Security-58286.20.16.tar.gz

[apple/security.git] / OSX / libsecurity_codesigning / lib / codedirectory.cpp

diff --git a/OSX/libsecurity_codesigning/lib/codedirectory.cpp b/OSX/libsecurity_codesigning/lib/codedirectory.cpp
index f675c4b82f38cdab5df6903a73c67cbba1be5572..1fc4fdddb6460cee6935dbce43e6a17a6f1c795c 100644 (file)
--- a/OSX/libsecurity_codesigning/lib/codedirectory.cpp
+++ b/OSX/libsecurity_codesigning/lib/codedirectory.cpp
@@ -125,7 +125,7 @@ const char * const CodeDirectory::debugSlotName[] = {
        "info",
        "requirements",
        "resources",
-       "application",
+       "rep-specific",
        "entitlement"
 };
 #endif //NDEBUG
@@ -155,7 +155,7 @@ void CodeDirectory::checkIntegrity() const
        if (version < earliestVersion)
                MacOSError::throwMe(errSecCSSignatureUnsupported);      // too old - can't support
        if (version > currentVersion)
-               secdebug("codedir", "%p version 0x%x newer than current 0x%x",
+               secinfo("codedir", "%p version 0x%x newer than current 0x%x",
                        this, uint32_t(version), currentVersion);
        
        // now check interior offsets for validity
@@ -199,7 +199,7 @@ void CodeDirectory::checkIntegrity() const
 //
 bool CodeDirectory::validateSlot(const void *data, size_t length, Slot slot) const
 {
-       secdebug("codedir", "%p validating slot %d", this, int(slot));
+       secinfo("codedir", "%p validating slot %d", this, int(slot));
        MakeHash<CodeDirectory> hasher(this);
        Hashing::Byte digest[hasher->digestLength()];
        generateHash(hasher, data, length, digest);
@@ -292,23 +292,32 @@ CodeDirectory::HashAlgorithm CodeDirectory::bestHashOf(const HashAlgorithms &typ
 void CodeDirectory::multipleHashFileData(FileDesc fd, size_t limit, CodeDirectory::HashAlgorithms types, void (^action)(HashAlgorithm type, DynamicHash* hasher))
 {
        assert(!types.empty());
-       vector<RefPointer<DynamicHash> > hashers;
+       map<HashAlgorithm, RefPointer<DynamicHash> > hashes;
        for (auto it = types.begin(); it != types.end(); ++it) {
                if (CodeDirectory::viableHash(*it))
-                       hashers.push_back(CodeDirectory::hashFor(*it));
+                       hashes[*it] = CodeDirectory::hashFor(*it);
        }
        scanFileData(fd, limit, ^(const void *buffer, size_t size) {
-               unsigned n = 0;
-               for (auto it = types.begin(); it != types.end(); ++it, ++n) {
-                       hashers[n]->update(buffer, size);
+               for (auto it = hashes.begin(); it != hashes.end(); ++it) {
+            it->second->update(buffer, size);
                }
        });
        CFRef<CFMutableDictionaryRef> result = makeCFMutableDictionary();
-       unsigned n = 0;
-       for (auto it = types.begin(); it != types.end(); ++it, ++n) {
-               action(*it, hashers[n]);
+       for (auto it = hashes.begin(); it != hashes.end(); ++it) {
+               action(it->first, it->second);
        }
 }
+    
+    
+    //
+    // Hash data in memory using our hashAlgorithm()
+    //
+bool CodeDirectory::verifyMemoryContent(CFDataRef data, const Byte* digest) const
+{
+    RefPointer<DynamicHash> hasher = CodeDirectory::hashFor(this->hashType);
+    hasher->update(CFDataGetBytePtr(data), CFDataGetLength(data));
+    return hasher->verify(digest);
+}
        
        
 //