Cradicle Explorer
darling-security
/ securityd / src / codesigdb.h
codesigdb.h
  1  /*
  2   * Copyright (c) 2003-2007,2016 Apple Inc. All Rights Reserved.
  3   *
  4   * @APPLE_LICENSE_HEADER_START@
  5   *
  6   * This file contains Original Code and/or Modifications of Original Code
  7   * as defined in and that are subject to the Apple Public Source License
  8   * Version 2.0 (the 'License'). You may not use this file except in
  9   * compliance with the License. Please obtain a copy of the License at
 10   * http://www.opensource.apple.com/apsl/ and read it before using this
 11   * file.
 12   *
 13   * The Original Code and all software distributed under the License are
 14   * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 15   * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 16   * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 17   * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 18   * Please see the License for the specific language governing rights and
 19   * limitations under the License.
 20   *
 21   * @APPLE_LICENSE_HEADER_END@
 22   */
 23  
 24  
 25  //
 26  // codesigdb - code-hash equivalence database
 27  //
 28  #ifndef _H_CODESIGDB
 29  #define _H_CODESIGDB
 30  
 31  #include "acls.h"
 32  #include <security_cdsa_utilities/db++.h>
 33  #include <security_cdsa_utilities/osxverifier.h>
 34  #include <Security/CodeSigning.h>
 35  
 36  
 37  class Process;
 38  class CodeSignatures;
 39  
 40  
 41  //
 42  // A CodeSignatures object represents a database of code-signature equivalencies
 43  // as (previously) expressed by a user and/or the system.
 44  // You'll usually only need one of these.
 45  //
 46  class CodeSignatures {
 47  public:
 48  	//
 49  	// Identity is an abstract class modeling a code-identity in the database.
 50  	// It can represent either an existing or latent code-hash link.
 51  	// Subclass must provide path and hash source functions.
 52  	//
 53  	class Identity {
 54  		friend class CodeSignatures;
 55  	public:
 56  		Identity();
 57  		virtual ~Identity();
 58  
 59  		operator bool () const				{ return mState == valid; }
 60  		std::string path()					{ return getPath(); }
 61  		std::string name() 					{ return canonicalName(path()); }
 62  		std::string trustedName() const		{ return mName; }
 63  
 64  		static std::string canonicalName(const std::string &path);
 65  
 66  		IFDUMP(void debugDump(const char *how = NULL) const);
 67  
 68  		virtual std::string getPath() const = 0;
 69  		virtual const CssmData getHash() const = 0;
 70  
 71  	private:
 72  		enum { untried, valid, invalid } mState;
 73  		std::string mName;		// link db value (canonical name linked to)
 74  	};
 75  
 76  public:
 77  	CodeSignatures();
 78  	~CodeSignatures();
 79  
 80  	void open(const char *path);
 81  
 82  public:
 83  	bool find(Identity &id, uid_t user);
 84  
 85  	void makeLink(Identity &id, const std::string &ident, bool forUser = false, uid_t user = 0);
 86  
 87  	void addLink(const CssmData &oldHash, const CssmData &newHash,
 88  		const char *name, bool forSystem);
 89  	void removeLink(const CssmData &hash, const char *name, bool forSystem);
 90  
 91  	IFDUMP(void debugDump(const char *how = NULL) const);
 92  
 93  public:
 94  	bool verify(Process &process, const OSXVerifier &verifier, const AclValidationContext &context);
 95  
 96  private:
 97  	OSStatus matchSignedClientToLegacyACL(Process &process,
 98  		const OSXVerifier &verifier, const AclValidationContext &context);
 99  
100  private:
101  	UnixPlusPlus::UnixDb mDb;
102  
103  	// lock hierarchy: mUILock first, then mDatabaseLock, no back-off
104  	Mutex mDatabaseLock;			// controls mDb access
105  	Mutex mUILock;					// serializes user interaction
106  };
107  
108  
109  
110  #endif //_H_CODESIGDB