acl_codesigning.cpp [plain text]
#ifdef __MWERKS__
#define _CPP_ACL_CODESIGNING
#endif
#include <Security/acl_codesigning.h>
#include <Security/cssmdata.h>
#include <Security/endian.h>
#include <algorithm>
CodeSignatureAclSubject::CodeSignatureAclSubject(CssmAllocator &alloc,
const Signature *signature, const void *comment, size_t commentLength)
: AclSubject(CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE),
allocator(alloc), mSignature(signature),
mHaveComment(true), mComment(alloc, comment, commentLength)
{ }
CodeSignatureAclSubject::CodeSignatureAclSubject(CssmAllocator &alloc,
const Signature *signature)
: AclSubject(CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE),
allocator(alloc), mSignature(signature), mHaveComment(false), mComment(alloc)
{ }
CodeSignatureAclSubject::~CodeSignatureAclSubject()
{
delete mSignature;
}
bool CodeSignatureAclSubject::validate(const AclValidationContext &context) const
{
if (Environment *env = context.environment<Environment>())
return env->verifyCodeSignature(mSignature,
mHaveComment ? &mComment.get() : NULL);
else
return false;
}
CssmList CodeSignatureAclSubject::toList(CssmAllocator &alloc) const
{
TypedList list(alloc, CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE,
new(alloc) ListElement(mSignature->type()),
new(alloc) ListElement(alloc.alloc(*mSignature)));
if (mHaveComment)
list += new(alloc) ListElement(alloc.alloc(mComment));
return list;
}
CodeSignatureAclSubject *CodeSignatureAclSubject::Maker::make(const TypedList &list) const
{
CssmAllocator &alloc = CssmAllocator::standard();
if (list.length() == 3+1) {
ListElement *elem[3];
crack(list, 3, elem,
CSSM_LIST_ELEMENT_WORDID, CSSM_LIST_ELEMENT_DATUM, CSSM_LIST_ELEMENT_DATUM);
CssmData &commentData(*elem[2]);
return new CodeSignatureAclSubject(alloc, signer.restore(*elem[0], *elem[1]),
commentData.data(), commentData.length());
} else {
ListElement *elem[2];
crack(list, 2, elem,
CSSM_LIST_ELEMENT_WORDID, CSSM_LIST_ELEMENT_DATUM);
return new CodeSignatureAclSubject(alloc, signer.restore(*elem[0], *elem[1]));
}
}
CodeSignatureAclSubject *CodeSignatureAclSubject::Maker::make(Version version,
Reader &pub, Reader &priv) const
{
assert(version == 0);
CssmAllocator &alloc = CssmAllocator::standard();
Endian<uint32> sigType; pub(sigType);
const void *data; uint32 length; pub.countedData(data, length);
const void *commentData; uint32 commentLength; pub.countedData(commentData, commentLength);
return new CodeSignatureAclSubject(alloc,
signer.restore(sigType, data, length),
commentData, commentLength);
}
void CodeSignatureAclSubject::exportBlob(Writer::Counter &pub, Writer::Counter &priv)
{
Endian<uint32> sigType = mSignature->type(); pub(sigType);
pub.countedData(*mSignature);
pub.countedData(mComment);
}
void CodeSignatureAclSubject::exportBlob(Writer &pub, Writer &priv)
{
Endian<uint32> sigType = mSignature->type(); pub(sigType);
pub.countedData(*mSignature);
pub.countedData(mComment);
}
#ifdef DEBUGDUMP
void CodeSignatureAclSubject::debugDump() const
{
Debug::dump("CodeSigning");
if (mHaveComment) {
Debug::dump(" comment=");
Debug::dumpData(mComment);
}
}
#endif //DEBUGDUMP