#ifndef _H_SIGNER
#define _H_SIGNER
#include "CodeSigner.h"
#include "cdbuilder.h"
#include "signerutils.h"
#include "StaticCode.h"
#include <security_utilities/utilities.h>
namespace Security {
namespace CodeSigning {
class SecCodeSigner::Signer : public DiskRep::SigningContext {
public:
Signer(SecCodeSigner &s, SecStaticCode *c) : state(s), code(c), requirements(NULL)
{ strict = signingFlags() & kSecCSSignStrictPreflight; }
~Signer() { ::free((Requirements *)requirements); }
void sign(SecCSFlags flags);
void remove(SecCSFlags flags);
SecCodeSigner &state;
SecStaticCode * const code;
const CodeDirectory::HashAlgorithms& digestAlgorithms() const { return hashAlgorithms; }
void setDigestAlgorithms(CodeDirectory::HashAlgorithms types) { hashAlgorithms = types; }
std::string path() const { return cfStringRelease(rep->copyCanonicalPath()); }
SecIdentityRef signingIdentity() const { return state.mSigner; }
std::string signingIdentifier() const { return identifier; }
protected:
void prepare(SecCSFlags flags); void signMachO(Universal *fat, const Requirement::Context &context); void signArchitectureAgnostic(const Requirement::Context &context);
void populate(DiskRep::Writer &writer); void populate(CodeDirectory::Builder &builder, DiskRep::Writer &writer,
InternalRequirements &ireqs, size_t offset, size_t length, unsigned alternateDigestCount); CFDataRef signCodeDirectory(const CodeDirectory *cd, CFDataRef hashBag);
uint32_t cdTextFlags(std::string text); std::string uniqueName() const;
protected:
std::string sdkPath(const std::string &path) const;
bool isAdhoc() const;
SecCSFlags signingFlags() const;
private:
void considerTeamID(const PreSigningContext& context);
std::vector<Endian<uint32_t> > topSlots(CodeDirectory::Builder &builder) const;
protected:
void buildResources(std::string root, std::string relBase, CFDictionaryRef rules);
CFMutableDictionaryRef signNested(const std::string &path, const std::string &relpath);
CFDataRef hashFile(const char *path, CodeDirectory::HashAlgorithm type);
CFDictionaryRef hashFile(const char *path, CodeDirectory::HashAlgorithms types);
private:
RefPointer<DiskRep> rep; CFRef<CFDictionaryRef> resourceDirectory; CFRef<CFDataRef> resourceDictData; CodeDirectory::HashAlgorithms hashAlgorithms; std::string identifier; std::string teamID; CFRef<CFDataRef> entitlements; uint32_t cdFlags; const Requirements *requirements; size_t pagesize; CFAbsoluteTime signingTime; bool emitSigningTime; bool strict;
private:
Mutex resourceLock;
};
} }
#endif // !_H_CODESIGNER