#ifndef _H_ACL_CODESIGNING
#define _H_ACL_CODESIGNING
#include <security_cdsa_utilities/cssmdata.h>
#include <security_cdsa_utilities/cssmacl.h>
#include <security_utilities/codesigning.h>
namespace Security
{
using CodeSigning::Signature;
using CodeSigning::Signer;
class CodeSignatureAclSubject : public AclSubject {
public:
bool validate(const AclValidationContext &baseCtx) const;
CssmList toList(Allocator &alloc) const;
CodeSignatureAclSubject(Allocator &alloc, const Signature *signature);
CodeSignatureAclSubject(Allocator &alloc,
const Signature *signature, const void *comment, size_t commentLength);
~CodeSignatureAclSubject();
Allocator &allocator;
void exportBlob(Writer::Counter &pub, Writer::Counter &priv);
void exportBlob(Writer &pub, Writer &priv);
IFDUMP(void debugDump() const);
public:
class Environment : public virtual AclValidationEnvironment {
public:
virtual bool verifyCodeSignature(const Signature *signature, const CssmData *comment) = 0;
};
public:
class Maker : public AclSubject::Maker {
public:
Maker(Signer &sgn)
: AclSubject::Maker(CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE), signer(sgn) { }
CodeSignatureAclSubject *make(const TypedList &list) const;
CodeSignatureAclSubject *make(Version version, Reader &pub, Reader &priv) const;
Signer &signer;
};
private:
const Signature *mSignature; bool mHaveComment; CssmAutoData mComment; };
}
#endif //_H_ACL_CODESIGNING