[apple/security.git] / OSX / libsecurity_codesigning / lib / policydb.h

/*
 * Copyright (c) 2011-2013 Apple Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */
#ifndef _H_POLICYDB
#define _H_POLICYDB

#include "SecAssessment.h"
#include <security_utilities/globalizer.h>
#include <security_utilities/hashing.h>
#include <security_utilities/sqlite++.h>
#include <CoreFoundation/CoreFoundation.h>

namespace Security {
namespace CodeSigning {


namespace SQLite = SQLite3;


static const char defaultDatabase[] = "/var/db/SystemPolicy";
static const char visibleSecurityFlagFile[] = "/var/db/.sp_visible"; /* old duchess/emir style configration */
static const char prefsFile[] = "/var/db/SystemPolicy-prefs.plist";
static const char lastRejectFile[] = "/var/db/.LastGKReject";
static const char lastApprovedFile[] = "/var/db/.LastGKApp";
static const char rearmTimerFile[] = "/var/db/.GKRearmTimer";

static const char gkeAuthFile_old[] = "/var/db/gke.auth";
static const char gkeSigsFile_old[] = "/var/db/gke.sigs";
static const char gkeAuthFile[] = "/var/db/gke.bundle/Contents/Resources/gke.auth";
static const char gkeSigsFile[] = "/var/db/gke.bundle/Contents/Resources/gke.sigs";

static const unsigned int gkeCheckInterval = 60;	// seconds


//
// We use Julian dates in the database, because SQLite understands them well and they convert easily to/from CFAbsoluteTime
//
static const double never = 5000000;	// canonical "never" julian date (an arbitrary point in the year 8977)
static const double julianBase = 2451910.5;	// julian date of CFAbsoluteTime epoch

static inline double dateToJulian(CFDateRef time)
{ return CFDateGetAbsoluteTime(time) / 86400.0 + julianBase; }

static inline CFDateRef julianToDate(double julian)
{ return CFDateCreate(NULL, (julian - julianBase) * 86400); }


typedef SHA1::SDigest ObjectHash;


typedef uint AuthorityType;
enum {
	kAuthorityInvalid = 0,				// not a valid authority type
	kAuthorityExecute = 1,				// authorizes launch and execution
	kAuthorityInstall = 2,				// authorizes installation
	kAuthorityOpenDoc = 3,				// authorizes opening of documents
};


//
// Defined flags for authority flags column
//
enum {
	kAuthorityFlagVirtual =	0x0001,	// virtual rule (anchoring object records)
	kAuthorityFlagDefault =	0x0002,	// rule is part of the original default set
	kAuthorityFlagInhibitCache = 0x0004, // never cache outcome of this rule
	kAuthorityFlagWhitelist = 0x1000,	// whitelist override
	kAuthorityFlagWhitelistV2 = 0x2000, // apply "deep" signature to this record
	kAuthorityFlagWhitelistSHA256 = 0x4000, // use SHA256 signature
};


//
// Mapping/translation to/from API space
//
AuthorityType typeFor(CFDictionaryRef context, AuthorityType type = kAuthorityInvalid);
CFStringRef typeNameFor(AuthorityType type)
    CF_RETURNS_RETAINED;


//
// An open policy database.
// Usually read-only, but can be opened for write by privileged callers.
// This is a translucent wrapper around SQLite::Database; the caller
// is expected to work with statement rows.
//
class PolicyDatabase : public SQLite::Database {
public:
	PolicyDatabase(const char *path = NULL,	int flags = SQLITE_OPEN_READONLY);
	virtual ~PolicyDatabase();
	
public:
	bool checkCache(CFURLRef path, AuthorityType type, SecAssessmentFlags flags, CFMutableDictionaryRef result);

public:
	void purgeAuthority();
	void purgeObjects();
	void purgeObjects(double priority);//

	void upgradeDatabase();
	std::string featureLevel(const char *feature);
	bool hasFeature(const char *feature) { return !featureLevel(feature).empty(); }
	void addFeature(const char *feature, const char *value, const char *remarks);
	void simpleFeature(const char *feature, const char *sql);
	void simpleFeature(const char *feature, void (^perform)());

	void installExplicitSet(const char *auth, const char *sigs);

private:
	time_t mLastExplicitCheck;
};


//
// Check the system-wide overriding flag file
//
bool overrideAssessment(SecAssessmentFlags flags = 0);
void setAssessment(bool masterSwitch);


//
// Reset or query the automatic rearm timer
//
void resetRearmTimer(const char *event);
bool queryRearmTimer(CFTimeInterval &delta);

} // end namespace CodeSigning
} // end namespace Security

#endif //_H_POLICYDB
Commit	Line	Data
b1ab9ed8	1	/*
d8f41ccd	2	* Copyright (c) 2011-2013 Apple Inc. All Rights Reserved.
b1ab9ed8 A	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23	#ifndef _H_POLICYDB
	24	#define _H_POLICYDB
	25
427c49bc	26	#include "SecAssessment.h"
b1ab9ed8 A	27	#include <security_utilities/globalizer.h>
	28	#include <security_utilities/hashing.h>
	29	#include <security_utilities/sqlite++.h>
	30	#include <CoreFoundation/CoreFoundation.h>
	31
	32	namespace Security {
	33	namespace CodeSigning {
	34
	35
	36	namespace SQLite = SQLite3;
	37
	38
	39	static const char defaultDatabase[] = "/var/db/SystemPolicy";
	40	static const char visibleSecurityFlagFile[] = "/var/db/.sp_visible"; /* old duchess/emir style configration */
	41	static const char prefsFile[] = "/var/db/SystemPolicy-prefs.plist";
427c49bc A	42	static const char lastRejectFile[] = "/var/db/.LastGKReject";
427c49bc A	43	static const char lastApprovedFile[] = "/var/db/.LastGKApp";
d8f41ccd	44	static const char rearmTimerFile[] = "/var/db/.GKRearmTimer";
b1ab9ed8	45
fa7225c8 A	46	static const char gkeAuthFile_old[] = "/var/db/gke.auth";
	47	static const char gkeSigsFile_old[] = "/var/db/gke.sigs";
	48	static const char gkeAuthFile[] = "/var/db/gke.bundle/Contents/Resources/gke.auth";
	49	static const char gkeSigsFile[] = "/var/db/gke.bundle/Contents/Resources/gke.sigs";
	50
b1ab9ed8 A	51	static const unsigned int gkeCheckInterval = 60; // seconds
	52
	53
	54	//
	55	// We use Julian dates in the database, because SQLite understands them well and they convert easily to/from CFAbsoluteTime
	56	//
	57	static const double never = 5000000; // canonical "never" julian date (an arbitrary point in the year 8977)
	58	static const double julianBase = 2451910.5; // julian date of CFAbsoluteTime epoch
	59
	60	static inline double dateToJulian(CFDateRef time)
	61	{ return CFDateGetAbsoluteTime(time) / 86400.0 + julianBase; }
	62
	63	static inline CFDateRef julianToDate(double julian)
	64	{ return CFDateCreate(NULL, (julian - julianBase) * 86400); }
	65
	66
	67	typedef SHA1::SDigest ObjectHash;
	68
	69
	70	typedef uint AuthorityType;
	71	enum {
	72	kAuthorityInvalid = 0, // not a valid authority type
	73	kAuthorityExecute = 1, // authorizes launch and execution
	74	kAuthorityInstall = 2, // authorizes installation
	75	kAuthorityOpenDoc = 3, // authorizes opening of documents
	76	};
	77
	78
	79	//
	80	// Defined flags for authority flags column
	81	//
	82	enum {
	83	kAuthorityFlagVirtual = 0x0001, // virtual rule (anchoring object records)
	84	kAuthorityFlagDefault = 0x0002, // rule is part of the original default set
	85	kAuthorityFlagInhibitCache = 0x0004, // never cache outcome of this rule
	86	kAuthorityFlagWhitelist = 0x1000, // whitelist override
427c49bc	87	kAuthorityFlagWhitelistV2 = 0x2000, // apply "deep" signature to this record
e3d460c9	88	kAuthorityFlagWhitelistSHA256 = 0x4000, // use SHA256 signature
b1ab9ed8 A	89	};
	90
	91
	92	//
	93	// Mapping/translation to/from API space
	94	//
	95	AuthorityType typeFor(CFDictionaryRef context, AuthorityType type = kAuthorityInvalid);
	96	CFStringRef typeNameFor(AuthorityType type)
	97	CF_RETURNS_RETAINED;
	98
	99
	100	//
	101	// An open policy database.
	102	// Usually read-only, but can be opened for write by privileged callers.
	103	// This is a translucent wrapper around SQLite::Database; the caller
	104	// is expected to work with statement rows.
	105	//
	106	class PolicyDatabase : public SQLite::Database {
	107	public:
	108	PolicyDatabase(const char *path = NULL, int flags = SQLITE_OPEN_READONLY);
	109	virtual ~PolicyDatabase();
	110
	111	public:
427c49bc	112	bool checkCache(CFURLRef path, AuthorityType type, SecAssessmentFlags flags, CFMutableDictionaryRef result);
b1ab9ed8 A	113
	114	public:
	115	void purgeAuthority();
	116	void purgeObjects();
	117	void purgeObjects(double priority);//
	118
	119	void upgradeDatabase();
	120	std::string featureLevel(const char *feature);
	121	bool hasFeature(const char *feature) { return !featureLevel(feature).empty(); }
	122	void addFeature(const char feature, const char value, const char *remarks);
	123	void simpleFeature(const char feature, const char sql);
	124	void simpleFeature(const char *feature, void (^perform)());
	125
	126	void installExplicitSet(const char auth, const char sigs);
	127
	128	private:
	129	time_t mLastExplicitCheck;
	130	};
	131
	132
	133	//
	134	// Check the system-wide overriding flag file
	135	//
427c49bc	136	bool overrideAssessment(SecAssessmentFlags flags = 0);
b1ab9ed8 A	137	void setAssessment(bool masterSwitch);
b1ab9ed8 A	138
d8f41ccd A	139
	140	//
	141	// Reset or query the automatic rearm timer
	142	//
	143	void resetRearmTimer(const char *event);
	144	bool queryRearmTimer(CFTimeInterval &delta);
	145
b1ab9ed8 A	146	} // end namespace CodeSigning
	147	} // end namespace Security
	148
	149	#endif //_H_POLICYDB