00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036 #ifndef _H_ALP_PRV_SECURITYOBJECT_
00037 #define _H_ALP_PRV_SECURITYOBJECT_
00038
00039 #define ALP_PRV_SPF_SO_E_NOERR 0
00040 #define ALP_PRV_SPF_SO_E_NULL_PARAMETER 1
00041 #define ALP_PRV_SPF_SO_E_FILE 2
00042 #define ALP_PRV_SPF_SO_E_MALLOC 3
00043 #define ALP_PRV_SPF_SO_E_GID_IN_USE 4
00044 #define ALP_PRV_SPF_SO_E_ID_IN_USE 5
00045 #define ALP_PRV_SPF_SO_E_UID_IN_USE 6
00046 #define ALP_PRV_SPF_SO_E_UNIMPLEMENTED 7
00047 #define ALP_PRV_SPF_SO_E_UNKNOWN_ASSERTION 8
00048 #define ALP_PRV_SPF_SO_E_UNKNOWN_POLICY 9
00049 #define ALP_PRV_SPF_SO_E_UNKNOWN_PACKAGE 10
00050 #define ALP_PRV_SPF_SO_E_UNKNOWN_GID 11
00051 #define ALP_PRV_SPF_SO_E_FULL_QUEUE 12
00052 #define ALP_PRV_SPF_SO_E_NOT_FOUND 13
00053 #define ALP_PRV_SPF_SO_E_UNSPECIFIED 14
00054 #define ALP_PRV_SPF_SO_E_PARSE 15
00055 #define ALP_PRV_SPF_SO_E_UNKNOWN_PID 16
00056 #define ALP_PRV_SPF_SO_E_VERIFY 17
00057
00058 #define ALP_PRV_SPF_SO_DEFAULT_VERSION 0x01000000;
00059
00060 #define ALP_PRV_SPF_SO_DEFAULT_POLICY_BASE "default"
00061 #define ALP_PRV_SPF_SO_DEFAULT_POLICY_DEFAULT "default"
00062 #define ALP_PRV_SPF_SO_DEFAULT_POLICY_GID_MIN 1001
00063 #define ALP_PRV_SPF_SO_DEFAULT_POLICY_GID_NEXT 1001
00064 #define ALP_PRV_SPF_SO_DEFAULT_POLICY_ID_MIN 1
00065 #define ALP_PRV_SPF_SO_DEFAULT_POLICY_ID_NEXT 1
00066
00067 #define ALP_PRV_SPF_SO_DEFAULT_PACKAGE_UID_MIN 1001
00068 #define ALP_PRV_SPF_SO_DEFAULT_PACKAGE_UID_NEXT 1001
00069 #define ALP_PRV_SPF_SO_DEFAULT_PACKAGE_ID_MIN 1
00070 #define ALP_PRV_SPF_SO_DEFAULT_PACKAGE_ID_NEXT 1
00071
00072 #define ALP_PRV_SPF_SO_DEFAULT_CONFIG "/etc/default.policy"
00073
00074 #define ALP_PRV_SPF_SO_TYPE_STRING 0
00075 #define ALP_PRV_SPF_SO_TYPE_BOOLEAN 1
00076 #define ALP_PRV_SPF_SO_TYPE_INTEGER 2
00077 #define ALP_PRV_SPF_SO_TYPE_ADDRESS 3
00078 #define ALP_PRV_SPF_SO_TYPE_PATH 4
00079 #define ALP_PRV_SPF_SO_TYPE_URL 5
00080 #define ALP_PRV_SPF_SO_TYPE_MAX 5
00081
00082 #define ALP_PRV_SPF_SO_PKCS5_SALT_MAX_LENGTH 40
00083 #define ALP_PRV_SPF_SO_PKCS5_LENGTH 20
00084
00085 #define ALP_PRV_SPF_SO_ATTN_QUEUE_SIZE 10
00086
00087
00088 #include <glib.h>
00089 #include <stdio.h>
00090 #include <dbus/dbus-glib.h>
00091 #include "SecurityUtilities.h"
00092
00093
00094 typedef unsigned int AlpPrvSpfSoErr;
00095
00096 typedef struct {
00097 char *issuer;
00098 char *serial;
00099 char *encoding;
00100 } AlpPrvSpfSoCertificateReference;
00101
00102 typedef struct {
00103 char *key;
00104 char *value;
00105 unsigned int type;
00106 unsigned int kernel;
00107 } AlpPrvSpfSoSecurityAssertion;
00108
00109 typedef struct _AlpPrvSpfSoSecurityPolicy {
00110 unsigned int id;
00111 unsigned int gid;
00112 char *name;
00113 struct _AlpPrvSpfSoSecurityPolicy *base;
00114 GPtrArray *assertions;
00115 GPtrArray *certificates;
00116 char *sgids;
00117 unsigned int sflag;
00118 unsigned int bflag;
00119 } AlpPrvSpfSoSecurityPolicy;
00120
00121 typedef struct {
00122 unsigned int id;
00123 AlpPrvSpfSoSecurityPolicy *policy;
00124 AlpPrvSpfSoSecurityAssertion *assertion;
00125 char *response;
00126 } AlpPrvSpfSoAttn;
00127
00128 typedef struct {
00129 unsigned int id;
00130 unsigned int uid;
00131 unsigned int ref_count;
00132 char hash[20];
00133 char *package;
00134 AlpPrvSpfSoSecurityPolicy *policy;
00135 } AlpPrvSpfSoPackage;
00136
00137 typedef struct _SecurityObject {
00138
00139 GObject parent;
00140
00141 unsigned int debug;
00142 FILE *debug_fp;
00143 char *config_path;
00144
00145
00146 unsigned int version;
00147
00148
00149 DBusGConnection *connection;
00150 DBusGProxy *bus_proxy;
00151
00152
00153 GPtrArray *policies;
00154 char *policy_base;
00155 char *policy_default;
00156 GHashTable *certs_to_policies;
00157 unsigned int policy_gid_min;
00158 unsigned int policy_gid_next;
00159 unsigned int policy_id_min;
00160 unsigned int policy_id_next;
00161
00162
00163 GPtrArray *packages;
00164 unsigned int package_uid_min;
00165 unsigned int package_uid_next;
00166 unsigned int package_id_min;
00167 unsigned int package_id_next;
00168
00169
00170 GPtrArray *certificates;
00171
00172
00173 AlpPrvSpfSuPKCS5 *pin;
00174 AlpPrvSpfSuPKCS5 *puk;
00175
00176 AlpPrvSpfSoAttn attn_queue[ ALP_PRV_SPF_SO_ATTN_QUEUE_SIZE ];
00177 unsigned int attn_queue_depth;
00178 unsigned int attn_queue_next;
00179
00180 } SecurityObject;
00181
00182 typedef struct _SecurityObjectClass {
00183 GObjectClass parent;
00184 } SecurityObjectClass;
00185
00186
00187 AlpPrvSpfSoErr alp_prv_spf_so_initialize( SecurityObject *object );
00188 AlpPrvSpfSoErr alp_prv_spf_so_uninitialize( SecurityObject *object );
00189
00190 AlpPrvSpfSoErr alp_prv_spf_so_read( SecurityObject *object, char *path );
00191 AlpPrvSpfSoErr alp_prv_spf_so_write( SecurityObject *object, char *path );
00192
00193 AlpPrvSpfSoErr alp_prv_spf_so_package_add( SecurityObject *object, AlpPrvSpfSoPackage *package);
00194 AlpPrvSpfSoErr alp_prv_spf_so_certificate_add( SecurityObject *object, AlpPrvSpfSoCertificateReference *certificate );
00195
00196 AlpPrvSpfSoErr alp_prv_spf_so_policy_find_by_id( SecurityObject *object, unsigned int id, AlpPrvSpfSoSecurityPolicy **policy );
00197 AlpPrvSpfSoErr alp_prv_spf_so_policy_find_by_gid( SecurityObject *object, unsigned int gid, AlpPrvSpfSoSecurityPolicy **policy );
00198 AlpPrvSpfSoErr alp_prv_spf_so_policy_find_by_certificate_reference( SecurityObject *object, AlpPrvSpfSoCertificateReference *certificate, AlpPrvSpfSoSecurityPolicy **policy );
00199 AlpPrvSpfSoErr alp_prv_spf_so_policy_find_by_name( SecurityObject *object, char *name, AlpPrvSpfSoSecurityPolicy **policy );
00200 AlpPrvSpfSoErr alp_prv_spf_so_policy_initialize( AlpPrvSpfSoSecurityPolicy *policy );
00201 AlpPrvSpfSoErr alp_prv_spf_so_policy_uninitialize( AlpPrvSpfSoSecurityPolicy *policy );
00202 AlpPrvSpfSoErr alp_prv_spf_so_policy_write( AlpPrvSpfSoSecurityPolicy *policy, FILE *fp, char *indent );
00203 AlpPrvSpfSoErr alp_prv_spf_so_policy_assertion_add( AlpPrvSpfSoSecurityPolicy *policy, AlpPrvSpfSoSecurityAssertion *assertion );
00204 AlpPrvSpfSoErr alp_prv_spf_so_policy_assertion_find( AlpPrvSpfSoSecurityPolicy *policy, char *key, AlpPrvSpfSoSecurityAssertion **out_assertion );
00205
00206 AlpPrvSpfSoErr alp_prv_spf_so_assertion_write( AlpPrvSpfSoSecurityAssertion *assertion, FILE *fp, char *indent );
00207
00208 AlpPrvSpfSoErr alp_prv_spf_so_certificate_populate( AlpPrvSpfSoCertificateReference *certificate );
00209 AlpPrvSpfSoErr alp_prv_spf_so_package_find_by_id( SecurityObject *object, unsigned int packageid, AlpPrvSpfSoPackage **out_package );
00210 AlpPrvSpfSoErr alp_prv_spf_so_package_find_by_uid( SecurityObject *object, unsigned int uid, AlpPrvSpfSoPackage **out_package );
00211 AlpPrvSpfSoErr alp_prv_spf_so_package_find_by_package( SecurityObject *object, char *package, AlpPrvSpfSoPackage **out_package );
00212 gboolean alp_prv_spf_so_package_find_by_hash( SecurityObject *object, char *digest, AlpPrvSpfSoPackage **out_package );
00213
00214
00215
00216
00217 AlpPrvSpfSoErr alp_prv_spf_so_queue_add( SecurityObject *object, AlpPrvSpfSoSecurityAssertion *assertion, AlpPrvSpfSoSecurityPolicy *policy, unsigned int *id );
00218 AlpPrvSpfSoErr alp_prv_spf_so_queue_remove( SecurityObject *object, unsigned int id );
00219 AlpPrvSpfSoErr alp_prv_spf_so_queue_find( SecurityObject *object, unsigned int id, AlpPrvSpfSoAttn **attn );
00220
00221 #endif