2 * Copyright (c) 2002-2004,2011-2014 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 // TrustedApplication.cpp
27 #include <security_keychain/TrustedApplication.h>
28 #include <security_keychain/ACL.h>
29 #include <security_utilities/osxcode.h>
30 #include <security_utilities/trackingallocator.h>
31 #include <security_cdsa_utilities/acl_codesigning.h>
32 #include <sys/syslimits.h>
35 using namespace KeychainCore
;
39 // Create a TrustedApplication from a code-signing ACL subject.
40 // Throws ACL::ParseError if the subject is unexpected.
42 TrustedApplication::TrustedApplication(const TypedList
&subject
)
45 CodeSignatureAclSubject::Maker maker
;
46 mForm
= maker
.make(subject
);
47 secinfo("trustedapp", "%p created from list form", this);
48 IFDUMPING("codesign", mForm
->AclSubject::dump("STApp created from list"));
50 throw ACL::ParseError();
56 // Create a TrustedApplication from a path-to-object-on-disk
58 TrustedApplication::TrustedApplication(const std::string
&path
)
60 RefPointer
<OSXCode
> code(OSXCode::at(path
));
61 mForm
= new CodeSignatureAclSubject(OSXVerifier(code
));
62 secinfo("trustedapp", "%p created from path %s", this, path
.c_str());
63 IFDUMPING("codesign", mForm
->AclSubject::dump("STApp created from path"));
68 // Create a TrustedApplication for the calling process
70 TrustedApplication::TrustedApplication()
72 //@@@@ should use CS's idea of "self"
73 RefPointer
<OSXCode
> me(OSXCode::main());
74 mForm
= new CodeSignatureAclSubject(OSXVerifier(me
));
75 secinfo("trustedapp", "%p created from self", this);
76 IFDUMPING("codesign", mForm
->AclSubject::dump("STApp created from self"));
81 // Create a TrustedApplication from a SecRequirementRef.
82 // Note that the path argument is only stored for documentation;
83 // it is NOT used to denote anything on disk.
85 TrustedApplication::TrustedApplication(const std::string
&path
, SecRequirementRef reqRef
)
87 CFRef
<CFDataRef
> reqData
;
88 MacOSError::check(SecRequirementCopyData(reqRef
, kSecCSDefaultFlags
, &reqData
.aref()));
89 mForm
= new CodeSignatureAclSubject(NULL
, path
);
90 mForm
->add((const BlobCore
*)CFDataGetBytePtr(reqData
));
91 secinfo("trustedapp", "%p created from path %s and requirement %p",
92 this, path
.c_str(), reqRef
);
93 IFDUMPING("codesign", mForm
->debugDump());
97 TrustedApplication::~TrustedApplication()
102 // Convert from/to external data form.
104 // Since a TrustedApplication's data is essentially a CodeSignatureAclSubject,
105 // we just use the subject's externalizer to produce the data. That requires us
106 // to use the somewhat idiosyncratic linearizer used by CSSM ACL subjects, but
107 // that's a small price to pay for consistency.
109 TrustedApplication::TrustedApplication(CFDataRef external
)
111 AclSubject::Reader
pubReader(CFDataGetBytePtr(external
)), privReader
;
112 mForm
= CodeSignatureAclSubject::Maker().make(0, pubReader
, privReader
);
115 CFDataRef
TrustedApplication::externalForm() const
117 AclSubject::Writer::Counter pubCounter
, privCounter
;
118 mForm
->exportBlob(pubCounter
, privCounter
);
119 if (privCounter
> 0) // private exported data - format violation
120 CssmError::throwMe(CSSMERR_CSSM_INTERNAL_ERROR
);
121 CFRef
<CFMutableDataRef
> data
= CFDataCreateMutable(NULL
, pubCounter
);
122 CFDataSetLength(data
, pubCounter
);
123 if (CFDataGetLength(data
) < CFIndex(pubCounter
))
125 AclSubject::Writer
pubWriter(CFDataGetMutableBytePtr(data
)), privWriter
;
126 mForm
->exportBlob(pubWriter
, privWriter
);
130 void TrustedApplication::data(CFDataRef data
)
132 const char *p
= (const char *)CFDataGetBytePtr(data
);
133 const std::string
path(p
, p
+ CFDataGetLength(data
));
134 RefPointer
<OSXCode
> code(OSXCode::at(path
));
135 mForm
= new CodeSignatureAclSubject(OSXVerifier(code
));
139 // Direct verification interface.
140 // If path == NULL, we verify against the running code itself.
142 bool TrustedApplication::verifyToDisk(const char *path
)
144 if (SecRequirementRef requirement
= mForm
->requirement()) {
145 secinfo("trustedapp", "%p validating requirement against path %s", this, path
);
146 CFRef
<SecStaticCodeRef
> ondisk
;
148 MacOSError::check(SecStaticCodeCreateWithPath(CFTempURL(path
),
149 kSecCSDefaultFlags
, &ondisk
.aref()));
151 MacOSError::check(SecCodeCopySelf(kSecCSDefaultFlags
, (SecCodeRef
*)&ondisk
.aref()));
152 return SecStaticCodeCheckValidity(ondisk
, kSecCSDefaultFlags
, requirement
) == errSecSuccess
;
154 secinfo("trustedapp", "%p validating hash against path %s", this, path
);
155 RefPointer
<OSXCode
> code
= path
? OSXCode::at(path
) : OSXCode::main();
156 SHA1::Digest ondiskDigest
;
157 OSXVerifier::makeLegacyHash(code
, ondiskDigest
);
158 return memcmp(ondiskDigest
, mForm
->legacyHash(), sizeof(ondiskDigest
)) == 0;
164 // Produce a TypedList representing a code-signing ACL subject
165 // for this application.
166 // Memory is allocated from the allocator given, and belongs to
169 CssmList
TrustedApplication::makeSubject(Allocator
&allocator
)
171 return mForm
->toList(allocator
);