line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
# This is the code for Config::Apple::Profile::Payload::Certificate::Root. |
2
|
|
|
|
|
|
|
# For Copyright, please see the bottom of the file. |
3
|
|
|
|
|
|
|
|
4
|
|
|
|
|
|
|
package Config::Apple::Profile::Payload::Certificate::Root; |
5
|
|
|
|
|
|
|
|
6
|
2
|
|
|
2
|
|
1316
|
use 5.10.1; |
|
2
|
|
|
|
|
5
|
|
|
2
|
|
|
|
|
70
|
|
7
|
2
|
|
|
2
|
|
8
|
use strict; |
|
2
|
|
|
|
|
4
|
|
|
2
|
|
|
|
|
53
|
|
8
|
2
|
|
|
2
|
|
8
|
use warnings FATAL => 'all'; |
|
2
|
|
|
|
|
4
|
|
|
2
|
|
|
|
|
79
|
|
9
|
2
|
|
|
2
|
|
9
|
use base qw(Config::Apple::Profile::Payload::Certificate); |
|
2
|
|
|
|
|
2
|
|
|
2
|
|
|
|
|
166
|
|
10
|
|
|
|
|
|
|
|
11
|
|
|
|
|
|
|
our $VERSION = '0.87.1'; |
12
|
|
|
|
|
|
|
|
13
|
2
|
|
|
2
|
|
14
|
use Readonly; |
|
2
|
|
|
|
|
3
|
|
|
2
|
|
|
|
|
96
|
|
14
|
2
|
|
|
2
|
|
10
|
use Config::Apple::Profile::Targets qw(:all); |
|
2
|
|
|
|
|
3
|
|
|
2
|
|
|
|
|
201
|
|
15
|
2
|
|
|
2
|
|
10
|
use Config::Apple::Profile::Payload::Certificate; |
|
2
|
|
|
|
|
3
|
|
|
2
|
|
|
|
|
39
|
|
16
|
2
|
|
|
2
|
|
9
|
use Config::Apple::Profile::Payload::Types qw($ProfileNumber $ProfileString); |
|
2
|
|
|
|
|
3
|
|
|
2
|
|
|
|
|
479
|
|
17
|
|
|
|
|
|
|
|
18
|
|
|
|
|
|
|
|
19
|
|
|
|
|
|
|
=encoding utf8 |
20
|
|
|
|
|
|
|
|
21
|
|
|
|
|
|
|
=head1 NAME |
22
|
|
|
|
|
|
|
|
23
|
|
|
|
|
|
|
Config::Apple::Profile::Payload::Certificate::Root - Certificate payload with |
24
|
|
|
|
|
|
|
a DER-format certificate. |
25
|
|
|
|
|
|
|
|
26
|
|
|
|
|
|
|
=head1 SYNOPSIS |
27
|
|
|
|
|
|
|
|
28
|
|
|
|
|
|
|
use Config::Apple::Profile; |
29
|
|
|
|
|
|
|
use Config::Apple::Profile::Payload::Certificate::Root; |
30
|
|
|
|
|
|
|
|
31
|
|
|
|
|
|
|
my $cert = new Config::Apple::Profile::Payload::Certificate::Root; |
32
|
|
|
|
|
|
|
$cert->payload->{PayloadIdentifier} = 'local.acme.CAcert'; |
33
|
|
|
|
|
|
|
$cert->payload->{PayloadDisplayName} = 'AcmeCorp internal CA'; |
34
|
|
|
|
|
|
|
$cert->payload->{PayloadDescription} = 'The certificate authority used for internal web sites.'; |
35
|
|
|
|
|
|
|
$cert->payload->{PayloadOrganization} = 'Acme, Inc.'; |
36
|
|
|
|
|
|
|
$cert->payload->{PayloadCertificateFileName} = 'acme.crt'; |
37
|
|
|
|
|
|
|
$cert->payload->{PayloadContent} = '.............'; # Long binary data here |
38
|
|
|
|
|
|
|
|
39
|
|
|
|
|
|
|
my $profile = new Config::Apple::Profile::Profile; |
40
|
|
|
|
|
|
|
push @{$profile->content}, $cert; |
41
|
|
|
|
|
|
|
|
42
|
|
|
|
|
|
|
print $profile->export; |
43
|
|
|
|
|
|
|
|
44
|
|
|
|
|
|
|
=head1 DESCRIPTION |
45
|
|
|
|
|
|
|
|
46
|
|
|
|
|
|
|
This class implements the root type of Certificate payload. |
47
|
|
|
|
|
|
|
|
48
|
|
|
|
|
|
|
This payload contains a single certificate, in a PKCS#1 container, |
49
|
|
|
|
|
|
|
DER-encoded. For reference, pretty much any certificate you get, when you are |
50
|
|
|
|
|
|
|
just getting a certificate, will be in a PKCS#1 container. DER encoding is a |
51
|
|
|
|
|
|
|
binary encoding, it's not the "BEGIN CERTIFICATE" type of encoding (that's PEM). |
52
|
|
|
|
|
|
|
|
53
|
|
|
|
|
|
|
This payload is used to hold B certificate. If you have multiple |
54
|
|
|
|
|
|
|
certificates, use multiple payloads. |
55
|
|
|
|
|
|
|
|
56
|
|
|
|
|
|
|
B This type is exactly the same as the C type of Certificate |
57
|
|
|
|
|
|
|
payload. |
58
|
|
|
|
|
|
|
|
59
|
|
|
|
|
|
|
|
60
|
|
|
|
|
|
|
=head1 INSTANCE METHODS |
61
|
|
|
|
|
|
|
|
62
|
|
|
|
|
|
|
The following instance methods are provided, or overridden, by this class. |
63
|
|
|
|
|
|
|
|
64
|
|
|
|
|
|
|
=head2 validate_key($key, $value) |
65
|
|
|
|
|
|
|
|
66
|
|
|
|
|
|
|
Performs additional validation for a certain payload key in this class: |
67
|
|
|
|
|
|
|
|
68
|
|
|
|
|
|
|
=over 4 |
69
|
|
|
|
|
|
|
|
70
|
|
|
|
|
|
|
=item * C |
71
|
|
|
|
|
|
|
|
72
|
|
|
|
|
|
|
This must be a DER-format certificate that OpenSSL can recognize. |
73
|
|
|
|
|
|
|
|
74
|
|
|
|
|
|
|
All other payload keys will be checked as usual by the parent class. |
75
|
|
|
|
|
|
|
|
76
|
|
|
|
|
|
|
=back |
77
|
|
|
|
|
|
|
|
78
|
|
|
|
|
|
|
See also the documentation in L. |
79
|
|
|
|
|
|
|
|
80
|
|
|
|
|
|
|
=cut |
81
|
|
|
|
|
|
|
|
82
|
|
|
|
|
|
|
sub validate_key { |
83
|
2
|
|
|
2
|
1
|
7
|
my ($self, $key, $value) = @_; |
84
|
|
|
|
|
|
|
|
85
|
|
|
|
|
|
|
# First, let the parent do validation |
86
|
2
|
|
|
|
|
31
|
my $parent_validation = $self->SUPER::validate_key($key, $value); |
87
|
2
|
50
|
|
|
|
22
|
return $parent_validation if !defined($parent_validation); |
88
|
|
|
|
|
|
|
|
89
|
|
|
|
|
|
|
# Next, if we are setting payload content, and we can check it, do so! |
90
|
2
|
50
|
|
|
|
10
|
if ($key eq 'PayloadContent') { |
91
|
2
|
|
|
|
|
17
|
return $self->SUPER::validate_cert($value, 'DER'); |
92
|
|
|
|
|
|
|
} |
93
|
|
|
|
|
|
|
|
94
|
|
|
|
|
|
|
# For all other keys, return what the parent validated |
95
|
|
|
|
|
|
|
else { |
96
|
0
|
|
|
|
|
|
return $parent_validation; |
97
|
|
|
|
|
|
|
} |
98
|
|
|
|
|
|
|
} |
99
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
|
|
101
|
|
|
|
|
|
|
=head1 PAYLOAD KEYS |
102
|
|
|
|
|
|
|
|
103
|
|
|
|
|
|
|
All of the payload keys defined in |
104
|
|
|
|
|
|
|
L are used by this |
105
|
|
|
|
|
|
|
payload. |
106
|
|
|
|
|
|
|
|
107
|
|
|
|
|
|
|
This payload has the following additional keys: |
108
|
|
|
|
|
|
|
|
109
|
|
|
|
|
|
|
=head2 C |
110
|
|
|
|
|
|
|
|
111
|
|
|
|
|
|
|
This is fixed to the string C. |
112
|
|
|
|
|
|
|
|
113
|
|
|
|
|
|
|
=head2 C |
114
|
|
|
|
|
|
|
|
115
|
|
|
|
|
|
|
This is fixed to the value C<1>. |
116
|
|
|
|
|
|
|
|
117
|
|
|
|
|
|
|
=cut |
118
|
|
|
|
|
|
|
|
119
|
|
|
|
|
|
|
Readonly our %payloadKeys => ( |
120
|
|
|
|
|
|
|
# Bring in the certificate keys... |
121
|
|
|
|
|
|
|
%Config::Apple::Profile::Payload::Certificate::payloadKeys, |
122
|
|
|
|
|
|
|
|
123
|
|
|
|
|
|
|
# Since we can't go any deeper, define the type and version! |
124
|
|
|
|
|
|
|
'PayloadType' => { |
125
|
|
|
|
|
|
|
type => $ProfileString, |
126
|
|
|
|
|
|
|
targets => { |
127
|
|
|
|
|
|
|
$TargetIOS => '5.0', |
128
|
|
|
|
|
|
|
$TargetMACOSX => '10.7', |
129
|
|
|
|
|
|
|
}, |
130
|
|
|
|
|
|
|
value => 'com.apple.security.root', |
131
|
|
|
|
|
|
|
}, |
132
|
|
|
|
|
|
|
'PayloadVersion' => { |
133
|
|
|
|
|
|
|
type => $ProfileNumber, |
134
|
|
|
|
|
|
|
targets => { |
135
|
|
|
|
|
|
|
$TargetIOS => '5.0', |
136
|
|
|
|
|
|
|
$TargetMACOSX => '10.7', |
137
|
|
|
|
|
|
|
}, |
138
|
|
|
|
|
|
|
value => 1, |
139
|
|
|
|
|
|
|
}, |
140
|
|
|
|
|
|
|
); # End of %payloadKeys |
141
|
|
|
|
|
|
|
|
142
|
|
|
|
|
|
|
|
143
|
|
|
|
|
|
|
|
144
|
|
|
|
|
|
|
=head1 ACKNOWLEDGEMENTS |
145
|
|
|
|
|
|
|
|
146
|
|
|
|
|
|
|
Refer to L for acknowledgements. |
147
|
|
|
|
|
|
|
|
148
|
|
|
|
|
|
|
=head1 AUTHOR |
149
|
|
|
|
|
|
|
|
150
|
|
|
|
|
|
|
A. Karl Kornel, C<< >> |
151
|
|
|
|
|
|
|
|
152
|
|
|
|
|
|
|
=head1 COPYRIGHT AND LICENSE |
153
|
|
|
|
|
|
|
|
154
|
|
|
|
|
|
|
Copyright © 2014 A. Karl Kornel. |
155
|
|
|
|
|
|
|
|
156
|
|
|
|
|
|
|
This program is free software; you can redistribute it and/or modify it |
157
|
|
|
|
|
|
|
under the terms of either: the GNU General Public License as published |
158
|
|
|
|
|
|
|
by the Free Software Foundation; or the Artistic License. |
159
|
|
|
|
|
|
|
|
160
|
|
|
|
|
|
|
See L for more information. |
161
|
|
|
|
|
|
|
|
162
|
|
|
|
|
|
|
=cut |
163
|
|
|
|
|
|
|
|
164
|
|
|
|
|
|
|
1; |