csreq(1) BSD General Commands Manual csreq(1)
NAME
csreq -- Expert tool for manipulating Code Signing Requirement data
SYNOPSIS
csreq [-v] -r requirement-input -t
csreq [-v] -r requirement-input -b outputfile
DESCRIPTION
The csreq command manipulates Code Signing Requirement data. It reads
one requirement from a file or command arguments, converts it into inter-
nal form, checks it, and then optionally outputs it in a different form.
The options are as follows:
-b path
Requests that the requirement read be written in binary form to
the path given.
-r requirement-input
Specifies the input requirement. See "specifying requirements"
below. This is exactly the same format as is accepted by the -r
and -R options of the codesign(1) command.
-t Requests that the requirement read be written as text to standard
output.
-v Increases the verbosity of output. Multiple instances of -v pro-
duce increasing levels of commentary output.
In the first synopsis form, csreq reads a Code Requirement and writes it
to standard output as canonical source text. Note that with text input,
this actually compiles the requirement into internal form and then con-
verts it back to text, giving you the system's view of the requirement
code.
In the second synopsis form, csreq reads a Code Requirement and writes
its binary representation to a file. This is the same form produced by
the SecRequirementCopyData API, and is readily acceptable as input to
Code Signing verification APIs. It can also be used as input to subse-
quent invocations of csreq by passing the filename to the -r option.
SPECIFYING REQUIREMENTS
The requirement argument (-r) can be given in various forms. A plain text
argument is taken to be a path to a file containing the requirement. This
program will accept both binary files containing properly compiled
requirements code, and source files that are automatically compiled for
use. An argument of "-" requests that the requirement(s) are read from
standard input. Again, standard input can contain either binary form or
text. Finally, an argument that begins with an equal sign "=" is taken
as a literal requirements source text, and is compiled accordingly for
use.
EXAMPLES
To compile an explicit requirement program and write its binary form to
file "output":
csreq -r="identifier com.foo.test" -b output.csreq
To display the requirement program embedded at offset 1234 of file "foo":
tail -b 1234 foo | csreq -r- -t
FILES
DIAGNOSTICS
The csreq program exits 0 on success or 1 on failure. Errors in arguments
yield exit code 2.
SEE ALSO
codesign(1)
HISTORY
The csreq command first appeared in Mac OS 10.5.0 .
BSD June 1, 2006 BSD
Mac OS X 10.6 - Generated Thu Sep 17 20:07:24 CDT 2009