Security-58286.260.20.tar.gz

[apple/security.git] / OSX / libsecurity_codesigning / lib / signer.h

/*
 * Copyright (c) 2006-2012,2014 Apple Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

//
// signer - Signing operation supervisor and controller
//
#ifndef _H_SIGNER
#define _H_SIGNER

#include "CodeSigner.h"
#include "cdbuilder.h"
#include "signerutils.h"
#include "StaticCode.h"
#include <security_utilities/utilities.h>

namespace Security {
namespace CodeSigning {


//
// The signer driver class.
// This is a workflow object, containing all the data needed for the various
// signing stages to cooperate. It is not meant to be API visible; that is
// SecCodeSigner's job.
//
class SecCodeSigner::Signer : public DiskRep::SigningContext {
public:
        Signer(SecCodeSigner &s, SecStaticCode *c) : state(s), code(c), requirements(NULL)
        { strict = signingFlags() & kSecCSSignStrictPreflight; }
        ~Signer() { ::free((Requirements *)requirements); }

        void sign(SecCSFlags flags);
        void remove(SecCSFlags flags);
        void edit(SecCSFlags flags);
        
        SecCodeSigner &state;
        SecStaticCode * const code;
        
        const CodeDirectory::HashAlgorithms& digestAlgorithms() const { return hashAlgorithms; }
        void setDigestAlgorithms(CodeDirectory::HashAlgorithms types) { hashAlgorithms = types; }
        
        std::string path() const { return cfStringRelease(rep->copyCanonicalPath()); }
        SecIdentityRef signingIdentity() const { return state.mSigner; }
        std::string signingIdentifier() const { return identifier; }
        
protected:
        void prepare(SecCSFlags flags);                         // set up signing parameters
        void signMachO(Universal *fat, const Requirement::Context &context); // sign a Mach-O binary
        void signArchitectureAgnostic(const Requirement::Context &context); // sign anything else
        
        void prepareForEdit(SecCSFlags flags);          // set up signature editing
        void editMachO(Universal *fat);                         // edit a Mach-O binary
        void editArchitectureAgnostic();                        // edit anything else

        // HashAlgorithm -> PreEncrypt hashes
        typedef std::map<CodeDirectory::HashAlgorithm, CFCopyRef<CFDataRef> >
                PreEncryptHashMap;
        // Architecture -> PreEncryptHashMap
        typedef std::map<Architecture, PreEncryptHashMap >
                PreEncryptHashMaps;
        // HashAlgorithm -> Hardened Runtime Version
        typedef std::map<CodeDirectory::HashAlgorithm, uint32_t>
                RuntimeVersionMap;
        // Architecture -> RuntimeVersionMap
        typedef std::map<Architecture, RuntimeVersionMap>
                RuntimeVersionMaps;
        // Architecture -> RawComponentMap
        typedef EditableDiskRep::RawComponentMap RawComponentMap;
        typedef std::map<Architecture, std::unique_ptr<RawComponentMap>>
                RawComponentMaps;

        void populate(DiskRep::Writer &writer);         // global
        void populate(CodeDirectory::Builder &builder, DiskRep::Writer &writer,
                                  InternalRequirements &ireqs,
                                  size_t offset, size_t length,
                                  bool mainBinary, size_t execSegBase, size_t execSegLimit,
                                  unsigned alternateDigestCount,
                                  const PreEncryptHashMap& preEncryptHashMap,
                                  uint32_t runtimeVersion);     // per-architecture
        CFDataRef signCodeDirectory(const CodeDirectory *cd,
                                                                CFDictionaryRef hashDict, CFArrayRef hashList);

        uint32_t cdTextFlags(std::string text);         // convert text CodeDirectory flags
        std::string uniqueName() const;                         // derive unique string from rep
        
protected:
        
        std::string sdkPath(const std::string &path) const;
        bool isAdhoc() const;
        SecCSFlags signingFlags() const;
        
private:
        static EditableDiskRep *editMainExecutableRep(DiskRep *rep);
        
        void addPreEncryptHashes(PreEncryptHashMap &map, SecStaticCode const *code);
        void addRuntimeVersions(RuntimeVersionMap &map, SecStaticCode const *code);
        
        void considerTeamID(const PreSigningContext& context);
        std::vector<Endian<uint32_t> > topSlots(CodeDirectory::Builder &builder) const;

        static bool booleanEntitlement(CFDictionaryRef entDict, CFStringRef key);
        static void cookEntitlements(CFDataRef entitlements, bool generateDER,
                                                                 uint64_t *execSegFlags, CFDataRef *entitlementsDER);

protected:
        void buildResources(std::string root, std::string relBase, CFDictionaryRef rules);
        CFMutableDictionaryRef signNested(const std::string &path, const std::string &relpath);
        CFDataRef hashFile(const char *path, CodeDirectory::HashAlgorithm type);
        CFDictionaryRef hashFile(const char *path, CodeDirectory::HashAlgorithms types);
        
private:
        RefPointer<DiskRep> rep;                // DiskRep of Code being signed
        CFRef<CFDictionaryRef> resourceDirectory;       // resource directory
        CFRef<CFDataRef> resourceDictData; // XML form of resourceDirectory
        CodeDirectory::HashAlgorithms hashAlgorithms; // hash algorithm(s) to use
        std::string identifier;                 // signing identifier
        std::string teamID;             // team identifier
        CFRef<CFDataRef> entitlements;  // entitlements
        Architecture preEncryptMainArch; // pre-encrypt main architecture
        PreEncryptHashMaps preEncryptHashMaps;  // pre-encrypt hashes to keep
        Architecture runtimeVersionMainArch; // runtime version main architecture
        RuntimeVersionMaps runtimeVersionMap; // runtime versions to keep
        uint32_t cdFlags;                               // CodeDirectory flags
        const Requirements *requirements; // internal requirements ready-to-use
        size_t pagesize;                                // size of main executable pages
        CFAbsoluteTime signingTime;             // signing time for CMS signature (0 => now)
        bool emitSigningTime;                   // emit signing time as a signed CMS attribute
        bool strict;                                    // strict validation
        bool generateEntitlementDER;    // generate entitlement DER
        
        // Signature Editing
        Architecture editMainArch;              // main architecture for editing
        RawComponentMaps editComponents; // components for signature
        
private:
        Mutex resourceLock;
};


} // end namespace CodeSigning
} // end namespace Security

#endif // !_H_CODESIGNER