1/* 2 * Copyright (c) 2006-2007 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24 25// 26// csproxy - Code Signing Hosting Proxy 27// 28#ifndef _H_CSPROXY 29#define _H_CSPROXY 30 31#include <security_utilities/cfutilities.h> 32#include <security_cdsa_utilities/handleobject.h> 33#include <security_utilities/mach++.h> 34#include <security_utilities/machserver.h> 35#include <security_cdsa_utilities/cssmdata.h> 36#include <Security/SecCodeHost.h> 37#include <string> 38#include <map> 39 40using MachPlusPlus::Port; 41using MachPlusPlus::MachServer; 42 43 44// 45// CodeSigningHost is a mix-in for an object representing a primary 46// Code Signing host object. It performs two notionally separate functions: 47// (1) Register a hosting port. 48// (2) Optionally, maintain a guest registry to offload the host's work. 49// 50class CodeSigningHost : private MachServer::Handler { 51public: 52 CodeSigningHost(); 53 ~CodeSigningHost(); 54 void reset(); 55 56 enum HostingState { 57 noHosting, // is not a host (yet), could go either way 58 dynamicHosting, // gave us its own hosting port to keep 59 proxyHosting // we act as a proxy for it 60 }; 61 62 enum GuestCheck { 63 strict, // direct guest relationship required 64 loose // indirect or identity is okay (prefix check) 65 }; 66 67 struct Guest : public RefCount, public HandleObject { 68 public: 69 ~Guest(); 70 std::vector<SecGuestRef> guestPath; // guest chain to this guest 71 uint32_t status; // dynamic status 72 std::string path; // canonical code path 73 CFRef<CFDictionaryRef> attributes; // matching attributes set 74 CFRef<CFDataRef> cdhash; // hash of CodeDirectory as specified by host 75 bool dedicated; // host is dedicated (and this is the only guest) 76 77 operator bool() const { return attributes; } // exists 78 SecGuestRef guestRef() const { return handle(); } 79 void setAttributes(const CssmData &attrData); 80 CFDataRef attrData() const; 81 void setHash(const CssmData &given, bool generate); 82 83 bool isGuestOf(Guest *host, GuestCheck check) const; 84 bool matches(CFIndex count, CFTypeRef keys[], CFTypeRef values[]) const; 85 86 IFDUMP(void dump() const); 87 88 private: 89 mutable CFRef<CFDataRef> mAttrData; // XML form of attributes (must live until guest destruction) 90 }; 91 92 void registerCodeSigning(mach_port_t hostingPort, SecCSFlags flags); 93 Port hostingPort() const { return mHostingPort; } 94 95 SecGuestRef createGuest(SecGuestRef guest, 96 uint32_t status, const char *path, 97 const CssmData &cdhash, const CssmData &attributes, SecCSFlags flags); 98 void setGuestStatus(SecGuestRef guest, uint32_t status, const CssmData &attributes); 99 void removeGuest(SecGuestRef host, SecGuestRef guest); 100 101public: 102 IFDUMP(void dump() const); 103 104public: 105 // internal use only (public for use by MIG handlers) 106 Guest *findHost(SecGuestRef hostRef); // find most dedicated guest of this host 107 Guest *findGuest(Guest *host, const CssmData &attrData); // by host and attributes 108 Guest *findGuest(SecGuestRef guestRef, bool hostOk = false); // by guest reference 109 Guest *findGuest(Guest *host); // any guest of this host 110 111 class Lock; 112 friend class Lock; 113 114private: 115 boolean_t handle(mach_msg_header_t *in, mach_msg_header_t *out); 116 void eraseGuest(Guest *guest); 117 118private: 119 mutable Mutex mLock; // protects everything below 120 121 // host port registry 122 HostingState mHostingState; // status of hosting support 123 Port mHostingPort; // his or ours or NULL 124 125 // guest map (only used if mHostingState == proxyHosting) 126 typedef std::map<SecGuestRef, RefPointer<Guest> > GuestMap; 127 GuestMap mGuests; 128}; 129 130 131#endif //_H_CSPROXY 132