X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/fa7225c82381bac4432a6edf16f53b5370238d85..ee5f17c73ddf6cea151be3383378b7972c71f538:/OSX/libsecurity_codesigning/lib/bundlediskrep.h?ds=sidebyside diff --git a/OSX/libsecurity_codesigning/lib/bundlediskrep.h b/OSX/libsecurity_codesigning/lib/bundlediskrep.h index 92269613..af3e40e2 100644 --- a/OSX/libsecurity_codesigning/lib/bundlediskrep.h +++ b/OSX/libsecurity_codesigning/lib/bundlediskrep.h @@ -30,6 +30,14 @@ #include "diskrep.h" #include "machorep.h" +#include + +#if TARGET_OS_OSX +__BEGIN_DECLS +#include +__END_DECLS +#endif + namespace Security { namespace CodeSigning { @@ -47,14 +55,16 @@ namespace CodeSigning { // if it is in Mach-O format, or in files in a _CodeSignature directory if not. // This DiskRep supports resource sealing. // -class BundleDiskRep : public DiskRep { +class BundleDiskRep : public DiskRep, public EditableDiskRep { public: BundleDiskRep(const char *path, const Context *ctx = NULL); BundleDiskRep(CFBundleRef ref, const Context *ctx = NULL); ~BundleDiskRep(); CFDataRef component(CodeDirectory::SpecialSlot slot); + RawComponentMap createRawComponents(); CFDataRef identification(); + DiskRep *mainExecRep() const { return mExecRep.get(); }; std::string mainExecutablePath(); CFURLRef copyCanonicalPath(); std::string resourcesRootPath(); @@ -64,6 +74,8 @@ public: void prepareForSigning(SigningContext &context); size_t signingBase(); size_t signingLimit(); + size_t execSegBase(const Architecture *arch); + size_t execSegLimit(const Architecture *arch); std::string format(); CFArrayRef modifiedFiles(); UnixPlusPlus::FileDesc &fd(); @@ -76,8 +88,13 @@ public: size_t pageSize(const SigningContext &ctx); void strictValidate(const CodeDirectory* cd, const ToleratedErrors& tolerated, SecCSFlags flags); + void strictValidateStructure(const CodeDirectory* cd, const ToleratedErrors& tolerated, SecCSFlags flags); CFArrayRef allowedResourceOmissions(); + void registerStapledTicket(); + + bool appleInternalForcePlatform() const {return forcePlatform;}; + CFBundleRef bundle() const { return mBundle; } public: @@ -116,6 +133,7 @@ private: bool mComponentsFromExecValid; // mComponentsFromExec is valid (tri-state) std::set mUsedComponents; // remember what components we've retrieved std::set mStrictErrors; // strict validation errors encountered + bool forcePlatform; // treat as anchor apple on apple internal };