]> git.saurik.com Git - apple/libsecurity_codesigning.git/blob - lib/StaticCode.h
projects / apple / libsecurity_codesigning.git / blob
? search:


edb92a18b65dabdb919b088f201691fa6affce53
[apple/libsecurity_codesigning.git] / lib / StaticCode.h
1 /*
2 * Copyright (c) 2006-2007 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 //
25 // StaticCode - SecStaticCode API objects
26 //
27 #ifndef _H_STATICCODE
28 #define _H_STATICCODE
29
30 #include "cs.h"
31 #include "Requirements.h"
32 #include "requirement.h"
33 #include "diskrep.h"
34 #include "codedirectory.h"
35 #include <Security/SecTrust.h>
36 #include <CoreFoundation/CFData.h>
37
38 namespace Security {
39 namespace CodeSigning {
40
41
42 class SecCode;
43
44
45 //
46 // A SecStaticCode object represents the file system version of some code.
47 // There's a lot of pieces to this, and we'll bring them all into
48 // memory here (lazily) and let you fondle them with ease.
49 //
50 // Note that concrete knowledge of where stuff is stored resides in the DiskRep
51 // object we hold. DiskReps allocate, retrieve, and return data to us. We are
52 // responsible for interpreting, caching, and validating them. (In other words,
53 // DiskReps know where stuff is and how it is stored, but we know what it means.)
54 //
55 // Data accessors (returning CFDataRef, CFDictionaryRef, various pointers, etc.)
56 // cache those values internally and return unretained(!) references ("Get" style)
57 // that are valid as long as the SecStaticCode object's lifetime, or until
58 // resetValidity() is called, whichever is sooner. If you need to keep them,
59 // retain or copy them as needed.
60 //
61 class SecStaticCode : public SecCFObject {
62 NOCOPY(SecStaticCode)
63
64 protected:
65 //
66 // A context for resource validation operations, to tailor error response.
67 // The base class throws an exception immediately and ignores detail data.
68 //
69 class ValidationContext {
70 public:
71 virtual ~ValidationContext();
72 virtual void reportProblem(OSStatus rc, CFStringRef type, CFTypeRef value);
73 };
74
75 //
76 // A CollectingContext collects all error details and throws an annotated final error.
77 //
78 class CollectingContext : public ValidationContext {
79 public:
80 CollectingContext(SecStaticCode &c) : code(c), mStatus(noErr) { }
81 void reportProblem(OSStatus rc, CFStringRef type, CFTypeRef value);
82
83 OSStatus osStatus() { return mStatus; }
84 operator OSStatus () const { return mStatus; }
85 void throwMe() __attribute__((noreturn));
86
87 SecStaticCode &code;
88
89 private:
90 CFRef<CFMutableDictionaryRef> mCollection;
91 OSStatus mStatus;
92 };
93
94 public:
95 SECCFFUNCTIONS(SecStaticCode, SecStaticCodeRef,
96 errSecCSInvalidObjectRef, gCFObjects().StaticCode)
97
98 // implicitly convert SecCodeRefs to their SecStaticCodeRefs
99 static SecStaticCode *requiredStatic(SecStaticCodeRef ref); // convert SecCodeRef
100 static SecCode *optionalDynamic(SecStaticCodeRef ref); // extract SecCodeRef or NULL
101
102 SecStaticCode(DiskRep *rep);
103 virtual ~SecStaticCode() throw();
104
105 bool equal(SecCFObject &other);
106 CFHashCode hash();
107
108 void detachedSignature(CFDataRef sig); // attach an explicitly given detached signature
109 void checkForSystemSignature(); // check for and attach system-supplied detached signature
110
111 const CodeDirectory *codeDirectory(bool check = true);
112 CFDataRef cdHash();
113 CFDataRef signature();
114 CFAbsoluteTime signingTime();
115 bool isSigned() { return codeDirectory(false) != NULL; }
116 DiskRep *diskRep() { return mRep; }
117 std::string mainExecutablePath() { return mRep->mainExecutablePath(); }
118 CFURLRef canonicalPath() const { return mRep->canonicalPath(); }
119 std::string identifier() { return codeDirectory()->identifier(); }
120 std::string format() const { return mRep->format(); }
121 std::string signatureSource();
122 CFDataRef component(CodeDirectory::SpecialSlot slot, OSStatus fail = errSecCSSignatureFailed);
123 CFDictionaryRef infoDictionary();
124 CFDictionaryRef entitlements();
125
126 CFDictionaryRef resourceDictionary();
127 CFURLRef resourceBase();
128 CFDataRef resource(std::string path);
129 CFDataRef resource(std::string path, ValidationContext &ctx);
130 void validateResource(std::string path, ValidationContext &ctx);
131
132 bool flag(uint32_t tested);
133
134 void resetValidity(); // clear validation caches (if something may have changed)
135
136 bool validated() const { return mValidated; }
137 bool valid() const
138 { assert(validated()); return mValidated && (mValidationResult == noErr); }
139 bool validatedExecutable() const { return mExecutableValidated; }
140 bool validatedResources() const { return mResourcesValidated; }
141
142
143 void validateDirectory();
144 void validateComponent(CodeDirectory::SpecialSlot slot, OSStatus fail = errSecCSSignatureFailed);
145 void validateNonResourceComponents();
146 void validateResources();
147 void validateExecutable();
148
149 const Requirements *internalRequirements();
150 const Requirement *internalRequirement(SecRequirementType type);
151 const Requirement *designatedRequirement();
152 const Requirement *defaultDesignatedRequirement(); // newly allocated (caller owns)
153
154 void validateRequirements(SecRequirementType type, SecStaticCode *target,
155 OSStatus nullError = noErr); // target against my [type], throws
156 void validateRequirement(const Requirement *req, OSStatus failure); // me against [req], throws
157 bool satisfiesRequirement(const Requirement *req, OSStatus failure); // me against [req], returns on clean miss
158
159 // certificates are available after signature validation (they are stored in the CMS signature)
160 SecCertificateRef cert(int ix); // get a cert from the cert chain
161 CFArrayRef certificates(); // get the entire certificate chain
162
163 CFDictionaryRef signingInformation(SecCSFlags flags); // omnibus information-gathering API (creates new dictionary)
164
165 public:
166 class AllArchitectures;
167
168 protected:
169 CFDictionaryRef getDictionary(CodeDirectory::SpecialSlot slot, OSStatus fail); // component value as a dictionary
170 bool verifySignature();
171 CFTypeRef verificationPolicy(SecCSFlags flags);
172
173 void defaultDesignatedAppleAnchor(Requirement::Maker &maker);
174 void defaultDesignatedNonAppleAnchor(Requirement::Maker &maker);
175 bool isAppleSDKSignature();
176 bool isAppleCaspianSignature();
177
178 static void checkOptionalResource(CFTypeRef key, CFTypeRef value, void *context);
179
180 private:
181 RefPointer<DiskRep> mRep; // on-disk representation
182
183 // master validation state
184 bool mValidated; // core validation was attempted
185 OSStatus mValidationResult; // outcome of core validation
186 bool mValidationExpired; // outcome had expired certificates
187
188 // static executable validation state (nested within mValidated/mValid)
189 bool mExecutableValidated; // tried to validate executable file
190 OSStatus mExecutableValidResult; // outcome if mExecutableValidated
191
192 // static resource validation state (nested within mValidated/mValid)
193 bool mResourcesValidated; // tried to validate resources
194 OSStatus mResourcesValidResult; // outcome if mResourceValidated or..
195 CollectingContext *mResourcesValidContext; // other outcome
196
197 // cached contents
198 CFRef<CFDataRef> mDir; // code directory data
199 CFRef<CFDataRef> mSignature; // CMS signature data
200 CFAbsoluteTime mSigningTime; // (signed) signing time
201 CFRef<CFDataRef> mCache[cdSlotCount]; // NULL => not tried, kCFNull => absent, other => present
202
203 // alternative cache forms (storage may depend on cached contents above)
204 CFRef<CFDictionaryRef> mInfoDict; // derived from mCache slot
205 CFRef<CFDictionaryRef> mEntitlements; // derived from mCache slot
206 CFRef<CFDictionaryRef> mResourceDict; // derived from mCache slot
207 const Requirement *mDesignatedReq; // cached designated req if we made one up
208 CFRef<CFDataRef> mCDHash; // hash of CodeDirectory
209
210 bool mGotResourceBase; // asked mRep for resourceBasePath
211 CFRef<CFURLRef> mResourceBase; // URL form of resource base directory
212
213 // signature verification outcome (mTrust == NULL => not done yet)
214 CFRef<SecTrustRef> mTrust; // outcome of crypto validation (valid or not)
215 CFRef<CFArrayRef> mCertChain;
216 CSSM_TP_APPLE_EVIDENCE_INFO *mEvalDetails;
217 };
218
219
220 //
221 // Given a SecStaticCode, create an iterator that produces SecStaticCodes
222 // for all architectures encompassed by this static code reference.
223 //
224 class SecStaticCode::AllArchitectures : public SecPointer<SecStaticCode> {
225 public:
226 AllArchitectures(SecStaticCode *code);
227
228 SecStaticCode *operator () ();
229
230 private:
231 SecPointer<SecStaticCode> mBase;
232 enum { fatBinary, firstNonFat, atEnd } mState;
233 Universal::Architectures mArchitectures;
234 Universal::Architectures::const_iterator mCurrent;
235 };
236
237
238 } // end namespace CodeSigning
239 } // end namespace Security
240
241 #endif // !_H_STATICCODE
mirror of libsecurity_codesigning