[apple/security.git] / OSX / libsecurity_codesigning / lib / signerutils.h

/*
 * Copyright (c) 2006-2012 Apple Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

//
// signerutils - utilities for signature generation
//
#ifndef _H_SIGNERUTILS
#define _H_SIGNERUTILS

#include "CodeSigner.h"
#include "sigblob.h"
#include "cdbuilder.h"

#include <Security/SecCmsBase.h>

#include <security_utilities/utilities.h>
#include <security_utilities/blob.h>
#include <security_utilities/unix++.h>
#include <security_utilities/unixchild.h>

#include <sys/cdefs.h>

#if TARGET_OS_OSX
__BEGIN_DECLS
#include <AppleFSCompression/AppleFSCompression.h>
__END_DECLS
#endif

namespace Security {
namespace CodeSigning {


//
// A helper to deal with the magic merger logic of internal requirements
//
class InternalRequirements : public Requirements::Maker {
public:
	InternalRequirements() : mReqs(NULL) { }
	~InternalRequirements() { ::free((void *)mReqs); }
	void operator () (const Requirements *given, const Requirements *defaulted, const Requirement::Context &context);
	operator const Requirements * () const { return mReqs; }

private:
	const Requirements *mReqs;
};


//
// A DiskRep::Writer that assembles data in a SuperBlob (in memory)
//
class BlobWriter : public DiskRep::Writer, public EmbeddedSignatureBlob::Maker {
public:	
	void component(CodeDirectory::SpecialSlot slot, CFDataRef data);
};


class DetachedBlobWriter : public BlobWriter {
public:
	DetachedBlobWriter(SecCodeSigner::Signer &s) : signer(s) { }

	SecCodeSigner::Signer &signer;
	
	void flush();
};


//
// A multi-architecture editing assistant.
// ArchEditor collects (Mach-O) architectures in use, and maintains per-architecture
// data structures. It must be subclassed to express a particular way to handle the signing
// data.
//
class ArchEditor : public DiskRep::Writer {
public:
	ArchEditor(Universal &fat, CodeDirectory::HashAlgorithms hashTypes, uint32_t attrs);
	virtual ~ArchEditor();

public:
	//
	// One architecture's signing construction element.
	// This also implements DispRep::Writer so generic writing code
	// can work with both Mach-O and other files.
	//
	struct Arch : public BlobWriter {
		Architecture architecture;		// our architecture
		auto_ptr<MachO> source;			// Mach-O object to be signed
		std::map<CodeDirectory::HashAlgorithm, RefPointer<CodeDirectory::Builder> > cdBuilders;
		InternalRequirements ireqs;		// consolidated internal requirements
		size_t blobSize;				// calculated SuperBlob size
		
		Arch(const Architecture &arch, CodeDirectory::HashAlgorithms hashTypes);
		
		void eachDigest(void (^op)(CodeDirectory::Builder& builder))
		{
			for (auto type = cdBuilders.begin(); type != cdBuilders.end(); ++type)
				op(*type->second);
		}
	};

	//
	// Our callers access the architectural universe through a map
	// from Architectures to Arch objects.
	//
	typedef std::map<Architecture, Arch *> ArchMap;
	typedef ArchMap::iterator Iterator;
	ArchMap::iterator begin()		{ return architecture.begin(); }
	ArchMap::iterator end()			{ return architecture.end(); }
	unsigned count() const			{ return (unsigned)architecture.size(); }
	
	// methods needed for an actual implementation
	virtual void allocate() = 0;			// interpass allocations
	virtual void reset(Arch &arch) = 0;		// pass 2 prep
	virtual void write(Arch &arch, EmbeddedSignatureBlob *blob) = 0; // takes ownership of blob
	virtual void commit() = 0;				// write/flush result
	
protected:
	ArchMap architecture;
};


//
// An ArchEditor that collects all architectures into a single SuperBlob,
// usually for writing a detached multi-architecture signature.
//
class BlobEditor : public ArchEditor {
public:
	BlobEditor(Universal &fat, SecCodeSigner::Signer &s);
	
	SecCodeSigner::Signer &signer;
	
	void component(CodeDirectory::SpecialSlot slot, CFDataRef data);
	void allocate() { }
	void reset(Arch &arch) { }
	void write(Arch &arch, EmbeddedSignatureBlob *blob);
	void commit();
	
private:
	DetachedSignatureBlob::Maker mMaker;
	EmbeddedSignatureBlob::Maker mGlobal;
};


//
// An ArchEditor that writes its signatures into a (fat) binary file.
// We do this by forking a helper tool (codesign_allocate) and asking
// it to make a copy with suitable space "opened up" in the right spots.
//
class MachOEditor : public ArchEditor, private UnixPlusPlus::Child {
public:
	MachOEditor(DiskRep::Writer *w, Universal &code, CodeDirectory::HashAlgorithms hashTypes, std::string srcPath);
	~MachOEditor();

	const RefPointer<DiskRep::Writer> writer;
	const std::string sourcePath;
	const std::string tempPath;
	
	void component(CodeDirectory::SpecialSlot slot, CFDataRef data);
	void allocate();
	void reset(Arch &arch);
	void write(Arch &arch, EmbeddedSignatureBlob *blob);
	void commit();
	
private:
	CodeDirectory::HashAlgorithms mHashTypes;
	
	// fork operation
	void childAction();
	void parentAction();
	
	// controlling the temporary file copy
	Universal *mNewCode;
	UnixPlusPlus::AutoFileDesc mFd;
	bool mTempMayExist;
	
	// finding and managing the helper tool
	const char *mHelperPath;
	bool mHelperOverridden;
};


//
// A Requirement::Context populated from a signing request.
// We use this to help generate the explicit Designated Requirement
// during signing ops, and thus this must be constructed BEFORE we
// actually have a signed object.
//
class PreSigningContext : public Requirement::Context {
public:
	PreSigningContext(const SecCodeSigner::Signer &signer);

private:
	CFRef<CFArrayRef> mCerts;		// hold cert chain
};
	
	
//
// A collector of CodeDirectories for hash-agile construction of signatures.
//
class CodeDirectorySet : public std::map<CodeDirectory::HashAlgorithm, const CodeDirectory *> {
public:
	CodeDirectorySet() { mPrimary = NULL; }
	~CodeDirectorySet();
	
	void add(const CodeDirectory* cd);
	void populate(DiskRep::Writer* writer) const;
	
	const CodeDirectory* primary() const;

	// Note that the order of the hashList is relevant.
	// (Which is also why there are separate methods, CFDictionary is not ordered.)
	CFArrayRef hashList() const;
	CFDictionaryRef hashDict() const;

	static SECOidTag SECOidTagForAlgorithm(CodeDirectory::HashAlgorithm algorithm);

private:
	mutable const CodeDirectory* mPrimary;
};


} // end namespace CodeSigning
} // end namespace Security

#endif // !_H_SIGNERUTILS
Commit	Line	Data
b1ab9ed8	1	/*
d8f41ccd	2	* Copyright (c) 2006-2012 Apple Inc. All Rights Reserved.
b1ab9ed8 A	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23
	24	//
	25	// signerutils - utilities for signature generation
	26	//
	27	#ifndef _H_SIGNERUTILS
	28	#define _H_SIGNERUTILS
	29
	30	#include "CodeSigner.h"
	31	#include "sigblob.h"
	32	#include "cdbuilder.h"
90dc47c2 A	33
	34	#include <Security/SecCmsBase.h>
	35
b1ab9ed8 A	36	#include <security_utilities/utilities.h>
	37	#include <security_utilities/blob.h>
	38	#include <security_utilities/unix++.h>
	39	#include <security_utilities/unixchild.h>
	40
79b9da22 A	41	#include <sys/cdefs.h>
	42
	43	#if TARGET_OS_OSX
	44	__BEGIN_DECLS
	45	#include <AppleFSCompression/AppleFSCompression.h>
	46	__END_DECLS
	47	#endif
	48
b1ab9ed8 A	49	namespace Security {
	50	namespace CodeSigning {
	51
	52
	53	//
	54	// A helper to deal with the magic merger logic of internal requirements
	55	//
	56	class InternalRequirements : public Requirements::Maker {
	57	public:
	58	InternalRequirements() : mReqs(NULL) { }
	59	~InternalRequirements() { ::free((void *)mReqs); }
	60	void operator () (const Requirements given, const Requirements defaulted, const Requirement::Context &context);
	61	operator const Requirements * () const { return mReqs; }
	62
	63	private:
	64	const Requirements *mReqs;
	65	};
	66
	67
	68	//
	69	// A DiskRep::Writer that assembles data in a SuperBlob (in memory)
	70	//
	71	class BlobWriter : public DiskRep::Writer, public EmbeddedSignatureBlob::Maker {
	72	public:
	73	void component(CodeDirectory::SpecialSlot slot, CFDataRef data);
	74	};
	75
	76
	77	class DetachedBlobWriter : public BlobWriter {
	78	public:
	79	DetachedBlobWriter(SecCodeSigner::Signer &s) : signer(s) { }
	80
	81	SecCodeSigner::Signer &signer;
	82
	83	void flush();
	84	};
	85
	86
	87	//
	88	// A multi-architecture editing assistant.
dbe77505	89	// ArchEditor collects (Mach-O) architectures in use, and maintains per-architecture
b1ab9ed8 A	90	// data structures. It must be subclassed to express a particular way to handle the signing
	91	// data.
	92	//
	93	class ArchEditor : public DiskRep::Writer {
	94	public:
e3d460c9	95	ArchEditor(Universal &fat, CodeDirectory::HashAlgorithms hashTypes, uint32_t attrs);
b1ab9ed8 A	96	virtual ~ArchEditor();
	97
	98	public:
	99	//
	100	// One architecture's signing construction element.
	101	// This also implements DispRep::Writer so generic writing code
	102	// can work with both Mach-O and other files.
	103	//
	104	struct Arch : public BlobWriter {
	105	Architecture architecture; // our architecture
	106	auto_ptr<MachO> source; // Mach-O object to be signed
e3d460c9	107	std::map<CodeDirectory::HashAlgorithm, RefPointer<CodeDirectory::Builder> > cdBuilders;
b1ab9ed8 A	108	InternalRequirements ireqs; // consolidated internal requirements
	109	size_t blobSize; // calculated SuperBlob size
	110
e3d460c9 A	111	Arch(const Architecture &arch, CodeDirectory::HashAlgorithms hashTypes);
	112
	113	void eachDigest(void (^op)(CodeDirectory::Builder& builder))
	114	{
	115	for (auto type = cdBuilders.begin(); type != cdBuilders.end(); ++type)
	116	op(*type->second);
	117	}
b1ab9ed8 A	118	};
	119
	120	//
	121	// Our callers access the architectural universe through a map
	122	// from Architectures to Arch objects.
	123	//
	124	typedef std::map<Architecture, Arch *> ArchMap;
	125	typedef ArchMap::iterator Iterator;
	126	ArchMap::iterator begin() { return architecture.begin(); }
	127	ArchMap::iterator end() { return architecture.end(); }
427c49bc	128	unsigned count() const { return (unsigned)architecture.size(); }
b1ab9ed8 A	129
	130	// methods needed for an actual implementation
	131	virtual void allocate() = 0; // interpass allocations
	132	virtual void reset(Arch &arch) = 0; // pass 2 prep
	133	virtual void write(Arch &arch, EmbeddedSignatureBlob *blob) = 0; // takes ownership of blob
	134	virtual void commit() = 0; // write/flush result
	135
	136	protected:
	137	ArchMap architecture;
	138	};
	139
	140
	141	//
	142	// An ArchEditor that collects all architectures into a single SuperBlob,
	143	// usually for writing a detached multi-architecture signature.
	144	//
	145	class BlobEditor : public ArchEditor {
	146	public:
	147	BlobEditor(Universal &fat, SecCodeSigner::Signer &s);
	148
	149	SecCodeSigner::Signer &signer;
	150
	151	void component(CodeDirectory::SpecialSlot slot, CFDataRef data);
	152	void allocate() { }
	153	void reset(Arch &arch) { }
	154	void write(Arch &arch, EmbeddedSignatureBlob *blob);
	155	void commit();
	156
	157	private:
	158	DetachedSignatureBlob::Maker mMaker;
	159	EmbeddedSignatureBlob::Maker mGlobal;
	160	};
	161
	162
	163	//
	164	// An ArchEditor that writes its signatures into a (fat) binary file.
	165	// We do this by forking a helper tool (codesign_allocate) and asking
	166	// it to make a copy with suitable space "opened up" in the right spots.
	167	//
	168	class MachOEditor : public ArchEditor, private UnixPlusPlus::Child {
	169	public:
e3d460c9	170	MachOEditor(DiskRep::Writer *w, Universal &code, CodeDirectory::HashAlgorithms hashTypes, std::string srcPath);
b1ab9ed8 A	171	~MachOEditor();
	172
	173	const RefPointer<DiskRep::Writer> writer;
	174	const std::string sourcePath;
	175	const std::string tempPath;
	176
	177	void component(CodeDirectory::SpecialSlot slot, CFDataRef data);
	178	void allocate();
	179	void reset(Arch &arch);
	180	void write(Arch &arch, EmbeddedSignatureBlob *blob);
	181	void commit();
	182
	183	private:
e3d460c9 A	184	CodeDirectory::HashAlgorithms mHashTypes;
e3d460c9 A	185
b1ab9ed8 A	186	// fork operation
	187	void childAction();
	188	void parentAction();
	189
	190	// controlling the temporary file copy
	191	Universal *mNewCode;
	192	UnixPlusPlus::AutoFileDesc mFd;
	193	bool mTempMayExist;
	194
	195	// finding and managing the helper tool
	196	const char *mHelperPath;
	197	bool mHelperOverridden;
	198	};
	199
	200
	201	//
	202	// A Requirement::Context populated from a signing request.
	203	// We use this to help generate the explicit Designated Requirement
	204	// during signing ops, and thus this must be constructed BEFORE we
	205	// actually have a signed object.
	206	//
	207	class PreSigningContext : public Requirement::Context {
	208	public:
	209	PreSigningContext(const SecCodeSigner::Signer &signer);
	210
	211	private:
	212	CFRef<CFArrayRef> mCerts; // hold cert chain
	213	};
e3d460c9 A	214
	215
	216	//
	217	// A collector of CodeDirectories for hash-agile construction of signatures.
	218	//
	219	class CodeDirectorySet : public std::map<CodeDirectory::HashAlgorithm, const CodeDirectory *> {
	220	public:
	221	CodeDirectorySet() { mPrimary = NULL; }
	222	~CodeDirectorySet();
	223
	224	void add(const CodeDirectory* cd);
	225	void populate(DiskRep::Writer* writer) const;
	226
	227	const CodeDirectory* primary() const;
90dc47c2 A	228
	229	// Note that the order of the hashList is relevant.
	230	// (Which is also why there are separate methods, CFDictionary is not ordered.)
	231	CFArrayRef hashList() const;
	232	CFDictionaryRef hashDict() const;
	233
	234	static SECOidTag SECOidTagForAlgorithm(CodeDirectory::HashAlgorithm algorithm);
	235
e3d460c9 A	236	private:
	237	mutable const CodeDirectory* mPrimary;
	238	};
b1ab9ed8 A	239
	240
	241	} // end namespace CodeSigning
	242	} // end namespace Security
	243
	244	#endif // !_H_SIGNERUTILS