL_V_MSG(false, "CodeSign/CodeResources: Invalid executable file."); - } - PackedByteArray hash = mh.get_cdhash_sha256(); // Use SHA-256 variant, if available. - if (hash.size() != 0x20) { - hash = mh.get_cdhash_sha1(); // Use SHA-1 instead. - if (hash.size() != 0x14) { - CLEANUP(); - ERR_FAIL_V_MSG(false, "CodeSign/CodeResources: Unsigned nested executable file."); - } - } - hash.resize(0x14); // Always clamp to 0x14 size. - f.hash = CryptoCore::b64_encode_str(hash.ptr(), hash.size()); - - PackedByteArray rq_blob = mh.get_requirements(); - String req_string; - if (rq_blob.size() > 8) { - CodeSignRequirements rq = CodeSignRequirements(rq_blob); - Vector<String> rqs = rq.parse_requirements(); - for (int j = 0; j < rqs.size(); j++) { - if (rqs[j].begins_with("designated => ")) { - req_string = rqs[j].replace("designated => ", ""); - } - } - } - if (req_string.is_empty()) { - req_string = "cdhash H\"" + String::hex_encode_buffer(hash.ptr(), hash.size()) + "\""; - } - print_verbose(vformat("CodeSign/CodeResources: Nested object %s (cputype: %d) cdhash:%s designated rq:%s", f.name, mh.get_cputype(), f.hash, req_string)); - if (f.requirements != req_string) { - if (i != 0) { - f.requirements += " or "; - } - f.requirements += req_string; - } - } - files2.push_back(f); - - CLEANUP(); - return true; - -#undef CLEANUP -} - -bool CodeSignCodeResources::add_folder_recursive(const String &p_root, const String &p_path, const String &p_main_exe_path) { - Ref<DirAccess> da = DirAccess::create(DirAccess::ACCESS_FILESYSTEM); - ERR_FAIL_COND_V(da.is_null(), false); - Error err = da->change_dir(p_root.path_join(p_path)); - ERR_FAIL_COND_V(err != OK, false); - - bool ret = true; - da->list_dir_begin(); - String n = da->get_next(); - while (n != String()) { - if (n != "." && n != "..") { - String path = p_root.path_join(p_path).path_join(n); - if (path == p_main_exe_path) { - n = da->get_next(); - continue; // Skip main executable. - } - if (da->current_is_dir()) { - CRMatch found = match_rules2(p_path.path_join(n)); - String fmw_ver = "Current"; // Framework version (default). - String info_path; - String main_exe; - bool bundle = false; - if (da->file_exists(path.path_join("Contents/Info.plist"))) { - info_path = path.path_join("Contents/Info.plist"); - main_exe = path.path_join("Contents/MacOS"); - bundle = true; - } else if (da->file_exists(path.path_join(vformat("Versions/%s/Resources/Info.plist", fmw_ver)))) { - info_path = path.path_join(vformat("Versions/%s/Resources/Info.plist", fmw_ver)); - main_exe = path.path_join(vformat("Versions/%s", fmw_ver)); - bundle = true; - } else if (da->file_exists(path.path_join("Info.plist"))) { - info_path = path.path_join("Info.plist"); - main_exe = path; - bundle = true; - } - if (bundle && found == CRMatch::CR_MATCH_NESTED && !info_path.is_empty()) { - // Read Info.plist. - PList info_plist; - if (info_plist.load_file(info_path)) { - if (info_plist.get_root()->data_type == PList::PLNodeType::PL_NODE_TYPE_DICT && info_plist.get_root()->data_dict.has("CFBundleExecutable")) { - main_exe = main_exe.path_join(String::utf8(info_plist.get_root()->data_dict["CFBundleExecutable"]->data_string.get_data())); - } else { - ERR_FAIL_V_MSG(false, "CodeSign/CodeResources: Invalid Info.plist, no exe name."); - } - } else { - ERR_FAIL_V_MSG(false, "CodeSign/CodeResources: Invalid Info.plist, can't load."); - } - ret = ret && add_nested_file(p_root, p_path.path_join(n), main_exe); - } else { - ret = ret && add_folder_recursive(p_root, p_path.path_join(n), p_main_exe_path); - } - } else { - ret = ret && add_file1(p_root, p_path.path_join(n)); - ret = ret && add_file2(p_root, p_path.path_join(n)); - } - } - - n = da->get_next(); - } - - da->list_dir_end(); - return ret; -} - -bool CodeSignCodeResources::save_to_file(const String &p_path) { - PList pl; - - print_verbose(vformat("CodeSign/CodeResources: Writing to file: %s", p_path)); - - // Write version 1 hashes. - Ref<PListNode> files1_dict = PListNode::new_dict(); - pl.get_root()->push_subnode(files1_dict, "files"); - for (int i = 0; i < files1.size(); i++) { - if (files1[i].optional) { - Ref<PListNode> file_dict = PListNode::new_dict(); - files1_dict->push_subnode(file_dict, files1[i].name); - - file_dict->push_subnode(PListNode::new_data(files1[i].hash), "hash"); - file_dict->push_subnode(PListNode::new_bool(true), "optional"); - } else { - files1_dict->push_subnode(PListNode::new_data(files1[i].hash), files1[i].name); - } - } - - // Write version 2 hashes. - Ref<PListNode> files2_dict = PListNode::new_dict(); - pl.get_root()->push_subnode(files2_dict, "files2"); - for (int i = 0; i < files2.size(); i++) { - Ref<PListNode> file_dict = PListNode::new_dict(); - files2_dict->push_subnode(file_dict, files2[i].name); - - if (files2[i].nested) { - file_dict->push_subnode(PListNode::new_data(files2[i].hash), "cdhash"); - file_dict->push_subnode(PListNode::new_string(files2[i].requirements), "requirement"); - } else { - file_dict->push_subnode(PListNode::new_data(files2[i].hash), "hash"); - file_dict->push_subnode(PListNode::new_data(files2[i].hash2), "hash2"); - if (files2[i].optional) { - file_dict->push_subnode(PListNode::new_bool(true), "optional"); - } - } - } - - // Write version 1 rules. - Ref<PListNode> rules1_dict = PListNode::new_dict(); - pl.get_root()->push_subnode(rules1_dict, "rules"); - for (int i = 0; i < rules1.size(); i++) { - if (rules1[i].store) { - if (rules1[i].key.is_empty() && rules1[i].weight <= 0) { - rules1_dict->push_subnode(PListNode::new_bool(true), rules1[i].file_pattern); - } else { - Ref<PListNode> rule_dict = PListNode::new_dict(); - rules1_dict->push_subnode(rule_dict, rules1[i].file_pattern); - if (!rules1[i].key.is_empty()) { - rule_dict->push_subnode(PListNode::new_bool(true), rules1[i].key); - } - if (rules1[i].weight != 1) { - rule_dict->push_subnode(PListNode::new_real(rules1[i].weight), "weight"); - } - } - } - } - - // Write version 2 rules. - Ref<PListNode> rules2_dict = PListNode::new_dict(); - pl.get_root()->push_subnode(rules2_dict, "rules2"); - for (int i = 0; i < rules2.size(); i++) { - if (rules2[i].store) { - if (rules2[i].key.is_empty() && rules2[i].weight <= 0) { - rules2_dict->push_subnode(PListNode::new_bool(true), rules2[i].file_pattern); - } else { - Ref<PListNode> rule_dict = PListNode::new_dict(); - rules2_dict->push_subnode(rule_dict, rules2[i].file_pattern); - if (!rules2[i].key.is_empty()) { - rule_dict->push_subnode(PListNode::new_bool(true), rules2[i].key); - } - if (rules2[i].weight != 1) { - rule_dict->push_subnode(PListNode::new_real(rules2[i].weight), "weight"); - } - } - } - } - String text = pl.save_text(); - ERR_FAIL_COND_V_MSG(text.is_empty(), false, "CodeSign/CodeResources: Generating resources PList failed."); - - Ref<FileAccess> fa = FileAccess::open(p_path, FileAccess::WRITE); - ERR_FAIL_COND_V_MSG(fa.is_null(), false, vformat("CodeSign/CodeResources: Can't open file: \"%s\".", p_path)); - - CharString cs = text.utf8(); - fa->store_buffer((const uint8_t *)cs.ptr(), cs.length()); - return true; -} - -/*************************************************************************/ -/* CodeSignRequirements */ -/*************************************************************************/ - -CodeSignRequirements::CodeSignRequirements() { - blob.append_array({ 0xFA, 0xDE, 0x0C, 0x01 }); // Requirement set magic. - blob.append_array({ 0x00, 0x00, 0x00, 0x0C }); // Length of requirements set (12 bytes). - blob.append_array({ 0x00, 0x00, 0x00, 0x00 }); // Empty. -} - -CodeSignRequirements::CodeSignRequirements(const PackedByteArray &p_data) { - blob = p_data; -} - -_FORCE_INLINE_ void CodeSignRequirements::_parse_certificate_slot(uint32_t &r_pos, String &r_out, uint32_t p_rq_size) const { -#define _R(x) BSWAP32(*(uint32_t *)(blob.ptr() + x)) - ERR_FAIL_COND_MSG(r_pos >= p_rq_size, "CodeSign/Requirements: Out of bounds."); - r_out += "certificate "; - uint32_t tag_slot = _R(r_pos); - if (tag_slot == 0x00000000) { - r_out += "leaf"; - } else if (tag_slot == 0xffffffff) { - r_out += "root"; - } else { - r_out += itos((int32_t)tag_slot); - } - r_pos += 4; -#undef _R -} - -_FORCE_INLINE_ void CodeSignRequirements::_parse_key(uint32_t &r_pos, String &r_out, uint32_t p_rq_size) const { -#define _R(x) BSWAP32(*(uint32_t *)(blob.ptr() + x)) - ERR_FAIL_COND_MSG(r_pos >= p_rq_size, "CodeSign/Requirements: Out of bounds."); - uint32_t key_size = _R(r_pos); - ERR_FAIL_COND_MSG(r_pos + key_size > p_rq_size, "CodeSign/Requirements: Out of bounds."); - CharString key; - key.resize(key_size); - memcpy(key.ptrw(), blob.ptr() + r_pos + 4, key_size); - r_pos += 4 + key_size + PAD(key_size, 4); - r_out += "[" + String::utf8(key, key_size) + "]"; -#undef _R -} - -_FORCE_INLINE_ void CodeSignRequirements::_parse_oid_key(uint32_t &r_pos, String &r_out, uint32_t p_rq_size) const { -#define _R(x) BSWAP32(*(uint32_t *)(blob.ptr() + x)) - ERR_FAIL_COND_MSG(r_pos >= p_rq_size, "CodeSign/Requirements: Out of bounds."); - uint32_t key_size = _R(r_pos); - ERR_FAIL_COND_MSG(r_pos + key_size > p_rq_size, "CodeSign/Requirements: Out of bounds."); - r_out += "[field."; - r_out += itos(blob[r_pos + 4] / 40) + "."; - r_out += itos(blob[r_pos + 4] % 40); - uint32_t spos = r_pos + 5; - while (spos < r_pos + 4 + key_size) { - r_out += "."; - if (blob[spos] <= 127) { - r_out += itos(blob[spos]); - spos += 1; - } else { - uint32_t x = (0x7F & blob[spos]) << 7; - spos += 1; - while (blob[spos] > 127) { - x = (x + (0x7F & blob[spos])) << 7; - spos += 1; - } - x = (x + (0x7F & blob[spos])); - r_out += itos(x); - spos += 1; - } - } - r_out += "]"; - r_pos += 4 + key_size + PAD(key_size, 4); -#undef _R -} - -_FORCE_INLINE_ void CodeSignRequirements::_parse_hash_string(uint32_t &r_pos, String &r_out, uint32_t p_rq_size) const { -#define _R(x) BSWAP32(*(uint32_t *)(blob.ptr() + x)) - ERR_FAIL_COND_MSG(r_pos >= p_rq_size, "CodeSign/Requirements: Out of bounds."); - uint32_t tag_size = _R(r_pos); - ERR_FAIL_COND_MSG(r_pos + tag_size > p_rq_size, "CodeSign/Requirements: Out of bounds."); - PackedByteArray data; - data.resize(tag_size); - memcpy(data.ptrw(), blob.ptr() + r_pos + 4, tag_size); - r_out += "H\"" + String::hex_encode_buffer(data.ptr(), data.size()) + "\""; - r_pos += 4 + tag_size + PAD(tag_size, 4); -#undef _R -} - -_FORCE_INLINE_ void CodeSignRequirements::_parse_value(uint32_t &r_pos, String &r_out, uint32_t p_rq_size) const { -#define _R(x) BSWAP32(*(uint32_t *)(blob.ptr() + x)) - ERR_FAIL_COND_MSG(r_pos >= p_rq_size, "CodeSign/Requirements: Out of bounds."); - uint32_t key_size = _R(r_pos); - ERR_FAIL_COND_MSG(r_pos + key_size > p_rq_size, "CodeSign/Requirements: Out of bounds."); - CharString key; - key.resize(key_size); - memcpy(key.ptrw(), blob.ptr() + r_pos + 4, key_size); - r_pos += 4 + key_size + PAD(key_size, 4); - r_out += "\"" + String::utf8(key, key_size) + "\""; -#undef _R -} - -_FORCE_INLINE_ void CodeSignRequirements::_parse_date(uint32_t &r_pos, String &r_out, uint32_t p_rq_size) const { -#define _R(x) BSWAP32(*(uint32_t *)(blob.ptr() + x)) - ERR_FAIL_COND_MSG(r_pos >= p_rq_size, "CodeSign/Requirements: Out of bounds."); - uint32_t date = _R(r_pos); - time_t t = 978307200 + date; - struct tm lt; -#ifdef WINDOWS_ENABLED - gmtime_s(<, &t); -#else - gmtime_r(&t, <); -#endif - r_out += vformat("<%04d-%02d-%02d ", (int)(1900 + lt.tm_year), (int)(lt.tm_mon + 1), (int)(lt.tm_mday)) + vformat("%02d:%02d:%02d +0000>", (int)(lt.tm_hour), (int)(lt.tm_min), (int)(lt.tm_sec)); -#undef _R -} - -_FORCE_INLINE_ bool CodeSignRequirements::_parse_match(uint32_t &r_pos, String &r_out, uint32_t p_rq_size) const { -#define _R(x) BSWAP32(*(uint32_t *)(blob.ptr() + x)) - ERR_FAIL_COND_V_MSG(r_pos >= p_rq_size, false, "CodeSign/Requirements: Out of bounds."); - uint32_t match = _R(r_pos); - r_pos += 4; - switch (match) { - case 0x00000000: { - r_out += "exists"; - } break; - case 0x00000001: { - r_out += "= "; - _parse_value(r_pos, r_out, p_rq_size); - } break; - case 0x00000002: { - r_out += "~ "; - _parse_value(r_pos, r_out, p_rq_size); - } break; - case 0x00000003: { - r_out += "= *"; - _parse_value(r_pos, r_out, p_rq_size); - } break; - case 0x00000004: { - r_out += "= "; - _parse_value(r_pos, r_out, p_rq_size); - r_out += "*"; - } break; - case 0x00000005: { - r_out += "< "; - _parse_value(r_pos, r_out, p_rq_size); - } break; - case 0x00000006: { - r_out += "> "; - _parse_value(r_pos, r_out, p_rq_size); - } break; - case 0x00000007: { - r_out += "<= "; - _parse_value(r_pos, r_out, p_rq_size); - } break; - case 0x00000008: { - r_out += ">= "; - _parse_value(r_pos, r_out, p_rq_size); - } break; - case 0x00000009: { - r_out += "= "; - _parse_date(r_pos, r_out, p_rq_size); - } break; - case 0x0000000A: { - r_out += "< "; - _parse_date(r_pos, r_out, p_rq_size); - } break; - case 0x0000000B: { - r_out += "> "; - _parse_date(r_pos, r_out, p_rq_size); - } break; - case 0x0000000C: { - r_out += "<= "; - _parse_date(r_pos, r_out, p_rq_size); - } break; - case 0x0000000D: { - r_out += ">= "; - _parse_date(r_pos, r_out, p_rq_size); - } break; - case 0x0000000E: { - r_out += "absent"; - } break; - default: { - return false; - } - } - return true; -#undef _R -} - -Vector<String> CodeSignRequirements::parse_requirements() const { -#define _R(x) BSWAP32(*(uint32_t *)(blob.ptr() + x)) - Vector<String> list; - - // Read requirements set header. - ERR_FAIL_COND_V_MSG(blob.size() < 12, list, "CodeSign/Requirements: Blob is too small."); - uint32_t magic = _R(0); - ERR_FAIL_COND_V_MSG(magic != 0xfade0c01, list, "CodeSign/Requirements: Invalid set magic."); - uint32_t size = _R(4); - ERR_FAIL_COND_V_MSG(size != (uint32_t)blob.size(), list, "CodeSign/Requirements: Invalid set size."); - uint32_t count = _R(8); - - for (uint32_t i = 0; i < count; i++) { - String out; - - // Read requirement header. - uint32_t rq_type = _R(12 + i * 8); - uint32_t rq_offset = _R(12 + i * 8 + 4); - ERR_FAIL_COND_V_MSG(rq_offset + 12 >= (uint32_t)blob.size(), list, "CodeSign/Requirements: Invalid requirement offset."); - switch (rq_type) { - case 0x00000001: { - out += "host => "; - } break; - case 0x00000002: { - out += "guest => "; - } break; - case 0x00000003: { - out += "designated => "; - } break; - case 0x00000004: { - out += "library => "; - } break; - case 0x00000005: { - out += "plugin => "; - } break; - default: { - ERR_FAIL_V_MSG(list, "CodeSign/Requirements: Invalid requirement type."); - } - } - uint32_t rq_magic = _R(rq_offset); - uint32_t rq_size = _R(rq_offset + 4); - uint32_t rq_ver = _R(rq_offset + 8); - uint32_t pos = rq_offset + 12; - ERR_FAIL_COND_V_MSG(rq_magic != 0xfade0c00, list, "CodeSign/Requirements: Invalid requirement magic."); - ERR_FAIL_COND_V_MSG(rq_ver != 0x00000001, list, "CodeSign/Requirements: Invalid requirement version."); - - // Read requirement tokens. - List<String> tokens; - while (pos < rq_offset + rq_size) { - uint32_t rq_tag = _R(pos); - pos += 4; - String token; - switch (rq_tag) { - case 0x00000000: { - token = "false"; - } break; - case 0x00000001: { - token = "true"; - } break; - case 0x00000002: { - token = "identifier "; - _parse_value(pos, token, rq_offset + rq_size); - } break; - case 0x00000003: { - token = "anchor apple"; - } break; - case 0x00000004: { - _parse_certificate_slot(pos, token, rq_offset + rq_size); - token += " "; - _parse_hash_string(pos, token, rq_offset + rq_size); - } break; - case 0x00000005: { - token = "info"; - _parse_key(pos, token, rq_offset + rq_size); - token += " = "; - _parse_value(pos, token, rq_offset + rq_size); - } break; - case 0x00000006: { - token = "and"; - } break; - case 0x00000007: { - token = "or"; - } break; - case 0x00000008: { - token = "cdhash "; - _parse_hash_string(pos, token, rq_offset + rq_size); - } break; - case 0x00000009: { - token = "!"; - } break; - case 0x0000000A: { - token = "info"; - _parse_key(pos, token, rq_offset + rq_size); - token += " "; - ERR_FAIL_COND_V_MSG(!_parse_match(pos, token, rq_offset + rq_size), list, "CodeSign/Requirements: Unsupported match suffix."); - } break; - case 0x0000000B: { - _parse_certificate_slot(pos, token, rq_offset + rq_size); - _parse_key(pos, token, rq_offset + rq_size); - token += " "; - ERR_FAIL_COND_V_MSG(!_parse_match(pos, token, rq_offset + rq_size), list, "CodeSign/Requirements: Unsupported match suffix."); - } break; - case 0x0000000C: { - _parse_certificate_slot(pos, token, rq_offset + rq_size); - token += " trusted"; - } break; - case 0x0000000D: { - token = "anchor trusted"; - } break; - case 0x0000000E: { - _parse_certificate_slot(pos, token, rq_offset + rq_size); - _parse_oid_key(pos, token, rq_offset + rq_size); - token += " "; - ERR_FAIL_COND_V_MSG(!_parse_match(pos, token, rq_offset + rq_size), list, "CodeSign/Requirements: Unsupported match suffix."); - } break; - case 0x0000000F: { - token = "anchor apple generic"; - } break; - default: { - ERR_FAIL_V_MSG(list, "CodeSign/Requirements: Invalid requirement token."); - } break; - } - tokens.push_back(token); - } - - // Polish to infix notation (w/o bracket optimization). - for (List<String>::Element *E = tokens.back(); E; E = E->prev()) { - if (E->get() == "and") { - ERR_FAIL_COND_V_MSG(!E->next() || !E->next()->next(), list, "CodeSign/Requirements: Invalid token sequence."); - String token = "(" + E->next()->get() + " and " + E->next()->next()->get() + ")"; - tokens.erase(E->next()->next()); - tokens.erase(E->next()); - E->get() = token; - } else if (E->get() == "or") { - ERR_FAIL_COND_V_MSG(!E->next() || !E->next()->next(), list, "CodeSign/Requirements: Invalid token sequence."); - String token = "(" + E->next()->get() + " or " + E->next()->next()->get() + ")"; - tokens.erase(E->next()->next()); - tokens.erase(E->next()); - E->get() = token; - } - } - - if (tokens.size() == 1) { - list.push_back(out + tokens.front()->get()); - } else { - ERR_FAIL_V_MSG(list, "CodeSign/Requirements: Invalid token sequence."); - } - } - - return list; -#undef _R -} - -PackedByteArray CodeSignRequirements::get_hash_sha1() const { - PackedByteArray hash; - hash.resize(0x14); - - CryptoCore::SHA1Context ctx; - ctx.start(); - ctx.update(blob.ptr(), blob.size()); - ctx.finish(hash.ptrw()); - - return hash; -} - -PackedByteArray CodeSignRequirements::get_hash_sha256() const { - PackedByteArray hash; - hash.resize(0x20); - - CryptoCore::SHA256Context ctx; - ctx.start(); - ctx.update(blob.ptr(), blob.size()); - ctx.finish(hash.ptrw()); - - return hash; -} - -int CodeSignRequirements::get_size() const { - return blob.size(); -} - -void CodeSignRequirements::write_to_file(Ref<FileAccess> p_file) const { - ERR_FAIL_COND_MSG(p_file.is_null(), "CodeSign/Requirements: Invalid file handle."); - p_file->store_buffer(blob.ptr(), blob.size()); -} - -/*************************************************************************/ -/* CodeSignEntitlementsText */ -/*************************************************************************/ - -CodeSignEntitlementsText::CodeSignEntitlementsText() { - blob.append_array({ 0xFA, 0xDE, 0x71, 0x71 }); // Text Entitlements set magic. - blob.append_array({ 0x00, 0x00, 0x00, 0x08 }); // Length (8 bytes). -} - -CodeSignEntitlementsText::CodeSignEntitlementsText(const String &p_string) { - CharString utf8 = p_string.utf8(); - blob.append_array({ 0xFA, 0xDE, 0x71, 0x71 }); // Text Entitlements set magic. - for (int i = 3; i >= 0; i--) { - uint8_t x = ((utf8.length() + 8) >> i * 8) & 0xFF; // Size. - blob.push_back(x); - } - for (int i = 0; i < utf8.length(); i++) { // Write data. - blob.push_back(utf8[i]); - } -} - -PackedByteArray CodeSignEntitlementsText::get_hash_sha1() const { - PackedByteArray hash; - hash.resize(0x14); - - CryptoCore::SHA1Context ctx; - ctx.start(); - ctx.update(blob.ptr(), blob.size()); - ctx.finish(hash.ptrw()); - - return hash; -} - -PackedByteArray CodeSignEntitlementsText::get_hash_sha256() const { - PackedByteArray hash; - hash.resize(0x20); - - CryptoCore::SHA256Context ctx; - ctx.start(); - ctx.update(blob.ptr(), blob.size()); - ctx.finish(hash.ptrw()); - - return hash; -} - -int CodeSignEntitlementsText::get_size() const { - return blob.size(); -} - -void CodeSignEntitlementsText::write_to_file(Ref<FileAccess> p_file) const { - ERR_FAIL_COND_MSG(p_file.is_null(), "CodeSign/EntitlementsText: Invalid file handle."); - p_file->store_buffer(blob.ptr(), blob.size()); -} - -/*************************************************************************/ -/* CodeSignEntitlementsBinary */ -/*************************************************************************/ - -CodeSignEntitlementsBinary::CodeSignEntitlementsBinary() { - blob.append_array({ 0xFA, 0xDE, 0x71, 0x72 }); // Binary Entitlements magic. - blob.append_array({ 0x00, 0x00, 0x00, 0x08 }); // Length (8 bytes). -} - -CodeSignEntitlementsBinary::CodeSignEntitlementsBinary(const String &p_string) { - PList pl = PList(p_string); - - PackedByteArray asn1 = pl.save_asn1(); - blob.append_array({ 0xFA, 0xDE, 0x71, 0x72 }); // Binary Entitlements magic. - uint32_t size = asn1.size() + 8; - for (int i = 3; i >= 0; i--) { - uint8_t x = (size >> i * 8) & 0xFF; // Size. - blob.push_back(x); - } - blob.append_array(asn1); // Write data. -} - -PackedByteArray CodeSignEntitlementsBinary::get_hash_sha1() const { - PackedByteArray hash; - hash.resize(0x14); - - CryptoCore::SHA1Context ctx; - ctx.start(); - ctx.update(blob.ptr(), blob.size()); - ctx.finish(hash.ptrw()); - - return hash; -} - -PackedByteArray CodeSignEntitlementsBinary::get_hash_sha256() const { - PackedByteArray hash; - hash.resize(0x20); - - CryptoCore::SHA256Context ctx; - ctx.start(); - ctx.update(blob.ptr(), blob.size()); - ctx.finish(hash.ptrw()); - - return hash; -} - -int CodeSignEntitlementsBinary::get_size() const { - return blob.size(); -} - -void CodeSignEntitlementsBinary::write_to_file(Ref<FileAccess> p_file) const { - ERR_FAIL_COND_MSG(p_file.is_null(), "CodeSign/EntitlementsBinary: Invalid file handle."); - p_file->store_buffer(blob.ptr(), blob.size()); -} - -/*************************************************************************/ -/* CodeSignCodeDirectory */ -/*************************************************************************/ - -CodeSignCodeDirectory::CodeSignCodeDirectory() { - blob.append_array({ 0xFA, 0xDE, 0x0C, 0x02 }); // Code Directory magic. - blob.append_array({ 0x00, 0x00, 0x00, 0x00 }); // Size (8 bytes). -} - -CodeSignCodeDirectory::CodeSignCodeDirectory(uint8_t p_hash_size, uint8_t p_hash_type, bool p_main, const CharString &p_id, const CharString &p_team_id, uint32_t p_page_size, uint64_t p_exe_limit, uint64_t p_code_limit) { - pages = p_code_limit / (uint64_t(1) << p_page_size); - remain = p_code_limit % (uint64_t(1) << p_page_size); - code_slots = pages + (remain > 0 ? 1 : 0); - special_slots = 7; - - int cd_size = 8 + sizeof(CodeDirectoryHeader) + (code_slots + special_slots) * p_hash_size + p_id.size() + p_team_id.size(); - int cd_off = 8 + sizeof(CodeDirectoryHeader); - blob.append_array({ 0xFA, 0xDE, 0x0C, 0x02 }); // Code Directory magic. - for (int i = 3; i >= 0; i--) { - uint8_t x = (cd_size >> i * 8) & 0xFF; // Size. - blob.push_back(x); - } - blob.resize(cd_size); - memset(blob.ptrw() + 8, 0x00, cd_size - 8); - CodeDirectoryHeader *cd = reinterpret_cast<CodeDirectoryHeader *>(blob.ptrw() + 8); - - bool is_64_cl = (p_code_limit >= std::numeric_limits<uint32_t>::max()); - - // Version and options. - cd->version = BSWAP32(0x20500); - cd->flags = BSWAP32(SIGNATURE_ADHOC | SIGNATURE_RUNTIME); - cd->special_slots = BSWAP32(special_slots); - cd->code_slots = BSWAP32(code_slots); - if (is_64_cl) { - cd->code_limit_64 = BSWAP64(p_code_limit); - } else { - cd->code_limit = BSWAP32(p_code_limit); - } - cd->hash_size = p_hash_size; - cd->hash_type = p_hash_type; - cd->page_size = p_page_size; - cd->exec_seg_base = 0x00; - cd->exec_seg_limit = BSWAP64(p_exe_limit); - cd->exec_seg_flags = 0; - if (p_main) { - cd->exec_seg_flags |= EXECSEG_MAIN_BINARY; - } - cd->exec_seg_flags = BSWAP64(cd->exec_seg_flags); - uint32_t version = (11 << 16) + (3 << 8) + 0; // Version 11.3.0 - cd->runtime = BSWAP32(version); - - // Copy ID. - cd->ident_offset = BSWAP32(cd_off); - memcpy(blob.ptrw() + cd_off, p_id.get_data(), p_id.size()); - cd_off += p_id.size(); - - // Copy Team ID. - if (p_team_id.length() > 0) { - cd->team_offset = BSWAP32(cd_off); - memcpy(blob.ptrw() + cd_off, p_team_id.get_data(), p_team_id.size()); - cd_off += p_team_id.size(); - } else { - cd->team_offset = 0; - } - - // Scatter vector. - cd->scatter_vector_offset = 0; // Not used. - - // Executable hashes offset. - cd->hash_offset = BSWAP32(cd_off + special_slots * cd->hash_size); -} - -bool CodeSignCodeDirectory::set_hash_in_slot(const PackedByteArray &p_hash, int p_slot) { - ERR_FAIL_COND_V_MSG((p_slot < -special_slots) || (p_slot >= code_slots), false, vformat("CodeSign/CodeDirectory: Invalid hash slot index: %d.", p_slot)); - CodeDirectoryHeader *cd = reinterpret_cast<CodeDirectoryHeader *>(blob.ptrw() + 8); - for (int i = 0; i < cd->hash_size; i++) { - blob.write[BSWAP32(cd->hash_offset) + p_slot * cd->hash_size + i] = p_hash[i]; - } - return true; -} - -int32_t CodeSignCodeDirectory::get_page_count() { - return pages; -} - -int32_t CodeSignCodeDirectory::get_page_remainder() { - return remain; -} - -PackedByteArray CodeSignCodeDirectory::get_hash_sha1() const { - PackedByteArray hash; - hash.resize(0x14); - - CryptoCore::SHA1Context ctx; - ctx.start(); - ctx.update(blob.ptr(), blob.size()); - ctx.finish(hash.ptrw()); - - return hash; -} - -PackedByteArray CodeSignCodeDirectory::get_hash_sha256() const { - PackedByteArray hash; - hash.resize(0x20); - - CryptoCore::SHA256Context ctx; - ctx.start(); - ctx.update(blob.ptr(), blob.size()); - ctx.finish(hash.ptrw()); - - return hash; -} - -int CodeSignCodeDirectory::get_size() const { - return blob.size(); -} - -void CodeSignCodeDirectory::write_to_file(Ref<FileAccess> p_file) const { - ERR_FAIL_COND_MSG(p_file.is_null(), "CodeSign/CodeDirectory: Invalid file handle."); - p_file->store_buffer(blob.ptr(), blob.size()); -} - -/*************************************************************************/ -/* CodeSignSignature */ -/*************************************************************************/ - -CodeSignSignature::CodeSignSignature() { - blob.append_array({ 0xFA, 0xDE, 0x0B, 0x01 }); // Signature magic. - uint32_t sign_size = 8; // Ad-hoc signature is empty. - for (int i = 3; i >= 0; i--) { - uint8_t x = (sign_size >> i * 8) & 0xFF; // Size. - blob.push_back(x); - } -} - -PackedByteArray CodeSignSignature::get_hash_sha1() const { - PackedByteArray hash; - hash.resize(0x14); - - CryptoCore::SHA1Context ctx; - ctx.start(); - ctx.update(blob.ptr(), blob.size()); - ctx.finish(hash.ptrw()); - - return hash; -} - -PackedByteArray CodeSignSignature::get_hash_sha256() const { - PackedByteArray hash; - hash.resize(0x20); - - CryptoCore::SHA256Context ctx; - ctx.start(); - ctx.update(blob.ptr(), blob.size()); - ctx.finish(hash.ptrw()); - - return hash; -} - -int CodeSignSignature::get_size() const { - return blob.size(); -} - -void CodeSignSignature::write_to_file(Ref<FileAccess> p_file) const { - ERR_FAIL_COND_MSG(p_file.is_null(), "CodeSign/Signature: Invalid file handle."); - p_file->store_buffer(blob.ptr(), blob.size()); -} - -/*************************************************************************/ -/* CodeSignSuperBlob */ -/*************************************************************************/ - -bool CodeSignSuperBlob::add_blob(const Ref<CodeSignBlob> &p_blob) { - if (p_blob.is_valid()) { - blobs.push_back(p_blob); - return true; - } else { - return false; - } -} - -int CodeSignSuperBlob::get_size() const { - int size = 12 + blobs.size() * 8; - for (int i = 0; i < blobs.size(); i++) { - if (blobs[i].is_null()) { - return 0; - } - size += blobs[i]->get_size(); - } - return size; -} - -void CodeSignSuperBlob::write_to_file(Ref<FileAccess> p_file) const { - ERR_FAIL_COND_MSG(p_file.is_null(), "CodeSign/SuperBlob: Invalid file handle."); - uint32_t size = get_size(); - uint32_t data_offset = 12 + blobs.size() * 8; - - // Write header. - p_file->store_32(BSWAP32(0xfade0cc0)); - p_file->store_32(BSWAP32(size)); - p_file->store_32(BSWAP32(blobs.size())); - - // Write index. - for (int i = 0; i < blobs.size(); i++) { - if (blobs[i].is_null()) { - return; - } - p_file->store_32(BSWAP32(blobs[i]->get_index_type())); - p_file->store_32(BSWAP32(data_offset)); - data_offset += blobs[i]->get_size(); - } - - // Write blobs. - for (int i = 0; i < blobs.size(); i++) { - blobs[i]->write_to_file(p_file); - } -} - -/*************************************************************************/ -/* CodeSign */ -/*************************************************************************/ - -PackedByteArray CodeSign::file_hash_sha1(const String &p_path) { - PackedByteArray file_hash; - Ref<FileAccess> f = FileAccess::open(p_path, FileAccess::READ); - ERR_FAIL_COND_V_MSG(f.is_null(), PackedByteArray(), vformat("CodeSign: Can't open file: \"%s\".", p_path)); - - CryptoCore::SHA1Context ctx; - ctx.start(); - - unsigned char step[4096]; - while (true) { - uint64_t br = f->get_buffer(step, 4096); - if (br > 0) { - ctx.update(step, br); - } - if (br < 4096) { - break; - } - } - - file_hash.resize(0x14); - ctx.finish(file_hash.ptrw()); - return file_hash; -} - -PackedByteArray CodeSign::file_hash_sha256(const String &p_path) { - PackedByteArray file_hash; - Ref<FileAccess> f = FileAccess::open(p_path, FileAccess::READ); - ERR_FAIL_COND_V_MSG(f.is_null(), PackedByteArray(), vformat("CodeSign: Can't open file: \"%s\".", p_path)); - - CryptoCore::SHA256Context ctx; - ctx.start(); - - unsigned char step[4096]; - while (true) { - uint64_t br = f->get_buffer(step, 4096); - if (br > 0) { - ctx.update(step, br); - } - if (br < 4096) { - break; - } - } - - file_hash.resize(0x20); - ctx.finish(file_hash.ptrw()); - return file_hash; -} - -Error CodeSign::_codesign_file(bool p_use_hardened_runtime, bool p_force, const String &p_info, const String &p_exe_path, const String &p_bundle_path, const String &p_ent_path, bool p_ios_bundle, String &r_error_msg) { -#define CLEANUP() \ - if (files_to_sign.size() > 1) { \ - for (int j = 0; j < files_to_sign.size(); j++) { \ - da->remove(files_to_sign[j]); \ - } \ - } - - print_verbose(vformat("CodeSign: Signing executable: %s, bundle: %s with entitlements %s", p_exe_path, p_bundle_path, p_ent_path)); - - PackedByteArray info_hash1, info_hash2; - PackedByteArray res_hash1, res_hash2; - String id; - String main_exe = p_exe_path; - - Ref<DirAccess> da = DirAccess::create(DirAccess::ACCESS_FILESYSTEM); - if (da.is_null()) { - r_error_msg = TTR("Can't get filesystem access."); - ERR_FAIL_V_MSG(ERR_CANT_CREATE, "CodeSign: Can't get filesystem access."); - } - - // Read Info.plist. - if (!p_info.is_empty()) { - print_verbose("CodeSign: Reading bundle info..."); - PList info_plist; - if (info_plist.load_file(p_info)) { - info_hash1 = file_hash_sha1(p_info); - info_hash2 = file_hash_sha256(p_info); - if (info_hash1.is_empty() || info_hash2.is_empty()) { - r_error_msg = TTR("Failed to get Info.plist hash."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Failed to get Info.plist hash."); - } - - if (info_plist.get_root()->data_type == PList::PLNodeType::PL_NODE_TYPE_DICT && info_plist.get_root()->data_dict.has("CFBundleExecutable")) { - main_exe = p_exe_path.path_join(String::utf8(info_plist.get_root()->data_dict["CFBundleExecutable"]->data_string.get_data())); - } else { - r_error_msg = TTR("Invalid Info.plist, no exe name."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Invalid Info.plist, no exe name."); - } - - if (info_plist.get_root()->data_type == PList::PLNodeType::PL_NODE_TYPE_DICT && info_plist.get_root()->data_dict.has("CFBundleIdentifier")) { - id = info_plist.get_root()->data_dict["CFBundleIdentifier"]->data_string.get_data(); - } else { - r_error_msg = TTR("Invalid Info.plist, no bundle id."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Invalid Info.plist, no bundle id."); - } - } else { - r_error_msg = TTR("Invalid Info.plist, can't load."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Invalid Info.plist, can't load."); - } - } - - // Extract fat binary. - Vector<String> files_to_sign; - if (LipO::is_lipo(main_exe)) { - print_verbose(vformat("CodeSign: Executable is fat, extracting...")); - String tmp_path_name = EditorPaths::get_singleton()->get_cache_dir().path_join("_lipo"); - Error err = da->make_dir_recursive(tmp_path_name); - if (err != OK) { - r_error_msg = vformat(TTR("Failed to create \"%s\" subfolder."), tmp_path_name); - ERR_FAIL_V_MSG(FAILED, vformat("CodeSign: Failed to create \"%s\" subfolder.", tmp_path_name)); - } - LipO lip; - if (lip.open_file(main_exe)) { - for (int i = 0; i < lip.get_arch_count(); i++) { - if (!lip.extract_arch(i, tmp_path_name.path_join("_exe_" + itos(i)))) { - CLEANUP(); - r_error_msg = TTR("Failed to extract thin binary."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Failed to extract thin binary."); - } - files_to_sign.push_back(tmp_path_name.path_join("_exe_" + itos(i))); - } - } - } else if (MachO::is_macho(main_exe)) { - print_verbose("CodeSign: Executable is thin..."); - files_to_sign.push_back(main_exe); - } else { - r_error_msg = TTR("Invalid binary format."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Invalid binary format."); - } - - // Check if it's already signed. - if (!p_force) { - for (int i = 0; i < files_to_sign.size(); i++) { - MachO mh; - mh.open_file(files_to_sign[i]); - if (mh.is_signed()) { - CLEANUP(); - r_error_msg = TTR("Already signed!"); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Already signed!"); - } - } - } - - // Generate core resources. - if (!p_bundle_path.is_empty()) { - print_verbose("CodeSign: Generating bundle CodeResources..."); - CodeSignCodeResources cr; - - if (p_ios_bundle) { - cr.add_rule1("^.*"); - cr.add_rule1("^.*\\.lproj/", "optional", 100); - cr.add_rule1("^.*\\.lproj/locversion.plist$", "omit", 1100); - cr.add_rule1("^Base\\.lproj/", "", 1010); - cr.add_rule1("^version.plist$"); - - cr.add_rule2(".*\\.dSYM($|/)", "", 11); - cr.add_rule2("^(.*/)?\\.DS_Store$", "omit", 2000); - cr.add_rule2("^.*"); - cr.add_rule2("^.*\\.lproj/", "optional", 1000); - cr.add_rule2("^.*\\.lproj/locversion.plist$", "omit", 1100); - cr.add_rule2("^Base\\.lproj/", "", 1010); - cr.add_rule2("^Info\\.plist$", "omit", 20); - cr.add_rule2("^PkgInfo$", "omit", 20); - cr.add_rule2("^embedded\\.provisionprofile$", "", 10); - cr.add_rule2("^version\\.plist$", "", 20); - - cr.add_rule2("^_MASReceipt", "omit", 2000, false); - cr.add_rule2("^_CodeSignature", "omit", 2000, false); - cr.add_rule2("^CodeResources", "omit", 2000, false); - } else { - cr.add_rule1("^Resources/"); - cr.add_rule1("^Resources/.*\\.lproj/", "optional", 1000); - cr.add_rule1("^Resources/.*\\.lproj/locversion.plist$", "omit", 1100); - cr.add_rule1("^Resources/Base\\.lproj/", "", 1010); - cr.add_rule1("^version.plist$"); - - cr.add_rule2(".*\\.dSYM($|/)", "", 11); - cr.add_rule2("^(.*/)?\\.DS_Store$", "omit", 2000); - cr.add_rule2("^(Frameworks|SharedFrameworks|PlugIns|Plug-ins|XPCServices|Helpers|MacOS|Library/(Automator|Spotlight|LoginItems))/", "nested", 10); - cr.add_rule2("^.*"); - cr.add_rule2("^Info\\.plist$", "omit", 20); - cr.add_rule2("^PkgInfo$", "omit", 20); - cr.add_rule2("^Resources/", "", 20); - cr.add_rule2("^Resources/.*\\.lproj/", "optional", 1000); - cr.add_rule2("^Resources/.*\\.lproj/locversion.plist$", "omit", 1100); - cr.add_rule2("^Resources/Base\\.lproj/", "", 1010); - cr.add_rule2("^[^/]+$", "nested", 10); - cr.add_rule2("^embedded\\.provisionprofile$", "", 10); - cr.add_rule2("^version\\.plist$", "", 20); - cr.add_rule2("^_MASReceipt", "omit", 2000, false); - cr.add_rule2("^_CodeSignature", "omit", 2000, false); - cr.add_rule2("^CodeResources", "omit", 2000, false); - } - - if (!cr.add_folder_recursive(p_bundle_path, "", main_exe)) { - CLEANUP(); - r_error_msg = TTR("Failed to process nested resources."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Failed to process nested resources."); - } - Error err = da->make_dir_recursive(p_bundle_path.path_join("_CodeSignature")); - if (err != OK) { - CLEANUP(); - r_error_msg = TTR("Failed to create _CodeSignature subfolder."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Failed to create _CodeSignature subfolder."); - } - cr.save_to_file(p_bundle_path.path_join("_CodeSignature").path_join("CodeResources")); - res_hash1 = file_hash_sha1(p_bundle_path.path_join("_CodeSignature").path_join("CodeResources")); - res_hash2 = file_hash_sha256(p_bundle_path.path_join("_CodeSignature").path_join("CodeResources")); - if (res_hash1.is_empty() || res_hash2.is_empty()) { - CLEANUP(); - r_error_msg = TTR("Failed to get CodeResources hash."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Failed to get CodeResources hash."); - } - } - - // Generate common signature structures. - if (id.is_empty()) { - CryptoCore::RandomGenerator rng; - ERR_FAIL_COND_V_MSG(rng.init(), FAILED, "Failed to initialize random number generator."); - uint8_t uuid[16]; - Error err = rng.get_random_bytes(uuid, 16); - ERR_FAIL_COND_V_MSG(err, err, "Failed to generate UUID."); - id = (String("a-55554944") /*a-UUID*/ + String::hex_encode_buffer(uuid, 16)); - } - CharString uuid_str = id.utf8(); - print_verbose(vformat("CodeSign: Used bundle ID: %s", id)); - - print_verbose("CodeSign: Processing entitlements..."); - - Ref<CodeSignEntitlementsText> cet; - Ref<CodeSignEntitlementsBinary> ceb; - if (!p_ent_path.is_empty()) { - String entitlements = FileAccess::get_file_as_string(p_ent_path); - if (entitlements.is_empty()) { - CLEANUP(); - r_error_msg = TTR("Invalid entitlements file."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Invalid entitlements file."); - } - cet = Ref<CodeSignEntitlementsText>(memnew(CodeSignEntitlementsText(entitlements))); - ceb = Ref<CodeSignEntitlementsBinary>(memnew(CodeSignEntitlementsBinary(entitlements))); - } - - print_verbose("CodeSign: Generating requirements..."); - Ref<CodeSignRequirements> rq; - String team_id = ""; - rq = Ref<CodeSignRequirements>(memnew(CodeSignRequirements())); - - // Sign executables. - for (int i = 0; i < files_to_sign.size(); i++) { - MachO mh; - if (!mh.open_file(files_to_sign[i])) { - CLEANUP(); - r_error_msg = TTR("Invalid executable file."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Invalid executable file."); - } - print_verbose(vformat("CodeSign: Signing executable for cputype: %d ...", mh.get_cputype())); - - print_verbose("CodeSign: Generating CodeDirectory..."); - Ref<CodeSignCodeDirectory> cd1 = memnew(CodeSignCodeDirectory(0x14, 0x01, true, uuid_str, team_id.utf8(), 12, mh.get_exe_limit(), mh.get_code_limit())); - Ref<CodeSignCodeDirectory> cd2 = memnew(CodeSignCodeDirectory(0x20, 0x02, true, uuid_str, team_id.utf8(), 12, mh.get_exe_limit(), mh.get_code_limit())); - print_verbose("CodeSign: Calculating special slot hashes..."); - if (info_hash2.size() == 0x20) { - cd2->set_hash_in_slot(info_hash2, CodeSignCodeDirectory::SLOT_INFO_PLIST); - } - if (info_hash1.size() == 0x14) { - cd1->set_hash_in_slot(info_hash1, CodeSignCodeDirectory::SLOT_INFO_PLIST); - } - cd1->set_hash_in_slot(rq->get_hash_sha1(), CodeSignCodeDirectory::Slot::SLOT_REQUIREMENTS); - cd2->set_hash_in_slot(rq->get_hash_sha256(), CodeSignCodeDirectory::Slot::SLOT_REQUIREMENTS); - if (res_hash2.size() == 0x20) { - cd2->set_hash_in_slot(res_hash2, CodeSignCodeDirectory::SLOT_RESOURCES); - } - if (res_hash1.size() == 0x14) { - cd1->set_hash_in_slot(res_hash1, CodeSignCodeDirectory::SLOT_RESOURCES); - } - if (cet.is_valid()) { - cd1->set_hash_in_slot(cet->get_hash_sha1(), CodeSignCodeDirectory::Slot::SLOT_ENTITLEMENTS); //Text variant. - cd2->set_hash_in_slot(cet->get_hash_sha256(), CodeSignCodeDirectory::Slot::SLOT_ENTITLEMENTS); - } - if (ceb.is_valid()) { - cd1->set_hash_in_slot(ceb->get_hash_sha1(), CodeSignCodeDirectory::Slot::SLOT_DER_ENTITLEMENTS); //ASN.1 variant. - cd2->set_hash_in_slot(ceb->get_hash_sha256(), CodeSignCodeDirectory::Slot::SLOT_DER_ENTITLEMENTS); - } - - // Calculate signature size. - int sign_size = 12; // SuperBlob header. - sign_size += cd1->get_size() + 8; - sign_size += cd2->get_size() + 8; - sign_size += rq->get_size() + 8; - if (cet.is_valid()) { - sign_size += cet->get_size() + 8; - } - if (ceb.is_valid()) { - sign_size += ceb->get_size() + 8; - } - sign_size += 16; // Empty signature size. - - // Alloc/resize signature load command. - print_verbose(vformat("CodeSign: Reallocating space for the signature superblob (%d)...", sign_size)); - if (!mh.set_signature_size(sign_size)) { - CLEANUP(); - r_error_msg = TTR("Can't resize signature load command."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Can't resize signature load command."); - } - - print_verbose("CodeSign: Calculating executable code hashes..."); - // Calculate executable code hashes. - PackedByteArray buffer; - PackedByteArray hash1, hash2; - hash1.resize(0x14); - hash2.resize(0x20); - buffer.resize(1 << 12); - mh.get_file()->seek(0); - for (int32_t j = 0; j < cd2->get_page_count(); j++) { - mh.get_file()->get_buffer(buffer.ptrw(), (1 << 12)); - CryptoCore::SHA256Context ctx2; - ctx2.start(); - ctx2.update(buffer.ptr(), (1 << 12)); - ctx2.finish(hash2.ptrw()); - cd2->set_hash_in_slot(hash2, j); - - CryptoCore::SHA1Context ctx1; - ctx1.start(); - ctx1.update(buffer.ptr(), (1 << 12)); - ctx1.finish(hash1.ptrw()); - cd1->set_hash_in_slot(hash1, j); - } - if (cd2->get_page_remainder() > 0) { - mh.get_file()->get_buffer(buffer.ptrw(), cd2->get_page_remainder()); - CryptoCore::SHA256Context ctx2; - ctx2.start(); - ctx2.update(buffer.ptr(), cd2->get_page_remainder()); - ctx2.finish(hash2.ptrw()); - cd2->set_hash_in_slot(hash2, cd2->get_page_count()); - - CryptoCore::SHA1Context ctx1; - ctx1.start(); - ctx1.update(buffer.ptr(), cd1->get_page_remainder()); - ctx1.finish(hash1.ptrw()); - cd1->set_hash_in_slot(hash1, cd1->get_page_count()); - } - - print_verbose("CodeSign: Generating signature..."); - Ref<CodeSignSignature> cs; - cs = Ref<CodeSignSignature>(memnew(CodeSignSignature())); - - print_verbose("CodeSign: Writing signature superblob..."); - // Write signature data to the executable. - CodeSignSuperBlob sb = CodeSignSuperBlob(); - sb.add_blob(cd2); - sb.add_blob(cd1); - sb.add_blob(rq); - if (cet.is_valid()) { - sb.add_blob(cet); - } - if (ceb.is_valid()) { - sb.add_blob(ceb); - } - sb.add_blob(cs); - mh.get_file()->seek(mh.get_signature_offset()); - sb.write_to_file(mh.get_file()); - } - if (files_to_sign.size() > 1) { - print_verbose("CodeSign: Rebuilding fat executable..."); - LipO lip; - if (!lip.create_file(main_exe, files_to_sign)) { - CLEANUP(); - r_error_msg = TTR("Failed to create fat binary."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Failed to create fat binary."); - } - CLEANUP(); - } - FileAccess::set_unix_permissions(main_exe, 0755); // Restore unix permissions. - return OK; -#undef CLEANUP -} - -Error CodeSign::codesign(bool p_use_hardened_runtime, bool p_force, const String &p_path, const String &p_ent_path, String &r_error_msg) { - Ref<DirAccess> da = DirAccess::create(DirAccess::ACCESS_FILESYSTEM); - if (da.is_null()) { - r_error_msg = TTR("Can't get filesystem access."); - ERR_FAIL_V_MSG(ERR_CANT_CREATE, "CodeSign: Can't get filesystem access."); - } - - if (da->dir_exists(p_path)) { - String fmw_ver = "Current"; // Framework version (default). - String info_path; - String main_exe; - String bundle_path; - bool bundle = false; - bool ios_bundle = false; - if (da->file_exists(p_path.path_join("Contents/Info.plist"))) { - info_path = p_path.path_join("Contents/Info.plist"); - main_exe = p_path.path_join("Contents/MacOS"); - bundle_path = p_path.path_join("Contents"); - bundle = true; - } else if (da->file_exists(p_path.path_join(vformat("Versions/%s/Resources/Info.plist", fmw_ver)))) { - info_path = p_path.path_join(vformat("Versions/%s/Resources/Info.plist", fmw_ver)); - main_exe = p_path.path_join(vformat("Versions/%s", fmw_ver)); - bundle_path = p_path.path_join(vformat("Versions/%s", fmw_ver)); - bundle = true; - } else if (da->file_exists(p_path.path_join("Info.plist"))) { - info_path = p_path.path_join("Info.plist"); - main_exe = p_path; - bundle_path = p_path; - bundle = true; - ios_bundle = true; - } - if (bundle) { - return _codesign_file(p_use_hardened_runtime, p_force, info_path, main_exe, bundle_path, p_ent_path, ios_bundle, r_error_msg); - } else { - r_error_msg = TTR("Unknown bundle type."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Unknown bundle type."); - } - } else if (da->file_exists(p_path)) { - return _codesign_file(p_use_hardened_runtime, p_force, "", p_path, "", p_ent_path, false, r_error_msg); - } else { - r_error_msg = TTR("Unknown object type."); - ERR_FAIL_V_MSG(FAILED, "CodeSign: Unknown object type."); - } -} - -#endif // MODULE_REGEX_ENABLED diff --git a/platform/macos/export/codesign.h b/platform/macos/export/codesign.h deleted file mode 100644 index 3e61751a96..0000000000 --- a/platform/macos/export/codesign.h +++ /dev/null @@ -1,368 +0,0 @@ -/**************************************************************************/ -/* codesign.h */ -/**************************************************************************/ -/* This file is part of: */ -/* GODOT ENGINE */ -/* https://godotengine.org */ -/**************************************************************************/ -/* Copyright (c) 2014-present Godot Engine contributors (see AUTHORS.md). */ -/* Copyright (c) 2007-2014 Juan Linietsky, Ariel Manzur. */ -/* */ -/* Permission is hereby granted, free of charge, to any person obtaining */ -/* a copy of this software and associated documentation files (the */ -/* "Software"), to deal in the Software without restriction, including */ -/* without limitation the rights to use, copy, modify, merge, publish, */ -/* distribute, sublicense, and/or sell copies of the Software, and to */ -/* permit persons to whom the Software is furnished to do so, subject to */ -/* the following conditions: */ -/* */ -/* The above copyright notice and this permission notice shall be */ -/* included in all copies or substantial portions of the Software. */ -/* */ -/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */ -/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */ -/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. */ -/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */ -/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */ -/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */ -/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ -/**************************************************************************/ - -#ifndef MACOS_CODESIGN_H -#define MACOS_CODESIGN_H - -// macOS code signature creation utility. -// -// Current implementation has the following limitation: -// - Only version 11.3.0 signatures are supported. -// - Only "framework" and "app" bundle types are supported. -// - Page hash array scattering is not supported. -// - Reading and writing binary property lists i snot supported (third-party frameworks with binary Info.plist will not work unless .plist is converted to text format). -// - Requirements code generator is not implemented (only hard-coded requirements for the ad-hoc signing is supported). -// - RFC5652/CMS blob generation is not implemented, supports ad-hoc signing only. - -#include "plist.h" - -#include "core/crypto/crypto_core.h" -#include "core/io/dir_access.h" -#include "core/io/file_access.h" -#include "core/object/ref_counted.h" - -#include "modules/modules_enabled.gen.h" // For regex. -#ifdef MODULE_REGEX_ENABLED -#include "modules/regex/regex.h" -#endif - -#ifdef MODULE_REGEX_ENABLED - -/*************************************************************************/ -/* CodeSignCodeResources */ -/*************************************************************************/ - -class CodeSignCodeResources { -public: - enum class CRMatch { - CR_MATCH_NO, - CR_MATCH_YES, - CR_MATCH_NESTED, - CR_MATCH_OPTIONAL, - }; - -private: - struct CRFile { - String name; - String hash; - String hash2; - bool optional; - bool nested; - String requirements; - }; - - struct CRRule { - String file_pattern; - String key; - int weight; - bool store; - CRRule() { - weight = 1; - store = true; - } - CRRule(const String &p_file_pattern, const String &p_key, int p_weight, bool p_store) { - file_pattern = p_file_pattern; - key = p_key; - weight = p_weight; - store = p_store; - } - }; - - Vector<CRRule> rules1; - Vector<CRRule> rules2; - - Vector<CRFile> files1; - Vector<CRFile> files2; - - String hash_sha1_base64(const String &p_path); - String hash_sha256_base64(const String &p_path); - -public: - void add_rule1(const String &p_rule, const String &p_key = "", int p_weight = 0, bool p_store = true); - void add_rule2(const String &p_rule, const String &p_key = "", int p_weight = 0, bool p_store = true); - - CRMatch match_rules1(const String &p_path) const; - CRMatch match_rules2(const String &p_path) const; - - bool add_file1(const String &p_root, const String &p_path); - bool add_file2(const String &p_root, const String &p_path); - bool add_nested_file(const String &p_root, const String &p_path, const String &p_exepath); - - bool add_folder_recursive(const String &p_root, const String &p_path = "", const String &p_main_exe_path = ""); - - bool save_to_file(const String &p_path); -}; - -/*************************************************************************/ -/* CodeSignBlob */ -/*************************************************************************/ - -class CodeSignBlob : public RefCounted { -public: - virtual PackedByteArray get_hash_sha1() const = 0; - virtual PackedByteArray get_hash_sha256() const = 0; - - virtual int get_size() const = 0; - virtual uint32_t get_index_type() const = 0; - - virtual void write_to_file(Ref<FileAccess> p_file) const = 0; -}; - -/*************************************************************************/ -/* CodeSignRequirements */ -/*************************************************************************/ - -// Note: Proper code generator is not implemented (any we probably won't ever need it), just a hardcoded bytecode for the limited set of cases. - -class CodeSignRequirements : public CodeSignBlob { - PackedByteArray blob; - - static inline size_t PAD(size_t s, size_t a) { - return (s % a == 0) ? 0 : (a - s % a); - } - - _FORCE_INLINE_ void _parse_certificate_slot(uint32_t &r_pos, String &r_out, uint32_t p_rq_size) const; - _FORCE_INLINE_ void _parse_key(uint32_t &r_pos, String &r_out, uint32_t p_rq_size) const; - _FORCE_INLINE_ void _parse_oid_key(uint32_t &r_pos, String &r_out, uint32_t p_rq_size) const; - _FORCE_INLINE_ void _parse_hash_string(uint32_t &r_pos, String &r_out, uint32_t p_rq_size) const; - _FORCE_INLINE_ void _parse_value(uint32_t &r_pos, String &r_out, uint32_t p_rq_size) const; - _FORCE_INLINE_ void _parse_date(uint32_t &r_pos, String &r_out, uint32_t p_rq_size) const; - _FORCE_INLINE_ bool _parse_match(uint32_t &r_pos, String &r_out, uint32_t p_rq_size) const; - -public: - CodeSignRequirements(); - CodeSignRequirements(const PackedByteArray &p_data); - - Vector<String> parse_requirements() const; - - virtual PackedByteArray get_hash_sha1() const override; - virtual PackedByteArray get_hash_sha256() const override; - - virtual int get_size() const override; - - virtual uint32_t get_index_type() const override { return 0x00000002; }; - virtual void write_to_file(Ref<FileAccess> p_file) const override; -}; - -/*************************************************************************/ -/* CodeSignEntitlementsText */ -/*************************************************************************/ - -// PList formatted entitlements. - -class CodeSignEntitlementsText : public CodeSignBlob { - PackedByteArray blob; - -public: - CodeSignEntitlementsText(); - CodeSignEntitlementsText(const String &p_string); - - virtual PackedByteArray get_hash_sha1() const override; - virtual PackedByteArray get_hash_sha256() const override; - - virtual int get_size() const override; - - virtual uint32_t get_index_type() const override { return 0x00000005; }; - virtual void write_to_file(Ref<FileAccess> p_file) const override; -}; - -/*************************************************************************/ -/* CodeSignEntitlementsBinary */ -/*************************************************************************/ - -// ASN.1 serialized entitlements. - -class CodeSignEntitlementsBinary : public CodeSignBlob { - PackedByteArray blob; - -public: - CodeSignEntitlementsBinary(); - CodeSignEntitlementsBinary(const String &p_string); - - virtual PackedByteArray get_hash_sha1() const override; - virtual PackedByteArray get_hash_sha256() const override; - - virtual int get_size() const override; - - virtual uint32_t get_index_type() const override { return 0x00000007; }; - virtual void write_to_file(Ref<FileAccess> p_file) const override; -}; - -/*************************************************************************/ -/* CodeSignCodeDirectory */ -/*************************************************************************/ - -// Code Directory, runtime options, code segment and special structure hashes. - -class CodeSignCodeDirectory : public CodeSignBlob { -public: - enum Slot { - SLOT_INFO_PLIST = -1, - SLOT_REQUIREMENTS = -2, - SLOT_RESOURCES = -3, - SLOT_APP_SPECIFIC = -4, // Unused. - SLOT_ENTITLEMENTS = -5, - SLOT_RESERVER1 = -6, // Unused. - SLOT_DER_ENTITLEMENTS = -7, - }; - - enum CodeSignExecSegFlags { - EXECSEG_MAIN_BINARY = 0x1, - EXECSEG_ALLOW_UNSIGNED = 0x10, - EXECSEG_DEBUGGER = 0x20, - EXECSEG_JIT = 0x40, - EXECSEG_SKIP_LV = 0x80, - EXECSEG_CAN_LOAD_CDHASH = 0x100, - EXECSEG_CAN_EXEC_CDHASH = 0x200, - }; - - enum CodeSignatureFlags { - SIGNATURE_HOST = 0x0001, - SIGNATURE_ADHOC = 0x0002, - SIGNATURE_TASK_ALLOW = 0x0004, - SIGNATURE_INSTALLER = 0x0008, - SIGNATURE_FORCED_LV = 0x0010, - SIGNATURE_INVALID_ALLOWED = 0x0020, - SIGNATURE_FORCE_HARD = 0x0100, - SIGNATURE_FORCE_KILL = 0x0200, - SIGNATURE_FORCE_EXPIRATION = 0x0400, - SIGNATURE_RESTRICT = 0x0800, - SIGNATURE_ENFORCEMENT = 0x1000, - SIGNATURE_LIBRARY_VALIDATION = 0x2000, - SIGNATURE_ENTITLEMENTS_VALIDATED = 0x4000, - SIGNATURE_NVRAM_UNRESTRICTED = 0x8000, - SIGNATURE_RUNTIME = 0x10000, - SIGNATURE_LINKER_SIGNED = 0x20000, - }; - -private: - PackedByteArray blob; - - struct CodeDirectoryHeader { - uint32_t version; // Using version 0x0020500. - uint32_t flags; // // Option flags. - uint32_t hash_offset; // Slot zero offset. - uint32_t ident_offset; // Identifier string offset. - uint32_t special_slots; // Nr. of slots with negative index. - uint32_t code_slots; // Nr. of slots with index >= 0, (code_limit / page_size). - uint32_t code_limit; // Everything before code signature load command offset. - uint8_t hash_size; // 20 (SHA-1) or 32 (SHA-256). - uint8_t hash_type; // 1 (SHA-1) or 2 (SHA-256). - uint8_t platform; // Not used. - uint8_t page_size; // Page size, power of two, 2^12 (4096). - uint32_t spare2; // Not used. - // Version 0x20100 - uint32_t scatter_vector_offset; // Set to 0 and ignore. - // Version 0x20200 - uint32_t team_offset; // Team id string offset. - // Version 0x20300 - uint32_t spare3; // Not used. - uint64_t code_limit_64; // Set to 0 and ignore. - // Version 0x20400 - uint64_t exec_seg_base; // Start of the signed code segmet. - uint64_t exec_seg_limit; // Code segment (__TEXT) vmsize. - uint64_t exec_seg_flags; // Executable segment flags. - // Version 0x20500 - uint32_t runtime; // Runtime version. - uint32_t pre_encrypt_offset; // Set to 0 and ignore. - }; - - int32_t pages = 0; - int32_t remain = 0; - int32_t code_slots = 0; - int32_t special_slots = 0; - -public: - CodeSignCodeDirectory(); - CodeSignCodeDirectory(uint8_t p_hash_size, uint8_t p_hash_type, bool p_main, const CharString &p_id, const CharString &p_team_id, uint32_t p_page_size, uint64_t p_exe_limit, uint64_t p_code_limit); - - int32_t get_page_count(); - int32_t get_page_remainder(); - - bool set_hash_in_slot(const PackedByteArray &p_hash, int p_slot); - - virtual PackedByteArray get_hash_sha1() const override; - virtual PackedByteArray get_hash_sha256() const override; - - virtual int get_size() const override; - virtual uint32_t get_index_type() const override { return 0x00000000; }; - - virtual void write_to_file(Ref<FileAccess> p_file) const override; -}; - -/*************************************************************************/ -/* CodeSignSignature */ -/*************************************************************************/ - -class CodeSignSignature : public CodeSignBlob { - PackedByteArray blob; - -public: - CodeSignSignature(); - - virtual PackedByteArray get_hash_sha1() const override; - virtual PackedByteArray get_hash_sha256() const override; - - virtual int get_size() const override; - virtual uint32_t get_index_type() const override { return 0x00010000; }; - - virtual void write_to_file(Ref<FileAccess> p_file) const override; -}; - -/*************************************************************************/ -/* CodeSignSuperBlob */ -/*************************************************************************/ - -class CodeSignSuperBlob { - Vector<Ref<CodeSignBlob>> blobs; - -public: - bool add_blob(const Ref<CodeSignBlob> &p_blob); - - int get_size() const; - void write_to_file(Ref<FileAccess> p_file) const; -}; - -/*************************************************************************/ -/* CodeSign */ -/*************************************************************************/ - -class CodeSign { - static PackedByteArray file_hash_sha1(const String &p_path); - static PackedByteArray file_hash_sha256(const String &p_path); - static Error _codesign_file(bool p_use_hardened_runtime, bool p_force, const String &p_info, const String &p_exe_path, const String &p_bundle_path, const String &p_ent_path, bool p_ios_bundle, String &r_error_msg); - -public: - static Error codesign(bool p_use_hardened_runtime, bool p_force, const String &p_path, const String &p_ent_path, String &r_error_msg); -}; - -#endif // MODULE_REGEX_ENABLED - -#endif // MACOS_CODESIGN_H diff --git a/platform/macos/export/export_plugin.cpp b/platform/macos/export/export_plugin.cpp index 6f9db1427b..8372600ae9 100644 --- a/platform/macos/export/export_plugin.cpp +++ b/platform/macos/export/export_plugin.cpp @@ -30,20 +30,21 @@ #include "export_plugin.h" -#include "codesign.h" -#include "lipo.h" #include "logo_svg.gen.h" -#include "macho.h" #include "run_icon_svg.gen.h" #include "core/io/image_loader.h" +#include "core/io/plist.h" #include "core/string/translation.h" #include "drivers/png/png_driver_common.h" #include "editor/editor_node.h" #include "editor/editor_paths.h" -#include "editor/editor_scale.h" #include "editor/editor_string_names.h" +#include "editor/export/codesign.h" +#include "editor/export/lipo.h" +#include "editor/export/macho.h" #include "editor/import/resource_importer_texture_settings.h" +#include "editor/themes/editor_scale.h" #include "scene/resources/image_texture.h" #include "modules/modules_enabled.gen.h" // For svg and regex. @@ -140,7 +141,7 @@ String EditorExportPlatformMacOS::get_export_option_warning(const EditorExportPr if (p_name == "codesign/codesign") { if (dist_type == 2) { - if (codesign_tool == 2 && Engine::get_singleton()->has_singleton("GodotSharp")) { + if (codesign_tool == 2 && ClassDB::class_exists("CSharpScript")) { return TTR("'rcodesign' doesn't support signing applications with embedded dynamic libraries (GDExtension or .NET)."); } if (codesign_tool == 0) { @@ -324,14 +325,25 @@ bool EditorExportPlatformMacOS::get_export_option_visibility(const EditorExportP } } break; } + + bool advanced_options_enabled = p_preset->are_advanced_options_enabled(); + if (p_option.begins_with("privacy")) { + return advanced_options_enabled; + } } // These entitlements are required to run managed code, and are always enabled in Mono builds. - if (Engine::get_singleton()->has_singleton("GodotSharp")) { + if (ClassDB::class_exists("CSharpScript")) { if (p_option == "codesign/entitlements/allow_jit_code_execution" || p_option == "codesign/entitlements/allow_unsigned_executable_memory" || p_option == "codesign/entitlements/allow_dyld_environment_variables") { return false; } } + + // Hide unsupported .NET embedding option. + if (p_option == "dotnet/embed_build_outputs") { + return false; + } + return true; } @@ -353,6 +365,9 @@ List<String> EditorExportPlatformMacOS::get_binary_extensions(const Ref<EditorEx list.push_back("dmg"); #endif list.push_back("zip"); +#ifndef WINDOWS_ENABLED + list.push_back("app"); +#endif } else if (dist_type == 2) { #ifdef MACOS_ENABLED list.push_back("pkg"); @@ -363,6 +378,58 @@ List<String> EditorExportPlatformMacOS::get_binary_extensions(const Ref<EditorEx return list; } +struct DataCollectionInfo { + String prop_name; + String type_name; +}; + +static const DataCollectionInfo data_collect_type_info[] = { + { "name", "NSPrivacyCollectedDataTypeName" }, + { "email_address", "NSPrivacyCollectedDataTypeEmailAddress" }, + { "phone_number", "NSPrivacyCollectedDataTypePhoneNumber" }, + { "physical_address", "NSPrivacyCollectedDataTypePhysicalAddress" }, + { "other_contact_info", "NSPrivacyCollectedDataTypeOtherUserContactInfo" }, + { "health", "NSPrivacyCollectedDataTypeHealth" }, + { "fitness", "NSPrivacyCollectedDataTypeFitness" }, + { "payment_info", "NSPrivacyCollectedDataTypePaymentInfo" }, + { "credit_info", "NSPrivacyCollectedDataTypeCreditInfo" }, + { "other_financial_info", "NSPrivacyCollectedDataTypeOtherFinancialInfo" }, + { "precise_location", "NSPrivacyCollectedDataTypePreciseLocation" }, + { "coarse_location", "NSPrivacyCollectedDataTypeCoarseLocation" }, + { "sensitive_info", "NSPrivacyCollectedDataTypeSensitiveInfo" }, + { "contacts", "NSPrivacyCollectedDataTypeContacts" }, + { "emails_or_text_messages", "NSPrivacyCollectedDataTypeEmailsOrTextMessages" }, + { "photos_or_videos", "NSPrivacyCollectedDataTypePhotosorVideos" }, + { "audio_data", "NSPrivacyCollectedDataTypeAudioData" }, + { "gameplay_content", "NSPrivacyCollectedDataTypeGameplayContent" }, + { "customer_support", "NSPrivacyCollectedDataTypeCustomerSupport" }, + { "other_user_content", "NSPrivacyCollectedDataTypeOtherUserContent" }, + { "browsing_history", "NSPrivacyCollectedDataTypeBrowsingHistory" }, + { "search_hhistory", "NSPrivacyCollectedDataTypeSearchHistory" }, + { "user_id", "NSPrivacyCollectedDataTypeUserID" }, + { "device_id", "NSPrivacyCollectedDataTypeDeviceID" }, + { "purchase_history", "NSPrivacyCollectedDataTypePurchaseHistory" }, + { "product_interaction", "NSPrivacyCollectedDataTypeProductInteraction" }, + { "advertising_data", "NSPrivacyCollectedDataTypeAdvertisingData" }, + { "other_usage_data", "NSPrivacyCollectedDataTypeOtherUsageData" }, + { "crash_data", "NSPrivacyCollectedDataTypeCrashData" }, + { "performance_data", "NSPrivacyCollectedDataTypePerformanceData" }, + { "other_diagnostic_data", "NSPrivacyCollectedDataTypeOtherDiagnosticData" }, + { "environment_scanning", "NSPrivacyCollectedDataTypeEnvironmentScanning" }, + { "hands", "NSPrivacyCollectedDataTypeHands" }, + { "head", "NSPrivacyCollectedDataTypeHead" }, + { "other_data_types", "NSPrivacyCollectedDataTypeOtherDataTypes" }, +}; + +static const DataCollectionInfo data_collect_purpose_info[] = { + { "Analytics", "NSPrivacyCollectedDataTypePurposeAnalytics" }, + { "App Functionality", "NSPrivacyCollectedDataTypePurposeAppFunctionality" }, + { "Developer Advertising", "NSPrivacyCollectedDataTypePurposeDeveloperAdvertising" }, + { "Third-party Advertising", "NSPrivacyCollectedDataTypePurposeThirdPartyAdvertising" }, + { "Product Personalization", "NSPrivacyCollectedDataTypePurposeProductPersonalization" }, + { "Other", "NSPrivacyCollectedDataTypePurposeOther" }, +}; + void EditorExportPlatformMacOS::get_export_options(List<ExportOption> *r_options) const { #ifdef MACOS_ENABLED r_options->push_back(ExportOption(PropertyInfo(Variant::INT, "export/distribution_type", PROPERTY_HINT_ENUM, "Testing,Distribution,App Store"), 1, true)); @@ -388,7 +455,10 @@ void EditorExportPlatformMacOS::get_export_options(List<ExportOption> *r_options r_options->push_back(ExportOption(PropertyInfo(Variant::INT, "application/export_angle", PROPERTY_HINT_ENUM, "Auto,Yes,No"), 0, true)); r_options->push_back(ExportOption(PropertyInfo(Variant::BOOL, "display/high_res"), true)); + r_options->push_back(ExportOption(PropertyInfo(Variant::STRING, "application/additional_plist_content", PROPERTY_HINT_MULTILINE_TEXT), "")); + r_options->push_back(ExportOption(PropertyInfo(Variant::STRING, "xcode/platform_build"), "14C18")); + // TODO(sgc): Need to set appropriate version when using Metal r_options->push_back(ExportOption(PropertyInfo(Variant::STRING, "xcode/sdk_version"), "13.1")); r_options->push_back(ExportOption(PropertyInfo(Variant::STRING, "xcode/sdk_build"), "22C55")); r_options->push_back(ExportOption(PropertyInfo(Variant::STRING, "xcode/sdk_name"), "macosx13.1")); @@ -472,6 +542,25 @@ void EditorExportPlatformMacOS::get_export_options(List<ExportOption> *r_options r_options->push_back(ExportOption(PropertyInfo(Variant::STRING, "privacy/removable_volumes_usage_description", PROPERTY_HINT_PLACEHOLDER_TEXT, "Provide a message if you need to use removable volumes"), "", false, true)); r_options->push_back(ExportOption(PropertyInfo(Variant::DICTIONARY, "privacy/removable_volumes_usage_description_localized", PROPERTY_HINT_LOCALIZABLE_STRING), Dictionary())); + r_options->push_back(ExportOption(PropertyInfo(Variant::BOOL, "privacy/tracking_enabled"), false)); + r_options->push_back(ExportOption(PropertyInfo(Variant::PACKED_STRING_ARRAY, "privacy/tracking_domains"), Vector<String>())); + + { + String hint; + for (uint64_t i = 0; i < sizeof(data_collect_purpose_info) / sizeof(data_collect_purpose_info[0]); ++i) { + if (i != 0) { + hint += ","; + } + hint += vformat("%s:%d", data_collect_purpose_info[i].prop_name, (1 << i)); + } + for (uint64_t i = 0; i < sizeof(data_collect_type_info) / sizeof(data_collect_type_info[0]); ++i) { + r_options->push_back(ExportOption(PropertyInfo(Variant::BOOL, vformat("privacy/collected_data/%s/collected", data_collect_type_info[i].prop_name)), false)); + r_options->push_back(ExportOption(PropertyInfo(Variant::BOOL, vformat("privacy/collected_data/%s/linked_to_user", data_collect_type_info[i].prop_name)), false)); + r_options->push_back(ExportOption(PropertyInfo(Variant::BOOL, vformat("privacy/collected_data/%s/used_for_tracking", data_collect_type_info[i].prop_name)), false)); + r_options->push_back(ExportOption(PropertyInfo(Variant::INT, vformat("privacy/collected_data/%s/collection_purposes", data_collect_type_info[i].prop_name), PROPERTY_HINT_FLAGS, hint), 0)); + } + } + String run_script = "#!/usr/bin/env bash\n" "unzip -o -q \"{temp_dir}/{archive_name}\" -d \"{temp_dir}\"\n" "open \"{temp_dir}/{exe_name}.app\" --args {cmd_args}"; @@ -494,65 +583,49 @@ void _rgba8_to_packbits_encode(int p_ch, int p_size, Vector<uint8_t> &p_source, int src_len = p_size * p_size; Vector<uint8_t> result; - result.resize(src_len * 1.25); //temp vector for rle encoded data, make it 25% larger for worst case scenario - int res_size = 0; - - uint8_t buf[128]; - int buf_size = 0; int i = 0; + const uint8_t *src = p_source.ptr(); while (i < src_len) { - uint8_t cur = p_source.ptr()[i * 4 + p_ch]; - - if (i < src_len - 2) { - if ((p_source.ptr()[(i + 1) * 4 + p_ch] == cur) && (p_source.ptr()[(i + 2) * 4 + p_ch] == cur)) { - if (buf_size > 0) { - result.write[res_size++] = (uint8_t)(buf_size - 1); - memcpy(&result.write[res_size], &buf, buf_size); - res_size += buf_size; - buf_size = 0; - } - - uint8_t lim = i + 130 >= src_len ? src_len - i - 1 : 130; - bool hit_lim = true; - - for (int j = 3; j <= lim; j++) { - if (p_source.ptr()[(i + j) * 4 + p_ch] != cur) { - hit_lim = false; - i = i + j - 1; - result.write[res_size++] = (uint8_t)(j - 3 + 0x80); - result.write[res_size++] = cur; - break; - } - } - if (hit_lim) { - result.write[res_size++] = (uint8_t)(lim - 3 + 0x80); - result.write[res_size++] = cur; - i = i + lim; - } - } else { - buf[buf_size++] = cur; - if (buf_size == 128) { - result.write[res_size++] = (uint8_t)(buf_size - 1); - memcpy(&result.write[res_size], &buf, buf_size); - res_size += buf_size; - buf_size = 0; - } + Vector<uint8_t> seq; + + uint8_t count = 0; + while (count <= 0x7f && i < src_len) { + if (i + 2 < src_len && src[i * 4 + p_ch] == src[(i + 1) * 4 + p_ch] && src[i] == src[(i + 2) * 4 + p_ch]) { + break; } - } else { - buf[buf_size++] = cur; - result.write[res_size++] = (uint8_t)(buf_size - 1); - memcpy(&result.write[res_size], &buf, buf_size); - res_size += buf_size; - buf_size = 0; + seq.push_back(src[i * 4 + p_ch]); + i++; + count++; + } + if (!seq.is_empty()) { + result.push_back(count - 1); + result.append_array(seq); + } + if (i >= src_len) { + break; } - i++; + uint8_t rep = src[i * 4 + p_ch]; + count = 0; + while (count <= 0x7f && i < src_len && src[i * 4 + p_ch] == rep) { + i++; + count++; + } + if (count >= 3) { + result.push_back(0x80 + count - 3); + result.push_back(rep); + } else { + result.push_back(count - 1); + for (int j = 0; j < count; j++) { + result.push_back(rep); + } + } } int ofs = p_dest.size(); - p_dest.resize(p_dest.size() + res_size); - memcpy(&p_dest.write[ofs], result.ptr(), res_size); + p_dest.resize(p_dest.size() + result.size()); + memcpy(&p_dest.write[ofs], result.ptr(), result.size()); } void EditorExportPlatformMacOS::_make_icon(const Ref<EditorExportPreset> &p_preset, const Ref<Image> &p_icon, Vector<uint8_t> &p_data) { @@ -615,6 +688,9 @@ void EditorExportPlatformMacOS::_make_icon(const Ref<EditorExportPreset> &p_pres _rgba8_to_packbits_encode(1, icon_infos[i].size, src_data, data); // Encode G. _rgba8_to_packbits_encode(2, icon_infos[i].size, src_data, data); // Encode B. + // Note: workaround for macOS icon decoder bug corrupting last RLE encoded value. + data.push_back(0x00); + int len = data.size() - ofs; len = BSWAP32(len); memcpy(&data.write[ofs], icon_infos[i].name, 4); @@ -645,46 +721,127 @@ void EditorExportPlatformMacOS::_make_icon(const Ref<EditorExportPreset> &p_pres p_data = data; } +void EditorExportPlatformMacOS::_fix_privacy_manifest(const Ref<EditorExportPreset> &p_preset, Vector<uint8_t> &plist) { + String str; + String strnew; + str.parse_utf8((const char *)plist.ptr(), plist.size()); + Vector<String> lines = str.split("\n"); + for (int i = 0; i < lines.size(); i++) { + if (lines[i].find("$priv_collection") != -1) { + bool section_opened = false; + for (uint64_t j = 0; j < sizeof(data_collect_type_info) / sizeof(data_collect_type_info[0]); ++j) { + bool data_collected = p_preset->get(vformat("privacy/collected_data/%s/collected", data_collect_type_info[j].prop_name)); + bool linked = p_preset->get(vformat("privacy/collected_data/%s/linked_to_user", data_collect_type_info[j].prop_name)); + bool tracking = p_preset->get(vformat("privacy/collected_data/%s/used_for_tracking", data_collect_type_info[j].prop_name)); + int purposes = p_preset->get(vformat("privacy/collected_data/%s/collection_purposes", data_collect_type_info[j].prop_name)); + if (data_collected) { + if (!section_opened) { + section_opened = true; + strnew += "\t<key>NSPrivacyCollectedDataTypes</key>\n"; + strnew += "\t<array>\n"; + } + strnew += "\t\t<dict>\n"; + strnew += "\t\t\t<key>NSPrivacyCollectedDataType</key>\n"; + strnew += vformat("\t\t\t<string>%s</string>\n", data_collect_type_info[j].type_name); + strnew += "\t\t\t\t<key>NSPrivacyCollectedDataTypeLinked</key>\n"; + if (linked) { + strnew += "\t\t\t\t<true/>\n"; + } else { + strnew += "\t\t\t\t<false/>\n"; + } + strnew += "\t\t\t\t<key>NSPrivacyCollectedDataTypeTracking</key>\n"; + if (tracking) { + strnew += "\t\t\t\t<true/>\n"; + } else { + strnew += "\t\t\t\t<false/>\n"; + } + if (purposes != 0) { + strnew += "\t\t\t\t<key>NSPrivacyCollectedDataTypePurposes</key>\n"; + strnew += "\t\t\t\t<array>\n"; + for (uint64_t k = 0; k < sizeof(data_collect_purpose_info) / sizeof(data_collect_purpose_info[0]); ++k) { + if (purposes & (1 << k)) { + strnew += vformat("\t\t\t\t\t<string>%s</string>\n", data_collect_purpose_info[k].type_name); + } + } + strnew += "\t\t\t\t</array>\n"; + } + strnew += "\t\t\t</dict>\n"; + } + } + if (section_opened) { + strnew += "\t</array>\n"; + } + } else if (lines[i].find("$priv_tracking") != -1) { + bool tracking = p_preset->get("privacy/tracking_enabled"); + strnew += "\t<key>NSPrivacyTracking</key>\n"; + if (tracking) { + strnew += "\t<true/>\n"; + } else { + strnew += "\t<false/>\n"; + } + Vector<String> tracking_domains = p_preset->get("privacy/tracking_domains"); + if (!tracking_domains.is_empty()) { + strnew += "\t<key>NSPrivacyTrackingDomains</key>\n"; + strnew += "\t<array>\n"; + for (const String &E : tracking_domains) { + strnew += "\t\t<string>" + E + "</string>\n"; + } + strnew += "\t</array>\n"; + } + } else { + strnew += lines[i] + "\n"; + } + } + + CharString cs = strnew.utf8(); + plist.resize(cs.size() - 1); + for (int i = 0; i < cs.size() - 1; i++) { + plist.write[i] = cs[i]; + } +} + void EditorExportPlatformMacOS::_fix_plist(const Ref<EditorExportPreset> &p_preset, Vector<uint8_t> &plist, const String &p_binary) { String str; String strnew; str.parse_utf8((const char *)plist.ptr(), plist.size()); Vector<String> lines = str.split("\n"); for (int i = 0; i < lines.size(); i++) { - if (lines[i].find("$binary") != -1) { + if (lines[i].contains("$binary")) { strnew += lines[i].replace("$binary", p_binary) + "\n"; - } else if (lines[i].find("$name") != -1) { + } else if (lines[i].contains("$name")) { strnew += lines[i].replace("$name", GLOBAL_GET("application/config/name")) + "\n"; - } else if (lines[i].find("$bundle_identifier") != -1) { + } else if (lines[i].contains("$bundle_identifier")) { strnew += lines[i].replace("$bundle_identifier", p_preset->get("application/bundle_identifier")) + "\n"; - } else if (lines[i].find("$short_version") != -1) { + } else if (lines[i].contains("$short_version")) { strnew += lines[i].replace("$short_version", p_preset->get_version("application/short_version")) + "\n"; - } else if (lines[i].find("$version") != -1) { + } else if (lines[i].contains("$version")) { strnew += lines[i].replace("$version", p_preset->get_version("application/version")) + "\n"; - } else if (lines[i].find("$signature") != -1) { + } else if (lines[i].contains("$signature")) { strnew += lines[i].replace("$signature", p_preset->get("application/signature")) + "\n"; - } else if (lines[i].find("$app_category") != -1) { + } else if (lines[i].contains("$app_category")) { String cat = p_preset->get("application/app_category"); strnew += lines[i].replace("$app_category", cat.to_lower()) + "\n"; - } else if (lines[i].find("$copyright") != -1) { + } else if (lines[i].contains("$copyright")) { strnew += lines[i].replace("$copyright", p_preset->get("application/copyright")) + "\n"; - } else if (lines[i].find("$min_version") != -1) { + } else if (lines[i].contains("$min_version")) { strnew += lines[i].replace("$min_version", p_preset->get("application/min_macos_version")) + "\n"; - } else if (lines[i].find("$highres") != -1) { + } else if (lines[i].contains("$highres")) { strnew += lines[i].replace("$highres", p_preset->get("display/high_res") ? "\t<true/>" : "\t<false/>") + "\n"; - } else if (lines[i].find("$platfbuild") != -1) { + } else if (lines[i].contains("$additional_plist_content")) { + strnew += lines[i].replace("$additional_plist_content", p_preset->get("application/additional_plist_content")) + "\n"; + } else if (lines[i].contains("$platfbuild")) { strnew += lines[i].replace("$platfbuild", p_preset->get("xcode/platform_build")) + "\n"; - } else if (lines[i].find("$sdkver") != -1) { + } else if (lines[i].contains("$sdkver")) { strnew += lines[i].replace("$sdkver", p_preset->get("xcode/sdk_version")) + "\n"; - } else if (lines[i].find("$sdkname") != -1) { + } else if (lines[i].contains("$sdkname")) { strnew += lines[i].replace("$sdkname", p_preset->get("xcode/sdk_name")) + "\n"; - } else if (lines[i].find("$sdkbuild") != -1) { + } else if (lines[i].contains("$sdkbuild")) { strnew += lines[i].replace("$sdkbuild", p_preset->get("xcode/sdk_build")) + "\n"; - } else if (lines[i].find("$xcodever") != -1) { + } else if (lines[i].contains("$xcodever")) { strnew += lines[i].replace("$xcodever", p_preset->get("xcode/xcode_version")) + "\n"; - } else if (lines[i].find("$xcodebuild") != -1) { + } else if (lines[i].contains("$xcodebuild")) { strnew += lines[i].replace("$xcodebuild", p_preset->get("xcode/xcode_build")) + "\n"; - } else if (lines[i].find("$usage_descriptions") != -1) { + } else if (lines[i].contains("$usage_descriptions")) { String descriptions; if (!((String)p_preset->get("privacy/microphone_usage_description")).is_empty()) { descriptions += "\t<key>NSMicrophoneUsageDescription</key>\n"; @@ -908,7 +1065,7 @@ Error EditorExportPlatformMacOS::_notarize(const Ref<EditorExportPreset> &p_pres return OK; } -Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, bool p_warn) { +void EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, bool p_warn, bool p_set_id) { int codesign_tool = p_preset->get("codesign/codesign"); switch (codesign_tool) { case 1: { // built-in ad-hoc @@ -918,7 +1075,7 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre Error err = CodeSign::codesign(false, true, p_path, p_ent_path, error_msg); if (err != OK) { add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), vformat(TTR("Built-in CodeSign failed with error \"%s\"."), error_msg)); - return Error::FAILED; + return; } #else add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Built-in CodeSign require regex module.")); @@ -930,13 +1087,13 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre String rcodesign = EDITOR_GET("export/macos/rcodesign").operator String(); if (rcodesign.is_empty()) { add_message(EXPORT_MESSAGE_ERROR, TTR("Code Signing"), TTR("Xrcodesign path is not set. Configure rcodesign path in the Editor Settings (Export > macOS > rcodesign).")); - return Error::FAILED; + return; } List<String> args; args.push_back("sign"); - if (p_path.get_extension() != "dmg") { + if (!p_ent_path.is_empty()) { args.push_back("--entitlements-xml-path"); args.push_back(p_ent_path); } @@ -952,6 +1109,12 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre args.push_back("--code-signature-flags"); args.push_back("runtime"); + if (p_set_id) { + String app_id = p_preset->get("application/bundle_identifier"); + args.push_back("--binary-identifier"); + args.push_back(app_id); + } + args.push_back("-v"); /* provide some more feedback */ args.push_back(p_path); @@ -962,13 +1125,13 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre Error err = OS::get_singleton()->execute(rcodesign, args, &str, &exitcode, true); if (err != OK) { add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Could not start rcodesign executable.")); - return err; + return; } if (exitcode != 0) { print_line("rcodesign (" + p_path + "):\n" + str); add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Code signing failed, see editor log for details.")); - return Error::FAILED; + return; } else { print_verbose("rcodesign (" + p_path + "):\n" + str); } @@ -979,7 +1142,7 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre if (!FileAccess::exists("/usr/bin/codesign") && !FileAccess::exists("/bin/codesign")) { add_message(EXPORT_MESSAGE_ERROR, TTR("Code Signing"), TTR("Xcode command line tools are not installed.")); - return Error::FAILED; + return; } bool ad_hoc = (p_preset->get("codesign/identity") == "" || p_preset->get("codesign/identity") == "-"); @@ -991,7 +1154,7 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre args.push_back("runtime"); } - if (p_path.get_extension() != "dmg") { + if (!p_ent_path.is_empty()) { args.push_back("--entitlements"); args.push_back(p_ent_path); } @@ -1011,6 +1174,12 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre args.push_back(p_preset->get("codesign/identity")); } + if (p_set_id) { + String app_id = p_preset->get("application/bundle_identifier"); + args.push_back("-i"); + args.push_back(app_id); + } + args.push_back("-v"); /* provide some more feedback */ args.push_back("-f"); @@ -1022,13 +1191,13 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre Error err = OS::get_singleton()->execute("codesign", args, &str, &exitcode, true); if (err != OK) { add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Could not start codesign executable, make sure Xcode command line tools are installed.")); - return err; + return; } if (exitcode != 0) { print_line("codesign (" + p_path + "):\n" + str); add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), TTR("Code signing failed, see editor log for details.")); - return Error::FAILED; + return; } else { print_verbose("codesign (" + p_path + "):\n" + str); } @@ -1037,14 +1206,13 @@ Error EditorExportPlatformMacOS::_code_sign(const Ref<EditorExportPreset> &p_pre default: { }; } - - return OK; } -Error EditorExportPlatformMacOS::_code_sign_directory(const Ref<EditorExportPreset> &p_preset, const String &p_path, - const String &p_ent_path, bool p_should_error_on_non_code) { +void EditorExportPlatformMacOS::_code_sign_directory(const Ref<EditorExportPreset> &p_preset, const String &p_path, + const String &p_ent_path, const String &p_helper_ent_path, bool p_should_error_on_non_code) { static Vector<String> extensions_to_sign; + bool sandbox = p_preset->get("codesign/entitlements/app_sandbox/enabled"); if (extensions_to_sign.is_empty()) { extensions_to_sign.push_back("dylib"); extensions_to_sign.push_back("framework"); @@ -1055,7 +1223,8 @@ Error EditorExportPlatformMacOS::_code_sign_directory(const Ref<EditorExportPres Ref<DirAccess> dir_access{ DirAccess::open(p_path, &dir_access_error) }; if (dir_access_error != OK) { - return dir_access_error; + add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), vformat(TTR("Cannot sign directory %s."), p_path)); + return; } dir_access->list_dir_begin(); @@ -1068,35 +1237,36 @@ Error EditorExportPlatformMacOS::_code_sign_directory(const Ref<EditorExportPres continue; } - if (extensions_to_sign.find(current_file.get_extension()) > -1) { - Error code_sign_error{ _code_sign(p_preset, current_file_path, p_ent_path, false) }; - if (code_sign_error != OK) { - return code_sign_error; + if (extensions_to_sign.has(current_file.get_extension())) { + String ent_path; + bool set_bundle_id = false; + if (sandbox && FileAccess::exists(current_file_path)) { + int ftype = MachO::get_filetype(current_file_path); + if (ftype == 2 || ftype == 5) { + ent_path = p_helper_ent_path; + set_bundle_id = true; + } } + _code_sign(p_preset, current_file_path, ent_path, false, set_bundle_id); if (is_executable(current_file_path)) { // chmod with 0755 if the file is executable. FileAccess::set_unix_permissions(current_file_path, 0755); } } else if (dir_access->current_is_dir()) { - Error code_sign_error{ _code_sign_directory(p_preset, current_file_path, p_ent_path, p_should_error_on_non_code) }; - if (code_sign_error != OK) { - return code_sign_error; - } + _code_sign_directory(p_preset, current_file_path, p_ent_path, p_helper_ent_path, p_should_error_on_non_code); } else if (p_should_error_on_non_code) { add_message(EXPORT_MESSAGE_WARNING, TTR("Code Signing"), vformat(TTR("Cannot sign file %s."), current_file)); - return Error::FAILED; } current_file = dir_access->get_next(); } - - return OK; } Error EditorExportPlatformMacOS::_copy_and_sign_files(Ref<DirAccess> &dir_access, const String &p_src_path, const String &p_in_app_path, bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset, const String &p_ent_path, - bool p_should_error_on_non_code_sign) { + const String &p_helper_ent_path, + bool p_should_error_on_non_code_sign, bool p_sandbox) { static Vector<String> extensions_to_sign; if (extensions_to_sign.is_empty()) { @@ -1111,10 +1281,73 @@ Error EditorExportPlatformMacOS::_copy_and_sign_files(Ref<DirAccess> &dir_access add_message(EXPORT_MESSAGE_INFO, TTR("Export"), vformat(TTR("Relative symlinks are not supported, exported \"%s\" might be broken!"), p_src_path.get_file())); #endif print_verbose("export framework: " + p_src_path + " -> " + p_in_app_path); + + bool plist_misssing = false; + Ref<PList> plist; + plist.instantiate(); + plist->load_file(p_src_path.path_join("Resources").path_join("Info.plist")); + + Ref<PListNode> root_node = plist->get_root(); + if (root_node.is_null()) { + plist_misssing = true; + } else { + Dictionary root = root_node->get_value(); + if (!root.has("CFBundleExecutable") || !root.has("CFBundleIdentifier") || !root.has("CFBundlePackageType") || !root.has("CFBundleInfoDictionaryVersion") || !root.has("CFBundleName") || !root.has("CFBundleSupportedPlatforms")) { + plist_misssing = true; + } + } + err = dir_access->make_dir_recursive(p_in_app_path); if (err == OK) { err = dir_access->copy_dir(p_src_path, p_in_app_path, -1, true); } + if (err == OK && plist_misssing) { + add_message(EXPORT_MESSAGE_WARNING, TTR("Export"), vformat(TTR("\"%s\": Info.plist missing or invalid, new Info.plist generated."), p_src_path.get_file())); + // Generate Info.plist + String lib_name = p_src_path.get_basename().get_file(); + String lib_id = p_preset->get("application/bundle_identifier"); + String lib_clean_name = lib_name; + for (int i = 0; i < lib_clean_name.length(); i++) { + if (!is_ascii_alphanumeric_char(lib_clean_name[i]) && lib_clean_name[i] != '.' && lib_clean_name[i] != '-') { + lib_clean_name[i] = '-'; + } + } + + String info_plist_format = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n" + "<plist version=\"1.0\">\n" + " <dict>\n" + " <key>CFBundleExecutable</key>\n" + " <string>$name</string>\n" + " <key>CFBundleIdentifier</key>\n" + " <string>$id.framework.$cl_name</string>\n" + " <key>CFBundleInfoDictionaryVersion</key>\n" + " <string>6.0</string>\n" + " <key>CFBundleName</key>\n" + " <string>$name</string>\n" + " <key>CFBundlePackageType</key>\n" + " <string>FMWK</string>\n" + " <key>CFBundleShortVersionString</key>\n" + " <string>1.0.0</string>\n" + " <key>CFBundleSupportedPlatforms</key>\n" + " <array>\n" + " <string>MacOSX</string>\n" + " </array>\n" + " <key>CFBundleVersion</key>\n" + " <string>1.0.0</string>\n" + " <key>LSMinimumSystemVersion</key>\n" + " <string>10.12</string>\n" + " </dict>\n" + "</plist>"; + + String info_plist = info_plist_format.replace("$id", lib_id).replace("$name", lib_name).replace("$cl_name", lib_clean_name); + + err = dir_access->make_dir_recursive(p_in_app_path.path_join("Resources")); + Ref<FileAccess> f = FileAccess::open(p_in_app_path.path_join("Resources").path_join("Info.plist"), FileAccess::WRITE); + if (f.is_valid()) { + f->store_string(info_plist); + } + } } else { print_verbose("export dylib: " + p_src_path + " -> " + p_in_app_path); err = dir_access->copy(p_src_path, p_in_app_path); @@ -1122,10 +1355,19 @@ Error EditorExportPlatformMacOS::_copy_and_sign_files(Ref<DirAccess> &dir_access if (err == OK && p_sign_enabled) { if (dir_access->dir_exists(p_src_path) && p_src_path.get_extension().is_empty()) { // If it is a directory, find and sign all dynamic libraries. - err = _code_sign_directory(p_preset, p_in_app_path, p_ent_path, p_should_error_on_non_code_sign); + _code_sign_directory(p_preset, p_in_app_path, p_ent_path, p_helper_ent_path, p_should_error_on_non_code_sign); } else { - if (extensions_to_sign.find(p_in_app_path.get_extension()) > -1) { - err = _code_sign(p_preset, p_in_app_path, p_ent_path, false); + if (extensions_to_sign.has(p_in_app_path.get_extension())) { + String ent_path; + bool set_bundle_id = false; + if (p_sandbox && FileAccess::exists(p_in_app_path)) { + int ftype = MachO::get_filetype(p_in_app_path); + if (ftype == 2 || ftype == 5) { + ent_path = p_helper_ent_path; + set_bundle_id = true; + } + } + _code_sign(p_preset, p_in_app_path, ent_path, false, set_bundle_id); } if (dir_access->file_exists(p_in_app_path) && is_executable(p_in_app_path)) { // chmod with 0755 if the file is executable. @@ -1139,13 +1381,13 @@ Error EditorExportPlatformMacOS::_copy_and_sign_files(Ref<DirAccess> &dir_access Error EditorExportPlatformMacOS::_export_macos_plugins_for(Ref<EditorExportPlugin> p_editor_export_plugin, const String &p_app_path_name, Ref<DirAccess> &dir_access, bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset, - const String &p_ent_path) { + const String &p_ent_path, const String &p_helper_ent_path, bool p_sandbox) { Error error{ OK }; const Vector<String> &macos_plugins{ p_editor_export_plugin->get_macos_plugin_files() }; for (int i = 0; i < macos_plugins.size(); ++i) { String src_path{ ProjectSettings::get_singleton()->globalize_path(macos_plugins[i]) }; String path_in_app{ p_app_path_name + "/Contents/PlugIns/" + src_path.get_file() }; - error = _copy_and_sign_files(dir_access, src_path, path_in_app, p_sign_enabled, p_preset, p_ent_path, false); + error = _copy_and_sign_files(dir_access, src_path, path_in_app, p_sign_enabled, p_preset, p_ent_path, p_helper_ent_path, false, p_sandbox); if (error != OK) { break; } @@ -1181,7 +1423,7 @@ Error EditorExportPlatformMacOS::_create_pkg(const Ref<EditorExportPreset> &p_pr } print_verbose("productbuild returned: " + str); - if (str.find("productbuild: error:") != -1) { + if (str.contains("productbuild: error:")) { add_message(EXPORT_MESSAGE_ERROR, TTR("PKG Creation"), TTR("`productbuild` failed.")); return FAILED; } @@ -1213,8 +1455,8 @@ Error EditorExportPlatformMacOS::_create_dmg(const String &p_dmg_path, const Str } print_verbose("hdiutil returned: " + str); - if (str.find("create failed") != -1) { - if (str.find("File exists") != -1) { + if (str.contains("create failed")) { + if (str.contains("File exists")) { add_message(EXPORT_MESSAGE_ERROR, TTR("DMG Creation"), TTR("`hdiutil create` failed - file exists.")); } else { add_message(EXPORT_MESSAGE_ERROR, TTR("DMG Creation"), TTR("`hdiutil create` failed.")); @@ -1263,7 +1505,7 @@ Error EditorExportPlatformMacOS::_export_debug_script(const Ref<EditorExportPres return OK; } -Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p_preset, bool p_debug, const String &p_path, int p_flags) { +Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p_preset, bool p_debug, const String &p_path, BitField<EditorExportPlatform::DebugFlags> p_flags) { ExportNotifier notifier(*this, p_preset, p_debug, p_path, p_flags); const String base_dir = p_path.get_base_dir(); @@ -1595,6 +1837,10 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p _fix_plist(p_preset, data, pkg_name); } + if (file == "Contents/Resources/PrivacyInfo.xcprivacy") { + _fix_privacy_manifest(p_preset, data); + } + if (file.begins_with("Contents/MacOS/godot_")) { if (file != "Contents/MacOS/" + binary_to_use) { ret = unzGoToNextFile(src_pkg_zip); @@ -1722,8 +1968,9 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p add_message(EXPORT_MESSAGE_ERROR, TTR("Code Signing"), TTR("'rcodesign' doesn't support signing applications with embedded dynamic libraries.")); } + bool sandbox = p_preset->get("codesign/entitlements/app_sandbox/enabled"); String ent_path = p_preset->get("codesign/entitlements/custom_file"); - String hlp_ent_path = EditorPaths::get_singleton()->get_cache_dir().path_join(pkg_name + "_helper.entitlements"); + String hlp_ent_path = sandbox ? EditorPaths::get_singleton()->get_cache_dir().path_join(pkg_name + "_helper.entitlements") : ent_path; if (sign_enabled && (ent_path.is_empty())) { ent_path = EditorPaths::get_singleton()->get_cache_dir().path_join(pkg_name + ".entitlements"); @@ -1733,7 +1980,7 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p ent_f->store_line("<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">"); ent_f->store_line("<plist version=\"1.0\">"); ent_f->store_line("<dict>"); - if (Engine::get_singleton()->has_singleton("GodotSharp")) { + if (ClassDB::class_exists("CSharpScript")) { // These entitlements are required to run managed code, and are always enabled in Mono builds. ent_f->store_line("<key>com.apple.security.cs.allow-jit</key>"); ent_f->store_line("<true/>"); @@ -1875,7 +2122,7 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p err = ERR_CANT_CREATE; } - if ((err == OK) && helpers.size() > 0) { + if ((err == OK) && sandbox && (helpers.size() > 0 || shared_objects.size() > 0)) { ent_f = FileAccess::open(hlp_ent_path, FileAccess::WRITE); if (ent_f.is_valid()) { ent_f->store_line("<?xml version=\"1.0\" encoding=\"UTF-8\"?>"); @@ -1901,7 +2148,7 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p String hlp_path = helpers[i]; err = da->copy(hlp_path, tmp_app_path_name + "/Contents/Helpers/" + hlp_path.get_file()); if (err == OK && sign_enabled) { - err = _code_sign(p_preset, tmp_app_path_name + "/Contents/Helpers/" + hlp_path.get_file(), hlp_ent_path, false); + _code_sign(p_preset, tmp_app_path_name + "/Contents/Helpers/" + hlp_path.get_file(), hlp_ent_path, false, true); } FileAccess::set_unix_permissions(tmp_app_path_name + "/Contents/Helpers/" + hlp_path.get_file(), 0755); } @@ -1913,11 +2160,11 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p String src_path = ProjectSettings::get_singleton()->globalize_path(shared_objects[i].path); if (shared_objects[i].target.is_empty()) { String path_in_app = tmp_app_path_name + "/Contents/Frameworks/" + src_path.get_file(); - err = _copy_and_sign_files(da, src_path, path_in_app, sign_enabled, p_preset, ent_path, true); + err = _copy_and_sign_files(da, src_path, path_in_app, sign_enabled, p_preset, ent_path, hlp_ent_path, true, sandbox); } else { String path_in_app = tmp_app_path_name.path_join(shared_objects[i].target); tmp_app_dir->make_dir_recursive(path_in_app); - err = _copy_and_sign_files(da, src_path, path_in_app.path_join(src_path.get_file()), sign_enabled, p_preset, ent_path, false); + err = _copy_and_sign_files(da, src_path, path_in_app.path_join(src_path.get_file()), sign_enabled, p_preset, ent_path, hlp_ent_path, false, sandbox); } if (err != OK) { break; @@ -1926,7 +2173,7 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p Vector<Ref<EditorExportPlugin>> export_plugins{ EditorExport::get_singleton()->get_export_plugins() }; for (int i = 0; i < export_plugins.size(); ++i) { - err = _export_macos_plugins_for(export_plugins[i], tmp_app_path_name, da, sign_enabled, p_preset, ent_path); + err = _export_macos_plugins_for(export_plugins[i], tmp_app_path_name, da, sign_enabled, p_preset, ent_path, hlp_ent_path, sandbox); if (err != OK) { break; } @@ -1946,9 +2193,11 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p if (ep.step(TTR("Code signing bundle"), 2)) { return ERR_SKIP; } - err = _code_sign(p_preset, tmp_app_path_name, ent_path); + _code_sign(p_preset, tmp_app_path_name, ent_path, true, false); } + String noto_path = p_path; + bool noto_enabled = (p_preset->get("notarization/notarization").operator int() > 0); if (export_format == "dmg") { // Create a DMG. if (err == OK) { @@ -1962,7 +2211,7 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p if (ep.step(TTR("Code signing DMG"), 3)) { return ERR_SKIP; } - err = _code_sign(p_preset, p_path, ent_path, false); + _code_sign(p_preset, p_path, ent_path, false, false); } } else if (export_format == "pkg") { // Create a Installer. @@ -1990,17 +2239,36 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p zipClose(zip, nullptr); } + } else if (export_format == "app" && noto_enabled) { + // Create temporary ZIP. + if (err == OK) { + noto_path = EditorPaths::get_singleton()->get_cache_dir().path_join(pkg_name + ".zip"); + + if (ep.step(TTR("Making ZIP"), 3)) { + return ERR_SKIP; + } + if (FileAccess::exists(noto_path)) { + OS::get_singleton()->move_to_trash(noto_path); + } + + Ref<FileAccess> io_fa_dst; + zlib_filefunc_def io_dst = zipio_create_io(&io_fa_dst); + zipFile zip = zipOpen2(noto_path.utf8().get_data(), APPEND_STATUS_CREATE, nullptr, &io_dst); + + zip_folder_recursive(zip, tmp_base_path_name, tmp_app_dir_name, pkg_name); + + zipClose(zip, nullptr); + } } - bool noto_enabled = (p_preset->get("notarization/notarization").operator int() > 0); if (err == OK && noto_enabled) { - if (export_format == "app" || export_format == "pkg") { + if (export_format == "pkg") { add_message(EXPORT_MESSAGE_INFO, TTR("Notarization"), TTR("Notarization requires the app to be archived first, select the DMG or ZIP export format instead.")); } else { if (ep.step(TTR("Sending archive for notarization"), 4)) { return ERR_SKIP; } - err = _notarize(p_preset, p_path); + err = _notarize(p_preset, noto_path); } } @@ -2019,6 +2287,10 @@ Error EditorExportPlatformMacOS::export_project(const Ref<EditorExportPreset> &p tmp_app_dir->change_dir(".."); tmp_app_dir->remove(pkg_name); } + } else if (noto_path != p_path) { + if (FileAccess::exists(noto_path)) { + DirAccess::remove_file_or_error(noto_path); + } } } @@ -2051,13 +2323,17 @@ bool EditorExportPlatformMacOS::has_valid_export_configuration(const Ref<EditorE String architecture = p_preset->get("binary_format/architecture"); if (architecture == "universal" || architecture == "x86_64") { if (!ResourceImporterTextureSettings::should_import_s3tc_bptc()) { + err += TTR("Cannot export for universal or x86_64 if S3TC BPTC texture format is disabled. Enable it in the Project Settings (Rendering > Textures > VRAM Compression > Import S3TC BPTC).") + "\n"; valid = false; } - } else if (architecture == "arm64") { + } + if (architecture == "universal" || architecture == "arm64") { if (!ResourceImporterTextureSettings::should_import_etc2_astc()) { + err += TTR("Cannot export for universal or arm64 if ETC2 ASTC texture format is disabled. Enable it in the Project Settings (Rendering > Textures > VRAM Compression > Import ETC2 ASTC).") + "\n"; valid = false; } - } else { + } + if (architecture != "universal" && architecture != "x86_64" && architecture != "arm64") { ERR_PRINT("Invalid architecture"); } @@ -2091,6 +2367,26 @@ bool EditorExportPlatformMacOS::has_valid_project_configuration(const Ref<Editor }; } + const String &additional_plist_content = p_preset->get("application/additional_plist_content"); + if (!additional_plist_content.is_empty()) { + const String &plist = vformat("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">" + "<plist version=\"1.0\">" + "<dict>\n" + "%s\n" + "</dict>\n" + "</plist>\n", + additional_plist_content); + + String plist_err; + Ref<PList> plist_parser; + plist_parser.instantiate(); + if (!plist_parser->load_string(plist, plist_err)) { + err += TTR("Invalid additional PList content: ") + plist_err + "\n"; + valid = false; + } + } + List<ExportOption> options; get_export_options(&options); for (const EditorExportPlatform::ExportOption &E : options) { @@ -2215,7 +2511,7 @@ void EditorExportPlatformMacOS::cleanup() { cleanup_commands.clear(); } -Error EditorExportPlatformMacOS::run(const Ref<EditorExportPreset> &p_preset, int p_device, int p_debug_flags) { +Error EditorExportPlatformMacOS::run(const Ref<EditorExportPreset> &p_preset, int p_device, BitField<EditorExportPlatform::DebugFlags> p_debug_flags) { cleanup(); if (p_device) { // Stop command, cleanup only. return OK; @@ -2277,8 +2573,7 @@ Error EditorExportPlatformMacOS::run(const Ref<EditorExportPreset> &p_preset, in String cmd_args; { - Vector<String> cmd_args_list; - gen_debug_flags(cmd_args_list, p_debug_flags); + Vector<String> cmd_args_list = gen_export_flags(p_debug_flags); for (int i = 0; i < cmd_args_list.size(); i++) { if (i != 0) { cmd_args += " "; @@ -2287,7 +2582,7 @@ Error EditorExportPlatformMacOS::run(const Ref<EditorExportPreset> &p_preset, in } } - const bool use_remote = (p_debug_flags & DEBUG_FLAG_REMOTE_DEBUG) || (p_debug_flags & DEBUG_FLAG_DUMB_CLIENT); + const bool use_remote = p_debug_flags.has_flag(DEBUG_FLAG_REMOTE_DEBUG) || p_debug_flags.has_flag(DEBUG_FLAG_DUMB_CLIENT); int dbg_port = EditorSettings::get_singleton()->get("network/debug/remote_port"); print_line("Creating temporary directory..."); diff --git a/platform/macos/export/export_plugin.h b/platform/macos/export/export_plugin.h index 0764b63e8c..5457c687d3 100644 --- a/platform/macos/export/export_plugin.h +++ b/platform/macos/export/export_plugin.h @@ -85,18 +85,19 @@ class EditorExportPlatformMacOS : public EditorExportPlatform { OS::ProcessID ssh_pid = 0; int menu_options = 0; + void _fix_privacy_manifest(const Ref<EditorExportPreset> &p_preset, Vector<uint8_t> &plist); void _fix_plist(const Ref<EditorExportPreset> &p_preset, Vector<uint8_t> &plist, const String &p_binary); void _make_icon(const Ref<EditorExportPreset> &p_preset, const Ref<Image> &p_icon, Vector<uint8_t> &p_data); Error _notarize(const Ref<EditorExportPreset> &p_preset, const String &p_path); - Error _code_sign(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, bool p_warn = true); - Error _code_sign_directory(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, bool p_should_error_on_non_code = true); + void _code_sign(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, bool p_warn = true, bool p_set_id = false); + void _code_sign_directory(const Ref<EditorExportPreset> &p_preset, const String &p_path, const String &p_ent_path, const String &p_helper_ent_path, bool p_should_error_on_non_code = true); Error _copy_and_sign_files(Ref<DirAccess> &dir_access, const String &p_src_path, const String &p_in_app_path, - bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset, const String &p_ent_path, - bool p_should_error_on_non_code_sign); + bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset, const String &p_ent_path, const String &p_helper_ent_path, + bool p_should_error_on_non_code_sign, bool p_sandbox); Error _export_macos_plugins_for(Ref<EditorExportPlugin> p_editor_export_plugin, const String &p_app_path_name, Ref<DirAccess> &dir_access, bool p_sign_enabled, const Ref<EditorExportPreset> &p_preset, - const String &p_ent_path); + const String &p_ent_path, const String &p_helper_ent_path, bool p_sandbox); Error _create_dmg(const String &p_dmg_path, const String &p_pkg_name, const String &p_app_path_name); Error _create_pkg(const Ref<EditorExportPreset> &p_preset, const String &p_pkg_path, const String &p_app_path_name); Error _export_debug_script(const Ref<EditorExportPreset> &p_preset, const String &p_app_name, const String &p_pkg_name, const String &p_path); @@ -146,7 +147,7 @@ public: virtual bool is_executable(const String &p_path) const override; virtual List<String> get_binary_extensions(const Ref<EditorExportPreset> &p_preset) const override; - virtual Error export_project(const Ref<EditorExportPreset> &p_preset, bool p_debug, const String &p_path, int p_flags = 0) override; + virtual Error export_project(const Ref<EditorExportPreset> &p_preset, bool p_debug, const String &p_path, BitField<EditorExportPlatform::DebugFlags> p_flags = 0) override; virtual bool has_valid_export_configuration(const Ref<EditorExportPreset> &p_preset, String &r_error, bool &r_missing_templates, bool p_debug = false) const override; virtual bool has_valid_project_configuration(const Ref<EditorExportPreset> &p_preset, String &r_error) const override; @@ -166,7 +167,7 @@ public: virtual int get_options_count() const override; virtual String get_option_label(int p_index) const override; virtual String get_option_tooltip(int p_index) const override; - virtual Error run(const Ref<EditorExportPreset> &p_preset, int p_device, int p_debug_flags) override; + virtual Error run(const Ref<EditorExportPreset> &p_preset, int p_device, BitField<EditorExportPlatform::DebugFlags> p_debug_flags) override; virtual void cleanup() override; EditorExportPlatformMacOS(); diff --git a/platform/macos/export/lipo.cpp b/platform/macos/export/lipo.cpp deleted file mode 100644 index 2d77e5960d..0000000000 --- a/platform/macos/export/lipo.cpp +++ /dev/null @@ -1,232 +0,0 @@ -/**************************************************************************/ -/* lipo.cpp */ -/**************************************************************************/ -/* This file is part of: */ -/* GODOT ENGINE */ -/* https://godotengine.org */ -/**************************************************************************/ -/* Copyright (c) 2014-present Godot Engine contributors (see AUTHORS.md). */ -/* Copyright (c) 2007-2014 Juan Linietsky, Ariel Manzur. */ -/* */ -/* Permission is hereby granted, free of charge, to any person obtaining */ -/* a copy of this software and associated documentation files (the */ -/* "Software"), to deal in the Software without restriction, including */ -/* without limitation the rights to use, copy, modify, merge, publish, */ -/* distribute, sublicense, and/or sell copies of the Software, and to */ -/* permit persons to whom the Software is furnished to do so, subject to */ -/* the following conditions: */ -/* */ -/* The above copyright notice and this permission notice shall be */ -/* included in all copies or substantial portions of the Software. */ -/* */ -/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */ -/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */ -/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. */ -/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */ -/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */ -/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */ -/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ -/**************************************************************************/ - -#include "lipo.h" - -bool LipO::is_lipo(const String &p_path) { - Ref<FileAccess> fb = FileAccess::open(p_path, FileAccess::READ); - ERR_FAIL_COND_V_MSG(fb.is_null(), false, vformat("LipO: Can't open file: \"%s\".", p_path)); - uint32_t magic = fb->get_32(); - return (magic == 0xbebafeca || magic == 0xcafebabe || magic == 0xbfbafeca || magic == 0xcafebabf); -} - -bool LipO::create_file(const String &p_output_path, const PackedStringArray &p_files) { - close(); - - fa = FileAccess::open(p_output_path, FileAccess::WRITE); - ERR_FAIL_COND_V_MSG(fa.is_null(), false, vformat("LipO: Can't open file: \"%s\".", p_output_path)); - - uint64_t max_size = 0; - for (int i = 0; i < p_files.size(); i++) { - { - MachO mh; - if (!mh.open_file(p_files[i])) { - ERR_FAIL_V_MSG(false, vformat("LipO: Invalid MachO file: \"%s\".", p_files[i])); - } - - FatArch arch; - arch.cputype = mh.get_cputype(); - arch.cpusubtype = mh.get_cpusubtype(); - arch.offset = 0; - arch.size = mh.get_size(); - arch.align = mh.get_align(); - max_size += arch.size; - - archs.push_back(arch); - } - - Ref<FileAccess> fb = FileAccess::open(p_files[i], FileAccess::READ); - if (fb.is_null()) { - close(); - ERR_FAIL_V_MSG(false, vformat("LipO: Can't open file: \"%s\".", p_files[i])); - } - } - - // Write header. - bool is_64 = (max_size >= std::numeric_limits<uint32_t>::max()); - if (is_64) { - fa->store_32(0xbfbafeca); - } else { - fa->store_32(0xbebafeca); - } - fa->store_32(BSWAP32(archs.size())); - uint64_t offset = archs.size() * (is_64 ? 32 : 20) + 8; - for (int i = 0; i < archs.size(); i++) { - archs.write[i].offset = offset + PAD(offset, uint64_t(1) << archs[i].align); - if (is_64) { - fa->store_32(BSWAP32(archs[i].cputype)); - fa->store_32(BSWAP32(archs[i].cpusubtype)); - fa->store_64(BSWAP64(archs[i].offset)); - fa->store_64(BSWAP64(archs[i].size)); - fa->store_32(BSWAP32(archs[i].align)); - fa->store_32(0); - } else { - fa->store_32(BSWAP32(archs[i].cputype)); - fa->store_32(BSWAP32(archs[i].cpusubtype)); - fa->store_32(BSWAP32(archs[i].offset)); - fa->store_32(BSWAP32(archs[i].size)); - fa->store_32(BSWAP32(archs[i].align)); - } - offset = archs[i].offset + archs[i].size; - } - - // Write files and padding. - for (int i = 0; i < archs.size(); i++) { - Ref<FileAccess> fb = FileAccess::open(p_files[i], FileAccess::READ); - if (fb.is_null()) { - close(); - ERR_FAIL_V_MSG(false, vformat("LipO: Can't open file: \"%s\".", p_files[i])); - } - uint64_t cur = fa->get_position(); - for (uint64_t j = cur; j < archs[i].offset; j++) { - fa->store_8(0); - } - int pages = archs[i].size / 4096; - int remain = archs[i].size % 4096; - unsigned char step[4096]; - for (int j = 0; j < pages; j++) { - uint64_t br = fb->get_buffer(step, 4096); - if (br > 0) { - fa->store_buffer(step, br); - } - } - uint64_t br = fb->get_buffer(step, remain); - if (br > 0) { - fa->store_buffer(step, br); - } - } - return true; -} - -bool LipO::open_file(const String &p_path) { - close(); - - fa = FileAccess::open(p_path, FileAccess::READ); - ERR_FAIL_COND_V_MSG(fa.is_null(), false, vformat("LipO: Can't open file: \"%s\".", p_path)); - - uint32_t magic = fa->get_32(); - if (magic == 0xbebafeca) { - // 32-bit fat binary, bswap. - uint32_t nfat_arch = BSWAP32(fa->get_32()); - for (uint32_t i = 0; i < nfat_arch; i++) { - FatArch arch; - arch.cputype = BSWAP32(fa->get_32()); - arch.cpusubtype = BSWAP32(fa->get_32()); - arch.offset = BSWAP32(fa->get_32()); - arch.size = BSWAP32(fa->get_32()); - arch.align = BSWAP32(fa->get_32()); - - archs.push_back(arch); - } - } else if (magic == 0xcafebabe) { - // 32-bit fat binary. - uint32_t nfat_arch = fa->get_32(); - for (uint32_t i = 0; i < nfat_arch; i++) { - FatArch arch; - arch.cputype = fa->get_32(); - arch.cpusubtype = fa->get_32(); - arch.offset = fa->get_32(); - arch.size = fa->get_32(); - arch.align = fa->get_32(); - - archs.push_back(arch); - } - } else if (magic == 0xbfbafeca) { - // 64-bit fat binary, bswap. - uint32_t nfat_arch = BSWAP32(fa->get_32()); - for (uint32_t i = 0; i < nfat_arch; i++) { - FatArch arch; - arch.cputype = BSWAP32(fa->get_32()); - arch.cpusubtype = BSWAP32(fa->get_32()); - arch.offset = BSWAP64(fa->get_64()); - arch.size = BSWAP64(fa->get_64()); - arch.align = BSWAP32(fa->get_32()); - fa->get_32(); // Skip, reserved. - - archs.push_back(arch); - } - } else if (magic == 0xcafebabf) { - // 64-bit fat binary. - uint32_t nfat_arch = fa->get_32(); - for (uint32_t i = 0; i < nfat_arch; i++) { - FatArch arch; - arch.cputype = fa->get_32(); - arch.cpusubtype = fa->get_32(); - arch.offset = fa->get_64(); - arch.size = fa->get_64(); - arch.align = fa->get_32(); - fa->get_32(); // Skip, reserved. - - archs.push_back(arch); - } - } else { - close(); - ERR_FAIL_V_MSG(false, vformat("LipO: Invalid fat binary: \"%s\".", p_path)); - } - return true; -} - -int LipO::get_arch_count() const { - ERR_FAIL_COND_V_MSG(fa.is_null(), 0, "LipO: File not opened."); - return archs.size(); -} - -bool LipO::extract_arch(int p_index, const String &p_path) { - ERR_FAIL_COND_V_MSG(fa.is_null(), false, "LipO: File not opened."); - ERR_FAIL_INDEX_V(p_index, archs.size(), false); - - Ref<FileAccess> fb = FileAccess::open(p_path, FileAccess::WRITE); - ERR_FAIL_COND_V_MSG(fb.is_null(), false, vformat("LipO: Can't open file: \"%s\".", p_path)); - - fa->seek(archs[p_index].offset); - - int pages = archs[p_index].size / 4096; - int remain = archs[p_index].size % 4096; - unsigned char step[4096]; - for (int i = 0; i < pages; i++) { - uint64_t br = fa->get_buffer(step, 4096); - if (br > 0) { - fb->store_buffer(step, br); - } - } - uint64_t br = fa->get_buffer(step, remain); - if (br > 0) { - fb->store_buffer(step, br); - } - return true; -} - -void LipO::close() { - archs.clear(); -} - -LipO::~LipO() { - close(); -} diff --git a/platform/macos/export/lipo.h b/platform/macos/export/lipo.h deleted file mode 100644 index e375fc5a66..0000000000 --- a/platform/macos/export/lipo.h +++ /dev/null @@ -1,71 +0,0 @@ -/**************************************************************************/ -/* lipo.h */ -/**************************************************************************/ -/* This file is part of: */ -/* GODOT ENGINE */ -/* https://godotengine.org */ -/**************************************************************************/ -/* Copyright (c) 2014-present Godot Engine contributors (see AUTHORS.md). */ -/* Copyright (c) 2007-2014 Juan Linietsky, Ariel Manzur. */ -/* */ -/* Permission is hereby granted, free of charge, to any person obtaining */ -/* a copy of this software and associated documentation files (the */ -/* "Software"), to deal in the Software without restriction, including */ -/* without limitation the rights to use, copy, modify, merge, publish, */ -/* distribute, sublicense, and/or sell copies of the Software, and to */ -/* permit persons to whom the Software is furnished to do so, subject to */ -/* the following conditions: */ -/* */ -/* The above copyright notice and this permission notice shall be */ -/* included in all copies or substantial portions of the Software. */ -/* */ -/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */ -/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */ -/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. */ -/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */ -/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */ -/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */ -/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ -/**************************************************************************/ - -#ifndef MACOS_LIPO_H -#define MACOS_LIPO_H - -// Universal / Universal 2 fat binary file creator and extractor. - -#include "macho.h" - -#include "core/io/file_access.h" -#include "core/object/ref_counted.h" - -class LipO : public RefCounted { - struct FatArch { - uint32_t cputype; - uint32_t cpusubtype; - uint64_t offset; - uint64_t size; - uint32_t align; - }; - - Ref<FileAccess> fa; - Vector<FatArch> archs; - - static inline size_t PAD(size_t s, size_t a) { - return (a - s % a); - } - -public: - static bool is_lipo(const String &p_path); - - bool create_file(const String &p_output_path, const PackedStringArray &p_files); - - bool open_file(const String &p_path); - int get_arch_count() const; - bool extract_arch(int p_index, const String &p_path); - - void close(); - - ~LipO(); -}; - -#endif // MACOS_LIPO_H diff --git a/platform/macos/export/logo.svg b/platform/macos/export/logo.svg index 759583d76b..ec1b6ca5f6 100644 --- a/platform/macos/export/logo.svg +++ b/platform/macos/export/logo.svg @@ -1 +1 @@ -<svg height="32" viewBox="0 0 25.6 25.6" width="32" xmlns="http://www.w3.org/2000/svg"><path d="M.948 19.474V6.126c0-2.767 2.42-5.178 5.178-5.178h6.904s-2.992 7.506-2.992 13.233c0 .346.337.69.69.69h2.877c0 6.648.906 8.436 1.266 9.781H6.126c-2.75 0-5.178-2.407-5.178-5.178z" fill="#1c9ef8"/><path d="M7.162 8.312v1.496" fill="none" stroke="#323232" stroke-linecap="round" stroke-width="1.036"/><path d="M10.729 14.871c-.352 0-.69-.344-.69-.69C10.038 8.414 13.03.948 13.03.948h6.444c2.77 0 5.178 2.416 5.178 5.178v13.348c0 2.754-2.407 5.178-5.178 5.178h-4.603c-.357-1.333-1.266-2.887-1.266-9.78z" fill="#e1e6ed"/><g fill="none" stroke="#323232" stroke-linecap="round"><path d="M17.575 8.255V9.75" stroke-width="1.036"/><path d="M5.55 16.943c1.037 1.794 3.907 2.876 6.79 2.876 2.877 0 5.745-1.068 6.789-2.876" stroke-width=".69"/></g></svg> +<svg xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 25.6 25.6"><path fill="#1c9ef8" d="M.948 19.474V6.126c0-2.767 2.42-5.178 5.178-5.178h6.904s-2.992 7.506-2.992 13.233c0 .346.337.69.69.69h2.877c0 6.648.906 8.436 1.266 9.781H6.126c-2.75 0-5.178-2.407-5.178-5.178z"/><path fill="none" stroke="#323232" stroke-linecap="round" stroke-width="1.036" d="M7.162 8.312v1.496"/><path fill="#e1e6ed" d="M10.729 14.871c-.352 0-.69-.344-.69-.69C10.038 8.414 13.03.948 13.03.948h6.444c2.77 0 5.178 2.416 5.178 5.178v13.348c0 2.754-2.407 5.178-5.178 5.178h-4.603c-.357-1.333-1.266-2.887-1.266-9.78z"/><g fill="none" stroke="#323232" stroke-linecap="round"><path stroke-width="1.036" d="M17.575 8.255V9.75"/><path stroke-width=".69" d="M5.55 16.943c1.037 1.794 3.907 2.876 6.79 2.876 2.877 0 5.745-1.068 6.789-2.876"/></g></svg>
\ No newline at end of file diff --git a/platform/macos/export/macho.cpp b/platform/macos/export/macho.cpp deleted file mode 100644 index c7556c1964..0000000000 --- a/platform/macos/export/macho.cpp +++ /dev/null @@ -1,542 +0,0 @@ -/**************************************************************************/ -/* macho.cpp */ -/**************************************************************************/ -/* This file is part of: */ -/* GODOT ENGINE */ -/* https://godotengine.org */ -/**************************************************************************/ -/* Copyright (c) 2014-present Godot Engine contributors (see AUTHORS.md). */ -/* Copyright (c) 2007-2014 Juan Linietsky, Ariel Manzur. */ -/* */ -/* Permission is hereby granted, free of charge, to any person obtaining */ -/* a copy of this software and associated documentation files (the */ -/* "Software"), to deal in the Software without restriction, including */ -/* without limitation the rights to use, copy, modify, merge, publish, */ -/* distribute, sublicense, and/or sell copies of the Software, and to */ -/* permit persons to whom the Software is furnished to do so, subject to */ -/* the following conditions: */ -/* */ -/* The above copyright notice and this permission notice shall be */ -/* included in all copies or substantial portions of the Software. */ -/* */ -/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */ -/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */ -/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. */ -/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */ -/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */ -/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */ -/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ -/**************************************************************************/ - -#include "macho.h" - -uint32_t MachO::seg_align(uint64_t p_vmaddr, uint32_t p_min, uint32_t p_max) { - uint32_t salign = p_max; - if (p_vmaddr != 0) { - uint64_t seg_align = 1; - salign = 0; - while ((seg_align & p_vmaddr) == 0) { - seg_align = seg_align << 1; - salign++; - } - salign = CLAMP(salign, p_min, p_max); - } - return salign; -} - -bool MachO::alloc_signature(uint64_t p_size) { - ERR_FAIL_COND_V_MSG(fa.is_null(), false, "MachO: File not opened."); - if (signature_offset != 0) { - // Nothing to do, already have signature load command. - return true; - } - if (lc_limit == 0 || lc_limit + 16 > exe_base) { - ERR_FAIL_V_MSG(false, "MachO: Can't allocate signature load command, please use \"codesign_allocate\" utility first."); - } else { - // Add signature load command. - signature_offset = lc_limit; - - fa->seek(lc_limit); - LoadCommandHeader lc; - lc.cmd = LC_CODE_SIGNATURE; - lc.cmdsize = 16; - if (swap) { - lc.cmdsize = BSWAP32(lc.cmdsize); - } - fa->store_buffer((const uint8_t *)&lc, sizeof(LoadCommandHeader)); - - uint32_t lc_offset = fa->get_length() + PAD(fa->get_length(), 16); - uint32_t lc_size = 0; - if (swap) { - lc_offset = BSWAP32(lc_offset); - lc_size = BSWAP32(lc_size); - } - fa->store_32(lc_offset); - fa->store_32(lc_size); - - // Write new command number. - fa->seek(0x10); - uint32_t ncmds = fa->get_32(); - uint32_t cmdssize = fa->get_32(); - if (swap) { - ncmds = BSWAP32(ncmds); - cmdssize = BSWAP32(cmdssize); - } - ncmds += 1; - cmdssize += 16; - if (swap) { - ncmds = BSWAP32(ncmds); - cmdssize = BSWAP32(cmdssize); - } - fa->seek(0x10); - fa->store_32(ncmds); - fa->store_32(cmdssize); - - lc_limit = lc_limit + sizeof(LoadCommandHeader) + 8; - - return true; - } -} - -bool MachO::is_macho(const String &p_path) { - Ref<FileAccess> fb = FileAccess::open(p_path, FileAccess::READ); - ERR_FAIL_COND_V_MSG(fb.is_null(), false, vformat("MachO: Can't open file: \"%s\".", p_path)); - uint32_t magic = fb->get_32(); - return (magic == 0xcefaedfe || magic == 0xfeedface || magic == 0xcffaedfe || magic == 0xfeedfacf); -} - -bool MachO::open_file(const String &p_path) { - fa = FileAccess::open(p_path, FileAccess::READ_WRITE); - ERR_FAIL_COND_V_MSG(fa.is_null(), false, vformat("MachO: Can't open file: \"%s\".", p_path)); - uint32_t magic = fa->get_32(); - MachHeader mach_header; - - // Read MachO header. - swap = (magic == 0xcffaedfe || magic == 0xcefaedfe); - if (magic == 0xcefaedfe || magic == 0xfeedface) { - // Thin 32-bit binary. - fa->get_buffer((uint8_t *)&mach_header, sizeof(MachHeader)); - } else if (magic == 0xcffaedfe || magic == 0xfeedfacf) { - // Thin 64-bit binary. - fa->get_buffer((uint8_t *)&mach_header, sizeof(MachHeader)); - fa->get_32(); // Skip extra reserved field. - } else { - ERR_FAIL_V_MSG(false, vformat("MachO: File is not a valid MachO binary: \"%s\".", p_path)); - } - - if (swap) { - mach_header.ncmds = BSWAP32(mach_header.ncmds); - mach_header.cpusubtype = BSWAP32(mach_header.cpusubtype); - mach_header.cputype = BSWAP32(mach_header.cputype); - } - cpusubtype = mach_header.cpusubtype; - cputype = mach_header.cputype; - align = 0; - exe_base = std::numeric_limits<uint64_t>::max(); - exe_limit = 0; - lc_limit = 0; - link_edit_offset = 0; - signature_offset = 0; - - // Read load commands. - for (uint32_t i = 0; i < mach_header.ncmds; i++) { - LoadCommandHeader lc; - fa->get_buffer((uint8_t *)&lc, sizeof(LoadCommandHeader)); - if (swap) { - lc.cmd = BSWAP32(lc.cmd); - lc.cmdsize = BSWAP32(lc.cmdsize); - } - uint64_t ps = fa->get_position(); - switch (lc.cmd) { - case LC_SEGMENT: { - LoadCommandSegment lc_seg; - fa->get_buffer((uint8_t *)&lc_seg, sizeof(LoadCommandSegment)); - if (swap) { - lc_seg.nsects = BSWAP32(lc_seg.nsects); - lc_seg.vmaddr = BSWAP32(lc_seg.vmaddr); - lc_seg.vmsize = BSWAP32(lc_seg.vmsize); - } - align = MAX(align, seg_align(lc_seg.vmaddr, 2, 15)); - if (String(lc_seg.segname) == "__TEXT") { - exe_limit = MAX(exe_limit, lc_seg.vmsize); - for (uint32_t j = 0; j < lc_seg.nsects; j++) { - Section lc_sect; - fa->get_buffer((uint8_t *)&lc_sect, sizeof(Section)); - if (String(lc_sect.sectname) == "__text") { - if (swap) { - exe_base = MIN(exe_base, BSWAP32(lc_sect.offset)); - } else { - exe_base = MIN(exe_base, lc_sect.offset); - } - } - if (swap) { - align = MAX(align, BSWAP32(lc_sect.align)); - } else { - align = MAX(align, lc_sect.align); - } - } - } else if (String(lc_seg.segname) == "__LINKEDIT") { - link_edit_offset = ps - 8; - } - } break; - case LC_SEGMENT_64: { - LoadCommandSegment64 lc_seg; - fa->get_buffer((uint8_t *)&lc_seg, sizeof(LoadCommandSegment64)); - if (swap) { - lc_seg.nsects = BSWAP32(lc_seg.nsects); - lc_seg.vmaddr = BSWAP64(lc_seg.vmaddr); - lc_seg.vmsize = BSWAP64(lc_seg.vmsize); - } - align = MAX(align, seg_align(lc_seg.vmaddr, 3, 15)); - if (String(lc_seg.segname) == "__TEXT") { - exe_limit = MAX(exe_limit, lc_seg.vmsize); - for (uint32_t j = 0; j < lc_seg.nsects; j++) { - Section64 lc_sect; - fa->get_buffer((uint8_t *)&lc_sect, sizeof(Section64)); - if (String(lc_sect.sectname) == "__text") { - if (swap) { - exe_base = MIN(exe_base, BSWAP32(lc_sect.offset)); - } else { - exe_base = MIN(exe_base, lc_sect.offset); - } - if (swap) { - align = MAX(align, BSWAP32(lc_sect.align)); - } else { - align = MAX(align, lc_sect.align); - } - } - } - } else if (String(lc_seg.segname) == "__LINKEDIT") { - link_edit_offset = ps - 8; - } - } break; - case LC_CODE_SIGNATURE: { - signature_offset = ps - 8; - } break; - default: { - } break; - } - fa->seek(ps + lc.cmdsize - 8); - lc_limit = ps + lc.cmdsize - 8; - } - - if (exe_limit == 0 || lc_limit == 0) { - ERR_FAIL_V_MSG(false, vformat("MachO: No load commands or executable code found: \"%s\".", p_path)); - } - - return true; -} - -uint64_t MachO::get_exe_base() { - ERR_FAIL_COND_V_MSG(fa.is_null(), 0, "MachO: File not opened."); - return exe_base; -} - -uint64_t MachO::get_exe_limit() { - ERR_FAIL_COND_V_MSG(fa.is_null(), 0, "MachO: File not opened."); - return exe_limit; -} - -int32_t MachO::get_align() { - ERR_FAIL_COND_V_MSG(fa.is_null(), 0, "MachO: File not opened."); - return align; -} - -uint32_t MachO::get_cputype() { - ERR_FAIL_COND_V_MSG(fa.is_null(), 0, "MachO: File not opened."); - return cputype; -} - -uint32_t MachO::get_cpusubtype() { - ERR_FAIL_COND_V_MSG(fa.is_null(), 0, "MachO: File not opened."); - return cpusubtype; -} - -uint64_t MachO::get_size() { - ERR_FAIL_COND_V_MSG(fa.is_null(), 0, "MachO: File not opened."); - return fa->get_length(); -} - -uint64_t MachO::get_signature_offset() { - ERR_FAIL_COND_V_MSG(fa.is_null(), 0, "MachO: File not opened."); - ERR_FAIL_COND_V_MSG(signature_offset == 0, 0, "MachO: No signature load command."); - - fa->seek(signature_offset + 8); - if (swap) { - return BSWAP32(fa->get_32()); - } else { - return fa->get_32(); - } -} - -uint64_t MachO::get_code_limit() { - ERR_FAIL_COND_V_MSG(fa.is_null(), 0, "MachO: File not opened."); - - if (signature_offset == 0) { - return fa->get_length() + PAD(fa->get_length(), 16); - } else { - return get_signature_offset(); - } -} - -uint64_t MachO::get_signature_size() { - ERR_FAIL_COND_V_MSG(fa.is_null(), 0, "MachO: File not opened."); - ERR_FAIL_COND_V_MSG(signature_offset == 0, 0, "MachO: No signature load command."); - - fa->seek(signature_offset + 12); - if (swap) { - return BSWAP32(fa->get_32()); - } else { - return fa->get_32(); - } -} - -bool MachO::is_signed() { - ERR_FAIL_COND_V_MSG(fa.is_null(), false, "MachO: File not opened."); - if (signature_offset == 0) { - return false; - } - - fa->seek(get_signature_offset()); - uint32_t magic = BSWAP32(fa->get_32()); - if (magic != 0xfade0cc0) { - return false; // No SuperBlob found. - } - fa->get_32(); // Skip size field, unused. - uint32_t count = BSWAP32(fa->get_32()); - for (uint32_t i = 0; i < count; i++) { - uint32_t index_type = BSWAP32(fa->get_32()); - uint32_t offset = BSWAP32(fa->get_32()); - if (index_type == 0x00000000) { // CodeDirectory index type. - fa->seek(get_signature_offset() + offset + 12); - uint32_t flags = BSWAP32(fa->get_32()); - if (flags & 0x20000) { - return false; // Found CD, linker-signed. - } else { - return true; // Found CD, not linker-signed. - } - } - } - return false; // No CD found. -} - -PackedByteArray MachO::get_cdhash_sha1() { - ERR_FAIL_COND_V_MSG(fa.is_null(), PackedByteArray(), "MachO: File not opened."); - if (signature_offset == 0) { - return PackedByteArray(); - } - - fa->seek(get_signature_offset()); - uint32_t magic = BSWAP32(fa->get_32()); - if (magic != 0xfade0cc0) { - return PackedByteArray(); // No SuperBlob found. - } - fa->get_32(); // Skip size field, unused. - uint32_t count = BSWAP32(fa->get_32()); - for (uint32_t i = 0; i < count; i++) { - fa->get_32(); // Index type, skip. - uint32_t offset = BSWAP32(fa->get_32()); - uint64_t pos = fa->get_position(); - - fa->seek(get_signature_offset() + offset); - uint32_t cdmagic = BSWAP32(fa->get_32()); - uint32_t cdsize = BSWAP32(fa->get_32()); - if (cdmagic == 0xfade0c02) { // CodeDirectory. - fa->seek(get_signature_offset() + offset + 36); - uint8_t hash_size = fa->get_8(); - uint8_t hash_type = fa->get_8(); - if (hash_size == 0x14 && hash_type == 0x01) { /* SHA-1 */ - PackedByteArray hash; - hash.resize(0x14); - - fa->seek(get_signature_offset() + offset); - PackedByteArray blob; - blob.resize(cdsize); - fa->get_buffer(blob.ptrw(), cdsize); - - CryptoCore::SHA1Context ctx; - ctx.start(); - ctx.update(blob.ptr(), blob.size()); - ctx.finish(hash.ptrw()); - - return hash; - } - } - fa->seek(pos); - } - return PackedByteArray(); -} - -PackedByteArray MachO::get_cdhash_sha256() { - ERR_FAIL_COND_V_MSG(fa.is_null(), PackedByteArray(), "MachO: File not opened."); - if (signature_offset == 0) { - return PackedByteArray(); - } - - fa->seek(get_signature_offset()); - uint32_t magic = BSWAP32(fa->get_32()); - if (magic != 0xfade0cc0) { - return PackedByteArray(); // No SuperBlob found. - } - fa->get_32(); // Skip size field, unused. - uint32_t count = BSWAP32(fa->get_32()); - for (uint32_t i = 0; i < count; i++) { - fa->get_32(); // Index type, skip. - uint32_t offset = BSWAP32(fa->get_32()); - uint64_t pos = fa->get_position(); - - fa->seek(get_signature_offset() + offset); - uint32_t cdmagic = BSWAP32(fa->get_32()); - uint32_t cdsize = BSWAP32(fa->get_32()); - if (cdmagic == 0xfade0c02) { // CodeDirectory. - fa->seek(get_signature_offset() + offset + 36); - uint8_t hash_size = fa->get_8(); - uint8_t hash_type = fa->get_8(); - if (hash_size == 0x20 && hash_type == 0x02) { /* SHA-256 */ - PackedByteArray hash; - hash.resize(0x20); - - fa->seek(get_signature_offset() + offset); - PackedByteArray blob; - blob.resize(cdsize); - fa->get_buffer(blob.ptrw(), cdsize); - - CryptoCore::SHA256Context ctx; - ctx.start(); - ctx.update(blob.ptr(), blob.size()); - ctx.finish(hash.ptrw()); - - return hash; - } - } - fa->seek(pos); - } - return PackedByteArray(); -} - -PackedByteArray MachO::get_requirements() { - ERR_FAIL_COND_V_MSG(fa.is_null(), PackedByteArray(), "MachO: File not opened."); - if (signature_offset == 0) { - return PackedByteArray(); - } - - fa->seek(get_signature_offset()); - uint32_t magic = BSWAP32(fa->get_32()); - if (magic != 0xfade0cc0) { - return PackedByteArray(); // No SuperBlob found. - } - fa->get_32(); // Skip size field, unused. - uint32_t count = BSWAP32(fa->get_32()); - for (uint32_t i = 0; i < count; i++) { - fa->get_32(); // Index type, skip. - uint32_t offset = BSWAP32(fa->get_32()); - uint64_t pos = fa->get_position(); - - fa->seek(get_signature_offset() + offset); - uint32_t rqmagic = BSWAP32(fa->get_32()); - uint32_t rqsize = BSWAP32(fa->get_32()); - if (rqmagic == 0xfade0c01) { // Requirements. - PackedByteArray blob; - fa->seek(get_signature_offset() + offset); - blob.resize(rqsize); - fa->get_buffer(blob.ptrw(), rqsize); - return blob; - } - fa->seek(pos); - } - return PackedByteArray(); -} - -const Ref<FileAccess> MachO::get_file() const { - return fa; -} - -Ref<FileAccess> MachO::get_file() { - return fa; -} - -bool MachO::set_signature_size(uint64_t p_size) { - ERR_FAIL_COND_V_MSG(fa.is_null(), false, "MachO: File not opened."); - - // Ensure signature load command exists. - ERR_FAIL_COND_V_MSG(link_edit_offset == 0, false, "MachO: No __LINKEDIT segment found."); - ERR_FAIL_COND_V_MSG(!alloc_signature(p_size), false, "MachO: Can't allocate signature load command."); - - // Update signature load command. - uint64_t old_size = get_signature_size(); - uint64_t new_size = p_size + PAD(p_size, 16384); - - if (new_size <= old_size) { - fa->seek(get_signature_offset()); - for (uint64_t i = 0; i < old_size; i++) { - fa->store_8(0x00); - } - return true; - } - - fa->seek(signature_offset + 12); - if (swap) { - fa->store_32(BSWAP32(new_size)); - } else { - fa->store_32(new_size); - } - - uint64_t end = get_signature_offset() + new_size; - - // Update "__LINKEDIT" segment. - LoadCommandHeader lc; - fa->seek(link_edit_offset); - fa->get_buffer((uint8_t *)&lc, sizeof(LoadCommandHeader)); - if (swap) { - lc.cmd = BSWAP32(lc.cmd); - lc.cmdsize = BSWAP32(lc.cmdsize); - } - switch (lc.cmd) { - case LC_SEGMENT: { - LoadCommandSegment lc_seg; - fa->get_buffer((uint8_t *)&lc_seg, sizeof(LoadCommandSegment)); - if (swap) { - lc_seg.vmsize = BSWAP32(lc_seg.vmsize); - lc_seg.filesize = BSWAP32(lc_seg.filesize); - lc_seg.fileoff = BSWAP32(lc_seg.fileoff); - } - - lc_seg.vmsize = end - lc_seg.fileoff; - lc_seg.vmsize += PAD(lc_seg.vmsize, 4096); - lc_seg.filesize = end - lc_seg.fileoff; - - if (swap) { - lc_seg.vmsize = BSWAP32(lc_seg.vmsize); - lc_seg.filesize = BSWAP32(lc_seg.filesize); - } - fa->seek(link_edit_offset + 8); - fa->store_buffer((const uint8_t *)&lc_seg, sizeof(LoadCommandSegment)); - } break; - case LC_SEGMENT_64: { - LoadCommandSegment64 lc_seg; - fa->get_buffer((uint8_t *)&lc_seg, sizeof(LoadCommandSegment64)); - if (swap) { - lc_seg.vmsize = BSWAP64(lc_seg.vmsize); - lc_seg.filesize = BSWAP64(lc_seg.filesize); - lc_seg.fileoff = BSWAP64(lc_seg.fileoff); - } - lc_seg.vmsize = end - lc_seg.fileoff; - lc_seg.vmsize += PAD(lc_seg.vmsize, 4096); - lc_seg.filesize = end - lc_seg.fileoff; - if (swap) { - lc_seg.vmsize = BSWAP64(lc_seg.vmsize); - lc_seg.filesize = BSWAP64(lc_seg.filesize); - } - fa->seek(link_edit_offset + 8); - fa->store_buffer((const uint8_t *)&lc_seg, sizeof(LoadCommandSegment64)); - } break; - default: { - ERR_FAIL_V_MSG(false, "MachO: Invalid __LINKEDIT segment type."); - } break; - } - fa->seek(get_signature_offset()); - for (uint64_t i = 0; i < new_size; i++) { - fa->store_8(0x00); - } - return true; -} diff --git a/platform/macos/export/macho.h b/platform/macos/export/macho.h deleted file mode 100644 index 37975f0820..0000000000 --- a/platform/macos/export/macho.h +++ /dev/null @@ -1,210 +0,0 @@ -/**************************************************************************/ -/* macho.h */ -/**************************************************************************/ -/* This file is part of: */ -/* GODOT ENGINE */ -/* https://godotengine.org */ -/**************************************************************************/ -/* Copyright (c) 2014-present Godot Engine contributors (see AUTHORS.md). */ -/* Copyright (c) 2007-2014 Juan Linietsky, Ariel Manzur. */ -/* */ -/* Permission is hereby granted, free of charge, to any person obtaining */ -/* a copy of this software and associated documentation files (the */ -/* "Software"), to deal in the Software without restriction, including */ -/* without limitation the rights to use, copy, modify, merge, publish, */ -/* distribute, sublicense, and/or sell copies of the Software, and to */ -/* permit persons to whom the Software is furnished to do so, subject to */ -/* the following conditions: */ -/* */ -/* The above copyright notice and this permission notice shall be */ -/* included in all copies or substantial portions of the Software. */ -/* */ -/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */ -/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */ -/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. */ -/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */ -/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */ -/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */ -/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ -/**************************************************************************/ - -#ifndef MACOS_MACHO_H -#define MACOS_MACHO_H - -// Mach-O binary object file format parser and editor. - -#include "core/crypto/crypto.h" -#include "core/crypto/crypto_core.h" -#include "core/io/file_access.h" -#include "core/object/ref_counted.h" - -class MachO : public RefCounted { - struct MachHeader { - uint32_t cputype; - uint32_t cpusubtype; - uint32_t filetype; - uint32_t ncmds; - uint32_t sizeofcmds; - uint32_t flags; - }; - - enum LoadCommandID { - LC_SEGMENT = 0x00000001, - LC_SYMTAB = 0x00000002, - LC_SYMSEG = 0x00000003, - LC_THREAD = 0x00000004, - LC_UNIXTHREAD = 0x00000005, - LC_LOADFVMLIB = 0x00000006, - LC_IDFVMLIB = 0x00000007, - LC_IDENT = 0x00000008, - LC_FVMFILE = 0x00000009, - LC_PREPAGE = 0x0000000a, - LC_DYSYMTAB = 0x0000000b, - LC_LOAD_DYLIB = 0x0000000c, - LC_ID_DYLIB = 0x0000000d, - LC_LOAD_DYLINKER = 0x0000000e, - LC_ID_DYLINKER = 0x0000000f, - LC_PREBOUND_DYLIB = 0x00000010, - LC_ROUTINES = 0x00000011, - LC_SUB_FRAMEWORK = 0x00000012, - LC_SUB_UMBRELLA = 0x00000013, - LC_SUB_CLIENT = 0x00000014, - LC_SUB_LIBRARY = 0x00000015, - LC_TWOLEVEL_HINTS = 0x00000016, - LC_PREBIND_CKSUM = 0x00000017, - LC_LOAD_WEAK_DYLIB = 0x80000018, - LC_SEGMENT_64 = 0x00000019, - LC_ROUTINES_64 = 0x0000001a, - LC_UUID = 0x0000001b, - LC_RPATH = 0x8000001c, - LC_CODE_SIGNATURE = 0x0000001d, - LC_SEGMENT_SPLIT_INFO = 0x0000001e, - LC_REEXPORT_DYLIB = 0x8000001f, - LC_LAZY_LOAD_DYLIB = 0x00000020, - LC_ENCRYPTION_INFO = 0x00000021, - LC_DYLD_INFO = 0x00000022, - LC_DYLD_INFO_ONLY = 0x80000022, - LC_LOAD_UPWARD_DYLIB = 0x80000023, - LC_VERSION_MIN_MACOSX = 0x00000024, - LC_VERSION_MIN_IPHONEOS = 0x00000025, - LC_FUNCTION_STARTS = 0x00000026, - LC_DYLD_ENVIRONMENT = 0x00000027, - LC_MAIN = 0x80000028, - LC_DATA_IN_CODE = 0x00000029, - LC_SOURCE_VERSION = 0x0000002a, - LC_DYLIB_CODE_SIGN_DRS = 0x0000002b, - LC_ENCRYPTION_INFO_64 = 0x0000002c, - LC_LINKER_OPTION = 0x0000002d, - LC_LINKER_OPTIMIZATION_HINT = 0x0000002e, - LC_VERSION_MIN_TVOS = 0x0000002f, - LC_VERSION_MIN_WATCHOS = 0x00000030, - }; - - struct LoadCommandHeader { - uint32_t cmd; - uint32_t cmdsize; - }; - - struct LoadCommandSegment { - char segname[16]; - uint32_t vmaddr; - uint32_t vmsize; - uint32_t fileoff; - uint32_t filesize; - uint32_t maxprot; - uint32_t initprot; - uint32_t nsects; - uint32_t flags; - }; - - struct LoadCommandSegment64 { - char segname[16]; - uint64_t vmaddr; - uint64_t vmsize; - uint64_t fileoff; - uint64_t filesize; - uint32_t maxprot; - uint32_t initprot; - uint32_t nsects; - uint32_t flags; - }; - - struct Section { - char sectname[16]; - char segname[16]; - uint32_t addr; - uint32_t size; - uint32_t offset; - uint32_t align; - uint32_t reloff; - uint32_t nreloc; - uint32_t flags; - uint32_t reserved1; - uint32_t reserved2; - }; - - struct Section64 { - char sectname[16]; - char segname[16]; - uint64_t addr; - uint64_t size; - uint32_t offset; - uint32_t align; - uint32_t reloff; - uint32_t nreloc; - uint32_t flags; - uint32_t reserved1; - uint32_t reserved2; - uint32_t reserved3; - }; - - Ref<FileAccess> fa; - bool swap = false; - - uint64_t lc_limit = 0; - - uint64_t exe_limit = 0; - uint64_t exe_base = std::numeric_limits<uint64_t>::max(); // Start of first __text section. - uint32_t align = 0; - uint32_t cputype = 0; - uint32_t cpusubtype = 0; - - uint64_t link_edit_offset = 0; // __LINKEDIT segment offset. - uint64_t signature_offset = 0; // Load command offset. - - uint32_t seg_align(uint64_t p_vmaddr, uint32_t p_min, uint32_t p_max); - bool alloc_signature(uint64_t p_size); - - static inline size_t PAD(size_t s, size_t a) { - return (a - s % a); - } - -public: - static bool is_macho(const String &p_path); - - bool open_file(const String &p_path); - - uint64_t get_exe_base(); - uint64_t get_exe_limit(); - int32_t get_align(); - uint32_t get_cputype(); - uint32_t get_cpusubtype(); - uint64_t get_size(); - uint64_t get_code_limit(); - - uint64_t get_signature_offset(); - bool is_signed(); - - PackedByteArray get_cdhash_sha1(); - PackedByteArray get_cdhash_sha256(); - - PackedByteArray get_requirements(); - - const Ref<FileAccess> get_file() const; - Ref<FileAccess> get_file(); - - uint64_t get_signature_size(); - bool set_signature_size(uint64_t p_size); -}; - -#endif // MACOS_MACHO_H diff --git a/platform/macos/export/plist.cpp b/platform/macos/export/plist.cpp deleted file mode 100644 index f494c58fc9..0000000000 --- a/platform/macos/export/plist.cpp +++ /dev/null @@ -1,848 +0,0 @@ -/**************************************************************************/ -/* plist.cpp */ -/**************************************************************************/ -/* This file is part of: */ -/* GODOT ENGINE */ -/* https://godotengine.org */ -/**************************************************************************/ -/* Copyright (c) 2014-present Godot Engine contributors (see AUTHORS.md). */ -/* Copyright (c) 2007-2014 Juan Linietsky, Ariel Manzur. */ -/* */ -/* Permission is hereby granted, free of charge, to any person obtaining */ -/* a copy of this software and associated documentation files (the */ -/* "Software"), to deal in the Software without restriction, including */ -/* without limitation the rights to use, copy, modify, merge, publish, */ -/* distribute, sublicense, and/or sell copies of the Software, and to */ -/* permit persons to whom the Software is furnished to do so, subject to */ -/* the following conditions: */ -/* */ -/* The above copyright notice and this permission notice shall be */ -/* included in all copies or substantial portions of the Software. */ -/* */ -/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */ -/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */ -/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. */ -/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */ -/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */ -/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */ -/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ -/**************************************************************************/ - -#include "plist.h" - -PList::PLNodeType PListNode::get_type() const { - return data_type; -} - -Variant PListNode::get_value() const { - switch (data_type) { - case PList::PL_NODE_TYPE_NIL: { - return Variant(); - } break; - case PList::PL_NODE_TYPE_STRING: { - return String::utf8(data_string.get_data()); - } break; - case PList::PL_NODE_TYPE_ARRAY: { - Array arr; - for (const Ref<PListNode> &E : data_array) { - arr.push_back(E); - } - return arr; - } break; - case PList::PL_NODE_TYPE_DICT: { - Dictionary dict; - for (const KeyValue<String, Ref<PListNode>> &E : data_dict) { - dict[E.key] = E.value; - } - return dict; - } break; - case PList::PL_NODE_TYPE_BOOLEAN: { - return data_bool; - } break; - case PList::PL_NODE_TYPE_INTEGER: { - return data_int; - } break; - case PList::PL_NODE_TYPE_REAL: { - return data_real; - } break; - case PList::PL_NODE_TYPE_DATA: { - int strlen = data_string.length(); - - size_t arr_len = 0; - Vector<uint8_t> buf; - { - buf.resize(strlen / 4 * 3 + 1); - uint8_t *w = buf.ptrw(); - - ERR_FAIL_COND_V(CryptoCore::b64_decode(&w[0], buf.size(), &arr_len, (unsigned char *)data_string.get_data(), strlen) != OK, Vector<uint8_t>()); - } - buf.resize(arr_len); - return buf; - } break; - case PList::PL_NODE_TYPE_DATE: { - return String(data_string.get_data()); - } break; - } - return Variant(); -} - -Ref<PListNode> PListNode::new_node(const Variant &p_value) { - Ref<PListNode> node; - node.instantiate(); - - switch (p_value.get_type()) { - case Variant::NIL: { - node->data_type = PList::PL_NODE_TYPE_NIL; - } break; - case Variant::BOOL: { - node->data_type = PList::PL_NODE_TYPE_BOOLEAN; - node->data_bool = p_value; - } break; - case Variant::INT: { - node->data_type = PList::PL_NODE_TYPE_INTEGER; - node->data_int = p_value; - } break; - case Variant::FLOAT: { - node->data_type = PList::PL_NODE_TYPE_REAL; - node->data_real = p_value; - } break; - case Variant::STRING_NAME: - case Variant::STRING: { - node->data_type = PList::PL_NODE_TYPE_STRING; - node->data_string = p_value.operator String().utf8(); - } break; - case Variant::DICTIONARY: { - node->data_type = PList::PL_NODE_TYPE_DICT; - Dictionary dict = p_value; - const Variant *next = dict.next(nullptr); - while (next) { - Ref<PListNode> sub_node = dict[*next]; - ERR_FAIL_COND_V_MSG(sub_node.is_null(), Ref<PListNode>(), "Invalid dictionary element, should be PListNode."); - node->data_dict[*next] = sub_node; - next = dict.next(next); - } - } break; - case Variant::ARRAY: { - node->data_type = PList::PL_NODE_TYPE_ARRAY; - Array ar = p_value; - for (int i = 0; i < ar.size(); i++) { - Ref<PListNode> sub_node = ar[i]; - ERR_FAIL_COND_V_MSG(sub_node.is_null(), Ref<PListNode>(), "Invalid array element, should be PListNode."); - node->data_array.push_back(sub_node); - } - } break; - case Variant::PACKED_BYTE_ARRAY: { - node->data_type = PList::PL_NODE_TYPE_DATA; - PackedByteArray buf = p_value; - node->data_string = CryptoCore::b64_encode_str(buf.ptr(), buf.size()).utf8(); - } break; - default: { - ERR_FAIL_V_MSG(Ref<PListNode>(), "Unsupported data type."); - } break; - } - return node; -} - -Ref<PListNode> PListNode::new_array() { - Ref<PListNode> node = memnew(PListNode()); - ERR_FAIL_COND_V(node.is_null(), Ref<PListNode>()); - node->data_type = PList::PLNodeType::PL_NODE_TYPE_ARRAY; - return node; -} - -Ref<PListNode> PListNode::new_dict() { - Ref<PListNode> node = memnew(PListNode()); - ERR_FAIL_COND_V(node.is_null(), Ref<PListNode>()); - node->data_type = PList::PLNodeType::PL_NODE_TYPE_DICT; - return node; -} - -Ref<PListNode> PListNode::new_string(const String &p_string) { - Ref<PListNode> node = memnew(PListNode()); - ERR_FAIL_COND_V(node.is_null(), Ref<PListNode>()); - node->data_type = PList::PLNodeType::PL_NODE_TYPE_STRING; - node->data_string = p_string.utf8(); - return node; -} - -Ref<PListNode> PListNode::new_data(const String &p_string) { - Ref<PListNode> node = memnew(PListNode()); - ERR_FAIL_COND_V(node.is_null(), Ref<PListNode>()); - node->data_type = PList::PLNodeType::PL_NODE_TYPE_DATA; - node->data_string = p_string.utf8(); - return node; -} - -Ref<PListNode> PListNode::new_date(const String &p_string) { - Ref<PListNode> node = memnew(PListNode()); - ERR_FAIL_COND_V(node.is_null(), Ref<PListNode>()); - node->data_type = PList::PLNodeType::PL_NODE_TYPE_DATE; - node->data_string = p_string.utf8(); - node->data_real = (double)Time::get_singleton()->get_unix_time_from_datetime_string(p_string) - 978307200.0; - return node; -} - -Ref<PListNode> PListNode::new_bool(bool p_bool) { - Ref<PListNode> node = memnew(PListNode()); - ERR_FAIL_COND_V(node.is_null(), Ref<PListNode>()); - node->data_type = PList::PLNodeType::PL_NODE_TYPE_BOOLEAN; - node->data_bool = p_bool; - return node; -} - -Ref<PListNode> PListNode::new_int(int64_t p_int) { - Ref<PListNode> node = memnew(PListNode()); - ERR_FAIL_COND_V(node.is_null(), Ref<PListNode>()); - node->data_type = PList::PLNodeType::PL_NODE_TYPE_INTEGER; - node->data_int = p_int; - return node; -} - -Ref<PListNode> PListNode::new_real(double p_real) { - Ref<PListNode> node = memnew(PListNode()); - ERR_FAIL_COND_V(node.is_null(), Ref<PListNode>()); - node->data_type = PList::PLNodeType::PL_NODE_TYPE_REAL; - node->data_real = p_real; - return node; -} - -bool PListNode::push_subnode(const Ref<PListNode> &p_node, const String &p_key) { - ERR_FAIL_COND_V(p_node.is_null(), false); - if (data_type == PList::PLNodeType::PL_NODE_TYPE_DICT) { - ERR_FAIL_COND_V(p_key.is_empty(), false); - ERR_FAIL_COND_V(data_dict.has(p_key), false); - data_dict[p_key] = p_node; - return true; - } else if (data_type == PList::PLNodeType::PL_NODE_TYPE_ARRAY) { - data_array.push_back(p_node); - return true; - } else { - ERR_FAIL_V_MSG(false, "PList: Invalid parent node type, should be DICT or ARRAY."); - } -} - -size_t PListNode::get_asn1_size(uint8_t p_len_octets) const { - // Get size of all data, excluding type and size information. - switch (data_type) { - case PList::PLNodeType::PL_NODE_TYPE_NIL: { - return 0; - } break; - case PList::PLNodeType::PL_NODE_TYPE_DATA: - case PList::PLNodeType::PL_NODE_TYPE_DATE: { - ERR_FAIL_V_MSG(0, "PList: DATE and DATA nodes are not supported by ASN.1 serialization."); - } break; - case PList::PLNodeType::PL_NODE_TYPE_STRING: { - return data_string.length(); - } break; - case PList::PLNodeType::PL_NODE_TYPE_BOOLEAN: { - return 1; - } break; - case PList::PLNodeType::PL_NODE_TYPE_INTEGER: - case PList::PLNodeType::PL_NODE_TYPE_REAL: { - return 4; - } break; - case PList::PLNodeType::PL_NODE_TYPE_ARRAY: { - size_t size = 0; - for (int i = 0; i < data_array.size(); i++) { - size += 1 + _asn1_size_len(p_len_octets) + data_array[i]->get_asn1_size(p_len_octets); - } - return size; - } break; - case PList::PLNodeType::PL_NODE_TYPE_DICT: { - size_t size = 0; - - for (const KeyValue<String, Ref<PListNode>> &E : data_dict) { - size += 1 + _asn1_size_len(p_len_octets); // Sequence. - size += 1 + _asn1_size_len(p_len_octets) + E.key.utf8().length(); //Key. - size += 1 + _asn1_size_len(p_len_octets) + E.value->get_asn1_size(p_len_octets); // Value. - } - return size; - } break; - default: { - return 0; - } break; - } -} - -int PListNode::_asn1_size_len(uint8_t p_len_octets) { - if (p_len_octets > 1) { - return p_len_octets + 1; - } else { - return 1; - } -} - -void PListNode::store_asn1_size(PackedByteArray &p_stream, uint8_t p_len_octets) const { - uint32_t size = get_asn1_size(p_len_octets); - if (p_len_octets > 1) { - p_stream.push_back(0x80 + p_len_octets); - } - for (int i = p_len_octets - 1; i >= 0; i--) { - uint8_t x = (size >> i * 8) & 0xFF; - p_stream.push_back(x); - } -} - -bool PListNode::store_asn1(PackedByteArray &p_stream, uint8_t p_len_octets) const { - // Convert to binary ASN1 stream. - bool valid = true; - switch (data_type) { - case PList::PLNodeType::PL_NODE_TYPE_NIL: { - // Nothing to store. - } break; - case PList::PLNodeType::PL_NODE_TYPE_DATE: - case PList::PLNodeType::PL_NODE_TYPE_DATA: { - ERR_FAIL_V_MSG(false, "PList: DATE and DATA nodes are not supported by ASN.1 serialization."); - } break; - case PList::PLNodeType::PL_NODE_TYPE_STRING: { - p_stream.push_back(0x0C); - store_asn1_size(p_stream, p_len_octets); - for (int i = 0; i < data_string.size(); i++) { - p_stream.push_back(data_string[i]); - } - } break; - case PList::PLNodeType::PL_NODE_TYPE_BOOLEAN: { - p_stream.push_back(0x01); - store_asn1_size(p_stream, p_len_octets); - if (data_bool) { - p_stream.push_back(0x01); - } else { - p_stream.push_back(0x00); - } - } break; - case PList::PLNodeType::PL_NODE_TYPE_INTEGER: { - p_stream.push_back(0x02); - store_asn1_size(p_stream, p_len_octets); - for (int i = 4; i >= 0; i--) { - uint8_t x = (data_int >> i * 8) & 0xFF; - p_stream.push_back(x); - } - } break; - case PList::PLNodeType::PL_NODE_TYPE_REAL: { - p_stream.push_back(0x03); - store_asn1_size(p_stream, p_len_octets); - for (int i = 4; i >= 0; i--) { - uint8_t x = (data_int >> i * 8) & 0xFF; - p_stream.push_back(x); - } - } break; - case PList::PLNodeType::PL_NODE_TYPE_ARRAY: { - p_stream.push_back(0x30); // Sequence. - store_asn1_size(p_stream, p_len_octets); - for (int i = 0; i < data_array.size(); i++) { - valid = valid && data_array[i]->store_asn1(p_stream, p_len_octets); - } - } break; - case PList::PLNodeType::PL_NODE_TYPE_DICT: { - p_stream.push_back(0x31); // Set. - store_asn1_size(p_stream, p_len_octets); - for (const KeyValue<String, Ref<PListNode>> &E : data_dict) { - CharString cs = E.key.utf8(); - uint32_t size = cs.length(); - - // Sequence. - p_stream.push_back(0x30); - uint32_t seq_size = 2 * (1 + _asn1_size_len(p_len_octets)) + size + E.value->get_asn1_size(p_len_octets); - if (p_len_octets > 1) { - p_stream.push_back(0x80 + p_len_octets); - } - for (int i = p_len_octets - 1; i >= 0; i--) { - uint8_t x = (seq_size >> i * 8) & 0xFF; - p_stream.push_back(x); - } - // Key. - p_stream.push_back(0x0C); - if (p_len_octets > 1) { - p_stream.push_back(0x80 + p_len_octets); - } - for (int i = p_len_octets - 1; i >= 0; i--) { - uint8_t x = (size >> i * 8) & 0xFF; - p_stream.push_back(x); - } - for (uint32_t i = 0; i < size; i++) { - p_stream.push_back(cs[i]); - } - // Value. - valid = valid && E.value->store_asn1(p_stream, p_len_octets); - } - } break; - } - return valid; -} - -void PListNode::store_text(String &p_stream, uint8_t p_indent) const { - // Convert to text XML stream. - switch (data_type) { - case PList::PLNodeType::PL_NODE_TYPE_NIL: { - // Nothing to store. - } break; - case PList::PLNodeType::PL_NODE_TYPE_DATA: { - p_stream += String("\t").repeat(p_indent); - p_stream += "<data>\n"; - p_stream += String("\t").repeat(p_indent); - p_stream += data_string + "\n"; - p_stream += String("\t").repeat(p_indent); - p_stream += "</data>\n"; - } break; - case PList::PLNodeType::PL_NODE_TYPE_DATE: { - p_stream += String("\t").repeat(p_indent); - p_stream += "<date>"; - p_stream += data_string; - p_stream += "</date>\n"; - } break; - case PList::PLNodeType::PL_NODE_TYPE_STRING: { - p_stream += String("\t").repeat(p_indent); - p_stream += "<string>"; - p_stream += String::utf8(data_string); - p_stream += "</string>\n"; - } break; - case PList::PLNodeType::PL_NODE_TYPE_BOOLEAN: { - p_stream += String("\t").repeat(p_indent); - if (data_bool) { - p_stream += "<true/>\n"; - } else { - p_stream += "<false/>\n"; - } - } break; - case PList::PLNodeType::PL_NODE_TYPE_INTEGER: { - p_stream += String("\t").repeat(p_indent); - p_stream += "<integer>"; - p_stream += itos(data_int); - p_stream += "</integer>\n"; - } break; - case PList::PLNodeType::PL_NODE_TYPE_REAL: { - p_stream += String("\t").repeat(p_indent); - p_stream += "<real>"; - p_stream += rtos(data_real); - p_stream += "</real>\n"; - } break; - case PList::PLNodeType::PL_NODE_TYPE_ARRAY: { - p_stream += String("\t").repeat(p_indent); - p_stream += "<array>\n"; - for (int i = 0; i < data_array.size(); i++) { - data_array[i]->store_text(p_stream, p_indent + 1); - } - p_stream += String("\t").repeat(p_indent); - p_stream += "</array>\n"; - } break; - case PList::PLNodeType::PL_NODE_TYPE_DICT: { - p_stream += String("\t").repeat(p_indent); - p_stream += "<dict>\n"; - for (const KeyValue<String, Ref<PListNode>> &E : data_dict) { - p_stream += String("\t").repeat(p_indent + 1); - p_stream += "<key>"; - p_stream += E.key; - p_stream += "</key>\n"; - E.value->store_text(p_stream, p_indent + 1); - } - p_stream += String("\t").repeat(p_indent); - p_stream += "</dict>\n"; - } break; - } -} - -/*************************************************************************/ - -PList::PList() { - root = PListNode::new_dict(); -} - -PList::PList(const String &p_string) { - load_string(p_string); -} - -uint64_t PList::read_bplist_var_size_int(Ref<FileAccess> p_file, uint8_t p_size) { - uint64_t pos = p_file->get_position(); - uint64_t ret = 0; - switch (p_size) { - case 1: { - ret = p_file->get_8(); - } break; - case 2: { - ret = BSWAP16(p_file->get_16()); - } break; - case 3: { - ret = BSWAP32(p_file->get_32() & 0x00FFFFFF); - } break; - case 4: { - ret = BSWAP32(p_file->get_32()); - } break; - case 5: { - ret = BSWAP64(p_file->get_64() & 0x000000FFFFFFFFFF); - } break; - case 6: { - ret = BSWAP64(p_file->get_64() & 0x0000FFFFFFFFFFFF); - } break; - case 7: { - ret = BSWAP64(p_file->get_64() & 0x00FFFFFFFFFFFFFF); - } break; - case 8: { - ret = BSWAP64(p_file->get_64()); - } break; - default: { - ret = 0; - } - } - p_file->seek(pos + p_size); - - return ret; -} - -Ref<PListNode> PList::read_bplist_obj(Ref<FileAccess> p_file, uint64_t p_offset_idx) { - Ref<PListNode> node; - node.instantiate(); - - uint64_t ot_off = trailer.offset_table_start + p_offset_idx * trailer.offset_size; - p_file->seek(ot_off); - uint64_t marker_off = read_bplist_var_size_int(p_file, trailer.offset_size); - ERR_FAIL_COND_V_MSG(marker_off == 0, Ref<PListNode>(), "Invalid marker size."); - - p_file->seek(marker_off); - uint8_t marker = p_file->get_8(); - uint8_t marker_type = marker & 0xF0; - uint64_t marker_size = marker & 0x0F; - - switch (marker_type) { - case 0x00: { - if (marker_size == 0x00) { - node->data_type = PL_NODE_TYPE_NIL; - } else if (marker_size == 0x08) { - node->data_type = PL_NODE_TYPE_BOOLEAN; - node->data_bool = false; - } else if (marker_size == 0x09) { - node->data_type = PL_NODE_TYPE_BOOLEAN; - node->data_bool = true; - } else { - ERR_FAIL_V_MSG(Ref<PListNode>(), "Invalid nil/bool marker value."); - } - } break; - case 0x10: { - node->data_type = PL_NODE_TYPE_INTEGER; - node->data_int = static_cast<int64_t>(read_bplist_var_size_int(p_file, pow(2, marker_size))); - } break; - case 0x20: { - node->data_type = PL_NODE_TYPE_REAL; - node->data_int = static_cast<int64_t>(read_bplist_var_size_int(p_file, pow(2, marker_size))); - } break; - case 0x30: { - node->data_type = PL_NODE_TYPE_DATE; - node->data_int = BSWAP64(p_file->get_64()); - node->data_string = Time::get_singleton()->get_datetime_string_from_unix_time(node->data_real + 978307200.0).utf8(); - } break; - case 0x40: { - if (marker_size == 0x0F) { - uint8_t ext = p_file->get_8() & 0xF; - marker_size = read_bplist_var_size_int(p_file, pow(2, ext)); - } - node->data_type = PL_NODE_TYPE_DATA; - PackedByteArray buf; - buf.resize(marker_size + 1); - p_file->get_buffer(reinterpret_cast<uint8_t *>(buf.ptrw()), marker_size); - node->data_string = CryptoCore::b64_encode_str(buf.ptr(), buf.size()).utf8(); - } break; - case 0x50: { - if (marker_size == 0x0F) { - uint8_t ext = p_file->get_8() & 0xF; - marker_size = read_bplist_var_size_int(p_file, pow(2, ext)); - } - node->data_type = PL_NODE_TYPE_STRING; - node->data_string.resize(marker_size + 1); - p_file->get_buffer(reinterpret_cast<uint8_t *>(node->data_string.ptrw()), marker_size); - } break; - case 0x60: { - if (marker_size == 0x0F) { - uint8_t ext = p_file->get_8() & 0xF; - marker_size = read_bplist_var_size_int(p_file, pow(2, ext)); - } - Char16String cs16; - cs16.resize(marker_size + 1); - for (uint64_t i = 0; i < marker_size; i++) { - cs16[i] = BSWAP16(p_file->get_16()); - } - node->data_type = PL_NODE_TYPE_STRING; - node->data_string = String::utf16(cs16.ptr(), cs16.length()).utf8(); - } break; - case 0x80: { - node->data_type = PL_NODE_TYPE_INTEGER; - node->data_int = static_cast<int64_t>(read_bplist_var_size_int(p_file, marker_size + 1)); - } break; - case 0xA0: - case 0xC0: { - if (marker_size == 0x0F) { - uint8_t ext = p_file->get_8() & 0xF; - marker_size = read_bplist_var_size_int(p_file, pow(2, ext)); - } - uint64_t pos = p_file->get_position(); - - node->data_type = PL_NODE_TYPE_ARRAY; - for (uint64_t i = 0; i < marker_size; i++) { - p_file->seek(pos + trailer.ref_size * i); - uint64_t ref = read_bplist_var_size_int(p_file, trailer.ref_size); - - Ref<PListNode> element = read_bplist_obj(p_file, ref); - ERR_FAIL_COND_V(element.is_null(), Ref<PListNode>()); - node->data_array.push_back(element); - } - } break; - case 0xD0: { - if (marker_size == 0x0F) { - uint8_t ext = p_file->get_8() & 0xF; - marker_size = read_bplist_var_size_int(p_file, pow(2, ext)); - } - uint64_t pos = p_file->get_position(); - - node->data_type = PL_NODE_TYPE_DICT; - for (uint64_t i = 0; i < marker_size; i++) { - p_file->seek(pos + trailer.ref_size * i); - uint64_t key_ref = read_bplist_var_size_int(p_file, trailer.ref_size); - - p_file->seek(pos + trailer.ref_size * (i + marker_size)); - uint64_t obj_ref = read_bplist_var_size_int(p_file, trailer.ref_size); - - Ref<PListNode> element_key = read_bplist_obj(p_file, key_ref); - ERR_FAIL_COND_V(element_key.is_null() || element_key->data_type != PL_NODE_TYPE_STRING, Ref<PListNode>()); - Ref<PListNode> element = read_bplist_obj(p_file, obj_ref); - ERR_FAIL_COND_V(element.is_null(), Ref<PListNode>()); - node->data_dict[String::utf8(element_key->data_string.ptr(), element_key->data_string.length())] = element; - } - } break; - default: { - ERR_FAIL_V_MSG(Ref<PListNode>(), "Invalid marker type."); - } - } - return node; -} - -bool PList::load_file(const String &p_filename) { - root = Ref<PListNode>(); - - Ref<FileAccess> fb = FileAccess::open(p_filename, FileAccess::READ); - if (fb.is_null()) { - return false; - } - - unsigned char magic[8]; - fb->get_buffer(magic, 8); - - if (String((const char *)magic, 8) == "bplist00") { - fb->seek_end(-26); - trailer.offset_size = fb->get_8(); - trailer.ref_size = fb->get_8(); - trailer.object_num = BSWAP64(fb->get_64()); - trailer.root_offset_idx = BSWAP64(fb->get_64()); - trailer.offset_table_start = BSWAP64(fb->get_64()); - root = read_bplist_obj(fb, trailer.root_offset_idx); - - return root.is_valid(); - } else { - // Load text plist. - Error err; - Vector<uint8_t> array = FileAccess::get_file_as_bytes(p_filename, &err); - ERR_FAIL_COND_V(err != OK, false); - - String ret; - ret.parse_utf8((const char *)array.ptr(), array.size()); - return load_string(ret); - } -} - -bool PList::load_string(const String &p_string) { - root = Ref<PListNode>(); - - int pos = 0; - bool in_plist = false; - bool done_plist = false; - List<Ref<PListNode>> stack; - String key; - while (pos >= 0) { - int open_token_s = p_string.find("<", pos); - if (open_token_s == -1) { - ERR_FAIL_V_MSG(false, "PList: Unexpected end of data. No tags found."); - } - int open_token_e = p_string.find(">", open_token_s); - pos = open_token_e; - - String token = p_string.substr(open_token_s + 1, open_token_e - open_token_s - 1); - if (token.is_empty()) { - ERR_FAIL_V_MSG(false, "PList: Invalid token name."); - } - String value; - if (token[0] == '?' || token[0] == '!') { // Skip <?xml ... ?> and <!DOCTYPE ... > - int end_token_e = p_string.find(">", open_token_s); - pos = end_token_e; - continue; - } - - if (token.find("plist", 0) == 0) { - in_plist = true; - continue; - } - - if (token == "/plist") { - done_plist = true; - break; - } - - if (!in_plist) { - ERR_FAIL_V_MSG(false, "PList: Node outside of <plist> tag."); - } - - if (token == "dict") { - if (!stack.is_empty()) { - // Add subnode end enter it. - Ref<PListNode> dict = PListNode::new_dict(); - dict->data_type = PList::PLNodeType::PL_NODE_TYPE_DICT; - if (!stack.back()->get()->push_subnode(dict, key)) { - ERR_FAIL_V_MSG(false, "PList: Can't push subnode, invalid parent type."); - } - stack.push_back(dict); - } else { - // Add root node. - if (!root.is_null()) { - ERR_FAIL_V_MSG(false, "PList: Root node already set."); - } - Ref<PListNode> dict = PListNode::new_dict(); - stack.push_back(dict); - root = dict; - } - continue; - } - - if (token == "/dict") { - // Exit current dict. - if (stack.is_empty() || stack.back()->get()->data_type != PList::PLNodeType::PL_NODE_TYPE_DICT) { - ERR_FAIL_V_MSG(false, "PList: Mismatched </dict> tag."); - } - stack.pop_back(); - continue; - } - - if (token == "array") { - if (!stack.is_empty()) { - // Add subnode end enter it. - Ref<PListNode> arr = PListNode::new_array(); - if (!stack.back()->get()->push_subnode(arr, key)) { - ERR_FAIL_V_MSG(false, "PList: Can't push subnode, invalid parent type."); - } - stack.push_back(arr); - } else { - // Add root node. - if (!root.is_null()) { - ERR_FAIL_V_MSG(false, "PList: Root node already set."); - } - Ref<PListNode> arr = PListNode::new_array(); - stack.push_back(arr); - root = arr; - } - continue; - } - - if (token == "/array") { - // Exit current array. - if (stack.is_empty() || stack.back()->get()->data_type != PList::PLNodeType::PL_NODE_TYPE_ARRAY) { - ERR_FAIL_V_MSG(false, "PList: Mismatched </array> tag."); - } - stack.pop_back(); - continue; - } - - if (token[token.length() - 1] == '/') { - token = token.substr(0, token.length() - 1); - } else { - int end_token_s = p_string.find("</", pos); - if (end_token_s == -1) { - ERR_FAIL_V_MSG(false, vformat("PList: Mismatched <%s> tag.", token)); - } - int end_token_e = p_string.find(">", end_token_s); - pos = end_token_e; - String end_token = p_string.substr(end_token_s + 2, end_token_e - end_token_s - 2); - if (end_token != token) { - ERR_FAIL_V_MSG(false, vformat("PList: Mismatched <%s> and <%s> token pair.", token, end_token)); - } - value = p_string.substr(open_token_e + 1, end_token_s - open_token_e - 1); - } - if (token == "key") { - key = value; - } else { - Ref<PListNode> var = nullptr; - if (token == "true") { - var = PListNode::new_bool(true); - } else if (token == "false") { - var = PListNode::new_bool(false); - } else if (token == "integer") { - var = PListNode::new_int(value.to_int()); - } else if (token == "real") { - var = PListNode::new_real(value.to_float()); - } else if (token == "string") { - var = PListNode::new_string(value); - } else if (token == "data") { - var = PListNode::new_data(value); - } else if (token == "date") { - var = PListNode::new_date(value); - } else { - ERR_FAIL_V_MSG(false, "PList: Invalid value type."); - } - if (stack.is_empty() || !stack.back()->get()->push_subnode(var, key)) { - ERR_FAIL_V_MSG(false, "PList: Can't push subnode, invalid parent type."); - } - } - } - if (!stack.is_empty() || !done_plist) { - ERR_FAIL_V_MSG(false, "PList: Unexpected end of data. Root node is not closed."); - } - return true; -} - -PackedByteArray PList::save_asn1() const { - if (root == nullptr) { - ERR_FAIL_V_MSG(PackedByteArray(), "PList: Invalid PList, no root node."); - } - size_t size = root->get_asn1_size(1); - uint8_t len_octets = 0; - if (size < 0x80) { - len_octets = 1; - } else { - size = root->get_asn1_size(2); - if (size < 0xFFFF) { - len_octets = 2; - } else { - size = root->get_asn1_size(3); - if (size < 0xFFFFFF) { - len_octets = 3; - } else { - size = root->get_asn1_size(4); - if (size < 0xFFFFFFFF) { - len_octets = 4; - } else { - ERR_FAIL_V_MSG(PackedByteArray(), "PList: Data is too big for ASN.1 serializer, should be < 4 GiB."); - } - } - } - } - - PackedByteArray ret; - if (!root->store_asn1(ret, len_octets)) { - ERR_FAIL_V_MSG(PackedByteArray(), "PList: ASN.1 serializer error."); - } - return ret; -} - -String PList::save_text() const { - if (root == nullptr) { - ERR_FAIL_V_MSG(String(), "PList: Invalid PList, no root node."); - } - - String ret; - ret += "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"; - ret += "<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n"; - ret += "<plist version=\"1.0\">\n"; - - root->store_text(ret, 0); - - ret += "</plist>\n\n"; - return ret; -} - -Ref<PListNode> PList::get_root() { - return root; -} diff --git a/platform/macos/export/plist.h b/platform/macos/export/plist.h deleted file mode 100644 index 28b02e4eb7..0000000000 --- a/platform/macos/export/plist.h +++ /dev/null @@ -1,128 +0,0 @@ -/**************************************************************************/ -/* plist.h */ -/**************************************************************************/ -/* This file is part of: */ -/* GODOT ENGINE */ -/* https://godotengine.org */ -/**************************************************************************/ -/* Copyright (c) 2014-present Godot Engine contributors (see AUTHORS.md). */ -/* Copyright (c) 2007-2014 Juan Linietsky, Ariel Manzur. */ -/* */ -/* Permission is hereby granted, free of charge, to any person obtaining */ -/* a copy of this software and associated documentation files (the */ -/* "Software"), to deal in the Software without restriction, including */ -/* without limitation the rights to use, copy, modify, merge, publish, */ -/* distribute, sublicense, and/or sell copies of the Software, and to */ -/* permit persons to whom the Software is furnished to do so, subject to */ -/* the following conditions: */ -/* */ -/* The above copyright notice and this permission notice shall be */ -/* included in all copies or substantial portions of the Software. */ -/* */ -/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */ -/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */ -/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. */ -/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */ -/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */ -/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */ -/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ -/**************************************************************************/ - -#ifndef MACOS_PLIST_H -#define MACOS_PLIST_H - -// Property list file format (application/x-plist) parser, property list ASN-1 serialization. - -#include "core/crypto/crypto_core.h" -#include "core/io/file_access.h" -#include "core/os/time.h" - -class PListNode; - -class PList : public RefCounted { - friend class PListNode; - -public: - enum PLNodeType { - PL_NODE_TYPE_NIL, - PL_NODE_TYPE_STRING, - PL_NODE_TYPE_ARRAY, - PL_NODE_TYPE_DICT, - PL_NODE_TYPE_BOOLEAN, - PL_NODE_TYPE_INTEGER, - PL_NODE_TYPE_REAL, - PL_NODE_TYPE_DATA, - PL_NODE_TYPE_DATE, - }; - -private: - struct PListTrailer { - uint8_t offset_size; - uint8_t ref_size; - uint64_t object_num; - uint64_t root_offset_idx; - uint64_t offset_table_start; - }; - - PListTrailer trailer; - Ref<PListNode> root; - - uint64_t read_bplist_var_size_int(Ref<FileAccess> p_file, uint8_t p_size); - Ref<PListNode> read_bplist_obj(Ref<FileAccess> p_file, uint64_t p_offset_idx); - -public: - PList(); - PList(const String &p_string); - - bool load_file(const String &p_filename); - bool load_string(const String &p_string); - - PackedByteArray save_asn1() const; - String save_text() const; - - Ref<PListNode> get_root(); -}; - -/*************************************************************************/ - -class PListNode : public RefCounted { - static int _asn1_size_len(uint8_t p_len_octets); - -public: - PList::PLNodeType data_type = PList::PLNodeType::PL_NODE_TYPE_NIL; - - CharString data_string; - Vector<Ref<PListNode>> data_array; - HashMap<String, Ref<PListNode>> data_dict; - union { - int64_t data_int; - bool data_bool; - double data_real; - }; - - PList::PLNodeType get_type() const; - Variant get_value() const; - - static Ref<PListNode> new_node(const Variant &p_value); - static Ref<PListNode> new_array(); - static Ref<PListNode> new_dict(); - static Ref<PListNode> new_string(const String &p_string); - static Ref<PListNode> new_data(const String &p_string); - static Ref<PListNode> new_date(const String &p_string); - static Ref<PListNode> new_bool(bool p_bool); - static Ref<PListNode> new_int(int64_t p_int); - static Ref<PListNode> new_real(double p_real); - - bool push_subnode(const Ref<PListNode> &p_node, const String &p_key = ""); - - size_t get_asn1_size(uint8_t p_len_octets) const; - - void store_asn1_size(PackedByteArray &p_stream, uint8_t p_len_octets) const; - bool store_asn1(PackedByteArray &p_stream, uint8_t p_len_octets) const; - void store_text(String &p_stream, uint8_t p_indent) const; - - PListNode() {} - ~PListNode() {} -}; - -#endif // MACOS_PLIST_H diff --git a/platform/macos/export/run_icon.svg b/platform/macos/export/run_icon.svg index 647270ce22..24d10ef4b2 100644 --- a/platform/macos/export/run_icon.svg +++ b/platform/macos/export/run_icon.svg @@ -1 +1 @@ -<svg height="16" width="16" xml:space="preserve" xmlns="http://www.w3.org/2000/svg"><path fill="#e0e0e0" d="M4.418 1.055a3.364 3.364 0 0 0-3.364 3.364v7.164a3.364 3.364 0 0 0 3.364 3.364h7.164a3.364 3.364 0 0 0 3.364-3.364V4.418a3.364 3.364 0 0 0-3.364-3.364H7.729Zm3.875 1.164h3.291a2.2 2.2 0 0 1 2.2 2.2v7.164a2.2 2.2 0 0 1-2.2 2.2h-2.15a8.884 8.884 0 0 1-.358-1.598c-.135.02-.487.082-.693.117a7.345 7.345 0 0 1-1.254 0 7.114 7.114 0 0 1-.926-.139 6.057 6.057 0 0 1-.867-.271 3.843 3.843 0 0 1-.988-.566 3.214 3.214 0 0 1-.397-.378 2.8 2.8 0 0 1-.318-.441.56.56 0 0 1 .968-.56c.083.138.188.26.312.362.096.082.2.158.307.224.12.075.243.142.371.201.285.139.583.247.89.319a5.35 5.35 0 0 0 1.282.158c.065 0 .129-.005.184-.006.056 0 .102-.005.148-.008l.096-.006c.114-.009.228-.02.31-.032.083-.013.11-.021.143-.028.099-.022.204-.058.327-.089a28.438 28.438 0 0 1-.06-1.929V8.53H6.887c.048-1.963.746-4.357 1.181-5.677.1-.293.184-.527.225-.633ZM5.531 6.394a.56.56 0 0 1-1.118 0v-.9a.56.56 0 0 1 1.118 0Zm3.432 4.646.02.306c.02.264.049.527.082.788l.011.05c1.154-.235 2.281-.773 2.806-1.68a.56.56 0 1 0-.968-.56c-.261.454-1.082.873-1.951 1.097zM10 6.364a.56.56 0 0 0 1.118 0v-.9a.56.56 0 0 0-1.118 0z"/></svg> +<svg xmlns="http://www.w3.org/2000/svg" xml:space="preserve" width="16" height="16"><path fill="#e0e0e0" d="M4.418 1.055a3.364 3.364 0 0 0-3.364 3.364v7.164a3.364 3.364 0 0 0 3.364 3.364h7.164a3.364 3.364 0 0 0 3.364-3.364V4.418a3.364 3.364 0 0 0-3.364-3.364H7.729Zm3.875 1.164h3.291a2.2 2.2 0 0 1 2.2 2.2v7.164a2.2 2.2 0 0 1-2.2 2.2h-2.15a8.884 8.884 0 0 1-.358-1.598c-.135.02-.487.082-.693.117a7.345 7.345 0 0 1-1.254 0 7.114 7.114 0 0 1-.926-.139 6.057 6.057 0 0 1-.867-.271 3.843 3.843 0 0 1-.988-.566 3.214 3.214 0 0 1-.397-.378 2.8 2.8 0 0 1-.318-.441.56.56 0 0 1 .968-.56c.083.138.188.26.312.362.096.082.2.158.307.224.12.075.243.142.371.201.285.139.583.247.89.319a5.35 5.35 0 0 0 1.282.158c.065 0 .129-.005.184-.006.056 0 .102-.005.148-.008l.096-.006c.114-.009.228-.02.31-.032.083-.013.11-.021.143-.028.099-.022.204-.058.327-.089a28.438 28.438 0 0 1-.06-1.929V8.53H6.887c.048-1.963.746-4.357 1.181-5.677.1-.293.184-.527.225-.633ZM5.531 6.394a.56.56 0 0 1-1.118 0v-.9a.56.56 0 0 1 1.118 0Zm3.432 4.646.02.306c.02.264.049.527.082.788l.011.05c1.154-.235 2.281-.773 2.806-1.68a.56.56 0 1 0-.968-.56c-.261.454-1.082.873-1.951 1.097zM10 6.364a.56.56 0 0 0 1.118 0v-.9a.56.56 0 0 0-1.118 0z"/></svg>
\ No newline at end of file |
