cdsa/cdsa_utilities/acl_codesigning.h

   1 /*
   2  * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18
  19 //
  20 // acl_codesigning - ACL subject for signature of calling application
  21 //
  22 #ifndef _H_ACL_CODESIGNING
  23 #define _H_ACL_CODESIGNING
  24
  25 #include <Security/cssmdata.h>
  26 #include <Security/cssmacl.h>
  27 #include <Security/codesigning.h>
  28
  29 #ifdef _CPP_ACL_CODESIGNING
  30 #pragma export on
  31 #endif
  32
  33 namespace Security
  34 {
  35
  36 using CodeSigning::Signature;
  37 using CodeSigning::Signer;
  38
  39 //
  40 // The CodeSignature subject type matches a code signature applied to the
  41 // disk image that originated the client process.
  42 //
  43 class CodeSignatureAclSubject : public AclSubject {
  44 public:
  45     bool validate(const AclValidationContext &baseCtx) const;
  46     CssmList toList(CssmAllocator &alloc) const;
  47
  48     CodeSignatureAclSubject(CssmAllocator &alloc, const Signature *signature);
  49     CodeSignatureAclSubject(CssmAllocator &alloc,
  50                 const Signature *signature, const void *comment, size_t commentLength);
  51         ~CodeSignatureAclSubject();
  52
  53     CssmAllocator &allocator;
  54
  55     void exportBlob(Writer::Counter &pub, Writer::Counter &priv);
  56     void exportBlob(Writer &pub, Writer &priv);
  57
  58         IFDUMP(void debugDump() const);
  59
  60 public:
  61     class Environment : public virtual AclValidationEnvironment {
  62     public:
  63                 virtual bool verifyCodeSignature(const Signature *signature, const CssmData *comment) = 0;
  64     };
  65
  66 public:
  67     class Maker : public AclSubject::Maker {
  68     public:
  69         Maker(Signer &sgn)
  70                 : AclSubject::Maker(CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE), signer(sgn) { }
  71         CodeSignatureAclSubject *make(const TypedList &list) const;
  72         CodeSignatureAclSubject *make(Version version, Reader &pub, Reader &priv) const;
  73
  74                 Signer &signer;
  75     };
  76
  77 private:
  78         const Signature *mSignature;                    // signature of object
  79         bool mHaveComment;                                              // mComment present
  80         CssmAutoData mComment;                                  // arbitrary comment blob
  81 };
  82
  83 } // end namespace Security
  84
  85
  86 #ifdef _CPP_ACL_CODESIGNING
  87 #pragma export off
  88 #endif
  89
  90
  91 #endif //_H_ACL_CODESIGNING