]> git.saurik.com Git - apple/security.git/blob - Keychain/TrustedApplication.h
Security-163.tar.gz
[apple/security.git] / Keychain / TrustedApplication.h
1 /*
2 * Copyright (c) 2002 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18 //
19 // TrustedApplication.h - TrustedApplication control wrappers
20 //
21 #ifndef _SECURITY_TRUSTEDAPPLICATION_H_
22 #define _SECURITY_TRUSTEDAPPLICATION_H_
23
24 #include <Security/SecRuntime.h>
25 #include <Security/SecTrustedApplication.h>
26 #include <Security/cssmdata.h>
27 #include <Security/cssmaclpod.h>
28
29
30 namespace Security {
31 namespace KeychainCore {
32
33
34 //
35 // TrustedApplication actually denotes a signed executable
36 // on disk as used by the ACL subsystem. Much useful
37 // information is encapsulated in the 'comment' field that
38 // is stored with the ACL subject. TrustedApplication does
39 // not interpret this value, leaving its meaning to its caller.
40 //
41 class TrustedApplication : public SecCFObject {
42 NOCOPY(TrustedApplication)
43 public:
44 SECCFFUNCTIONS(TrustedApplication, SecTrustedApplicationRef, errSecInvalidItemRef)
45
46 TrustedApplication(const TypedList &subject);
47 TrustedApplication(const CssmData &signature, const CssmData &comment);
48 TrustedApplication(const char *path);
49 TrustedApplication(); // for current application
50 virtual ~TrustedApplication() throw();
51
52 const CssmData &signature() const;
53
54 // data (aka "comment") access
55 const CssmData &data() const { return mData; }
56 const char *path() const;
57 template <class Data>
58 void data(const Data &data) { mData = data; }
59
60 TypedList makeSubject(CssmAllocator &allocator);
61
62 bool sameSignature(const char *path); // return true if object at path has same signature
63
64 protected:
65 void calcSignature(const char *path, CssmOwnedData &signature); // generate a signature
66
67 private:
68 CssmAutoData mSignature;
69 CssmAutoData mData;
70 };
71
72
73 //
74 // A simple implementation of a caching path database in the system.
75 //
76 class PathDatabase {
77 public:
78 PathDatabase(const char *path = "/var/db/CodeEquivalenceCandidates");
79
80 bool operator [] (const std::string &path)
81 { return mQualifyAll || lookup(path); }
82
83 private:
84 bool mQualifyAll;
85 set<std::string> mPaths;
86
87 bool lookup(const std::string &path);
88 };
89
90
91 } // end namespace KeychainCore
92 } // end namespace Security
93
94 #endif // !_SECURITY_TRUSTEDAPPLICATION_H_