search

google / santa

A binary authorization and monitoring system for macOS
https://santa.dev
Apache License 2.0
4.37k stars 295 forks source link

Add a Signing ID Format Helper #1365

Closed pmarkowsky closed 1 month ago

pmarkowsky commented 1 month ago

This PR adds a helper function to format the Signing IDs in Santa and to ensure they're always handled and formatted the same way.

It's marked draft until we're sure that it's used everywhere it should be and that folks are happy with it.

russellhancox commented 1 month ago

I think it would be more powerful if things like SID were made into their own type. Having a helper is nice, but there's no format enforcement mechanism by keeping it a string.

Agree in principle but they'll be strings coming in from MOLCodesignChecker and need to be converted back to strings in several other places (syncservice, event database) so the type is only going to ensure that the code in this helper is used in the few places it should be and will make this change significantly bigger for a pretty small gain.