X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5dd5f9ec28f304ca377c42fd7f711d6cf12b90e1..5c19dc3ae3bd8e40a9c028b0deddd50ff337692c:/Security/libsecurity_cdsa_utilities/lib/acl_codesigning.cpp?ds=sidebyside diff --git a/Security/libsecurity_cdsa_utilities/lib/acl_codesigning.cpp b/Security/libsecurity_cdsa_utilities/lib/acl_codesigning.cpp deleted file mode 100644 index a848449f..00000000 --- a/Security/libsecurity_cdsa_utilities/lib/acl_codesigning.cpp +++ /dev/null @@ -1,198 +0,0 @@ -/* - * Copyright (c) 2000-2006,2011,2014 Apple Inc. All Rights Reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * This file contains Original Code and/or Modifications of Original Code - * as defined in and that are subject to the Apple Public Source License - * Version 2.0 (the 'License'). You may not use this file except in - * compliance with the License. Please obtain a copy of the License at - * http://www.opensource.apple.com/apsl/ and read it before using this - * file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. - * Please see the License for the specific language governing rights and - * limitations under the License. - * - * @APPLE_LICENSE_HEADER_END@ - */ - - -// -// acl_codesigning - ACL subject for signature of calling application -// -#include -#include -#include -#include - - -// -// Code signature credentials are validated globally - they are entirely -// a feature of "the" process (defined by the environment), and take no -// samples whatsoever. -// -bool CodeSignatureAclSubject::validate(const AclValidationContext &context) const -{ - // a suitable environment is required for a match - if (Environment *env = context.environment()) - return env->verifyCodeSignature(*this, context); - else - return false; -} - - -// -// Make a copy of this subject in CSSM_LIST form. -// The format is (head), (type code: Wordid), (signature data: datum), (comment: datum) -// -CssmList CodeSignatureAclSubject::toList(Allocator &alloc) const -{ - assert(path().find('\0') == string::npos); // no embedded nulls in path - uint32_t type = CSSM_ACL_CODE_SIGNATURE_OSX; - TypedList list(alloc, CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE, - new(alloc) ListElement(type), - new(alloc) ListElement(alloc, CssmData::wrap(legacyHash(), SHA1::digestLength)), - new(alloc) ListElement(alloc, CssmData::wrap(path().c_str(), path().size() + 1))); - if (requirement()) { - CFRef reqData; - MacOSError::check(SecRequirementCopyData(requirement(), kSecCSDefaultFlags, &reqData.aref())); - list += new(alloc) ListElement(alloc, - CssmData::wrap(CFDataGetBytePtr(reqData), CFDataGetLength(reqData))); - } - for (AuxMap::const_iterator it = beginAux(); it != endAux(); it++) - list += new(alloc) ListElement(alloc, CssmData(*it->second)); - return list; -} - - -// -// Create a CodeSignatureAclSubject -// -CodeSignatureAclSubject *CodeSignatureAclSubject::Maker::make(const TypedList &list) const -{ - // there once was a format with only a hash (length 2+1). It is no longer supported - unsigned total = list.length(); // includes subject type header - if (total >= 3 + 1 - && list[1].is(CSSM_LIST_ELEMENT_WORDID) // [1] == signature type - && list[1] == CSSM_ACL_CODE_SIGNATURE_OSX - && list[2].is(CSSM_LIST_ELEMENT_DATUM) // [2] == legacy hash - && list[2].data().length() == SHA1::digestLength - && list[3].is(CSSM_LIST_ELEMENT_DATUM)) { - // structurally okay - CodeSignatureAclSubject *subj = - new CodeSignatureAclSubject(list[2].data().interpretedAs(), - list[3].data().interpretedAs()); - for (unsigned n = 3 + 1; n < total; n++) { - if (list[n].is(CSSM_LIST_ELEMENT_DATUM)) { - const BlobCore *blob = list[n].data().interpretedAs(); - if (blob->length() < sizeof(BlobCore)) { - secdebug("csblob", "runt blob (0x%x/%zd) slot %d in CSSM_LIST", - blob->magic(), blob->length(), n); - CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_SUBJECT_VALUE); - } else if (blob->length() != list[n].data().length()) { - secdebug("csblob", "badly sized blob (0x%x/%zd) slot %d in CSSM_LIST", - blob->magic(), blob->length(), n); - CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_SUBJECT_VALUE); - } - subj->add(blob); - } else - CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_SUBJECT_VALUE); - } - return subj; - } else - CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_SUBJECT_VALUE); -} - -CodeSignatureAclSubject *CodeSignatureAclSubject::Maker::make(Version version, - Reader &pub, Reader &priv) const -{ - assert(version == 0); - Endian sigType; pub(sigType); - const void *data; size_t length; pub.countedData(data, length); - const void *commentData; size_t commentLength; pub.countedData(commentData, commentLength); - if (sigType == CSSM_ACL_CODE_SIGNATURE_OSX - && length == SHA1::digestLength) { - return make((const SHA1::Byte *)data, CssmData::wrap(commentData, commentLength)); - } - CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_SUBJECT_VALUE); -} - -CodeSignatureAclSubject *CodeSignatureAclSubject::Maker::make(const SHA1::Byte *hash, - const CssmData &commentBag) const -{ - using namespace LowLevelMemoryUtilities; - const char *path = commentBag.interpretedAs(); - CodeSignatureAclSubject *subj = new CodeSignatureAclSubject(hash, path); - for (const BlobCore *blob = increment(commentBag.data(), alignUp(strlen(path) + 1, commentBagAlignment)); - blob < commentBag.end(); - blob = increment(blob, alignUp(blob->length(), commentBagAlignment))) { - size_t leftInBag = difference(commentBag.end(), blob); - if (leftInBag < sizeof(BlobCore) || blob->length() < sizeof(BlobCore) || blob->length() > leftInBag) { - secdebug("csblob", "invalid blob (0x%x/%zd) [%zd in bag] in code signing ACL for %s - stopping scan", - blob->magic(), blob->length(), leftInBag, subj->path().c_str()); - break; // can't trust anything beyond this blob - } - subj->add(blob); - } - return subj; -} - - -// -// Export the subject to a memory blob -// -void CodeSignatureAclSubject::exportBlob(Writer::Counter &pub, Writer::Counter &priv) -{ - using LowLevelMemoryUtilities::alignUp; - assert(path().find('\0') == string::npos); // no embedded nulls in path - Endian sigType = CSSM_ACL_CODE_SIGNATURE_OSX; pub(sigType); - pub.countedData(legacyHash(), SHA1::digestLength); - size_t size = path().size() + 1; - if (requirement()) { - CFRef reqData; - MacOSError::check(SecRequirementCopyData(requirement(), kSecCSDefaultFlags, &reqData.aref())); - size = alignUp(size, commentBagAlignment) + CFDataGetLength(reqData); - } - for (AuxMap::const_iterator it = beginAux(); it != endAux(); it++) { - size = alignUp(size, commentBagAlignment) + it->second->length(); - } - pub.countedData(NULL, size); -} - -void CodeSignatureAclSubject::exportBlob(Writer &pub, Writer &priv) -{ - using LowLevelMemoryUtilities::alignUp; - Endian sigType = CSSM_ACL_CODE_SIGNATURE_OSX; pub(sigType); - pub.countedData(legacyHash(), SHA1::digestLength); - CssmAutoData commentBag(Allocator::standard(), path().c_str(), path().size() + 1); - static const uint32_t zero = 0; - if (requirement()) { - CFRef reqData; - MacOSError::check(SecRequirementCopyData(requirement(), kSecCSDefaultFlags, &reqData.aref())); - commentBag.append(&zero, - alignUp(commentBag.length(), commentBagAlignment) - commentBag.length()); - commentBag.append(CFDataGetBytePtr(reqData), CFDataGetLength(reqData)); - } - for (AuxMap::const_iterator it = beginAux(); it != endAux(); it++) { - commentBag.append(&zero, - alignUp(commentBag.length(), commentBagAlignment) - commentBag.length()); - commentBag.append(CssmData(*it->second)); - } - pub.countedData(commentBag); -} - - -#ifdef DEBUGDUMP - -void CodeSignatureAclSubject::debugDump() const -{ - Debug::dump("CodeSigning "); - OSXVerifier::dump(); -} - -#endif //DEBUGDUMP