[apple/security.git] / cdsa / cdsa_utilities / acl_codesigning.h

/*
 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


//
// acl_codesigning - ACL subject for signature of calling application
//
#ifndef _H_ACL_CODESIGNING
#define _H_ACL_CODESIGNING

#include <Security/cssmdata.h>
#include <Security/cssmacl.h>
#include <Security/codesigning.h>

#ifdef _CPP_ACL_CODESIGNING
#pragma export on
#endif

namespace Security
{

using CodeSigning::Signature;
using CodeSigning::Signer;

//
// The CodeSignature subject type matches a code signature applied to the
// disk image that originated the client process.
//
class CodeSignatureAclSubject : public AclSubject {
public:
    bool validate(const AclValidationContext &baseCtx) const;
    CssmList toList(CssmAllocator &alloc) const;
    
    CodeSignatureAclSubject(CssmAllocator &alloc, const Signature *signature);
    CodeSignatureAclSubject(CssmAllocator &alloc, 
		const Signature *signature, const void *comment, size_t commentLength);
	~CodeSignatureAclSubject();
    
    CssmAllocator &allocator;
    
    void exportBlob(Writer::Counter &pub, Writer::Counter &priv);
    void exportBlob(Writer &pub, Writer &priv);
	
	IFDUMP(void debugDump() const);
    
public:
    class Environment : public virtual AclValidationEnvironment {
    public:
		virtual bool verifyCodeSignature(const Signature *signature) = 0;
    };

public:
    class Maker : public AclSubject::Maker {
    public:
    	Maker(Signer &sgn) 
		: AclSubject::Maker(CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE), signer(sgn) { }
    	CodeSignatureAclSubject *make(const TypedList &list) const;
    	CodeSignatureAclSubject *make(Reader &pub, Reader &priv) const;
		
		Signer &signer;
    };
    
private:
	const Signature *mSignature;			// signature of object
	bool mHaveComment;						// mComment present
	CssmAutoData mComment;					// arbitrary comment blob
};

} // end namespace Security


#ifdef _CPP_ACL_CODESIGNING
#pragma export off
#endif


#endif //_H_ACL_CODESIGNING
Commit	Line	Data
bac41a7b A	1	/*
	2	* Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
	3	*
	4	* The contents of this file constitute Original Code as defined in and are
	5	* subject to the Apple Public Source License Version 1.2 (the 'License').
	6	* You may not use this file except in compliance with the License. Please obtain
	7	* a copy of the License at http://www.apple.com/publicsource and read it before
	8	* using this file.
	9	*
	10	* This Original Code and all software distributed under the License are
	11	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
	12	* OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
	13	* LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
	14	* PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
	15	* specific language governing rights and limitations under the License.
	16	*/
	17
	18
	19	//
	20	// acl_codesigning - ACL subject for signature of calling application
	21	//
	22	#ifndef _H_ACL_CODESIGNING
	23	#define _H_ACL_CODESIGNING
	24
	25	#include <Security/cssmdata.h>
	26	#include <Security/cssmacl.h>
	27	#include <Security/codesigning.h>
	28
	29	#ifdef _CPP_ACL_CODESIGNING
	30	#pragma export on
	31	#endif
	32
	33	namespace Security
	34	{
	35
	36	using CodeSigning::Signature;
	37	using CodeSigning::Signer;
	38
	39	//
	40	// The CodeSignature subject type matches a code signature applied to the
	41	// disk image that originated the client process.
	42	//
	43	class CodeSignatureAclSubject : public AclSubject {
	44	public:
	45	bool validate(const AclValidationContext &baseCtx) const;
	46	CssmList toList(CssmAllocator &alloc) const;
	47
	48	CodeSignatureAclSubject(CssmAllocator &alloc, const Signature *signature);
	49	CodeSignatureAclSubject(CssmAllocator &alloc,
	50	const Signature signature, const void comment, size_t commentLength);
	51	~CodeSignatureAclSubject();
	52
	53	CssmAllocator &allocator;
	54
	55	void exportBlob(Writer::Counter &pub, Writer::Counter &priv);
	56	void exportBlob(Writer &pub, Writer &priv);
	57
	58	IFDUMP(void debugDump() const);
	59
	60	public:
	61	class Environment : public virtual AclValidationEnvironment {
	62	public:
	63	virtual bool verifyCodeSignature(const Signature *signature) = 0;
	64	};
65
66	public:
67	class Maker : public AclSubject::Maker {
68	public:
69	Maker(Signer &sgn)
70	: AclSubject::Maker(CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE), signer(sgn) { }
71	CodeSignatureAclSubject *make(const TypedList &list) const;
72	CodeSignatureAclSubject *make(Reader &pub, Reader &priv) const;
73
74	Signer &signer;
75	};
76
77	private:
78	const Signature *mSignature; // signature of object
79	bool mHaveComment; // mComment present
80	CssmAutoData mComment; // arbitrary comment blob
81	};
82
83	} // end namespace Security
84
85
86	#ifdef _CPP_ACL_CODESIGNING
87	#pragma export off
88	#endif
89
90
91	#endif //_H_ACL_CODESIGNING