X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/80e2389990082500d76eb566d4946be3e786c3ef..d8f41ccd20de16f8ebe2ccc84d47bf1cb2b26bbb:/libsecurity_codesigning/lib/signer.h?ds=inline diff --git a/libsecurity_codesigning/lib/signer.h b/libsecurity_codesigning/lib/signer.h deleted file mode 100644 index d27abcb2..00000000 --- a/libsecurity_codesigning/lib/signer.h +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright (c) 2006-2010 Apple Inc. All Rights Reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * This file contains Original Code and/or Modifications of Original Code - * as defined in and that are subject to the Apple Public Source License - * Version 2.0 (the 'License'). You may not use this file except in - * compliance with the License. Please obtain a copy of the License at - * http://www.opensource.apple.com/apsl/ and read it before using this - * file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. - * Please see the License for the specific language governing rights and - * limitations under the License. - * - * @APPLE_LICENSE_HEADER_END@ - */ - -// -// signer - Signing operation supervisor and controller -// -#ifndef _H_SIGNER -#define _H_SIGNER - -#include "CodeSigner.h" -#include "cdbuilder.h" -#include "signerutils.h" -#include "StaticCode.h" -#include - -namespace Security { -namespace CodeSigning { - - -// -// The signer driver class. -// This is a workflow object, containing all the data needed for the various -// signing stages to cooperate. It is not meant to be API visible; that is -// SecCodeSigner's job. -// -class SecCodeSigner::Signer { -public: - Signer(SecCodeSigner &s, SecStaticCode *c) : state(s), code(c), requirements(NULL) - { strict = state.signingFlags() & kSecCSSignStrictPreflight; } - ~Signer() { ::free((Requirements *)requirements); } - - void sign(SecCSFlags flags); - void remove(SecCSFlags flags); - - SecCodeSigner &state; - SecStaticCode * const code; - - CodeDirectory::HashAlgorithm digestAlgorithm() const { return state.mDigestAlgorithm; } - - std::string path() const { return cfString(rep->copyCanonicalPath()); } - SecIdentityRef signingIdentity() const { return state.mSigner; } - std::string signingIdentifier() const { return identifier; } - -protected: - void prepare(SecCSFlags flags); // set up signing parameters - void signMachO(Universal *fat, const Requirement::Context &context); // sign a Mach-O binary - void signArchitectureAgnostic(const Requirement::Context &context); // sign anything else - - void populate(DiskRep::Writer &writer); // global - void populate(CodeDirectory::Builder &builder, DiskRep::Writer &writer, - InternalRequirements &ireqs, size_t offset = 0, size_t length = 0); // per-architecture - CFDataRef signCodeDirectory(const CodeDirectory *cd); - - uint32_t cdTextFlags(std::string text); // convert text CodeDirectory flags - std::string uniqueName() const; // derive unique string from rep - -protected: - void buildResources(std::string root, std::string relBase, CFDictionaryRef rules); - CFMutableDictionaryRef signNested(FTSENT *ent, const char *relpath); - CFDataRef hashFile(const char *path); - -private: - RefPointer rep; // DiskRep of Code being signed - CFRef resourceDirectory; // resource directory - CFRef resourceDictData; // XML form of resourceDirectory - std::string identifier; // signing identifier - std::string teamID; // team identifier - CFRef entitlements; // entitlements - uint32_t cdFlags; // CodeDirectory flags - const Requirements *requirements; // internal requirements ready-to-use - size_t pagesize; // size of main executable pages - CFAbsoluteTime signingTime; // signing time for CMS signature (0 => none) - bool strict; // strict validation -}; - - -} // end namespace CodeSigning -} // end namespace Security - -#endif // !_H_CODESIGNER