Security-57031.30.12.tar.gz

[apple/security.git] / Security / libsecurity_codesigning / lib / StaticCode.h

diff --git a/Security/libsecurity_codesigning/lib/StaticCode.h b/Security/libsecurity_codesigning/lib/StaticCode.h
index 9974a3d5f70cf67877a4ff9cdf4f896a3af4044d..90e0718c1f976a817fcfd7776b3e3ee4c46d4a49 100644 (file)
--- a/Security/libsecurity_codesigning/lib/StaticCode.h
+++ b/Security/libsecurity_codesigning/lib/StaticCode.h
@@ -28,12 +28,14 @@
 #define _H_STATICCODE
 
 #include "cs.h"
+#include "csutilities.h"
 #include "Requirements.h"
 #include "requirement.h"
 #include "diskrep.h"
 #include "codedirectory.h"
 #include <Security/SecTrust.h>
 #include <CoreFoundation/CFData.h>
+#include <security_utilities/dispatch.h>
 
 namespace Security {
 namespace CodeSigning {
@@ -93,8 +95,9 @@ protected:
        private:
                CFRef<CFMutableDictionaryRef> mCollection;
                OSStatus mStatus;
+               Mutex mLock;
        };
-       
+
 public:
        SECCFFUNCTIONS(SecStaticCode, SecStaticCodeRef,
                errSecCSInvalidObjectRef, gCFObjects().StaticCode)
@@ -105,7 +108,9 @@ public:
 
        SecStaticCode(DiskRep *rep);
     virtual ~SecStaticCode() throw();
-       
+
+    void initializeFromParent(const SecStaticCode& parent);
+
     bool equal(SecCFObject &other);
     CFHashCode hash();
        
@@ -150,6 +155,7 @@ public:
        void resetValidity();                                           // clear validation caches (if something may have changed)
        
        bool validated() const  { return mValidated; }
+       bool revocationChecked() const { return mRevocationChecked; }
        bool valid() const
                { assert(validated()); return mValidated && (mValidationResult == errSecSuccess); }
        bool validatedExecutable() const        { return mExecutableValidated; }
@@ -211,6 +217,7 @@ private:
        
        // master validation state
        bool mValidated;                                        // core validation was attempted
+       bool mRevocationChecked;                        // the signature was checked for revocation
        OSStatus mValidationResult;                     // outcome of core validation
        bool mValidationExpired;                        // outcome had expired certificates
        
@@ -229,7 +236,7 @@ private:
        unsigned mTotalWork;                            // total expected work (arbitrary units)
        unsigned mCurrentWork;                          // currently completed work
        bool mCancelPending;                            // cancellation was requested
-       Mutex mCancelLock;                                      // protects mCancelPending
+       Dispatch::Queue mProgressQueue;         // progress reporting queue
 
        // cached contents
        CFRef<CFDataRef> mDir;                          // code directory data
@@ -249,7 +256,9 @@ private:
        CFRef<CFURLRef> mResourceBase;          // URL form of resource base directory
 
        SecCodeCallback mMonitor;                       // registered monitor callback
-       
+
+       LimitedAsync *mLimitedAsync;            // limited async workers for verification
+
        // signature verification outcome (mTrust == NULL => not done yet)
        CFRef<SecTrustRef> mTrust;                      // outcome of crypto validation (valid or not)
        CFRef<CFArrayRef> mCertChain;