cdsa/cdsa_client/osxsigner.cpp

   1 /*
   2  * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18
  19 //
  20 // osxsigner - MacOS X's standard code signing algorithm.
  21 //
  22 #ifdef __MWERKS__
  23 #define _CPP_OSXSIGNER
  24 #endif
  25
  26 #include <Security/osxsigner.h>
  27 #include <Security/debugging.h>
  28
  29
  30 namespace Security
  31 {
  32
  33 namespace CodeSigning
  34 {
  35
  36 //
  37 // Construct an OSXSigner
  38 //
  39 OSXSigner::OSXSigner() : csp(gGuidAppleCSP)
  40 {
  41 }
  42
  43
  44 //
  45 // Signing/verification implementation
  46 //
  47 OSXSigner::OSXSignature *OSXSigner::sign(const Signable &target)
  48 {
  49         Digester digester(*this);
  50         scanContents(digester, target);
  51         CssmClient::DataBuffer<OSXSignature::hashLength> hash;
  52         digester(hash);
  53         IFDUMPING("codesign", Debug::dumpData("sign", hash));
  54         return new OSXSignature(hash);
  55 }
  56
  57 bool OSXSigner::verify(const Signable &target, const Signature *signature)
  58 {
  59         if (const OSXSignature *sig = dynamic_cast<const OSXSignature *>(signature)) {
  60                 Digester digester(*this);
  61                 scanContents(digester, target);
  62                 CssmClient::DataBuffer<OSXSignature::hashLength> hash;
  63                 digester(hash);
  64                 IFDUMPING("codesign", Debug::dumpData("verify", hash));
  65                 return (*sig) == hash;
  66         }
  67         return false;
  68 }
  69
  70 void OSXSigner::Digester::enumerateContents(const void *data, size_t length)
  71 {
  72         digest(CssmData(const_cast<void *>(data), length));
  73 }
  74
  75
  76 //
  77 // Re-create a Signature object from its external representation
  78 //
  79 OSXSigner::OSXSignature *OSXSigner::restore(uint32 type, const void *data, size_t length)
  80 {
  81         switch (type) {
  82         case CSSM_ACL_CODE_SIGNATURE_OSX:
  83                 if (length != OSXSignature::hashLength)
  84                         CssmError::throwMe(CSSM_ERRCODE_INVALID_DATA);
  85                 return new OSXSignature(data);
  86         default:
  87                 CssmError::throwMe(CSSM_ERRCODE_UNKNOWN_FORMAT);
  88         }
  89 }
  90
  91
  92 }; // end namespace CodeSigning
  93
  94 } // end namespace Security