/*
- * Copyright (c) 2006-2007 Apple Inc. All Rights Reserved.
+ * Copyright (c) 2006-2008 Apple Inc. All Rights Reserved.
*
* @APPLE_LICENSE_HEADER_START@
*
memcpy(hash, hexString(s).data(), SHA1::digestLength);
}
- void RequirementParser::certMatchOperation(Maker &maker, int slot, string key)
+ static const char *matchPrefix(const string &key, const char *prefix)
{
- if (!key.compare(0, 8, "subject.", 0, 8)) {
+ unsigned pLength = strlen(prefix);
+ if (!key.compare(0, pLength, prefix, 0, pLength))
+ return key.c_str() + pLength;
+ else
+ return NULL;
+ }
+
+ void RequirementParser::certMatchOperation(Maker &maker, int32_t slot, string key)
+ {
+ if (matchPrefix(key, "subject.")) {
maker.put(opCertField);
maker.put(slot);
maker.put(key);
- } else if (!key.compare(0, 6, "field.", 0, 6)) {
+ } else if (const char *oids = matchPrefix(key, "field.")) {
+ maker.put(opCertGeneric);
+ maker.put(slot);
+ CssmAutoData oid(Allocator::standard()); oid.fromOid(oids);
+ maker.putData(oid.data(), oid.length());
+ } else if (const char *oids = matchPrefix(key, "extension.")) {
maker.put(opCertGeneric);
maker.put(slot);
- CssmAutoData oid(Allocator::standard()); oid.fromOid(key.c_str() + 6);
+ CssmAutoData oid(Allocator::standard()); oid.fromOid(oids);
+ maker.putData(oid.data(), oid.length());
+ } else if (const char *oids = matchPrefix(key, "policy.")) {
+ maker.put(opCertPolicy);
+ maker.put(slot);
+ CssmAutoData oid(Allocator::standard()); oid.fromOid(oids);
maker.putData(oid.data(), oid.length());
} else {
throw antlr::SemanticException(key + ": unrecognized certificate field");
private:
static string hexString(const string &s);
static void hashString(const string &s, SHA1::Digest hash);
- void certMatchOperation(Maker &maker, int slot, string key);
+ void certMatchOperation(Maker &maker, int32_t slot, string key);
}
{ type = kSecDesignatedRequirementType; }
| "library"
{ type = kSecLibraryRequirementType; }
+ | "plugin"
+ { type = kSecPluginRequirementType; }
| stype:INTEGER
{ type = atol(stype->getText().c_str()); }
;
//
expr[Maker &maker]
{ Maker::Label label(maker); }
- : term[maker] ( "and" { maker.insert<ExprOp>(label) = opAnd; } term[maker] )*
+ : term[maker] ( "or" { maker.insert<ExprOp>(label) = opOr; } term[maker] )*
;
term[Maker &maker]
{ Maker::Label label(maker); }
- : primary[maker] ( "or" { maker.insert<ExprOp>(label) = opOr; } primary[maker] )*
+ : primary[maker] ( "and" { maker.insert<ExprOp>(label) = opAnd; } primary[maker] )*
;
primary[Maker &maker]
{ maker.ident(code); }
| "cdhash" { SHA1::Digest digest; } eql hash[digest]
{ maker.cdhash(digest); }
+ | LPAREN { string name; } name=identifierString RPAREN
+ { maker.put(opNamedCode); maker.put(name); }
;
{ maker.put(opAppleGenericAnchor); }
| ( "certificate" | "cert" | "anchor" ) "trusted"
{ maker.trustedAnchor(); }
- | ( "certificate" | "cert" ) { int slot; } slot=certSlot
+ | ( "certificate" | "cert" ) { int32_t slot; } slot=certSlot
( certslotspec[maker, slot] | "trusted" { maker.trustedAnchor(slot); } )
| "anchor" certslotspec[maker, Requirement::anchorCert]
;
{ maker.put(opAppleAnchor); }
| "generic"
{ maker.put(opAppleGenericAnchor); }
+| | { string name; } name=identifierString
+ { maker.put(opNamedAnchor); maker.put(name); }
;
-certslotspec[Maker &maker, int slot] { string key; }
+certslotspec[Maker &maker, int32_t slot] { string key; }
: eql { SHA1::Digest digest; } certificateDigest[digest]
{ maker.anchor(slot, digest); }
| key=bracketKey
;
//
-// A certSlot identifiers one certificate from the certificate chain
+// A certSlot identifies one certificate from the certificate chain
//
-certSlot returns [int slot]
+certSlot returns [int32_t slot = 0]
: s:INTEGER // counting from the anchor up
{ slot = atol(s->getText().c_str()); }
| NEG ss:INTEGER // counting from the leaf down
projects / apple / libsecurity_codesigning.git / blobdiff