SecTrustedApplication.cpp [plain text]
#include <Security/SecTrustedApplicationPriv.h>
#include <Security/TrustedApplication.h>
#include <Security/ssclient.h>
#include "SecBridge.h"
CFTypeID
SecTrustedApplicationGetTypeID(void)
{
BEGIN_SECAPI
return gTypes().TrustedApplication.typeID;
END_SECAPI1(_kCFRuntimeNotATypeID)
}
OSStatus
SecTrustedApplicationCreateFromPath(const char *path, SecTrustedApplicationRef *appRef)
{
BEGIN_SECAPI
SecPointer<TrustedApplication> app =
path ? new TrustedApplication(path) : new TrustedApplication;
Required(appRef) = app->handle();
END_SECAPI
}
OSStatus SecTrustedApplicationCopyData(SecTrustedApplicationRef appRef,
CFDataRef *dataRef)
{
BEGIN_SECAPI
const CssmData &data = TrustedApplication::required(appRef)->data();
Required(dataRef) = CFDataCreate(NULL, (const UInt8 *)data.data(), data.length());
END_SECAPI
}
OSStatus SecTrustedApplicationSetData(SecTrustedApplicationRef appRef,
CFDataRef dataRef)
{
BEGIN_SECAPI
TrustedApplication::required(appRef)->data(cfData(dataRef));
END_SECAPI
}
OSStatus
SecTrustedApplicationValidateWithPath(SecTrustedApplicationRef appRef, const char *path)
{
BEGIN_SECAPI
TrustedApplication &app = *TrustedApplication::required(appRef);
if (!app.sameSignature(path ? path : app.path()))
return CSSMERR_CSP_VERIFY_FAILED;
END_SECAPI
}
OSStatus
SecTrustedApplicationMakeEquivalent(SecTrustedApplicationRef oldRef,
SecTrustedApplicationRef newRef, UInt32 flags)
{
BEGIN_SECAPI
if (flags & ~kSecApplicationValidFlags)
return paramErr;
SecurityServer::ClientSession ss(CssmAllocator::standard(), CssmAllocator::standard());
TrustedApplication *oldApp = TrustedApplication::required(oldRef);
TrustedApplication *newApp = TrustedApplication::required(newRef);
ss.addCodeEquivalence(oldApp->signature(), newApp->signature(), oldApp->path(),
flags & kSecApplicationFlagSystemwide);
END_SECAPI
}
OSStatus
SecTrustedApplicationRemoveEquivalence(SecTrustedApplicationRef appRef, UInt32 flags)
{
BEGIN_SECAPI
if (flags & ~kSecApplicationValidFlags)
return paramErr;
SecurityServer::ClientSession ss(CssmAllocator::standard(), CssmAllocator::standard());
TrustedApplication *app = TrustedApplication::required(appRef);
ss.removeCodeEquivalence(app->signature(), app->path(),
flags & kSecApplicationFlagSystemwide);
END_SECAPI
}
OSStatus
SecTrustedApplicationIsUpdateCandidate(const char *installroot, const char *path)
{
BEGIN_SECAPI
if (installroot) {
size_t rootlen = strlen(installroot);
if (!strncmp(installroot, path, rootlen))
path += rootlen - 1; }
static ModuleNexus<PathDatabase> paths;
if (!paths()[path])
return CSSMERR_DL_RECORD_NOT_FOUND; END_SECAPI
}
OSStatus
SecTrustedApplicationUseAlternateSystem(const char *systemRoot)
{
BEGIN_SECAPI
Required(systemRoot);
SecurityServer::ClientSession ss(CssmAllocator::standard(), CssmAllocator::standard());
ss.setAlternateSystemRoot(systemRoot);
END_SECAPI
}