Security-57336.1.9.tar.gz

[apple/security.git] / securityd / src / codesigdb.h

/*
 * Copyright (c) 2003-2007 Apple Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */


//
// codesigdb - code-hash equivalence database
//
#ifndef _H_CODESIGDB
#define _H_CODESIGDB

#include "acls.h"
#include <security_cdsa_utilities/db++.h>
#include <security_cdsa_utilities/osxverifier.h>
#include <Security/CodeSigning.h>


class Process;
class CodeSignatures;


//
// A CodeSignaturse object represents a database of code-signature equivalencies
// as (previously) expressed by a user and/or the system.
// You'll usually only need one of these.
//
class CodeSignatures {  
public:
        //
        // Identity is an abstract class modeling a code-identity in the database.
        // It can represent either an existing or latent code-hash link.
        // Subclass must provide path and hash source functions.
        //
        class Identity {
                friend class CodeSignatures;
        public:
                Identity();
                virtual ~Identity();
                
                operator bool () const                          { return mState == valid; }
                std::string path()                                      { return getPath(); }
                std::string name()                                      { return canonicalName(path()); }
                std::string trustedName() const         { return mName; }

                static std::string canonicalName(const std::string &path);
                
                IFDUMP(void debugDump(const char *how = NULL) const);
                
                virtual std::string getPath() const = 0;
                virtual const CssmData getHash() const = 0;
        
        private:
                enum { untried, valid, invalid } mState;
                std::string mName;              // link db value (canonical name linked to)
        };
        
public:
        CodeSignatures();
        ~CodeSignatures();
        
        void open(const char *path);
        
public:
        bool find(Identity &id, uid_t user);
        
        void makeLink(Identity &id, const std::string &ident, bool forUser = false, uid_t user = 0);

        void addLink(const CssmData &oldHash, const CssmData &newHash,
                const char *name, bool forSystem);
        void removeLink(const CssmData &hash, const char *name, bool forSystem);
        
        IFDUMP(void debugDump(const char *how = NULL) const);
        
public:
        bool verify(Process &process, const OSXVerifier &verifier, const AclValidationContext &context);
        
private:
        OSStatus matchSignedClientToLegacyACL(Process &process, SecCodeRef code,
                const OSXVerifier &verifier, const AclValidationContext &context);

private:
        UnixPlusPlus::UnixDb mDb;

        // lock hierarchy: mUILock first, then mDatabaseLock, no back-off
        Mutex mDatabaseLock;                    // controls mDb access
        Mutex mUILock;                                  // serializes user interaction
};



#endif //_H_CODESIGDB