]> git.saurik.com Git - apple/libsecurity_codesigning.git/blob - lib/CodeSigner.cpp
projects / apple / libsecurity_codesigning.git / blob
? search:


361d8fc342243ec21bfdf6a3834308316b2d7077
[apple/libsecurity_codesigning.git] / lib / CodeSigner.cpp
1 /*
2 * Copyright (c) 2006-2010 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 //
25 // CodeSigner - SecCodeSigner API objects
26 //
27 #include "CodeSigner.h"
28 #include "signer.h"
29 #include "reqparser.h"
30 #include "renum.h"
31 #include "csdatabase.h"
32 #include <security_utilities/unix++.h>
33 #include <security_utilities/unixchild.h>
34 #include <vector>
35
36 namespace Security {
37
38 __SEC_CFTYPE(SecIdentity)
39
40 namespace CodeSigning {
41
42 using namespace UnixPlusPlus;
43
44
45 //
46 // A helper for parsing out a CFDictionary signing-data specification
47 //
48 class SecCodeSigner::Parser : CFDictionary {
49 public:
50 Parser(SecCodeSigner &signer, CFDictionaryRef parameters);
51
52 bool getBool(CFStringRef key) const
53 {
54 if (CFBooleanRef flag = get<CFBooleanRef>(key))
55 return flag == kCFBooleanTrue;
56 else
57 return false;
58 }
59 };
60
61
62 //
63 // Construct a SecCodeSigner
64 //
65 SecCodeSigner::SecCodeSigner(SecCSFlags flags)
66 : mOpFlags(flags), mRequirements(NULL), mDigestAlgorithm(kSecCodeSignatureDefaultDigestAlgorithm)
67 {
68 }
69
70
71 //
72 // Clean up a SecCodeSigner
73 //
74 SecCodeSigner::~SecCodeSigner() throw()
75 try {
76 ::free((Requirements *)mRequirements);
77 } catch (...) {
78 return;
79 }
80
81
82 //
83 // Parse an input parameter dictionary and set ready-to-use parameters
84 //
85 void SecCodeSigner::parameters(CFDictionaryRef paramDict)
86 {
87 Parser(*this, paramDict);
88 if (!valid())
89 MacOSError::throwMe(errSecCSInvalidObjectRef);
90 }
91
92
93 //
94 // Roughly check for validity.
95 // This isn't thorough; it just sees if if looks like we've set up the object appropriately.
96 //
97 bool SecCodeSigner::valid() const
98 {
99 if (mOpFlags & kSecCSRemoveSignature)
100 return true;
101 return mSigner;
102 }
103
104
105 //
106 // Sign code
107 //
108 void SecCodeSigner::sign(SecStaticCode *code, SecCSFlags flags)
109 {
110 Signer operation(*this, code);
111 if ((flags | mOpFlags) & kSecCSRemoveSignature) {
112 secdebug("signer", "%p will remove signature from %p", this, code);
113 operation.remove(flags);
114 } else {
115 if (!valid())
116 MacOSError::throwMe(errSecCSInvalidObjectRef);
117 secdebug("signer", "%p will sign %p (flags 0x%x)", this, code, flags);
118 operation.sign(flags);
119 }
120 code->resetValidity();
121 }
122
123
124 //
125 // ReturnDetachedSignature is called by writers or editors that try to return
126 // detached signature data (rather than annotate the target).
127 //
128 void SecCodeSigner::returnDetachedSignature(BlobCore *blob, Signer &signer)
129 {
130 assert(mDetached);
131 if (CFGetTypeID(mDetached) == CFURLGetTypeID()) {
132 // URL to destination file
133 AutoFileDesc fd(cfString(CFURLRef(mDetached.get())), O_WRONLY | O_CREAT | O_TRUNC);
134 fd.writeAll(*blob);
135 } else if (CFGetTypeID(mDetached) == CFDataGetTypeID()) {
136 CFDataAppendBytes(CFMutableDataRef(mDetached.get()),
137 (const UInt8 *)blob, blob->length());
138 } else if (CFGetTypeID(mDetached) == CFNullGetTypeID()) {
139 signatureDatabaseWriter().storeCode(blob, signer.path().c_str());
140 } else
141 assert(false);
142 }
143
144
145 //
146 // Our DiskRep::signingContext methods communicate with the signing subsystem
147 // in terms those callers can easily understand.
148 //
149 string SecCodeSigner::sdkPath(const std::string &path) const
150 {
151 assert(path[0] == '/'); // need absolute path here
152 if (mSDKRoot)
153 return cfString(mSDKRoot) + path;
154 else
155 return path;
156 }
157
158 bool SecCodeSigner::isAdhoc() const
159 {
160 return mSigner == SecIdentityRef(kCFNull);
161 }
162
163
164 //
165 // The actual parsing operation is done in the Parser class.
166 //
167 // Note that we need to copy or retain all incoming data. The caller has no requirement
168 // to keep the parameters dictionary around.
169 //
170 SecCodeSigner::Parser::Parser(SecCodeSigner &state, CFDictionaryRef parameters)
171 : CFDictionary(parameters, errSecCSBadDictionaryFormat)
172 {
173 // the signer may be an identity or null
174 if (CFTypeRef signer = get<CFTypeRef>(kSecCodeSignerIdentity))
175 if (CFGetTypeID(signer) == SecIdentityGetTypeID() || signer == kCFNull)
176 state.mSigner = SecIdentityRef(signer);
177 else
178 MacOSError::throwMe(errSecCSInvalidObjectRef);
179
180 // the flags need some augmentation
181 if (CFNumberRef flags = get<CFNumberRef>(kSecCodeSignerFlags)) {
182 state.mCdFlagsGiven = true;
183 state.mCdFlags = cfNumber<uint32_t>(flags);
184 } else
185 state.mCdFlagsGiven = false;
186
187 // digest algorithms are specified as a numeric code
188 if (CFNumberRef digestAlgorithm = get<CFNumberRef>(kSecCodeSignerDigestAlgorithm))
189 state.mDigestAlgorithm = cfNumber<long>(digestAlgorithm);
190
191 if (CFNumberRef cmsSize = get<CFNumberRef>(CFSTR("cmssize")))
192 state.mCMSSize = cfNumber<size_t>(cmsSize);
193 else
194 state.mCMSSize = 5000; // likely big enough
195
196 // signing time can be a CFDateRef or null
197 if (CFTypeRef time = get<CFTypeRef>(kSecCodeSignerSigningTime))
198 if (CFGetTypeID(time) == CFDateGetTypeID() || time == kCFNull)
199 state.mSigningTime = CFDateRef(time);
200 else
201 MacOSError::throwMe(errSecCSInvalidObjectRef);
202
203 if (CFStringRef ident = get<CFStringRef>(kSecCodeSignerIdentifier))
204 state.mIdentifier = cfString(ident);
205
206 if (CFStringRef prefix = get<CFStringRef>(kSecCodeSignerIdentifierPrefix))
207 state.mIdentifierPrefix = cfString(prefix);
208
209 // requirements can be binary or string (to be compiled)
210 if (CFTypeRef reqs = get<CFTypeRef>(kSecCodeSignerRequirements)) {
211 if (CFGetTypeID(reqs) == CFDataGetTypeID()) { // binary form
212 const Requirements *rp = (const Requirements *)CFDataGetBytePtr(CFDataRef(reqs));
213 state.mRequirements = rp->clone();
214 } else if (CFGetTypeID(reqs) == CFStringGetTypeID()) { // text form
215 state.mRequirements = parseRequirements(cfString(CFStringRef(reqs)));
216 } else
217 MacOSError::throwMe(errSecCSInvalidObjectRef);
218 } else
219 state.mRequirements = NULL;
220
221 state.mNoMachO = getBool(CFSTR("no-macho"));
222
223 state.mPageSize = get<CFNumberRef>(kSecCodeSignerPageSize);
224
225 // detached can be (destination) file URL or (mutable) Data to be appended-to
226 if (state.mDetached = get<CFTypeRef>(kSecCodeSignerDetached)) {
227 CFTypeID type = CFGetTypeID(state.mDetached);
228 if (type != CFURLGetTypeID() && type != CFDataGetTypeID() && type != CFNullGetTypeID())
229 MacOSError::throwMe(errSecCSInvalidObjectRef);
230 }
231
232 state.mDryRun = getBool(kSecCodeSignerDryRun);
233
234 state.mResourceRules = get<CFDictionaryRef>(kSecCodeSignerResourceRules);
235
236 state.mApplicationData = get<CFDataRef>(kSecCodeSignerApplicationData);
237 state.mEntitlementData = get<CFDataRef>(kSecCodeSignerEntitlements);
238
239 state.mSDKRoot = get<CFURLRef>(kSecCodeSignerSDKRoot);
240 }
241
242
243 } // end namespace CodeSigning
244 } // end namespace Security
mirror of libsecurity_codesigning