X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/72a12576750f52947eb043106ba5c12c0d07decf..b1ab9ed8d0e0f1c3b66d7daa8fd5564444c56195:/libsecurity_codesigning/lib/cs.h

diff --git a/libsecurity_codesigning/lib/cs.h b/libsecurity_codesigning/lib/cs.h
new file mode 100644
index 00000000..1cd9306b
--- /dev/null
+++ b/libsecurity_codesigning/lib/cs.h
@@ -0,0 +1,184 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+//
+// cs.h - code signing core header
+//
+#ifndef _H_CS
+#define _H_CS
+
+#include "cserror.h"
+#include "codesigning_dtrace.h"
+#include <Security/CSCommonPriv.h>
+#include <Security/SecCodePriv.h>
+#include <Security/SecStaticCodePriv.h>
+#include <Security/SecRequirementPriv.h>
+#include <Security/SecCodeSigner.h>
+#include <Security/SecBasePriv.h>
+#include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+#include <security_utilities/globalizer.h>
+#include <security_utilities/seccfobject.h>
+#include <security_utilities/cfclass.h>
+#include <security_utilities/errors.h>
+#include <security_utilities/sqlite++.h>
+#include <security_utilities/cfutilities.h>
+
+
+namespace Security {
+namespace CodeSigning {
+
+
+//
+// API per-thread globals
+//
+struct PerThread {
+	SecCSFlags flags;				// flags of pending API call
+};
+
+
+//
+// API globals
+//
+struct CFObjects {
+	CFObjects();
+	CFClass Code;
+	CFClass StaticCode;
+	CFClass Requirement;
+	CFClass CodeSigner;
+
+	ThreadNexus<PerThread> perThread;
+	
+	SecCSFlags &flags() { return perThread().flags; }
+};
+
+extern ModuleNexus<CFObjects> gCFObjects;
+
+static inline SecCSFlags apiFlags() { return gCFObjects().flags(); }
+
+OSStatus dbError(const SQLite3::Error &err);
+
+
+//
+// Code Signing API brackets
+//
+#define BEGIN_CSAPI \
+    try {
+	
+#define END_CSAPI \
+    } \
+	catch (const UnixError &err) { \
+		switch (err.error) { \
+		case ENOEXEC: return errSecCSBadObjectFormat; \
+		default: return err.osStatus(); \
+		}} \
+    catch (const MacOSError &err) { return err.osStatus(); } \
+    catch (const SQLite3::Error &err) { return dbError(err); } \
+    catch (const CommonError &err) { return SecKeychainErrFromOSStatus(err.osStatus()); } \
+    catch (const std::bad_alloc &) { return memFullErr; } \
+    catch (...) { return errSecCSInternalError; } \
+	return noErr;
+	
+#define END_CSAPI_ERRORS \
+	} \
+	catch (const CSError &err) { return err.cfError(errors); } \
+	catch (const UnixError &err) { \
+		switch (err.error) { \
+		case ENOEXEC: return CSError::cfError(errors, errSecCSBadObjectFormat); \
+		default: return CSError::cfError(errors, err.osStatus()); \
+		}} \
+    catch (const MacOSError &err) { return CSError::cfError(errors, err.osStatus()); } \
+    catch (const SQLite3::Error &err) { return CSError::cfError(errors, dbError(err)); } \
+    catch (const CommonError &err) { return CSError::cfError(errors, SecKeychainErrFromOSStatus(err.osStatus())); } \
+    catch (const std::bad_alloc &) { return CSError::cfError(errors, memFullErr); } \
+    catch (...) { return CSError::cfError(errors, errSecCSInternalError); } \
+	return noErr;
+	
+#define END_CSAPI1(bad)    } catch (...) { return bad; }
+
+	
+#define END_CSAPI_ERRORS1(bad) \
+	} \
+	catch (const CSError &err) { err.cfError(errors); } \
+	catch (const UnixError &err) { \
+		switch (err.error) { \
+		case ENOEXEC: CSError::cfError(errors, errSecCSBadObjectFormat); \
+		default: CSError::cfError(errors, err.osStatus()); \
+		}} \
+    catch (const MacOSError &err) { CSError::cfError(errors, err.osStatus()); } \
+    catch (const SQLite3::Error &err) { CSError::cfError(errors, dbError(err)); } \
+    catch (const CommonError &err) { CSError::cfError(errors, SecKeychainErrFromOSStatus(err.osStatus())); } \
+    catch (const std::bad_alloc &) { CSError::cfError(errors, memFullErr); } \
+    catch (...) { CSError::cfError(errors, errSecCSInternalError); } \
+	return bad;
+
+
+//
+// A version of CodeSigning::Required
+//
+template <class T>
+static inline T &Required(T *ptr)
+{
+	if (ptr == NULL)
+		MacOSError::throwMe(errSecCSObjectRequired);
+	return *ptr;
+}
+
+static inline void Required(const void *ptr)
+{
+	if (ptr == NULL)
+		MacOSError::throwMe(errSecCSObjectRequired);
+}
+
+
+//
+// Check flags against a validity mask
+//
+static inline void checkFlags(SecCSFlags flags, SecCSFlags acceptable = 0)
+{
+	if (flags & ~acceptable)
+		MacOSError::throwMe(errSecCSInvalidFlags);
+	gCFObjects().flags() = flags;
+}
+
+
+//
+// DTrace USDT function bracket.
+// Use like this:
+//	DTRACK(PROVIDER_PROBE_PREFIX, arguments-after-this);
+// which will call
+//	PROVIDER_PROBE_PREFIX_START(this, arguments-after-this)
+// and
+//	PROVIDER_PROBE_PREFIX_END(this)
+//
+#define DTRACK(_prefix, _obj, _args...) \
+	if (_prefix ## _START_ENABLED()) _prefix ## _START((_obj), ## _args); \
+	struct _DTFrame ## _prefix { void *me; \
+		_DTFrame ## _prefix(void *m) : me(m) { } \
+		~_DTFrame ## _prefix() { _prefix ## _END(me); } \
+	} _dtframe##_prefix((_obj));
+
+
+}	// CodeSigning
+}	// Security
+
+#endif //_H_CS