OSX/libsecurity_codesigning/lib/csprocess.h

   1 /*
   2  * Copyright (c) 2006,2011,2013-2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 //
  25 // csprocess - UNIX process implementation of the Code Signing Host Interface
  26 //
  27 #ifndef _H_CSPROCESS
  28 #define _H_CSPROCESS
  29
  30 #include "Code.h"
  31 #include "StaticCode.h"
  32 #include "piddiskrep.h"
  33 #include <security_utilities/utilities.h>
  34
  35 namespace Security {
  36 namespace CodeSigning {
  37
  38
  39 //
  40 // A SecCode that represents a running UNIX process.
  41 // Processes are identified by pid and audit token.
  42 //
  43 class ProcessCode : public SecCode {
  44 public:
  45         ProcessCode(pid_t pid, const audit_token_t* token, PidDiskRep *pidDiskRep = NULL);
  46         ~ProcessCode() _NOEXCEPT { delete mAudit; }
  47
  48         pid_t pid() const { return mPid; }
  49         const audit_token_t* audit() const { return mAudit; }
  50
  51         PidDiskRep *pidBased() const { return mPidBased; }
  52
  53         int csops(unsigned int ops, void *addr, size_t size);
  54
  55 private:
  56         pid_t mPid;
  57         audit_token_t* mAudit;
  58         RefPointer<PidDiskRep> mPidBased;
  59 };
  60
  61
  62 //
  63 // We don't need a GenericCode variant of ProcessCode
  64 //
  65 typedef SecStaticCode ProcessStaticCode;
  66
  67 class ProcessDynamicCode : public SecStaticCode {
  68 public:
  69         ProcessDynamicCode(ProcessCode *diskRep);
  70
  71         CFDataRef component(CodeDirectory::SpecialSlot slot, OSStatus fail = errSecCSSignatureFailed);
  72
  73         CFDictionaryRef infoDictionary();
  74
  75         void validateComponent(CodeDirectory::SpecialSlot slot, OSStatus fail = errSecCSSignatureFailed);
  76 private:
  77         ProcessCode *mGuest;
  78         CFRef<CFDictionaryRef> mEmptyInfoDict;
  79 };
  80
  81 } // end namespace CodeSigning
  82 } // end namespace Security
  83
  84 #endif // !_H_CSPROCESS