Security-58286.20.16.tar.gz

[apple/security.git] / OSX / libsecurity_codesigning / lib / CodeSigner.cpp

diff --git a/OSX/libsecurity_codesigning/lib/CodeSigner.cpp b/OSX/libsecurity_codesigning/lib/CodeSigner.cpp
index 3d80482c8e73c89b3baf8f6e983443f7fbb1db6b..ee8045f98601d8c74fd5c74112ff80c2b76f20af 100644 (file)
--- a/OSX/libsecurity_codesigning/lib/CodeSigner.cpp
+++ b/OSX/libsecurity_codesigning/lib/CodeSigner.cpp
@@ -65,7 +65,7 @@ public:
 // Construct a SecCodeSigner
 //
 SecCodeSigner::SecCodeSigner(SecCSFlags flags)
 // Construct a SecCodeSigner
 //
 SecCodeSigner::SecCodeSigner(SecCSFlags flags)

-       : mOpFlags(flags), mDigestAlgorithm(kSecCodeSignatureDefaultDigestAlgorithm), mLimitedAsync(NULL)
+       : mOpFlags(flags), mLimitedAsync(NULL)

 {
 }
 
 {
 }
 


@@ -138,12 +138,12 @@ void SecCodeSigner::sign(SecStaticCode *code, SecCSFlags flags)
                return;
        Signer operation(*this, code);
        if ((flags | mOpFlags) & kSecCSRemoveSignature) {
                return;
        Signer operation(*this, code);
        if ((flags | mOpFlags) & kSecCSRemoveSignature) {

-               secdebug("signer", "%p will remove signature from %p", this, code);
+               secinfo("signer", "%p will remove signature from %p", this, code);

                operation.remove(flags);
        } else {
                if (!valid())
                        MacOSError::throwMe(errSecCSInvalidObjectRef);
                operation.remove(flags);
        } else {
                if (!valid())
                        MacOSError::throwMe(errSecCSInvalidObjectRef);

-               secdebug("signer", "%p will sign %p (flags 0x%x)", this, code, flags);
+               secinfo("signer", "%p will sign %p (flags 0x%x)", this, code, flags);

                operation.sign(flags);
        }
        code->resetValidity();
                operation.sign(flags);
        }
        code->resetValidity();


@@ -172,30 +172,6 @@ void SecCodeSigner::returnDetachedSignature(BlobCore *blob, Signer &signer)
 }
 
 
 }
 
 

-//
-// Our DiskRep::signingContext methods communicate with the signing subsystem
-// in terms those callers can easily understand.
-//
-string SecCodeSigner::sdkPath(const std::string &path) const
-{
-       assert(path[0] == '/'); // need absolute path here
-       if (mSDKRoot)
-               return cfString(mSDKRoot) + path;
-       else
-               return path;
-}
-
-bool SecCodeSigner::isAdhoc() const
-{
-       return mSigner == SecIdentityRef(kCFNull);
-}
-
-SecCSFlags SecCodeSigner::signingFlags() const
-{
-       return mOpFlags;
-}
-
-

 //
 // The actual parsing operation is done in the Parser class.
 //
 //
 // The actual parsing operation is done in the Parser class.
 //


@@ -219,8 +195,11 @@ SecCodeSigner::Parser::Parser(SecCodeSigner &state, CFDictionaryRef parameters)
                state.mCdFlagsGiven = false;
        
        // digest algorithms are specified as a numeric code
                state.mCdFlagsGiven = false;
        
        // digest algorithms are specified as a numeric code

-       if (CFNumberRef digestAlgorithm = get<CFNumberRef>(kSecCodeSignerDigestAlgorithm))
-               state.mDigestAlgorithm = cfNumber<unsigned int>(digestAlgorithm);
+       if (CFCopyRef<CFTypeRef> digestAlgorithms = get<CFTypeRef>(kSecCodeSignerDigestAlgorithm)) {
+               CFRef<CFArrayRef> array = cfArrayize(digestAlgorithms);
+               CFToVector<CodeDirectory::HashAlgorithm, CFNumberRef, cfNumber<CodeDirectory::HashAlgorithm> > digests(array);
+               std::copy(digests.begin(), digests.end(), std::inserter(state.mDigestAlgorithms, state.mDigestAlgorithms.begin()));
+       }

 
        if (CFNumberRef cmsSize = get<CFNumberRef>(CFSTR("cmssize")))
                state.mCMSSize = cfNumber<size_t>(cmsSize);
 
        if (CFNumberRef cmsSize = get<CFNumberRef>(CFSTR("cmssize")))
                state.mCMSSize = cfNumber<size_t>(cmsSize);