bool InstallChecker::verifyPackage( const QString &filePath, bool ) { QProcess proc; proc.start( "hdiutil", QStringList() << "verify" << filePath ); proc.waitForFinished(); if( proc.exitCode() ) return false; QString path = mountPackage( filePath ); if( path.isEmpty() ) return false; xar_t xar = xar_open( path.toUtf8().constData(), 0 ); if( !xar ) return false; QSslCertificate cert; xar_signature_t sig = xar_signature_first( xar ); int32_t count = xar_signature_get_x509certificate_count( sig ); for( int32_t i = 0; i < count; ++i ) { uint32_t size = 0; const uint8_t *data = 0; if( xar_signature_get_x509certificate_data( sig, i, &data, &size ) ) continue; QSslCertificate c( QByteArray( (const char*)data, size ), QSsl::Der ); #if QT_VERSION >= 0x050000 QString cn = c.subjectInfo( QSslCertificate::CommonName ).value(0); #else QString cn = c.subjectInfo( QSslCertificate::CommonName ); #endif if( cn == "Estonian Informatics Centre" || cn == "Developer ID Installer: Riigi Infosüsteemi Amet" ) cert = c; } if( cert.isNull() ) { xar_close( xar ); return false; } uint8_t *data = 0, *signature = 0; uint32_t dataSize = 0, signatureSize = 0; off_t offset = 0; if( xar_signature_copy_signed_data( sig, &data, &dataSize, &signature, &signatureSize, &offset ) ) { xar_close( xar ); return false; } int result = RSA_verify( NID_sha1, data, dataSize, signature, signatureSize, (RSA*)cert.publicKey().handle() ); xar_close( xar ); free( data ); free( signature ); return result; }
MPackage MPackageManagerNPK::loadPackage(const char* packageName) { MPackageNPK* pack = new MPackageNPK; if(!(pack->package = npk_package_open(packageName, teakey))) { delete pack; return 0; } pack->filename = packageName; if(!mountPackage(pack)) { npk_package_close(pack->package); delete pack; pack = 0; } return pack; }
bool InstallChecker::installPackage( const QString &filePath, bool reducedUI ) { QString path = mountPackage( filePath ); if( path.isEmpty() ) return false; if( reducedUI ) { AuthorizationRef ref; OSStatus status = AuthorizationCreate( NULL, kAuthorizationEmptyEnvironment, kAuthorizationFlagDefaults, &ref ); QByteArray conv = path.toUtf8(); char *args[] = { (char*)"-pkg", conv.data(), (char*)"-target", (char*)"/", NULL }; FILE *pipe = NULL; status = AuthorizationExecuteWithPrivileges( ref, "/usr/sbin/installer", kAuthorizationFlagDefaults, args, &pipe ); bool result = false; if( status != errAuthorizationSuccess ) qWarning() << "Authorization error:" << status; else result = true; if( pipe ) { QFile log; log.open( pipe, QFile::ReadOnly ); qWarning() << log.readAll(); log.close(); fclose( pipe ); } status = AuthorizationFree( ref, kAuthorizationFlagDestroyRights ); QProcess::execute( "hdiutil", QStringList() << "unmount" << path << "-force" ); return result; } else return !QProcess::execute( "open", QStringList() << "/System/Library/CoreServices/Installer.app" << path ); }