[apple/security.git] / securityd / src / acl_partition.cpp

/*
 * Copyright (c) 2000-2006,2011-2012,2014 Apple Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */


//
// acl_partition - partition identifier store
//
// This ACL subject stores keychain partition data.
// When evaluated, it always fails. Securityd explicitly
//
#include "acl_partition.h"
#include <security_cdsa_utilities/cssmwalkers.h>
#include <security_cdsa_utilities/cssmlist.h>
#include <algorithm>

using namespace DataWalkers;


//
// The dictionaryPayload is the payload blob interpreted as an XML dictionary, or NULL if that didn't work.
//
CFDictionaryRef PartitionAclSubject::createDictionaryPayload() const
{
	return makeCFDictionaryFrom(CFTempData(this->payload));
}

void PartitionAclSubject::setDictionaryPayload(Allocator& alloc, CFDictionaryRef dict)
{
	CFRef<CFDataRef> xmlData = makeCFData(dict);
	this->payload = CssmAutoData(alloc, CFDataGetBytePtr(xmlData), CFDataGetLength(xmlData));
}


//
// The partition subject matches nothing, no matter how pretty.
//
bool PartitionAclSubject::validates(const AclValidationContext &) const
{
	return false;
}


//
// The list form has a simple CssmData payload.
//
CssmList PartitionAclSubject::toList(Allocator &alloc) const
{
	return TypedList(Allocator::standard(), CSSM_ACL_SUBJECT_TYPE_PARTITION,
					 new(alloc) ListElement(alloc, this->payload));
}


//
// Set payload from list input.
//
PartitionAclSubject *PartitionAclSubject::Maker::make(const TypedList &list) const
{
	Allocator &alloc = Allocator::standard();
	if (list.length() != 2)
		CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_SUBJECT_VALUE);
	ListElement *payloadItem;
	crack(list, 1, &payloadItem, CSSM_LIST_ELEMENT_DATUM);
	return new PartitionAclSubject(alloc, payloadItem->data());
}


//
// A PartitionAclSubject is a "null" subject that contains out of band data
// for further security evaluation. When evaluated as an ACL subject, it always fails.
//
PartitionAclSubject *PartitionAclSubject::Maker::make(Version, Reader &pub, Reader &) const
{
	Allocator& alloc = Allocator::standard();
	const void* data; size_t length;
	pub.countedData(data, length);
	CssmAutoData payloadData(alloc, data, length);
	return new PartitionAclSubject(alloc, payloadData);
}


//
// Export to blob form.
// This simply writes the smallest form consistent with the heuristic above.
//
void PartitionAclSubject::exportBlob(Writer::Counter &pub, Writer::Counter &)
{
	pub.countedData(this->payload);
}

void PartitionAclSubject::exportBlob(Writer &pub, Writer &)
{
	pub.countedData(this->payload);
}
Commit	Line	Data
e3d460c9 A	1	/*
	2	* Copyright (c) 2000-2006,2011-2012,2014 Apple Inc. All Rights Reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23
	24
	25	//
	26	// acl_partition - partition identifier store
	27	//
	28	// This ACL subject stores keychain partition data.
	29	// When evaluated, it always fails. Securityd explicitly
	30	//
	31	#include "acl_partition.h"
	32	#include <security_cdsa_utilities/cssmwalkers.h>
	33	#include <security_cdsa_utilities/cssmlist.h>
	34	#include <algorithm>
	35
	36	using namespace DataWalkers;
	37
	38
	39	//
	40	// The dictionaryPayload is the payload blob interpreted as an XML dictionary, or NULL if that didn't work.
	41	//
	42	CFDictionaryRef PartitionAclSubject::createDictionaryPayload() const
	43	{
	44	return makeCFDictionaryFrom(CFTempData(this->payload));
	45	}
	46
	47	void PartitionAclSubject::setDictionaryPayload(Allocator& alloc, CFDictionaryRef dict)
	48	{
	49	CFRef<CFDataRef> xmlData = makeCFData(dict);
	50	this->payload = CssmAutoData(alloc, CFDataGetBytePtr(xmlData), CFDataGetLength(xmlData));
	51	}
	52
	53
	54	//
	55	// The partition subject matches nothing, no matter how pretty.
	56	//
	57	bool PartitionAclSubject::validates(const AclValidationContext &) const
	58	{
	59	return false;
	60	}
	61
	62
	63	//
	64	// The list form has a simple CssmData payload.
65	//
66	CssmList PartitionAclSubject::toList(Allocator &alloc) const
67	{
68	return TypedList(Allocator::standard(), CSSM_ACL_SUBJECT_TYPE_PARTITION,
69	new(alloc) ListElement(alloc, this->payload));
70	}
71
72
73	//
74	// Set payload from list input.
75	//
76	PartitionAclSubject *PartitionAclSubject::Maker::make(const TypedList &list) const
77	{
78	Allocator &alloc = Allocator::standard();
79	if (list.length() != 2)
80	CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_SUBJECT_VALUE);
81	ListElement *payloadItem;
82	crack(list, 1, &payloadItem, CSSM_LIST_ELEMENT_DATUM);
83	return new PartitionAclSubject(alloc, payloadItem->data());
84	}
85
86
87	//
88	// A PartitionAclSubject is a "null" subject that contains out of band data
89	// for further security evaluation. When evaluated as an ACL subject, it always fails.
90	//
91	PartitionAclSubject *PartitionAclSubject::Maker::make(Version, Reader &pub, Reader &) const
92	{
93	Allocator& alloc = Allocator::standard();
94	const void* data; size_t length;
95	pub.countedData(data, length);
96	CssmAutoData payloadData(alloc, data, length);
97	return new PartitionAclSubject(alloc, payloadData);
98	}
99
100
101	//
102	// Export to blob form.
103	// This simply writes the smallest form consistent with the heuristic above.
104	//
105	void PartitionAclSubject::exportBlob(Writer::Counter &pub, Writer::Counter &)
106	{
107	pub.countedData(this->payload);
108	}
109
110	void PartitionAclSubject::exportBlob(Writer &pub, Writer &)
111	{
112	pub.countedData(this->payload);
113	}