Cradicle Explorer
darling-security
/ OSX / libsecurity_keychain / lib / TrustedApplication.cpp
TrustedApplication.cpp
  1  /*
  2   * Copyright (c) 2002-2004,2011-2014 Apple Inc. All Rights Reserved.
  3   *
  4   * @APPLE_LICENSE_HEADER_START@
  5   * 
  6   * This file contains Original Code and/or Modifications of Original Code
  7   * as defined in and that are subject to the Apple Public Source License
  8   * Version 2.0 (the 'License'). You may not use this file except in
  9   * compliance with the License. Please obtain a copy of the License at
 10   * http://www.opensource.apple.com/apsl/ and read it before using this
 11   * file.
 12   * 
 13   * The Original Code and all software distributed under the License are
 14   * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 15   * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 16   * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 17   * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 18   * Please see the License for the specific language governing rights and
 19   * limitations under the License.
 20   * 
 21   * @APPLE_LICENSE_HEADER_END@
 22   */
 23  
 24  //
 25  // TrustedApplication.cpp
 26  //
 27  #include <security_keychain/TrustedApplication.h>
 28  #include <security_keychain/ACL.h>
 29  #include <security_utilities/osxcode.h>
 30  #include <security_utilities/trackingallocator.h>
 31  #include <security_cdsa_utilities/acl_codesigning.h>
 32  #include <sys/syslimits.h>
 33  #include <memory>
 34  
 35  using namespace KeychainCore;
 36  
 37  
 38  //
 39  // Create a TrustedApplication from a code-signing ACL subject.
 40  // Throws ACL::ParseError if the subject is unexpected.
 41  //
 42  TrustedApplication::TrustedApplication(const TypedList &subject)
 43  {
 44  	try {
 45  		CodeSignatureAclSubject::Maker maker;
 46  		mForm = maker.make(subject);
 47  		secinfo("trustedapp", "%p created from list form", this);
 48  		IFDUMPING("codesign", mForm->AclSubject::dump("STApp created from list"));
 49  	} catch (...) {
 50  		throw ACL::ParseError();
 51  	}
 52  }
 53  
 54  
 55  //
 56  // Create a TrustedApplication from a path-to-object-on-disk
 57  //
 58  TrustedApplication::TrustedApplication(const std::string &path)
 59  {
 60  	RefPointer<OSXCode> code(OSXCode::at(path));
 61  	mForm = new CodeSignatureAclSubject(OSXVerifier(code));
 62  	secinfo("trustedapp", "%p created from path %s", this, path.c_str());
 63  	IFDUMPING("codesign", mForm->AclSubject::dump("STApp created from path"));
 64  }
 65  
 66  
 67  //
 68  // Create a TrustedApplication for the calling process
 69  //
 70  TrustedApplication::TrustedApplication()
 71  {
 72  	//@@@@ should use CS's idea of "self"
 73  	RefPointer<OSXCode> me(OSXCode::main());
 74  	mForm = new CodeSignatureAclSubject(OSXVerifier(me));
 75  	secinfo("trustedapp", "%p created from self", this);
 76  	IFDUMPING("codesign", mForm->AclSubject::dump("STApp created from self"));
 77  }
 78  
 79  
 80  //
 81  // Create a TrustedApplication from a SecRequirementRef.
 82  // Note that the path argument is only stored for documentation;
 83  // it is NOT used to denote anything on disk.
 84  //
 85  TrustedApplication::TrustedApplication(const std::string &path, SecRequirementRef reqRef)
 86  {
 87  	CFRef<CFDataRef> reqData;
 88  	MacOSError::check(SecRequirementCopyData(reqRef, kSecCSDefaultFlags, &reqData.aref()));
 89  	mForm = new CodeSignatureAclSubject(NULL, path);
 90  	mForm->add((const BlobCore *)CFDataGetBytePtr(reqData));
 91  	secinfo("trustedapp", "%p created from path %s and requirement %p",
 92  		this, path.c_str(), reqRef);
 93  	IFDUMPING("codesign", mForm->debugDump());
 94  }
 95  
 96  
 97  TrustedApplication::~TrustedApplication()
 98  { /* virtual */ }
 99  
100  
101  //
102  // Convert from/to external data form.
103  //
104  // Since a TrustedApplication's data is essentially a CodeSignatureAclSubject,
105  // we just use the subject's externalizer to produce the data. That requires us
106  // to use the somewhat idiosyncratic linearizer used by CSSM ACL subjects, but
107  // that's a small price to pay for consistency.
108  //
109  TrustedApplication::TrustedApplication(CFDataRef external)
110  {
111  	AclSubject::Reader pubReader(CFDataGetBytePtr(external)), privReader;
112  	mForm = CodeSignatureAclSubject::Maker().make(0, pubReader, privReader);
113  }
114  
115  CFDataRef TrustedApplication::externalForm() const
116  {
117  	AclSubject::Writer::Counter pubCounter, privCounter;
118  	mForm->exportBlob(pubCounter, privCounter);
119  	if (privCounter > 0)	// private exported data - format violation
120  		CssmError::throwMe(CSSMERR_CSSM_INTERNAL_ERROR);
121  	CFRef<CFMutableDataRef> data = CFDataCreateMutable(NULL, pubCounter);
122  	CFDataSetLength(data, pubCounter);
123  	if (CFDataGetLength(data) < CFIndex(pubCounter))
124  		CFError::throwMe();
125  	AclSubject::Writer pubWriter(CFDataGetMutableBytePtr(data)), privWriter;
126  	mForm->exportBlob(pubWriter, privWriter);
127  	return data.yield();
128  }
129  
130  void TrustedApplication::data(CFDataRef data)
131  {
132  	const char *p = (const char *)CFDataGetBytePtr(data);
133  	const std::string path(p, p + CFDataGetLength(data));
134  	RefPointer<OSXCode> code(OSXCode::at(path));
135  	mForm = new CodeSignatureAclSubject(OSXVerifier(code));
136  }
137  
138  //
139  // Direct verification interface.
140  // If path == NULL, we verify against the running code itself.
141  //
142  bool TrustedApplication::verifyToDisk(const char *path)
143  {
144  	if (SecRequirementRef requirement = mForm->requirement()) {
145  		secinfo("trustedapp", "%p validating requirement against path %s", this, path);
146  		CFRef<SecStaticCodeRef> ondisk;
147  		if (path)
148  			MacOSError::check(SecStaticCodeCreateWithPath(CFTempURL(path),
149  				kSecCSDefaultFlags, &ondisk.aref()));
150  		else
151  			MacOSError::check(SecCodeCopySelf(kSecCSDefaultFlags, (SecCodeRef *)&ondisk.aref()));
152  		return SecStaticCodeCheckValidity(ondisk, kSecCSDefaultFlags, requirement) == errSecSuccess;
153  	} else {
154  		secinfo("trustedapp", "%p validating hash against path %s", this, path);
155  		RefPointer<OSXCode> code = path ? OSXCode::at(path) : OSXCode::main();
156  		SHA1::Digest ondiskDigest;
157  		OSXVerifier::makeLegacyHash(code, ondiskDigest);
158  		return memcmp(ondiskDigest, mForm->legacyHash(), sizeof(ondiskDigest)) == 0;
159  	}
160  }
161  
162  
163  //
164  // Produce a TypedList representing a code-signing ACL subject
165  // for this application.
166  // Memory is allocated from the allocator given, and belongs to
167  // the caller.
168  //
169  CssmList TrustedApplication::makeSubject(Allocator &allocator)
170  {
171  	return mForm->toList(allocator);
172  }
173  
174