cdsa/cdsa_utilities/codesigning.h

   1 /*
   2  * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18
  19 //
  20 // codesigning - support for signing and verifying "bags o' bits" on disk.
  21 //
  22 // This file defines CodeSigner objects that sign, SignableCode objects
  23 // that can be signed, and CodeSignature objects that represent signatures.
  24 // Anything that can be "enumerated" into a stream of bits is fair game as
  25 // a SignableCode, though the primary intent is to sign files or directories
  26 // of files on disk.
  27 //
  28 #ifndef _CODESIGNING
  29 #define _CODESIGNING
  30
  31 #include <Security/utilities.h>
  32 #include <string>
  33
  34 #ifdef _CPP_CODESIGNING
  35 #pragma export on
  36 #endif
  37
  38 #undef verify
  39
  40 namespace Security
  41 {
  42
  43 namespace CodeSigning
  44 {
  45
  46 //
  47 // Type codes for signatures. Each represents a particular type of signature.
  48 //
  49 enum {
  50         standardOSXSignature = 1                        // standard MacOS X signature (SHA1)
  51 };
  52
  53
  54 //
  55 // A CodeSignature is an abstract object representing a complete signature.
  56 // You may think of this as a cryptographic hash of some kind together with
  57 // type information and enough abstraction to make changing the algorithms
  58 // easier.
  59 //
  60 class Signature {
  61 public:
  62         virtual ~Signature() { }
  63
  64         virtual bool operator == (const Signature &other) const = 0;
  65         bool operator != (const Signature &other) const         { return !(*this == other); }
  66
  67         virtual uint32 type() const = 0;                // yield type code
  68         virtual const void *data() const = 0;   // yield data pointer
  69         virtual size_t length() const = 0;              // yield length of data
  70 };
  71
  72
  73 //
  74 // A Signer is the engine that can sign and verify. It may have configuration,
  75 // but it should have NO state that carries over between signing/verifying
  76 // operations. In other words, once a signing/verifyng operation is complete,
  77 // the signer should forget about what it did.
  78 //
  79 class Signer {
  80         friend class Signable;
  81 public:
  82         virtual ~Signer() { }
  83
  84 public:
  85         class State {
  86         public:
  87                 virtual void enumerateContents(const void *data, size_t length) = 0;
  88
  89                 Signer &signer;
  90
  91         protected:
  92                 State(Signer &sgn) : signer(sgn) { }
  93         };
  94
  95 public:
  96         virtual Signature *sign(const Signable &target) = 0;
  97         virtual bool verify(const Signable &target, const Signature *signature) = 0;
  98
  99         virtual Signature *restore(uint32 type, const void *data, size_t length) = 0;
 100         Signature *restore(uint32 type, const CssmData &data)
 101         { return restore(type, data.data(), data.length()); }
 102
 103 protected:
 104         void scanContents(State &state, const Signable &target);
 105 };
 106
 107
 108 //
 109 // A Signable object represents something that can be signed
 110 //
 111 class Signable {
 112         friend class Signer;
 113 public:
 114         virtual ~Signable() { }
 115
 116         Signature *sign(Signer &signer) const
 117         { return signer.sign(*this); }
 118         bool verify(const Signature *signature, Signer &signer) const
 119         { return signer.verify(*this, signature); }
 120
 121 protected:
 122         virtual void scanContents(Signer::State &state) const = 0;
 123 };
 124
 125
 126 //
 127 // Close mutually recursive calls
 128 //
 129 inline void Signer::scanContents(State &state, const Signable &target)
 130 {
 131         target.scanContents(state);
 132 }
 133
 134 } // end namespace CodeSigning
 135
 136 } // end namespace Security
 137
 138 #ifdef _CPP_CODESIGNING
 139 #pragma export off
 140 #endif
 141
 142
 143 #endif //_CODESIGNING