Verification of IM4M should not include Cryptex components #61
Description
While attempting verification of an IM4M I received the following error:
$ pyimg4 im4m verify -i IM4M -b BuildManifest.plist -v
Reading IM4M...
Reading BuildManifest.plist...
Selected build identity: 1
Verifying hash of component: AOP...
Verifying hash of component: AVE...
Verifying hash of component: Ap,SystemVolumeCanonicalMetadata...
Verifying hash of component: AppleLogo...
Verifying hash of component: AudioCodecFirmware...
Component: BasebandFirmware has no hash, skipping...
Verifying hash of component: BatteryCharging0...
Verifying hash of component: BatteryCharging1...
Verifying hash of component: BatteryFull...
Verifying hash of component: BatteryLow0...
Verifying hash of component: BatteryLow1...
Verifying hash of component: BatteryPlugin...
Verifying hash of component: Cryptex1,AppOS...
No hash found for component: Cryptex1,AppOS in Image4 manifest!
Skipping build identity 2...
Image4 manifest is not valid for the provided build manifest!
However, Cryptex components should not be checked against normal IM4Ms because there are separate IM4Ms for Cryptex components (and their trustcaches) only. Solving this issue may potentially require a way to distinguish normal blobs from Cryptex blobs.