OSX/libsecurity_codesigning/lib/diskimagerep.h

   1 /*
   2  * Copyright (c) 20015 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 //
  25 // diskimagerep - DiskRep representing a single read-only compressed disk image file
  26 //
  27 #ifndef _H_DISKIMAGEREP
  28 #define _H_DISKIMAGEREP
  29
  30 #include "singlediskrep.h"
  31 #include "sigblob.h"
  32 #include <DiskImages/DiskImages.h>
  33 #undef check    // sadness is having to live with C #defines of this kind...
  34 #include <security_utilities/unix++.h>
  35
  36 namespace Security {
  37 namespace CodeSigning {
  38
  39
  40 //
  41 // DiskImageRep implements a single read-only compressed disk image file.
  42 //
  43 class DiskImageRep : public SingleDiskRep {
  44 public:
  45         DiskImageRep(const char *path);
  46
  47         CFDataRef identification();
  48         CFDataRef component(CodeDirectory::SpecialSlot slot);
  49         size_t signingLimit();
  50         void strictValidate(const CodeDirectory* cd, const ToleratedErrors& tolerated, SecCSFlags flags);
  51         std::string format();
  52         void prepareForSigning(SigningContext& state);
  53
  54         static bool candidate(UnixPlusPlus::FileDesc &fd);
  55         void registerStapledTicket();
  56
  57 public:
  58         static CFDataRef identificationFor(MachO *macho);
  59
  60 public:
  61         DiskRep::Writer *writer();
  62         class Writer;
  63         friend class Writer;
  64
  65 private:
  66         void setup();
  67         static bool readHeader(UnixPlusPlus::FileDesc& fd, UDIFFileHeader& header);
  68
  69 private:
  70         UDIFFileHeader mHeader;                                         // disk image header (all fields NBO)
  71         size_t mEndOfDataOffset;                                        // end of payload data (data fork + XML)
  72         size_t mHeaderOffset;                                           // trailing header offset
  73         const EmbeddedSignatureBlob *mSigningData;      // pointer to signature SuperBlob (in mapped memory)
  74 };
  75
  76
  77 //
  78 // The write side of a FileDiskRep
  79 //
  80 class DiskImageRep::Writer : public SingleDiskRep::Writer, private EmbeddedSignatureBlob::Maker {
  81         friend class FileDiskRep;
  82 public:
  83         Writer(DiskImageRep *r) : SingleDiskRep::Writer(r, writerNoGlobal), rep(r), mSigningData(NULL) { }
  84         void component(CodeDirectory::SpecialSlot slot, CFDataRef data);
  85         void flush();
  86         void addDiscretionary(CodeDirectory::Builder &builder);
  87
  88 private:
  89         DiskImageRep *rep;
  90         EmbeddedSignatureBlob *mSigningData;
  91 };
  92
  93
  94 } // end namespace CodeSigning
  95 } // end namespace Security
  96
  97 #endif // !_H_DISKIMAGEREP