1  /*
 2   * Copyright (c) 20015 Apple Inc. All Rights Reserved.
 3   * 
 4   * @APPLE_LICENSE_HEADER_START@
 5   * 
 6   * This file contains Original Code and/or Modifications of Original Code
 7   * as defined in and that are subject to the Apple Public Source License
 8   * Version 2.0 (the 'License'). You may not use this file except in
 9   * compliance with the License. Please obtain a copy of the License at
10   * http://www.opensource.apple.com/apsl/ and read it before using this
11   * file.
12   * 
13   * The Original Code and all software distributed under the License are
14   * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15   * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16   * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17   * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18   * Please see the License for the specific language governing rights and
19   * limitations under the License.
20   * 
21   * @APPLE_LICENSE_HEADER_END@
22   */
23  
24  //
25  // diskimagerep - DiskRep representing a single read-only compressed disk image file
26  //
27  #ifndef _H_DISKIMAGEREP
28  #define _H_DISKIMAGEREP
29  
30  #include "singlediskrep.h"
31  #include "sigblob.h"
32  #include <DiskImages/DiskImages.h>
33  #undef check	// sadness is having to live with C #defines of this kind...
34  #include <security_utilities/unix++.h>
35  
36  namespace Security {
37  namespace CodeSigning {
38  
39  
40  //
41  // DiskImageRep implements a single read-only compressed disk image file.
42  //
43  class DiskImageRep : public SingleDiskRep {
44  public:
45  	DiskImageRep(const char *path);
46  	virtual ~DiskImageRep();
47  	
48  	CFDataRef identification();
49  	CFDataRef component(CodeDirectory::SpecialSlot slot);
50  	size_t signingLimit();
51  	void strictValidate(const CodeDirectory* cd, const ToleratedErrors& tolerated, SecCSFlags flags);
52  	std::string format();
53  	void prepareForSigning(SigningContext& state);
54  	
55  	static bool candidate(UnixPlusPlus::FileDesc &fd);
56  	void registerStapledTicket();
57  
58  public:
59  	static CFDataRef identificationFor(MachO *macho);
60  	
61  public:
62  	DiskRep::Writer *writer();
63  	class Writer;
64  	friend class Writer;
65  
66  private:
67  	void setup();
68  	static bool readHeader(UnixPlusPlus::FileDesc& fd, UDIFFileHeader& header);
69  
70  private:
71  	UDIFFileHeader mHeader;						// disk image header (all fields NBO)
72  	size_t mEndOfDataOffset;					// end of payload data (data fork + XML)
73  	size_t mHeaderOffset;						// trailing header offset
74  	const EmbeddedSignatureBlob *mSigningData;	// pointer to signature SuperBlob (malloc'd memory during setup)
75  };
76  
77  
78  //
79  // The write side of a FileDiskRep
80  //
81  class DiskImageRep::Writer : public SingleDiskRep::Writer, private EmbeddedSignatureBlob::Maker {
82  	friend class FileDiskRep;
83  public:
84  	Writer(DiskImageRep *r) : SingleDiskRep::Writer(r, writerNoGlobal), rep(r), mSigningData(NULL) { }
85  	void component(CodeDirectory::SpecialSlot slot, CFDataRef data);
86  	void flush();
87  	void addDiscretionary(CodeDirectory::Builder &builder);
88  	
89  private:
90  	DiskImageRep *rep;
91  	EmbeddedSignatureBlob *mSigningData;
92  };
93  
94  
95  } // end namespace CodeSigning
96  } // end namespace Security
97  
98  #endif // !_H_DISKIMAGEREP