| | 1 | /* |
| | 2 | * Copyright (c) 2011-2012 Apple Inc. All Rights Reserved. |
| | 3 | * |
| | 4 | * @APPLE_LICENSE_HEADER_START@ |
| | 5 | * |
| | 6 | * This file contains Original Code and/or Modifications of Original Code |
| | 7 | * as defined in and that are subject to the Apple Public Source License |
| | 8 | * Version 2.0 (the 'License'). You may not use this file except in |
| | 9 | * compliance with the License. Please obtain a copy of the License at |
| | 10 | * http://www.opensource.apple.com/apsl/ and read it before using this |
| | 11 | * file. |
| | 12 | * |
| | 13 | * The Original Code and all software distributed under the License are |
| | 14 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER |
| | 15 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, |
| | 16 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, |
| | 17 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. |
| | 18 | * Please see the License for the specific language governing rights and |
| | 19 | * limitations under the License. |
| | 20 | * |
| | 21 | * @APPLE_LICENSE_HEADER_END@ |
| | 22 | */ |
| | 23 | #ifndef _H_POLICYDB |
| | 24 | #define _H_POLICYDB |
| | 25 | |
| | 26 | #include <security_utilities/globalizer.h> |
| | 27 | #include <security_utilities/hashing.h> |
| | 28 | #include <security_utilities/sqlite++.h> |
| | 29 | #include <CoreFoundation/CoreFoundation.h> |
| | 30 | |
| | 31 | namespace Security { |
| | 32 | namespace CodeSigning { |
| | 33 | |
| | 34 | |
| | 35 | namespace SQLite = SQLite3; |
| | 36 | |
| | 37 | |
| | 38 | static const char defaultDatabase[] = "/var/db/SystemPolicy"; |
| | 39 | static const char visibleSecurityFlagFile[] = "/var/db/.sp_visible"; /* old duchess/emir style configration */ |
| | 40 | static const char prefsFile[] = "/var/db/SystemPolicy-prefs.plist"; |
| | 41 | |
| | 42 | static const char gkeAuthFile[] = "/var/db/gke.auth"; |
| | 43 | static const char gkeSigsFile[] = "/var/db/gke.sigs"; |
| | 44 | static const unsigned int gkeCheckInterval = 60; // seconds |
| | 45 | |
| | 46 | |
| | 47 | // |
| | 48 | // We use Julian dates in the database, because SQLite understands them well and they convert easily to/from CFAbsoluteTime |
| | 49 | // |
| | 50 | static const double never = 5000000; // canonical "never" julian date (an arbitrary point in the year 8977) |
| | 51 | static const double julianBase = 2451910.5; // julian date of CFAbsoluteTime epoch |
| | 52 | |
| | 53 | static inline double dateToJulian(CFDateRef time) |
| | 54 | { return CFDateGetAbsoluteTime(time) / 86400.0 + julianBase; } |
| | 55 | |
| | 56 | static inline CFDateRef julianToDate(double julian) |
| | 57 | { return CFDateCreate(NULL, (julian - julianBase) * 86400); } |
| | 58 | |
| | 59 | |
| | 60 | typedef SHA1::SDigest ObjectHash; |
| | 61 | |
| | 62 | |
| | 63 | typedef uint AuthorityType; |
| | 64 | enum { |
| | 65 | kAuthorityInvalid = 0, // not a valid authority type |
| | 66 | kAuthorityExecute = 1, // authorizes launch and execution |
| | 67 | kAuthorityInstall = 2, // authorizes installation |
| | 68 | kAuthorityOpenDoc = 3, // authorizes opening of documents |
| | 69 | }; |
| | 70 | |
| | 71 | |
| | 72 | // |
| | 73 | // Defined flags for authority flags column |
| | 74 | // |
| | 75 | enum { |
| | 76 | kAuthorityFlagVirtual = 0x0001, // virtual rule (anchoring object records) |
| | 77 | kAuthorityFlagDefault = 0x0002, // rule is part of the original default set |
| | 78 | kAuthorityFlagInhibitCache = 0x0004, // never cache outcome of this rule |
| | 79 | kAuthorityFlagWhitelist = 0x1000, // whitelist override |
| | 80 | }; |
| | 81 | |
| | 82 | |
| | 83 | // |
| | 84 | // Mapping/translation to/from API space |
| | 85 | // |
| | 86 | AuthorityType typeFor(CFDictionaryRef context, AuthorityType type = kAuthorityInvalid); |
| | 87 | CFStringRef typeNameFor(AuthorityType type) |
| | 88 | CF_RETURNS_RETAINED; |
| | 89 | |
| | 90 | |
| | 91 | // |
| | 92 | // An open policy database. |
| | 93 | // Usually read-only, but can be opened for write by privileged callers. |
| | 94 | // This is a translucent wrapper around SQLite::Database; the caller |
| | 95 | // is expected to work with statement rows. |
| | 96 | // |
| | 97 | class PolicyDatabase : public SQLite::Database { |
| | 98 | public: |
| | 99 | PolicyDatabase(const char *path = NULL, int flags = SQLITE_OPEN_READONLY); |
| | 100 | virtual ~PolicyDatabase(); |
| | 101 | |
| | 102 | public: |
| | 103 | bool checkCache(CFURLRef path, AuthorityType type, CFMutableDictionaryRef result); |
| | 104 | |
| | 105 | public: |
| | 106 | void purgeAuthority(); |
| | 107 | void purgeObjects(); |
| | 108 | void purgeObjects(double priority);// |
| | 109 | |
| | 110 | void upgradeDatabase(); |
| | 111 | std::string featureLevel(const char *feature); |
| | 112 | bool hasFeature(const char *feature) { return !featureLevel(feature).empty(); } |
| | 113 | void addFeature(const char *feature, const char *value, const char *remarks); |
| | 114 | void simpleFeature(const char *feature, const char *sql); |
| | 115 | void simpleFeature(const char *feature, void (^perform)()); |
| | 116 | |
| | 117 | void installExplicitSet(const char *auth, const char *sigs); |
| | 118 | |
| | 119 | private: |
| | 120 | time_t mLastExplicitCheck; |
| | 121 | }; |
| | 122 | |
| | 123 | |
| | 124 | // |
| | 125 | // Check the system-wide overriding flag file |
| | 126 | // |
| | 127 | bool overrideAssessment(); |
| | 128 | void setAssessment(bool masterSwitch); |
| | 129 | |
| | 130 | } // end namespace CodeSigning |
| | 131 | } // end namespace Security |
| | 132 | |
| | 133 | #endif //_H_POLICYDB |
projects / apple / libsecurity_codesigning.git / blame_incremental