[apple/libsecurity_codesigning.git] / lib / reqmaker.h

/*
 * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

//
// reqmaker - Requirement assembler
//
#ifndef _H_REQMAKER
#define _H_REQMAKER

#include <security_codesigning/requirement.h>

namespace Security {
namespace CodeSigning {


//
// A Requirement::Maker is a tool for creating a Requirement blob.
// It's primarily an assember for the binary requirements (exprOp) language.
// Initialize it, call put() methods to generate the exprOp program, then
// call make() to get the assembled Requirement blob, malloc'ed for you.
// The Maker is not reusable.
//
class Requirement::Maker {
public:
        Maker(Kind k = exprForm);
        ~Maker() { free(mBuffer); }
        
        template <class T>
        T *alloc(size_t size) { return reinterpret_cast<T *>(alloc(size)); }

        template <class T>
        void put(const T &value) { *alloc<Endian<T> >(sizeof(T)) = value; }
        void put(ExprOp op) { put(uint32_t(op)); }
        void put(MatchOperation op) { put(uint32_t(op)); }
        void put(const std::string &s) { putData(s.data(), s.size()); }
        void put(const char *s) { putData(s, strlen(s)); }
        void putData(const void *data, size_t length);
        
        void anchor(int slot, SHA1::Digest digest);                     // given slot/digest
        void anchor(int slot, const void *cert, size_t length); // given slot/cert
        void anchor();                                                                          // canonical Apple anchor
        
        void trustedAnchor();
        void trustedAnchor(int slot);
        
        void infoKey(const std::string &key, const std::string &value);
        void ident(const std::string &identHash);
        void cdhash(SHA1::Digest digest);
        
        //
        // Keep labels into exprOp code, and allow for "shifting in"
        // prefix code as needed (exprOp is a prefix-code language).
        //
        struct Label {
                const Offset pos;
                Label(const Maker &maker) : pos(maker.length()) { }
        };
        void *insert(const Label &label, size_t length = sizeof(uint32_t));
        
        template <class T>
        Endian<T> &insert(const Label &label, size_t length = sizeof(T))
        { return *reinterpret_cast<Endian<T>*>(insert(label, length)); }
        
        void kind(Kind k) { mBuffer->kind(k); }
        size_t length() const { return mPC; }
        Requirement *make();
        Requirement *operator () () { return make(); }
        
protected:
        void require(size_t size);      
        void *alloc(size_t size);

private:
        Requirement *mBuffer;
        Offset mSize;
        Offset mPC;
};


}       // CodeSigning
}       // Security

#endif //_H_REQMAKER