OSX/libsecurity_codesigning/lib/diskimagerep.h

   1 /*
   2  * Copyright (c) 20015 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 //
  25 // diskimagerep - DiskRep representing a single read-only compressed disk image file
  26 //
  27 #ifndef _H_DISKIMAGEREP
  28 #define _H_DISKIMAGEREP
  29
  30 #include "singlediskrep.h"
  31 #include "sigblob.h"
  32 #include <DiskImages/DiskImages.h>
  33 #undef check    // sadness is having to live with C #defines of this kind...
  34 #include <security_utilities/unix++.h>
  35
  36 namespace Security {
  37 namespace CodeSigning {
  38
  39
  40 //
  41 // DiskImageRep implements a single read-only compressed disk image file.
  42 //
  43 class DiskImageRep : public SingleDiskRep {
  44 public:
  45         DiskImageRep(const char *path);
  46         virtual ~DiskImageRep();
  47
  48         CFDataRef identification();
  49         CFDataRef component(CodeDirectory::SpecialSlot slot);
  50         size_t signingLimit();
  51         void strictValidate(const CodeDirectory* cd, const ToleratedErrors& tolerated, SecCSFlags flags);
  52         std::string format();
  53         void prepareForSigning(SigningContext& state);
  54
  55         static bool candidate(UnixPlusPlus::FileDesc &fd);
  56         void registerStapledTicket();
  57
  58 public:
  59         static CFDataRef identificationFor(MachO *macho);
  60
  61 public:
  62         DiskRep::Writer *writer();
  63         class Writer;
  64         friend class Writer;
  65
  66 private:
  67         void setup();
  68         static bool readHeader(UnixPlusPlus::FileDesc& fd, UDIFFileHeader& header);
  69
  70 private:
  71         UDIFFileHeader mHeader;                                         // disk image header (all fields NBO)
  72         size_t mEndOfDataOffset;                                        // end of payload data (data fork + XML)
  73         size_t mHeaderOffset;                                           // trailing header offset
  74         const EmbeddedSignatureBlob *mSigningData;      // pointer to signature SuperBlob (malloc'd memory during setup)
  75 };
  76
  77
  78 //
  79 // The write side of a FileDiskRep
  80 //
  81 class DiskImageRep::Writer : public SingleDiskRep::Writer, private EmbeddedSignatureBlob::Maker {
  82         friend class FileDiskRep;
  83 public:
  84         Writer(DiskImageRep *r) : SingleDiskRep::Writer(r, writerNoGlobal), rep(r), mSigningData(NULL) { }
  85         void component(CodeDirectory::SpecialSlot slot, CFDataRef data);
  86         void flush();
  87         void addDiscretionary(CodeDirectory::Builder &builder);
  88
  89 private:
  90         DiskImageRep *rep;
  91         EmbeddedSignatureBlob *mSigningData;
  92 };
  93
  94
  95 } // end namespace CodeSigning
  96 } // end namespace Security
  97
  98 #endif // !_H_DISKIMAGEREP