]> git.saurik.com Git - apple/security.git/blame - OSX/libsecurity_codesigning/lib/cdbuilder.h
projects / apple / security.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Security-59306.11.20.tar.gz
[apple/security.git] / OSX / libsecurity_codesigning / lib / cdbuilder.h
CommitLineData
b1ab9ed8 1/*
d8f41ccd 2 * Copyright (c) 2006-2012,2014 Apple Inc. All Rights Reserved.
b1ab9ed8
A		 3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24//
25// cdbuilder - constructor for CodeDirectories
26//
27#ifndef _H_CDBUILDER
28#define _H_CDBUILDER
29
30#include "codedirectory.h"
31
32
33namespace Security {
34namespace CodeSigning {
35
36
37//
38// Builder can construct CodeDirectories from pieces:
39// Builder builder(...);
40// builder.variousSetters(withSuitableData);
41// CodeDirectory *result = builder.build();
42// Builder is not reusable.
43//
e3d460c9
A		 44class CodeDirectory::Builder : public RefCount {
45 NOCOPY(Builder)
b1ab9ed8
A		 46public:
47 Builder(HashAlgorithm digestAlgorithm);
48 ~Builder();
49
50 void executable(string path, size_t pagesize, size_t offset, size_t length);
51 void reopen(string path, size_t offset, size_t length);
dbe77505 52 bool opened();
b1ab9ed8
A		 53
54 void specialSlot(SpecialSlot slot, CFDataRef data);
55 void identifier(const std::string &code) { mIdentifier = code; }
420ff9d9 56 void teamID(const std::string &team) { mTeamID = team; }
b1ab9ed8 57 void flags(uint32_t f) { mFlags = f; }
5c19dc3a 58 void platform(uint8_t p) { mPlatform = p; }
e3d460c9 59 std::set<Slot> filledSpecialSlots() const { return mFilledSpecialSlots; }
b1ab9ed8
A		 60
61 Scatter *scatter(unsigned count); // allocate that many scatter elements (w/o sentinel)
62 Scatter *scatter() { return mScatter; } // return already allocated scatter vector
866f8763
A		 63
64 void execSeg(uint64_t base, uint64_t limit, uint64_t flags) {
65 mExecSegOffset = base; mExecSegLimit = limit; mExecSegFlags = flags; }
66 void addExecSegFlags(uint64_t flags) { mExecSegFlags |= flags; }
67
90dc47c2
A		 68 typedef std::map<CodeDirectory::HashAlgorithm, CFCopyRef<CFDataRef> >
69 PreEncryptHashMap;
70
71 void generatePreEncryptHashes(bool pre) { mGeneratePreEncryptHashes = pre; }
72 void preservePreEncryptHashMap(PreEncryptHashMap preEncryptHashMap) {
73 mPreservedPreEncryptHashMap = preEncryptHashMap;
74 }
75
76 void runTimeVersion(uint32_t runtime) {
77 mRuntimeVersion = runtime;
78 }
79
420ff9d9 80 size_t size(const uint32_t version); // calculate size
b1ab9ed8 81 CodeDirectory *build(); // build CodeDirectory and return it
6b200bc3 82 size_t fixedSize(const uint32_t version); // calculate fixed size of the CodeDirectory
641423b6
A		 83
84 uint32_t hashType() const { return mHashType; }
b1ab9ed8 85
b1ab9ed8
A		 86 DynamicHash *getHash() const { return CodeDirectory::hashFor(this->mHashType); }
87
427c49bc 88private:
b1ab9ed8
A		 89 Hashing::Byte *specialSlot(SpecialSlot slot)
90 { assert(slot > 0 && slot <= cdSlotMax); return mSpecial + (slot - 1) * mDigestLength; }
91 Hashing::Byte *specialSlot(SpecialSlot slot) const
92 { assert(slot > 0 && slot <= cdSlotMax); return mSpecial + (slot - 1) * mDigestLength; }
93
94private:
95 Hashing::Byte *mSpecial; // array of special slot hashes
e3d460c9 96 std::set<Slot> mFilledSpecialSlots; // special slots filled with values
b1ab9ed8
A		 97 UnixPlusPlus::AutoFileDesc mExec; // main executable file
98 size_t mExecOffset; // starting offset in mExec
99 size_t mExecLength; // total bytes of file to sign
100 size_t mPageSize; // page size of executable (bytes)
101 uint32_t mFlags; // CodeDirectory flags
102 uint32_t mHashType; // digest algorithm code
5c19dc3a 103 uint8_t mPlatform; // platform identifier
b1ab9ed8
A		 104 uint32_t mDigestLength; // number of bytes in a single glue digest
105 std::string mIdentifier; // canonical identifier
420ff9d9 106 std::string mTeamID; // team identifier
b1ab9ed8
A		 107
108 size_t mSpecialSlots; // highest special slot set
109 size_t mCodeSlots; // number of code pages (slots)
110
111 Scatter *mScatter; // scatter vector
112 size_t mScatterSize; // number of scatter elements allocated (incl. sentinel)
866f8763
A		 113
114 uint64_t mExecSegOffset; // starting offset of executable segment
115 uint64_t mExecSegLimit; // limit of executable segment
116 uint64_t mExecSegFlags; // executable segment flags
117
90dc47c2
A		 118 bool mGeneratePreEncryptHashes; // whether to also generate new pre-encrypt hashes
119 PreEncryptHashMap mPreservedPreEncryptHashMap; // existing pre-encrypt hashes to be set
120
121 uint32_t mRuntimeVersion; // Hardened Runtime Version
122
b1ab9ed8
A		 123 CodeDirectory *mDir; // what we're building
124};
125
126
127} // CodeSigning
128} // Security
129
130
131#endif //_H_CDBUILDER
mirror of Security