]> git.saurik.com Git - apple/libsecurity_codesigning.git/blob - lib/filediskrep.cpp
projects / apple / libsecurity_codesigning.git / blob
? search:


dbb8820c8f19ee894d49b53577a89ba1b032b2ef
[apple/libsecurity_codesigning.git] / lib / filediskrep.cpp
1 /*
2 * Copyright (c) 2006-2007 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23 #include "filediskrep.h"
24 #include "StaticCode.h"
25 #include <security_utilities/macho++.h>
26 #include <cstring>
27
28
29 namespace Security {
30 namespace CodeSigning {
31
32 using namespace UnixPlusPlus;
33
34
35 //
36 // Everything's lazy in here
37 //
38 FileDiskRep::FileDiskRep(const char *path)
39 : SingleDiskRep(path)
40 {
41 CODESIGN_DISKREP_CREATE_FILE(this, (char*)path);
42 }
43
44
45 //
46 // Produce an extended attribute name from a canonical slot name
47 //
48 string FileDiskRep::attrName(const char *name)
49 {
50 static const char prefix[] = "com.apple.cs.";
51 return string(prefix) + name;
52 }
53
54
55 //
56 // Retrieve an extended attribute by name
57 //
58 CFDataRef FileDiskRep::getAttribute(const char *name)
59 {
60 string aname = attrName(name);
61 try {
62 ssize_t length = fd().getAttrLength(aname);
63 if (length < 0)
64 return NULL; // no such attribute
65 CFMallocData buffer(length);
66 fd().getAttr(aname, buffer, length);
67 return buffer;
68 } catch (const UnixError &err) {
69 // recover some errors that happen in (relatively) benign circumstances
70 switch (err.error) {
71 case ENOTSUP: // no extended attributes on this filesystem
72 case EPERM: // filesystem objects to name(?)
73 return NULL;
74 default:
75 throw;
76 }
77 }
78 }
79
80
81 //
82 // Extract and return a component by slot number.
83 // If we have a Mach-O binary, use embedded components.
84 // Otherwise, look for and return the extended attribute, if any.
85 //
86 CFDataRef FileDiskRep::component(CodeDirectory::SpecialSlot slot)
87 {
88 if (const char *name = CodeDirectory::canonicalSlotName(slot))
89 return getAttribute(name);
90 else
91 return NULL;
92 }
93
94
95 //
96 // Generate a suggested set of internal requirements.
97 // We don't really have to say much. However, if we encounter a file that
98 // starts with the magic "#!" script marker, we do suggest that this should
99 // be a valid host if we can reasonably make out what that is.
100 //
101 const Requirements *FileDiskRep::defaultRequirements(const Architecture *)
102 {
103 // read start of file
104 char buffer[256];
105 size_t length = fd().read(buffer, sizeof(buffer), 0);
106 if (length > 3 && buffer[0] == '#' && buffer[1] == '!' && buffer[2] == '/') {
107 // isolate (full) path element in #!/full/path -some -other -stuff
108 if (length == sizeof(buffer))
109 length--;
110 buffer[length] = '\0';
111 char *path = buffer + 2;
112 path[strcspn(path, " \t\n\r\f")] = '\0';
113 secdebug("filediskrep", "looks like a script for %s", path);
114 if (path[1])
115 try {
116 // find path on disk, get designated requirement (if signed)
117 if (RefPointer<DiskRep> rep = DiskRep::bestFileGuess(path))
118 if (SecPointer<SecStaticCode> code = new SecStaticCode(rep))
119 if (const Requirement *req = code->designatedRequirement()) {
120 // package up as host requirement and return that
121 Requirements::Maker maker;
122 maker.add(kSecHostRequirementType, req->clone());
123 return maker.make();
124 }
125 } catch (...) {
126 secdebug("filediskrep", "exception getting host requirement (ignored)");
127 }
128 }
129 return NULL;
130 }
131
132
133 string FileDiskRep::format()
134 {
135 return "generic";
136 }
137
138
139 //
140 // FileDiskRep::Writers
141 //
142 DiskRep::Writer *FileDiskRep::writer()
143 {
144 return new Writer(this);
145 }
146
147
148 //
149 // Write a component.
150 // Note that this isn't concerned with Mach-O writing; this is handled at
151 // a much higher level. If we're called, it's extended attribute time.
152 //
153 void FileDiskRep::Writer::component(CodeDirectory::SpecialSlot slot, CFDataRef data)
154 {
155 try {
156 fd().setAttr(attrName(CodeDirectory::canonicalSlotName(slot)),
157 CFDataGetBytePtr(data), CFDataGetLength(data));
158 } catch (const UnixError &error) {
159 if (error.error == ERANGE)
160 MacOSError::throwMe(errSecCSCMSTooLarge);
161 throw;
162 }
163 }
164
165
166 //
167 // Clear all signing data
168 //
169 void FileDiskRep::Writer::remove()
170 {
171 for (CodeDirectory::SpecialSlot slot = 0; slot < cdSlotCount; slot++)
172 if (const char *name = CodeDirectory::canonicalSlotName(slot))
173 fd().removeAttr(attrName(name));
174 fd().removeAttr(attrName(kSecCS_SIGNATUREFILE));
175 }
176
177
178 //
179 // We are NOT the preferred store for components because our approach
180 // (extended attributes) suffers from some serious limitations.
181 //
182 bool FileDiskRep::Writer::preferredStore()
183 {
184 return false;
185 }
186
187
188 } // end namespace CodeSigning
189 } // end namespace Security
mirror of libsecurity_codesigning