X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..7e6b461318c8a779d91381531435a68ee4e8b6ed:/OSX/libsecurity_codesigning/lib/cdbuilder.h diff --git a/OSX/libsecurity_codesigning/lib/cdbuilder.h b/OSX/libsecurity_codesigning/lib/cdbuilder.h index 21f92405..7137444c 100644 --- a/OSX/libsecurity_codesigning/lib/cdbuilder.h +++ b/OSX/libsecurity_codesigning/lib/cdbuilder.h @@ -41,26 +41,47 @@ namespace CodeSigning { // CodeDirectory *result = builder.build(); // Builder is not reusable. // -class CodeDirectory::Builder { +class CodeDirectory::Builder : public RefCount { + NOCOPY(Builder) public: Builder(HashAlgorithm digestAlgorithm); ~Builder(); void executable(string path, size_t pagesize, size_t offset, size_t length); void reopen(string path, size_t offset, size_t length); + bool opened(); void specialSlot(SpecialSlot slot, CFDataRef data); void identifier(const std::string &code) { mIdentifier = code; } void teamID(const std::string &team) { mTeamID = team; } void flags(uint32_t f) { mFlags = f; } void platform(uint8_t p) { mPlatform = p; } + std::set filledSpecialSlots() const { return mFilledSpecialSlots; } Scatter *scatter(unsigned count); // allocate that many scatter elements (w/o sentinel) Scatter *scatter() { return mScatter; } // return already allocated scatter vector - + + void execSeg(uint64_t base, uint64_t limit, uint64_t flags) { + mExecSegOffset = base; mExecSegLimit = limit; mExecSegFlags = flags; } + void addExecSegFlags(uint64_t flags) { mExecSegFlags |= flags; } + + typedef std::map > + PreEncryptHashMap; + + void generatePreEncryptHashes(bool pre) { mGeneratePreEncryptHashes = pre; } + void preservePreEncryptHashMap(PreEncryptHashMap preEncryptHashMap) { + mPreservedPreEncryptHashMap = preEncryptHashMap; + } + + void runTimeVersion(uint32_t runtime) { + mRuntimeVersion = runtime; + } + size_t size(const uint32_t version); // calculate size CodeDirectory *build(); // build CodeDirectory and return it - const size_t fixedSize(const uint32_t version); // calculate fixed size of the CodeDirectory + size_t fixedSize(const uint32_t version); // calculate fixed size of the CodeDirectory + + uint32_t hashType() const { return mHashType; } DynamicHash *getHash() const { return CodeDirectory::hashFor(this->mHashType); } @@ -72,6 +93,7 @@ private: private: Hashing::Byte *mSpecial; // array of special slot hashes + std::set mFilledSpecialSlots; // special slots filled with values UnixPlusPlus::AutoFileDesc mExec; // main executable file size_t mExecOffset; // starting offset in mExec size_t mExecLength; // total bytes of file to sign @@ -88,7 +110,16 @@ private: Scatter *mScatter; // scatter vector size_t mScatterSize; // number of scatter elements allocated (incl. sentinel) - + + uint64_t mExecSegOffset; // starting offset of executable segment + uint64_t mExecSegLimit; // limit of executable segment + uint64_t mExecSegFlags; // executable segment flags + + bool mGeneratePreEncryptHashes; // whether to also generate new pre-encrypt hashes + PreEncryptHashMap mPreservedPreEncryptHashMap; // existing pre-encrypt hashes to be set + + uint32_t mRuntimeVersion; // Hardened Runtime Version + CodeDirectory *mDir; // what we're building };