Rewrite some code to swift and detach mountpoint

IB-8238

Signed-off-by: Raul Metsma <raul@metsma.ee>

Author: metsma

.github/workflows/build.yml

@@ -17,7 +17,7 @@ jobs:
         cmake -DCMAKE_OSX_ARCHITECTURES="x86_64;arm64" -DCMAKE_BUILD_TYPE=RelWithDebInfo -S . -B build
         cmake --build build --target pkgbuild
     - name: Archive artifacts
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         name: macOS
         path: build/*.pkg
@@ -50,7 +50,7 @@ jobs:
     - name: Install Qt
       uses: jurplel/install-qt-action@v4
       with:
-        version: 6.10.0
+        version: 6.10.1
         arch: win64_msvc2022_64
     - name: Setup dev env
       uses: ilammy/msvc-dev-cmd@v1
@@ -66,7 +66,7 @@ jobs:
           -DCMAKE_TOOLCHAIN_FILE=${{ env.RUNVCPKG_VCPKG_ROOT }}/scripts/buildsystems/vcpkg.cmake
         cmake --build build --target installer
     - name: Archive artifacts
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         name: msi_${{ matrix.vcver }}_x64
         path: build/*.msi

CMakeLists.txt

@@ -47,38 +47,49 @@ if( APPLE )
 			libid-updater-lib_x86_64.a
 			${SWIFTMOD_DIR}/arm64-apple-macos.swiftmodule
 			${SWIFTMOD_DIR}/x86_64-apple-macos.swiftmodule
-		DEPENDS config.h
+		DEPENDS
+			config.h
+			prefPane/AdvancedWindowController.swift
+			prefPane/id-updater.swift
+			prefPane/update.swift
 		COMMENT "Build id-updater-lib"
 		COMMAND ${CMAKE_COMMAND} -E make_directory ${SWIFTMOD_DIR}
 		COMMAND ${CMAKE_COMMAND} -E make_directory ${SWIFTHDR_DIR}
 		COMMAND ${SWIFT_FLAGS} -target arm64-apple-macosx${CMAKE_OSX_DEPLOYMENT_TARGET}
 			-module-name id_updater_lib
 			-emit-module -emit-module-path ${SWIFTMOD_DIR}/arm64-apple-macos.swiftmodule
 			-emit-objc-header -emit-objc-header-path ${SWIFTHDR_DIR}/id_updater_lib-Swift.h
-			${CMAKE_CURRENT_SOURCE_DIR}/prefPane/update.swift
 			-emit-library -static -o libid-updater-lib_arm64.a
+			${CMAKE_CURRENT_SOURCE_DIR}/prefPane/AdvancedWindowController.swift
+			${CMAKE_CURRENT_SOURCE_DIR}/prefPane/id-updater.swift
+			${CMAKE_CURRENT_SOURCE_DIR}/prefPane/update.swift
 		COMMAND ${SWIFT_FLAGS} -target x86_64-apple-macosx${CMAKE_OSX_DEPLOYMENT_TARGET}
 			-module-name id_updater_lib
 			-emit-module -emit-module-path ${SWIFTMOD_DIR}/x86_64-apple-macos.swiftmodule
 			-emit-objc-header -emit-objc-header-path ${SWIFTHDR_DIR}/id_updater_lib-Swift.h
-			${CMAKE_CURRENT_SOURCE_DIR}/prefPane/update.swift
 			-emit-library -static -o libid-updater-lib_x86_64.a
+			${CMAKE_CURRENT_SOURCE_DIR}/prefPane/AdvancedWindowController.swift
+			${CMAKE_CURRENT_SOURCE_DIR}/prefPane/id-updater.swift
+			${CMAKE_CURRENT_SOURCE_DIR}/prefPane/update.swift
 		COMMAND lipo -create libid-updater-lib_arm64.a libid-updater-lib_x86_64.a -output libid-updater-lib.a
 	)
 	add_custom_command(OUTPUT id-updater-helper
 		BYPRODUCTS
 			id-updater-helper_arm64
 			id-updater-helper_x86_64
-		DEPENDS libid-updater-lib.a
+		DEPENDS
+			${CMAKE_CURRENT_BINARY_DIR}/libid-updater-lib.a
+			prefPane/update.swift
+			prefPane/main.swift
 		COMMENT "Build id-updater-helper"
 		COMMAND ${SWIFT_FLAGS} -target arm64-apple-macosx${CMAKE_OSX_DEPLOYMENT_TARGET} -parse-as-library
-			${CMAKE_CURRENT_BINARY_DIR}/libid-updater-lib.a
-			${CMAKE_CURRENT_SOURCE_DIR}/prefPane/main.swift
 			-o id-updater-helper_arm64
-		COMMAND ${SWIFT_FLAGS} -target x86_64-apple-macosx${CMAKE_OSX_DEPLOYMENT_TARGET} -parse-as-library
-			${CMAKE_CURRENT_BINARY_DIR}/libid-updater-lib.a
+			${CMAKE_CURRENT_SOURCE_DIR}/prefPane/update.swift
 			${CMAKE_CURRENT_SOURCE_DIR}/prefPane/main.swift
+		COMMAND ${SWIFT_FLAGS} -target x86_64-apple-macosx${CMAKE_OSX_DEPLOYMENT_TARGET} -parse-as-library
 			-o id-updater-helper_x86_64
+			${CMAKE_CURRENT_SOURCE_DIR}/prefPane/update.swift
+			${CMAKE_CURRENT_SOURCE_DIR}/prefPane/main.swift
 		COMMAND lipo -create id-updater-helper_arm64 id-updater-helper_x86_64 -output id-updater-helper
 	)
 

prefPane/AdvancedWindowController.swift

@@ -0,0 +1,99 @@
+/*
+ * id-updater
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+ *
+ */
+
+import Cocoa
+import SwiftUI
+
+struct AdvancedWindowView: View {
+    var closeAction: (() -> Void)?
+    static let versions = [
+        (label: "DigiDoc4", value: "ee.ria.qdigidoc4"),
+        (label: "Open-EID", value: "ee.ria.open-eid"),
+        (label: "ID-Updater", value: "ee.ria.ID-updater"),
+        (label: String(localized: "Safari (Extensions) browser plugin"), value: "ee.ria.safari-token-signing"),
+        (label: String(localized: "Safari (NPAPI) browser plugin"), value: "ee.ria.firefox-token-signing"),
+        (label: String(localized: "Chrome/Firefox browser plugin"), value: "ee.ria.chrome-token-signing"),
+        (label: String(localized: "Chrome browser plugin"), value: "ee.ria.token-signing-chrome"),
+        (label: String(localized: "Chrome browser plugin policy"), value: "ee.ria.token-signing-chrome-policy"),
+        (label: String(localized: "Firefox browser plugin"), value: "ee.ria.token-signing-firefox"),
+        (label: String(localized: "Web-eID native component"), value: "eu.web-eid.web-eid"),
+        (label: String(localized: "Safari browser extension (Web-eID)"), value: "eu.web-eid.web-eid-safari"),
+        (label: String(localized: "Chrome browser extension (Web-eID)"), value: "eu.web-eid.web-eid-chrome"),
+        (label: String(localized: "Chrome browser extension policy (Web-eID)"), value: "eu.web-eid.web-eid-chrome-policy"),
+        (label: String(localized: "Firefox browser extension (Web-eID)"), value: "eu.web-eid.web-eid-firefox"),
+        (label: String(localized: "PKCS11 loader"), value: "ee.ria.firefox-pkcs11-loader"),
+        (label: String(localized: "IDEMIA PKCS11 loader"), value: "com.idemia.awp.xpi"),
+        (label: "OpenSC", value: "org.opensc-project.mac"),
+        (label: "IDEMIA PKCS11", value: "com.idemia.awp.pkcs11"),
+        (label: "EstEID Tokend", value: "ee.ria.esteid-tokend"),
+        (label: "EstEID CTK Tokend", value: "ee.ria.esteid-ctk-tokend"),
+        (label: "IDEMIA Tokend", value: "com.idemia.awp.tokend"),
+    ]
+    let text = versions.compactMap { item in
+        let list = NSDictionary(contentsOfFile: "/var/db/receipts/\(item.value).plist")
+        if let ver = list?["PackageVersion"] as? String {
+            return "\(item.label): \(ver)"
+        } else {
+            return nil
+        }
+    }.joined(separator: "\n")
+
+    var body: some View {
+        VStack {
+            Text("Versions installed:")
+            TextEditor(text: .constant(text))
+                .padding(8)
+                .background(Color(.textBackgroundColor))
+                .clipShape(RoundedRectangle(cornerRadius: 6))
+            HStack {
+                Spacer()
+                Button("OK") { closeAction?() }
+                    .keyboardShortcut(.defaultAction)
+            }
+        }
+        .padding()
+    }
+}
+
+public class AdvancedWindowController: NSWindowController {
+    @objc public init(parent: NSWindow? = nil) {
+        super.init(window: nil)
+
+        let rootView = AdvancedWindowView() { [weak self] in
+            guard let window = self?.window,
+                let parent = window.sheetParent else { return }
+            parent.endSheet(window)
+        }
+
+        let popup = NSWindow(contentViewController: NSHostingController(rootView: rootView))
+        popup.styleMask = .borderless
+        popup.setContentSize(NSSize(width: 400, height: 250))
+        self.window = popup
+
+        parent?.beginSheet(popup)
+    }
+
+    required init?(coder: NSCoder) {
+        fatalError("init(coder:) has not been implemented")
+    }
+}
+
+#Preview {
+    AdvancedWindowView()
+}

prefPane/id-updater.m

@@ -27,53 +27,6 @@
 #define NSLocalizedString(key, comment) \
 [bundlelang localizedStringForKey:(key) value:@"" table:nil]
 
-@interface AdvancedWindowController: NSWindowController
-@end
-
-@implementation AdvancedWindowController
-
-- (instancetype)initWithText:(NSString*)text {
-    if (self = [super init]) {
-        NSView *view = [[NSView alloc] init];
-
-        NSTextField *label = [NSTextField labelWithString:text];
-        label.translatesAutoresizingMaskIntoConstraints = NO;
-        [view addSubview:label];
-        [label.topAnchor constraintEqualToAnchor:view.topAnchor constant:25].active = YES;
-        [label.centerXAnchor constraintEqualToAnchor:view.centerXAnchor].active = YES;
-
-        NSButton *ok = [[NSButton alloc] init];
-        ok.translatesAutoresizingMaskIntoConstraints = NO;
-        ok.title = @"OK";
-        ok.keyEquivalent = @"\r";
-        ok.highlighted = YES;
-        ok.bezelStyle = NSBezelStyleRounded;
-        ok.target = self;
-        ok.action = @selector(buttonPressed:);
-        [view addSubview:ok];
-        [ok.bottomAnchor constraintEqualToAnchor:view.bottomAnchor constant:-25].active = YES;
-        [ok.rightAnchor constraintEqualToAnchor:view.rightAnchor constant:-25].active = YES;
-
-        self.window = [[NSWindow alloc] initWithContentRect:NSMakeRect(0, 0, 400, 250)
-                                                  styleMask:NSWindowStyleMaskBorderless
-                                                    backing:NSBackingStoreBuffered
-                                                      defer:NO];
-        self.window.contentView = view;
-        self.window.defaultButtonCell = ok.cell;
-    }
-    return self;
-}
-
-- (void)buttonPressed:(id)sender {
-    [self.window.sheetParent endSheet:self.window];
-}
-
-- (void)showWindow:(id)sender {
-    [self.window makeKeyAndOrderFront:sender];
-}
-
-@end
-
 @interface ID_updater : NSPreferencePane <UpdateDelegate, NSURLSessionDownloadDelegate, NSUserNotificationCenterDelegate>
 
 @property (weak) IBOutlet NSTextField *mainLabel;
@@ -235,45 +188,6 @@ - (void)updateAvailable:(NSString *)_available filename:(NSURL *)_filename {
     });
 }
 
-- (BOOL)verifyCMSSignature:(NSData *)signatureData data:(NSData *)data cert:(NSData *)cert {
-    #define RETURN_IF_OERROR(MSG) if (oserr) { NSLog(MSG); return false; }
-    CMSDecoderRef decoderRef;
-    OSStatus oserr = CMSDecoderCreate(&decoderRef);
-    RETURN_IF_OERROR(@"CMSDecoderCreate")
-    id decoder = CFBridgingRelease(decoderRef);
-
-    oserr = CMSDecoderUpdateMessage((__bridge CMSDecoderRef)decoder, signatureData.bytes, signatureData.length);
-    RETURN_IF_OERROR(@"CMSDecoderUpdateMessage")
-    oserr = CMSDecoderFinalizeMessage((__bridge CMSDecoderRef)decoder);
-    RETURN_IF_OERROR(@"CMSDecoderFinalizeMessage")
-    oserr = CMSDecoderSetDetachedContent((__bridge CMSDecoderRef)decoder, (__bridge CFDataRef)data);
-    RETURN_IF_OERROR(@"CMSDecoderSetDetachedContent")
-
-    size_t numSignersOut = 0;
-    oserr = CMSDecoderGetNumSigners((__bridge CMSDecoderRef)decoder, &numSignersOut);
-    RETURN_IF_OERROR(@"CMSDecoderGetNumSigners")
-    if (numSignersOut != 1) {
-        NSLog(@"Invalid number of signers: %lu", numSignersOut);
-        return false;
-    }
-
-    SecPolicyRef policy = SecPolicyCreateBasicX509();
-    CMSSignerStatus status;
-    oserr = CMSDecoderCopySignerStatus((__bridge CMSDecoderRef)decoder, 0, policy, TRUE, &status, nil, nil);
-    CFRelease(policy);
-    RETURN_IF_OERROR(@"CMSDecoderCopySignerStatus")
-    bool isValid = status == kCMSSignerValid;
-
-    SecCertificateRef signerCert;
-    oserr = CMSDecoderCopySignerCert((__bridge CMSDecoderRef)decoder, 0, &signerCert);
-    RETURN_IF_OERROR(@"CMSDecoderCopySignerCert")
-    bool isSameCert = [cert isEqualToData:CFBridgingRelease(SecCertificateCopyData(signerCert))];
-    CFRelease(signerCert);
-
-    NSLog(@"Signature is (%d) and cert is equal(%d)", isValid, isSameCert);
-    return isValid && isSameCert;
-}
-
 #pragma mark - Connection delegate
 
 - (void)URLSession:(NSURLSession *)session downloadTask:(NSURLSessionDownloadTask *)downloadTask didWriteData:(int64_t)bytesWritten totalBytesWritten:(int64_t)totalBytesWritten totalBytesExpectedToWrite:(int64_t)totalBytesExpectedToWrite {
@@ -292,9 +206,13 @@ - (void)URLSession:(NSURLSession *)session downloadTask:(NSURLSessionDownloadTas
     [NSFileManager.defaultManager moveItemAtPath:location.path toPath:tmp error:nil];
 
     NSString *volumePath = @"/Volumes/Open-EID";
-    NSArray *args = @[@"attach", @"-verify", @"-mountpoint", volumePath, tmp];
+    NSArray *args = @[@"detach", volumePath];
     NSTask *task = [NSTask launchedTaskWithLaunchPath:@"/usr/bin/hdiutil" arguments:args];
     [task waitUntilExit];
+    
+    args = @[@"attach", @"-verify", @"-mountpoint", volumePath, tmp];
+    task = [NSTask launchedTaskWithLaunchPath:@"/usr/bin/hdiutil" arguments:args];
+    [task waitUntilExit];
     if (task.terminationStatus != 0) {
         self.infoLabel.stringValue = [NSString stringWithFormat:@"Verify failed, status: %i", task.terminationStatus];
         return;
@@ -348,7 +266,7 @@ - (void)URLSession:(NSURLSession *)session downloadTask:(NSURLSessionDownloadTas
     }
 
     if([signatureType isEqualToString:@"CMS"]) {
-        if ([self verifyCMSSignature:signature data:data cert:certData])
+        if ([Updater verifyCMSSignature:signature data:data cert:certData])
             [NSTask launchedTaskWithLaunchPath:@"/usr/bin/open" arguments:@[path]];
         else
         {
@@ -406,42 +324,8 @@ - (IBAction)installUpdate:(id)sender {
     }];
 }
 
-- (NSString*)versionInfo:(NSString *)pkg {
-    NSDictionary *list = [NSDictionary dictionaryWithContentsOfFile:[NSString stringWithFormat:@"/var/db/receipts/%@.plist", pkg]];
-    return list ? list[@"PackageVersion"] : [NSString string];
-}
-
 - (IBAction)diagnostics:(id)sender {
-    NSDictionary *versions = @{
-        @"DigiDoc4": update.digidoc4,
-        @"Open-EID": update.baseVersion,
-        @"ID-Updater": update.updaterVersion,
-        NSLocalizedString(@"Safari (Extensions) browser plugin", nil): [self versionInfo:@"ee.ria.safari-token-signing"],
-        NSLocalizedString(@"Safari (NPAPI) browser plugin", nil): [self versionInfo:@"ee.ria.firefox-token-signing"],
-        NSLocalizedString(@"Chrome/Firefox browser plugin", nil): [self versionInfo:@"ee.ria.chrome-token-signing"],
-        NSLocalizedString(@"Chrome browser plugin", nil): [self versionInfo:@"ee.ria.token-signing-chrome"],
-        NSLocalizedString(@"Chrome browser plugin policy", nil): [self versionInfo:@"ee.ria.token-signing-chrome-policy"],
-        NSLocalizedString(@"Firefox browser plugin", nil): [self versionInfo:@"ee.ria.token-signing-firefox"],
-        NSLocalizedString(@"Web-eID native component", nil): [self versionInfo:@"eu.web-eid.web-eid"],
-        NSLocalizedString(@"Safari browser extension (Web-eID)", nil): [self versionInfo:@"eu.web-eid.web-eid-safari"],
-        NSLocalizedString(@"Chrome browser extension (Web-eID)", nil): [self versionInfo:@"eu.web-eid.web-eid-chrome"],
-        NSLocalizedString(@"Chrome browser extension policy (Web-eID)", nil): [self versionInfo:@"eu.web-eid.web-eid-chrome-policy"],
-        NSLocalizedString(@"Firefox browser extension (Web-eID)", nil): [self versionInfo:@"eu.web-eid.web-eid-firefox"],
-        NSLocalizedString(@"PKCS11 loader", nil): [self versionInfo:@"ee.ria.firefox-pkcs11-loader"],
-        NSLocalizedString(@"IDEMIA PKCS11 loader", nil): [self versionInfo:@"com.idemia.awp.xpi"],
-        @"OpenSC": [self versionInfo:@"org.opensc-project.mac"],
-        @"IDEMIA PKCS11": [self versionInfo:@"com.idemia.awp.pkcs11"],
-        @"EstEID Tokend": [self versionInfo:@"ee.ria.esteid-tokend"],
-        @"EstEID CTK Tokend": [self versionInfo:@"ee.ria.esteid-ctk-tokend"],
-        @"IDEMIA Tokend": [self versionInfo:@"com.idemia.awp.tokend"],
-    };
-    NSMutableArray *list = [[NSMutableArray alloc] init];
-    [versions enumerateKeysAndObjectsUsingBlock:^(id key, id object, BOOL *stop) {
-        if (object != nil && ((NSString*)object).length != 0)
-            [list addObject:[NSString stringWithFormat:@"%@ (%@)", key, object]];
-    }];
-    self.advancedViewController = [[AdvancedWindowController alloc] initWithText:[list componentsJoinedByString:@"\n"]];
-    [self.mainView.window beginSheet:self.advancedViewController.window completionHandler:nil];
+    self.advancedViewController = [[AdvancedWindowController alloc] initWithParent:self.mainView.window];
 }
 
 @end