libsecurity_codesigning/lib/policydb.h

   1 /*
   2  * Copyright (c) 2011-2012 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23 #ifndef _H_POLICYDB
  24 #define _H_POLICYDB
  25
  26 #include "SecAssessment.h"
  27 #include <security_utilities/globalizer.h>
  28 #include <security_utilities/hashing.h>
  29 #include <security_utilities/sqlite++.h>
  30 #include <CoreFoundation/CoreFoundation.h>
  31
  32 namespace Security {
  33 namespace CodeSigning {
  34
  35
  36 namespace SQLite = SQLite3;
  37
  38
  39 static const char defaultDatabase[] = "/var/db/SystemPolicy";
  40 static const char visibleSecurityFlagFile[] = "/var/db/.sp_visible"; /* old duchess/emir style configration */
  41 static const char prefsFile[] = "/var/db/SystemPolicy-prefs.plist";
  42 static const char lastRejectFile[] = "/var/db/.LastGKReject";
  43 static const char lastApprovedFile[] = "/var/db/.LastGKApp";
  44
  45 static const char gkeAuthFile[] = "/var/db/gke.auth";
  46 static const char gkeSigsFile[] = "/var/db/gke.sigs";
  47 static const unsigned int gkeCheckInterval = 60;        // seconds
  48
  49
  50 //
  51 // We use Julian dates in the database, because SQLite understands them well and they convert easily to/from CFAbsoluteTime
  52 //
  53 static const double never = 5000000;    // canonical "never" julian date (an arbitrary point in the year 8977)
  54 static const double julianBase = 2451910.5;     // julian date of CFAbsoluteTime epoch
  55
  56 static inline double dateToJulian(CFDateRef time)
  57 { return CFDateGetAbsoluteTime(time) / 86400.0 + julianBase; }
  58
  59 static inline CFDateRef julianToDate(double julian)
  60 { return CFDateCreate(NULL, (julian - julianBase) * 86400); }
  61
  62
  63 typedef SHA1::SDigest ObjectHash;
  64
  65
  66 typedef uint AuthorityType;
  67 enum {
  68         kAuthorityInvalid = 0,                          // not a valid authority type
  69         kAuthorityExecute = 1,                          // authorizes launch and execution
  70         kAuthorityInstall = 2,                          // authorizes installation
  71         kAuthorityOpenDoc = 3,                          // authorizes opening of documents
  72 };
  73
  74
  75 //
  76 // Defined flags for authority flags column
  77 //
  78 enum {
  79         kAuthorityFlagVirtual = 0x0001, // virtual rule (anchoring object records)
  80         kAuthorityFlagDefault = 0x0002, // rule is part of the original default set
  81         kAuthorityFlagInhibitCache = 0x0004, // never cache outcome of this rule
  82         kAuthorityFlagWhitelist = 0x1000,       // whitelist override
  83         kAuthorityFlagWhitelistV2 = 0x2000, // apply "deep" signature to this record
  84 };
  85
  86
  87 //
  88 // Mapping/translation to/from API space
  89 //
  90 AuthorityType typeFor(CFDictionaryRef context, AuthorityType type = kAuthorityInvalid);
  91 CFStringRef typeNameFor(AuthorityType type)
  92     CF_RETURNS_RETAINED;
  93
  94
  95 //
  96 // An open policy database.
  97 // Usually read-only, but can be opened for write by privileged callers.
  98 // This is a translucent wrapper around SQLite::Database; the caller
  99 // is expected to work with statement rows.
 100 //
 101 class PolicyDatabase : public SQLite::Database {
 102 public:
 103         PolicyDatabase(const char *path = NULL, int flags = SQLITE_OPEN_READONLY);
 104         virtual ~PolicyDatabase();
 105
 106 public:
 107         bool checkCache(CFURLRef path, AuthorityType type, SecAssessmentFlags flags, CFMutableDictionaryRef result);
 108
 109 public:
 110         void purgeAuthority();
 111         void purgeObjects();
 112         void purgeObjects(double priority);//
 113
 114         void upgradeDatabase();
 115         std::string featureLevel(const char *feature);
 116         bool hasFeature(const char *feature) { return !featureLevel(feature).empty(); }
 117         void addFeature(const char *feature, const char *value, const char *remarks);
 118         void simpleFeature(const char *feature, const char *sql);
 119         void simpleFeature(const char *feature, void (^perform)());
 120
 121         void installExplicitSet(const char *auth, const char *sigs);
 122
 123 private:
 124         time_t mLastExplicitCheck;
 125 };
 126
 127
 128 //
 129 // Check the system-wide overriding flag file
 130 //
 131 bool overrideAssessment(SecAssessmentFlags flags = 0);
 132 void setAssessment(bool masterSwitch);
 133
 134 } // end namespace CodeSigning
 135 } // end namespace Security
 136
 137 #endif //_H_POLICYDB