TrustedApplication.cpp [plain text]
#include <Security/TrustedApplication.h>
#include <Security/ACL.h>
#include <Security/osxsigning.h>
#include <Security/osxsigner.h>
#include <Security/trackingallocator.h>
#include <memory>
using namespace KeychainCore;
using namespace CodeSigning;
TrustedApplication::TrustedApplication(const TypedList &subject)
: mSignature(CssmAllocator::standard()),
mData(CssmAllocator::standard())
{
if (subject.type() != CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE)
throw ACL::ParseError();
if (subject[1] != CSSM_ACL_CODE_SIGNATURE_OSX)
throw ACL::ParseError();
mSignature = subject[2].data();
mData = subject[3].data();
}
TrustedApplication::TrustedApplication(const CssmData &signature, const CssmData &data) :
mSignature(CssmAllocator::standard(), signature),
mData(CssmAllocator::standard(), data)
{
}
TrustedApplication::TrustedApplication(const char *path)
: mSignature(CssmAllocator::standard()),
mData(CssmAllocator::standard())
{
OSXSigner signer;
RefPointer<OSXCode> object(OSXCode::at(path));
auto_ptr<OSXSigner::OSXSignature> signature(signer.sign(*object));
mSignature = *signature;
mData = CssmData(const_cast<char *>(path), strlen(path) + 1);
}
TrustedApplication::TrustedApplication()
: mSignature(CssmAllocator::standard()),
mData(CssmAllocator::standard())
{
OSXSigner signer;
RefPointer<OSXCode> object(OSXCode::main());
auto_ptr<OSXSigner::OSXSignature> signature(signer.sign(*object));
mSignature = *signature;
string path = object->canonicalPath();
mData.copy(path.c_str(), path.length() + 1); }
TrustedApplication::~TrustedApplication()
{
}
const CssmData &
TrustedApplication::signature() const
{
return mSignature;
}
bool
TrustedApplication::sameSignature(const char *path)
{
CssmAutoData otherSignature(CssmAllocator::standard());
calcSignature(path, otherSignature);
return (mSignature.get() == otherSignature);
}
void
TrustedApplication::calcSignature(const char *path, CssmOwnedData &signature)
{
RefPointer<CodeSigning::OSXCode> objToVerify(CodeSigning::OSXCode::at(path));
CodeSigning::OSXSigner signer;
auto_ptr<CodeSigning::OSXSigner::OSXSignature> osxSignature(signer.sign(*objToVerify));
signature.copy(osxSignature->data(), osxSignature->length());
}
TypedList TrustedApplication::makeSubject(CssmAllocator &allocator)
{
return TypedList(allocator,
CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE,
new(allocator) ListElement(CSSM_ACL_CODE_SIGNATURE_OSX),
new(allocator) ListElement(mSignature.get()),
new(allocator) ListElement(mData.get()));
}