cdsa/cdsa_utilities/codesigning.h

   1 /*
   2  * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18
  19 //
  20 // codesigning - support for signing and verifying "bags o' bits" on disk.
  21 //
  22 // This file defines CodeSigner objects that sign, SignableCode objects
  23 // that can be signed, and CodeSignature objects that represent signatures.
  24 // Anything that can be "enumerated" into a stream of bits is fair game as
  25 // a SignableCode, though the primary intent is to sign files or directories
  26 // of files on disk.
  27 //
  28 #ifndef _CODESIGNING
  29 #define _CODESIGNING
  30
  31 #include <Security/utilities.h>
  32 #include <string>
  33
  34 #ifdef _CPP_CODESIGNING
  35 #pragma export on
  36 #endif
  37
  38 namespace Security
  39 {
  40
  41 namespace CodeSigning
  42 {
  43
  44 //
  45 // Type codes for signatures. Each represents a particular type of signature.
  46 //
  47 enum {
  48         standardOSXSignature = 1                        // standard MacOS X signature (SHA1)
  49 };
  50
  51
  52 //
  53 // A CodeSignature is an abstract object representing a complete signature.
  54 // You may think of this as a cryptographic hash of some kind together with
  55 // type information and enough abstraction to make changing the algorithms
  56 // easier.
  57 //
  58 class Signature {
  59 public:
  60         virtual ~Signature() { }
  61
  62         virtual bool operator == (const Signature &other) const = 0;
  63         bool operator != (const Signature &other) const         { return !(*this == other); }
  64
  65         virtual uint32 type() const = 0;                // yield type code
  66         virtual const void *data() const = 0;   // yield data pointer
  67         virtual size_t length() const = 0;              // yield length of data
  68 };
  69
  70
  71 //
  72 // A Signer is the engine that can sign and verify. It may have configuration,
  73 // but it should have NO state that carries over between signing/verifying
  74 // operations. In other words, once a signing/verifyng operation is complete,
  75 // the signer should forget about what it did.
  76 //
  77 class Signer {
  78         friend class Signable;
  79 public:
  80         virtual ~Signer() { }
  81
  82 public:
  83         class State {
  84         public:
  85                 virtual void enumerateContents(const void *data, size_t length) = 0;
  86
  87                 Signer &signer;
  88
  89         protected:
  90                 State(Signer &sgn) : signer(sgn) { }
  91         };
  92
  93 public:
  94         virtual Signature *sign(const Signable &target) = 0;
  95         virtual bool verify(const Signable &target, const Signature *signature) = 0;
  96
  97         virtual Signature *restore(uint32 type, const void *data, size_t length) = 0;
  98         Signature *restore(uint32 type, const CssmData &data)
  99         { return restore(type, data.data(), data.length()); }
 100
 101 protected:
 102         void scanContents(State &state, const Signable &target);
 103 };
 104
 105
 106 //
 107 // A Signable object represents something that can be signed
 108 //
 109 class Signable {
 110         friend class Signer;
 111 public:
 112         virtual ~Signable() { }
 113
 114         Signature *sign(Signer &signer) const
 115         { return signer.sign(*this); }
 116         bool verify(const Signature *signature, Signer &signer) const
 117         { return signer.verify(*this, signature); }
 118
 119 protected:
 120         virtual void scanContents(Signer::State &state) const = 0;
 121 };
 122
 123
 124 //
 125 // Close mutually recursive calls
 126 //
 127 inline void Signer::scanContents(State &state, const Signable &target)
 128 {
 129         target.scanContents(state);
 130 }
 131
 132 } // end namespace CodeSigning
 133
 134 } // end namespace Security
 135
 136 #ifdef _CPP_CODESIGNING
 137 #pragma export off
 138 #endif
 139
 140
 141 #endif //_CODESIGNING