Add machometa unit #36
Conversation
…, handle fat binaries
…de signature data
…E cannot be parsed
| ) | ||
|
|
||
| @classmethod | ||
| def parse_pkcs7_signature(cls, data: bytearray) -> dict: |
There was a problem hiding this comment.
This is almost exactly the same as the function of the same name in the pemeta unit; feel free to refactor and combine these into one function.
There was a problem hiding this comment.
I will most likely do that, since I hate code duplication to the point of an unhealthy obsession, but this is nothing you need to concern yourself with.
| self.log_warn(f"Could not parse the data in CSSLOT_CMS_SIGNATURE as valid PKCS7 data: {pkcs7_parse_error!s}") | ||
|
|
||
| if macho_image.codesign_info.req_dat is not None: | ||
| # TODO: Parse the requirements blob, |
There was a problem hiding this comment.
Let me know if you prefer to not have TODO comments in the code. Happy to file an issue to keep track of this instead.
There was a problem hiding this comment.
I am not an avid user of TODO comments, but I am not strictly opposed to them either. If it starts bugging me, I'll simply remove it. It's not like anyone reviews my PRs! 🤪
|
@huettenhain It looks like unit tests are failing due to a missing Malshare API key. Is this expected for unit tests running via GitHub actions? Should I submit a PR against https://github.com/binref/refinery-test-data with the samples instead? |
|
It should work without the Malshare API key, that's just a fallback. However, GitHub has recently been a little flaky and I had tests failing before. I'll figure out what's wrong. |
|
I was a little slow there to understand what's going on. Yes, the samples need to be in that repository, but I can add them myself. |
|
Also: This is probably the most pristine PR I have ever seen. 🙇 |
| @@ -2,6 +2,7 @@ | |||
| requires = [ | |||
| "colorama", | |||
| "defusedxml", | |||
| "k2l", | |||
There was a problem hiding this comment.
Just a minor comment, and you don't have to change this, I will take care of it later: The requirements list here is reserved for "global" requirements, i.e. things that the refinery framework (and libraries) require. Requirements that are "local" to individual units can be specified in that unit itself, an example would be the pyperclip dependency in emit.
Codecov Report
@@ Coverage Diff @@
## master #36 +/- ##
==========================================
- Coverage 83.76% 83.61% -0.15%
==========================================
Files 332 336 +4
Lines 25754 26071 +317
==========================================
+ Hits 21572 21799 +227
- Misses 4182 4272 +90
|
|
Merged this with rebase; thank you very much for your contribution! |
As per the discussion in #35, this adds a new unit,
machometa, which extracts similar metadata from Mach-O files as the existingpemetaunit.Example output
This also adds the
k2llibrary as a dependency to Refinery.New unit tests have been added in
test/units/formats/macho/test_machometa.py. The following samples, which are used in the unit tests, have been uploaded to Malshare:UpdateAgentbinary from North Korean supply chain compromise of 3CX software9e9a5f8d86356796162cee881c843cde9eaedfb3)2d15286d25f0e0938823dcd742bc928e78199b3d)libffmpegbinary from North Korean supply chain compromise of 3CX software769383fc65d1386dd141c960c9970114547da0c2taskerbinary component of SilverSparrowb370191228fef82635e39a137be470af)Please feel free to directly make edits as needed.