2 * Copyright (c) 2002 Apple Computer, Inc. All Rights Reserved.
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
19 // TrustedApplication.cpp
21 #include <Security/TrustedApplication.h>
22 #include <Security/ACL.h>
23 #include <Security/osxsigning.h>
24 #include <Security/osxsigner.h>
25 #include <Security/trackingallocator.h>
28 using namespace KeychainCore
;
29 using namespace CodeSigning
;
33 // Create a TrustedApplication from a code-signing ACL subject.
34 // Throws ACL::ParseError if the subject is unexpected.
36 TrustedApplication::TrustedApplication(const TypedList
&subject
)
37 : mSignature(CssmAllocator::standard()),
38 mData(CssmAllocator::standard())
40 if (subject
.type() != CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE
)
41 throw ACL::ParseError();
42 if (subject
[1] != CSSM_ACL_CODE_SIGNATURE_OSX
)
43 throw ACL::ParseError();
44 mSignature
= subject
[2].data();
45 mData
= subject
[3].data();
49 TrustedApplication::TrustedApplication(const CssmData
&signature
, const CssmData
&data
) :
50 mSignature(CssmAllocator::standard(), signature
),
51 mData(CssmAllocator::standard(), data
)
55 TrustedApplication::TrustedApplication(const char *path
)
56 : mSignature(CssmAllocator::standard()),
57 mData(CssmAllocator::standard())
60 RefPointer
<OSXCode
> object(OSXCode::at(path
));
61 auto_ptr
<OSXSigner::OSXSignature
> signature(signer
.sign(*object
));
62 mSignature
= *signature
;
63 mData
= CssmData(const_cast<char *>(path
), strlen(path
) + 1);
66 TrustedApplication::TrustedApplication()
67 : mSignature(CssmAllocator::standard()),
68 mData(CssmAllocator::standard())
71 RefPointer
<OSXCode
> object(OSXCode::main());
72 auto_ptr
<OSXSigner::OSXSignature
> signature(signer
.sign(*object
));
73 mSignature
= *signature
;
74 string path
= object
->canonicalPath();
75 mData
.copy(path
.c_str(), path
.length() + 1); // including trailing null
78 TrustedApplication::~TrustedApplication()
83 TrustedApplication::signature() const
89 TrustedApplication::sameSignature(const char *path
)
91 // return true if object at given path has same signature
92 CssmAutoData
otherSignature(CssmAllocator::standard());
93 calcSignature(path
, otherSignature
);
94 return (mSignature
.get() == otherSignature
);
98 TrustedApplication::calcSignature(const char *path
, CssmOwnedData
&signature
)
100 // generate a signature for the given object
101 RefPointer
<CodeSigning::OSXCode
> objToVerify(CodeSigning::OSXCode::at(path
));
102 CodeSigning::OSXSigner signer
;
103 auto_ptr
<CodeSigning::OSXSigner::OSXSignature
> osxSignature(signer
.sign(*objToVerify
));
104 signature
.copy(osxSignature
->data(), osxSignature
->length());
109 // Produce a TypedList representing a code-signing ACL subject
110 // for this application.
111 // Memory is allocated from the allocator given, and belongs to
114 TypedList
TrustedApplication::makeSubject(CssmAllocator
&allocator
)
116 return TypedList(allocator
,
117 CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE
,
118 new(allocator
) ListElement(CSSM_ACL_CODE_SIGNATURE_OSX
),
119 new(allocator
) ListElement(mSignature
.get()),
120 new(allocator
) ListElement(mData
.get()));
projects / apple / security.git / blob