X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5dd5f9ec28f304ca377c42fd7f711d6cf12b90e1..5c19dc3ae3bd8e40a9c028b0deddd50ff337692c:/OSX/libsecurity_cdsa_utilities/lib/acl_codesigning.h diff --git a/OSX/libsecurity_cdsa_utilities/lib/acl_codesigning.h b/OSX/libsecurity_cdsa_utilities/lib/acl_codesigning.h new file mode 100644 index 00000000..2dc2b2b3 --- /dev/null +++ b/OSX/libsecurity_cdsa_utilities/lib/acl_codesigning.h @@ -0,0 +1,95 @@ +/* + * Copyright (c) 2000-2004,2006,2011,2014 Apple Inc. All Rights Reserved. + * + * @APPLE_LICENSE_HEADER_START@ + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, + * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. + * + * @APPLE_LICENSE_HEADER_END@ + */ + + +// +// acl_codesigning - ACL subject for signature of calling application +// +// Note: +// Once upon a time, a code signature was a single binary blob, a "signature". +// Then we added an optional second blob, a "comment". The comment was only +// ancilliary (non-security) data first, but then we added more security data +// to it later. Now, the security-relevant data is kept in a (signature, comment) +// pair, all of which is relevant for the security of such subjects. +// Don't read any particular semantics into this separation. It is historical only +// (having to do with backward binary compatibility of ACL blobs). +// +#ifndef _H_ACL_CODESIGNING +#define _H_ACL_CODESIGNING + +#include +#include +#include + +namespace Security { + + +// +// The CodeSignature subject type matches a code signature applied to the +// disk image that originated the client process. +// +class CodeSignatureAclSubject : public AclSubject, public OSXVerifier { +public: + class Maker; friend class Maker; + + static const size_t commentBagAlignment = 4; + + CodeSignatureAclSubject(const SHA1::Byte *hash, const std::string &path) + : AclSubject(CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE), OSXVerifier(hash, path) { } + + CodeSignatureAclSubject(const OSXVerifier &verifier) + : AclSubject(CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE), OSXVerifier(verifier) { } + + bool validate(const AclValidationContext &baseCtx) const; + CssmList toList(Allocator &alloc) const; + + void exportBlob(Writer::Counter &pub, Writer::Counter &priv); + void exportBlob(Writer &pub, Writer &priv); + + IFDUMP(void debugDump() const); + +public: + class Environment : public virtual AclValidationEnvironment { + public: + virtual bool verifyCodeSignature(const OSXVerifier &verifier, + const AclValidationContext &context) = 0; + }; + +public: + class Maker : public AclSubject::Maker { + public: + Maker() + : AclSubject::Maker(CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE) { } + CodeSignatureAclSubject *make(const TypedList &list) const; + CodeSignatureAclSubject *make(Version version, Reader &pub, Reader &priv) const; + + private: + CodeSignatureAclSubject *make(const SHA1::Byte *hash, const CssmData &commentBag) const; + }; +}; + +} // end namespace Security + + + +#endif //_H_ACL_CODESIGNING