]> git.saurik.com Git - apple/securityd.git/blob - src/codesigdb.h
securityd-55126.2.tar.gz
[apple/securityd.git] / src / codesigdb.h
1 /*
2 * Copyright (c) 2003-2007 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25 //
26 // codesigdb - code-hash equivalence database
27 //
28 #ifndef _H_CODESIGDB
29 #define _H_CODESIGDB
30
31 #include "acls.h"
32 #include <security_cdsa_utilities/db++.h>
33 #include <security_cdsa_utilities/osxverifier.h>
34 #include <Security/CodeSigning.h>
35
36
37 class Process;
38 class CodeSignatures;
39
40
41 //
42 // A CodeSignaturse object represents a database of code-signature equivalencies
43 // as (previously) expressed by a user and/or the system.
44 // You'll usually only need one of these.
45 //
46 class CodeSignatures {
47 public:
48 //
49 // Identity is an abstract class modeling a code-identity in the database.
50 // It can represent either an existing or latent code-hash link.
51 // Subclass must provide path and hash source functions.
52 //
53 class Identity {
54 friend class CodeSignatures;
55 public:
56 Identity();
57 virtual ~Identity();
58
59 operator bool () const { return mState == valid; }
60 std::string path() { return getPath(); }
61 std::string name() { return canonicalName(path()); }
62 std::string trustedName() const { return mName; }
63
64 static std::string canonicalName(const std::string &path);
65
66 IFDUMP(void debugDump(const char *how = NULL) const);
67
68 virtual std::string getPath() const = 0;
69 virtual const CssmData getHash() const = 0;
70
71 private:
72 enum { untried, valid, invalid } mState;
73 std::string mName; // link db value (canonical name linked to)
74 };
75
76 public:
77 CodeSignatures(const char *path);
78 ~CodeSignatures();
79
80 void open(const char *path);
81
82 public:
83 bool find(Identity &id, uid_t user);
84
85 void makeLink(Identity &id, const std::string &ident, bool forUser = false, uid_t user = 0);
86
87 void addLink(const CssmData &oldHash, const CssmData &newHash,
88 const char *name, bool forSystem);
89 void removeLink(const CssmData &hash, const char *name, bool forSystem);
90
91 IFDUMP(void debugDump(const char *how = NULL) const);
92
93 public:
94 bool verify(Process &process, const OSXVerifier &verifier, const AclValidationContext &context);
95
96 private:
97 OSStatus matchSignedClientToLegacyACL(Process &process, SecCodeRef code,
98 const OSXVerifier &verifier, const AclValidationContext &context);
99 bool verifyLegacy(Process &process, const CssmData &signature, string path);
100
101 private:
102 UnixPlusPlus::UnixDb mDb;
103
104 // lock hierarchy: mUILock first, then mDatabaseLock, no back-off
105 Mutex mDatabaseLock; // controls mDb access
106 Mutex mUILock; // serializes user interaction
107 };
108
109
110
111 #endif //_H_CODESIGDB