securityd/src/codesigdb.h

/*
 * Copyright (c) 2003-2007,2016 Apple Inc. All Rights Reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 *
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 *
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 *
 * @APPLE_LICENSE_HEADER_END@
 */


//
// codesigdb - code-hash equivalence database
//
#ifndef _H_CODESIGDB
#define _H_CODESIGDB

#include "acls.h"
#include <security_cdsa_utilities/db++.h>
#include <security_cdsa_utilities/osxverifier.h>
#include <Security/CodeSigning.h>


class Process;
class CodeSignatures;


//
// A CodeSignatures object represents a database of code-signature equivalencies
// as (previously) expressed by a user and/or the system.
// You'll usually only need one of these.
//
class CodeSignatures {
public:
	//
	// Identity is an abstract class modeling a code-identity in the database.
	// It can represent either an existing or latent code-hash link.
	// Subclass must provide path and hash source functions.
	//
	class Identity {
		friend class CodeSignatures;
	public:
		Identity();
		virtual ~Identity();

		operator bool () const				{ return mState == valid; }
		std::string path()					{ return getPath(); }
		std::string name() 					{ return canonicalName(path()); }
		std::string trustedName() const		{ return mName; }

		static std::string canonicalName(const std::string &path);

		IFDUMP(void debugDump(const char *how = NULL) const);

		virtual std::string getPath() const = 0;
		virtual const CssmData getHash() const = 0;

	private:
		enum { untried, valid, invalid } mState;
		std::string mName;		// link db value (canonical name linked to)
	};

public:
	CodeSignatures();
	~CodeSignatures();

	void open(const char *path);

public:
	bool find(Identity &id, uid_t user);

	void makeLink(Identity &id, const std::string &ident, bool forUser = false, uid_t user = 0);

	void addLink(const CssmData &oldHash, const CssmData &newHash,
		const char *name, bool forSystem);
	void removeLink(const CssmData &hash, const char *name, bool forSystem);

	IFDUMP(void debugDump(const char *how = NULL) const);

public:
	bool verify(Process &process, const OSXVerifier &verifier, const AclValidationContext &context);

private:
	OSStatus matchSignedClientToLegacyACL(Process &process,
		const OSXVerifier &verifier, const AclValidationContext &context);

private:
	UnixPlusPlus::UnixDb mDb;

	// lock hierarchy: mUILock first, then mDatabaseLock, no back-off
	Mutex mDatabaseLock;			// controls mDb access
	Mutex mUILock;					// serializes user interaction
};


#endif //_H_CODESIGDB
Commit	Line	Data
	1	/*
	2	* Copyright (c) 2003-2007,2016 Apple Inc. All Rights Reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23
	24
	25	//
	26	// codesigdb - code-hash equivalence database
	27	//
	28	#ifndef _H_CODESIGDB
	29	#define _H_CODESIGDB
	30
	31	#include "acls.h"
	32	#include <security_cdsa_utilities/db++.h>
	33	#include <security_cdsa_utilities/osxverifier.h>
	34	#include <Security/CodeSigning.h>
	35
	36
	37	class Process;
	38	class CodeSignatures;
	39
	40
	41	//
	42	// A CodeSignatures object represents a database of code-signature equivalencies
	43	// as (previously) expressed by a user and/or the system.
	44	// You'll usually only need one of these.
	45	//
	46	class CodeSignatures {
	47	public:
	48	//
	49	// Identity is an abstract class modeling a code-identity in the database.
	50	// It can represent either an existing or latent code-hash link.
	51	// Subclass must provide path and hash source functions.
	52	//
	53	class Identity {
	54	friend class CodeSignatures;
	55	public:
	56	Identity();
	57	virtual ~Identity();
	58
	59	operator bool () const { return mState == valid; }
	60	std::string path() { return getPath(); }
	61	std::string name() { return canonicalName(path()); }
	62	std::string trustedName() const { return mName; }
	63
	64	static std::string canonicalName(const std::string &path);
	65
	66	IFDUMP(void debugDump(const char *how = NULL) const);
	67
	68	virtual std::string getPath() const = 0;
	69	virtual const CssmData getHash() const = 0;
	70
	71	private:
	72	enum { untried, valid, invalid } mState;
	73	std::string mName; // link db value (canonical name linked to)
	74	};
	75
	76	public:
	77	CodeSignatures();
	78	~CodeSignatures();
	79
	80	void open(const char *path);
	81
	82	public:
	83	bool find(Identity &id, uid_t user);
	84
	85	void makeLink(Identity &id, const std::string &ident, bool forUser = false, uid_t user = 0);
	86
	87	void addLink(const CssmData &oldHash, const CssmData &newHash,
	88	const char *name, bool forSystem);
	89	void removeLink(const CssmData &hash, const char *name, bool forSystem);
	90
	91	IFDUMP(void debugDump(const char *how = NULL) const);
	92
	93	public:
	94	bool verify(Process &process, const OSXVerifier &verifier, const AclValidationContext &context);
	95
	96	private:
	97	OSStatus matchSignedClientToLegacyACL(Process &process,
	98	const OSXVerifier &verifier, const AclValidationContext &context);
	99
	100	private:
	101	UnixPlusPlus::UnixDb mDb;
	102
	103	// lock hierarchy: mUILock first, then mDatabaseLock, no back-off
	104	Mutex mDatabaseLock; // controls mDb access
	105	Mutex mUILock; // serializes user interaction
	106	};
	107
	108
	109
	110	#endif //_H_CODESIGDB