bool InstallChecker::verifyPackage( const QString &filePath, bool )
{
QProcess proc;
proc.start( "hdiutil", QStringList() << "verify" << filePath );
proc.waitForFinished();
if( proc.exitCode() )
return false;
QString path = mountPackage( filePath );
if( path.isEmpty() )
return false;
xar_t xar = xar_open( path.toUtf8().constData(), 0 );
if( !xar )
return false;
QSslCertificate cert;
xar_signature_t sig = xar_signature_first( xar );
int32_t count = xar_signature_get_x509certificate_count( sig );
for( int32_t i = 0; i < count; ++i )
{
uint32_t size = 0;
const uint8_t *data = 0;
if( xar_signature_get_x509certificate_data( sig, i, &data, &size ) )
continue;
QSslCertificate c( QByteArray( (const char*)data, size ), QSsl::Der );
#if QT_VERSION >= 0x050000
QString cn = c.subjectInfo( QSslCertificate::CommonName ).value(0);
#else
QString cn = c.subjectInfo( QSslCertificate::CommonName );
#endif
if( cn == "Estonian Informatics Centre" ||
cn == "Developer ID Installer: Riigi Infosüsteemi Amet" )
cert = c;
}
if( cert.isNull() )
{
xar_close( xar );
return false;
}
uint8_t *data = 0, *signature = 0;
uint32_t dataSize = 0, signatureSize = 0;
off_t offset = 0;
if( xar_signature_copy_signed_data( sig, &data, &dataSize, &signature, &signatureSize, &offset ) )
{
xar_close( xar );
return false;
}
int result = RSA_verify( NID_sha1, data, dataSize, signature, signatureSize, (RSA*)cert.publicKey().handle() );
xar_close( xar );
free( data );
free( signature );
return result;
}
MPackage MPackageManagerNPK::loadPackage(const char* packageName)
{
MPackageNPK* pack = new MPackageNPK;
if(!(pack->package = npk_package_open(packageName, teakey)))
{
delete pack;
return 0;
}
pack->filename = packageName;
if(!mountPackage(pack))
{
npk_package_close(pack->package);
delete pack;
pack = 0;
}
return pack;
}
bool InstallChecker::installPackage( const QString &filePath, bool reducedUI )
{
QString path = mountPackage( filePath );
if( path.isEmpty() )
return false;
if( reducedUI )
{
AuthorizationRef ref;
OSStatus status = AuthorizationCreate( NULL, kAuthorizationEmptyEnvironment,
kAuthorizationFlagDefaults, &ref );
QByteArray conv = path.toUtf8();
char *args[] = { (char*)"-pkg", conv.data(), (char*)"-target", (char*)"/", NULL };
FILE *pipe = NULL;
status = AuthorizationExecuteWithPrivileges( ref, "/usr/sbin/installer",
kAuthorizationFlagDefaults, args, &pipe );
bool result = false;
if( status != errAuthorizationSuccess )
qWarning() << "Authorization error:" << status;
else
result = true;
if( pipe )
{
QFile log;
log.open( pipe, QFile::ReadOnly );
qWarning() << log.readAll();
log.close();
fclose( pipe );
}
status = AuthorizationFree( ref, kAuthorizationFlagDestroyRights );
QProcess::execute( "hdiutil", QStringList() << "unmount" << path << "-force" );
return result;
}
else
return !QProcess::execute( "open", QStringList() << "/System/Library/CoreServices/Installer.app" << path );
}
