[apple/security.git] / cdsa / cdsa_utilities / acl_threshold.cpp

/*
 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


//
// acl_threshold - Threshold-based group ACL subjects
//
#ifdef __MWERKS__
#define _CPP_ACL_THRESHOLD
#endif

#include <Security/acl_threshold.h>
#include <algorithm>


//
// Validate a credential set against this subject.
//
// With STRICTCOUNTING set, we assume that every match in the threshold ACL
// "consumes" one sample in the corresponding threshold sample. This will not
// work as expected for subject types that may succeed without a sample (e.g. ANY)
// or subject types that may multiply match against a single sample. You have been
// warned.
//
class SublistValidationContext : public AclValidationContext {
public:
    SublistValidationContext(const AclValidationContext &ctx, const TypedList &list)
    : AclValidationContext(ctx), sampleList(list) { }
    
    uint32 count() const { return sampleList.length() - 1; }
    const TypedList &sample(uint32 n) const
    { return TypedList::overlay(sampleList[n+1].list()); }
    
    const TypedList &sampleList;
};

bool ThresholdAclSubject::validate(const AclValidationContext &baseCtx,
    const TypedList &sample) const
{
#ifdef STRICTCOUNTING
    // Pre-screen for reasonable number of subsamples.
    // We could more strictly require subSampleCount == elements.length();
    // this is more flexible in that it allows the caller to abbreviate.
    uint32 subSampleCount = sample.length() - 1;	// (drop type header)
    if (subSampleCount < minimumNeeded)	// can't possibly satisfy
		CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
    if (subSampleCount > totalSubjects)	// reject attempt at sample stuffing
		CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
#endif //STRICTCOUNTING

    // evaluate
    SublistValidationContext ctx(baseCtx, sample);
    uint32 matched = 0;
    for (uint32 n = 0; n < totalSubjects; n++) {
		if ((matched += elements[n]->validate(ctx)) >= minimumNeeded)
            return true;
#ifdef STRICTCOUNTING
        else if (matched + subSampleCount - n <= minimumNeeded)
            return false;	// can't get there anymore
#endif //STRICTCOUNTING
    }
	return false;
}


//
// Make a copy of this subject in CSSM_LIST form
//
CssmList ThresholdAclSubject::toList(CssmAllocator &alloc) const
{
	TypedList result(alloc, CSSM_ACL_SUBJECT_TYPE_THRESHOLD,
		new(alloc) ListElement(minimumNeeded),
		new(alloc) ListElement(totalSubjects));
    for (uint32 n = 0; n < totalSubjects; n++)
		result += new(alloc) ListElement(elements[n]->toList(alloc));
	return result;
}


//
// Create a ThresholdAclSubject
//
ThresholdAclSubject *ThresholdAclSubject::Maker::make(const TypedList &list) const
{
    // pick apart the input list
    if (list.length() < 4)	// head + "n" + "k" + at least one subSubject
        CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_SUBJECT_VALUE);
    uint32 minimumNeeded = getWord(list[1], 1);
    uint32 totalSubjects = getWord(list[2], minimumNeeded);
    if (list.length() != 3 + totalSubjects)
        CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_SUBJECT_VALUE);

    // now compile the subSubjects
    AclSubjectVector elements(totalSubjects);
    const ListElement *subSubject = &list[3];
    for (uint32 n = 0; n < totalSubjects; n++, subSubject = subSubject->next())
        elements[n] = ObjectAcl::make(*subSubject);
	return new ThresholdAclSubject(totalSubjects, minimumNeeded, elements);
}

ThresholdAclSubject *ThresholdAclSubject::Maker::make(Reader &pub, Reader &priv) const
{
    uint32 totalSubjects; pub(totalSubjects);
    uint32 minimumNeeded; pub(minimumNeeded);
    AclSubjectVector subSubjects(totalSubjects);
    for (uint32 n = 0; n < totalSubjects; n++) {
        CSSM_ACL_SUBJECT_TYPE type; pub(type);
        subSubjects[n] = ObjectAcl::make(type, pub, priv);
    }
	return new ThresholdAclSubject(totalSubjects, minimumNeeded, subSubjects);
}

ThresholdAclSubject::ThresholdAclSubject(uint32 n, uint32 k,
    const AclSubjectVector &subSubjects)
: SimpleAclSubject(CSSM_ACL_SUBJECT_TYPE_THRESHOLD, CSSM_SAMPLE_TYPE_THRESHOLD),
  minimumNeeded(k), totalSubjects(n), elements(subSubjects)
{
}


//
// Export the subject to a memory blob
//
template <class Action>
void ThresholdAclSubject::exportBlobForm(Action &pub, Action &priv)
{
    pub(totalSubjects);
    pub(minimumNeeded);
    for (uint32 n = 0; n < totalSubjects; n++) {
        AclSubjectPointer &subSubject = elements[n];
        CSSM_ACL_SUBJECT_TYPE type = subSubject->type();
        pub(type);
        subSubject->exportBlob(pub, priv);
    }
}

void ThresholdAclSubject::exportBlob(Writer::Counter &pub, Writer::Counter &priv)
{ exportBlobForm(pub, priv); }

void ThresholdAclSubject::exportBlob(Writer &pub, Writer &priv)
{ exportBlobForm(pub, priv); }


#ifdef DEBUGDUMP

void ThresholdAclSubject::debugDump() const
{
	Debug::dump("Threshold(%ld of %ld)", minimumNeeded, totalSubjects);
	for (unsigned int n = 0; n < elements.size(); n++) {
		Debug::dump(" [");
		elements[n]->debugDump();
		Debug::dump("]");
	}
}

#endif //DEBUGDUMP
Commit	Line	Data
bac41a7b A	1	/*
	2	* Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
	3	*
	4	* The contents of this file constitute Original Code as defined in and are
	5	* subject to the Apple Public Source License Version 1.2 (the 'License').
	6	* You may not use this file except in compliance with the License. Please obtain
	7	* a copy of the License at http://www.apple.com/publicsource and read it before
	8	* using this file.
	9	*
	10	* This Original Code and all software distributed under the License are
	11	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
	12	* OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
	13	* LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
	14	* PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
	15	* specific language governing rights and limitations under the License.
	16	*/
	17
	18
	19	//
	20	// acl_threshold - Threshold-based group ACL subjects
	21	//
	22	#ifdef __MWERKS__
	23	#define _CPP_ACL_THRESHOLD
	24	#endif
	25
	26	#include <Security/acl_threshold.h>
	27	#include <algorithm>
	28
	29
	30	//
	31	// Validate a credential set against this subject.
	32	//
	33	// With STRICTCOUNTING set, we assume that every match in the threshold ACL
	34	// "consumes" one sample in the corresponding threshold sample. This will not
	35	// work as expected for subject types that may succeed without a sample (e.g. ANY)
	36	// or subject types that may multiply match against a single sample. You have been
	37	// warned.
	38	//
	39	class SublistValidationContext : public AclValidationContext {
	40	public:
	41	SublistValidationContext(const AclValidationContext &ctx, const TypedList &list)
	42	: AclValidationContext(ctx), sampleList(list) { }
	43
	44	uint32 count() const { return sampleList.length() - 1; }
	45	const TypedList &sample(uint32 n) const
	46	{ return TypedList::overlay(sampleList[n+1].list()); }
	47
	48	const TypedList &sampleList;
	49	};
	50
	51	bool ThresholdAclSubject::validate(const AclValidationContext &baseCtx,
	52	const TypedList &sample) const
	53	{
	54	#ifdef STRICTCOUNTING
	55	// Pre-screen for reasonable number of subsamples.
	56	// We could more strictly require subSampleCount == elements.length();
	57	// this is more flexible in that it allows the caller to abbreviate.
	58	uint32 subSampleCount = sample.length() - 1; // (drop type header)
	59	if (subSampleCount < minimumNeeded) // can't possibly satisfy
	60	CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
	61	if (subSampleCount > totalSubjects) // reject attempt at sample stuffing
	62	CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
	63	#endif //STRICTCOUNTING
	64
65	// evaluate
66	SublistValidationContext ctx(baseCtx, sample);
67	uint32 matched = 0;
68	for (uint32 n = 0; n < totalSubjects; n++) {
69	if ((matched += elements[n]->validate(ctx)) >= minimumNeeded)
70	return true;
71	#ifdef STRICTCOUNTING
72	else if (matched + subSampleCount - n <= minimumNeeded)
73	return false; // can't get there anymore
74	#endif //STRICTCOUNTING
75	}
76	return false;
77	}
78
79
80	//
81	// Make a copy of this subject in CSSM_LIST form
82	//
83	CssmList ThresholdAclSubject::toList(CssmAllocator &alloc) const
84	{
85	TypedList result(alloc, CSSM_ACL_SUBJECT_TYPE_THRESHOLD,
86	new(alloc) ListElement(minimumNeeded),
87	new(alloc) ListElement(totalSubjects));
88	for (uint32 n = 0; n < totalSubjects; n++)
89	result += new(alloc) ListElement(elements[n]->toList(alloc));
90	return result;
91	}
92
93
94	//
95	// Create a ThresholdAclSubject
96	//
97	ThresholdAclSubject *ThresholdAclSubject::Maker::make(const TypedList &list) const
98	{
99	// pick apart the input list
100	if (list.length() < 4) // head + "n" + "k" + at least one subSubject
101	CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_SUBJECT_VALUE);
102	uint32 minimumNeeded = getWord(list[1], 1);
103	uint32 totalSubjects = getWord(list[2], minimumNeeded);
104	if (list.length() != 3 + totalSubjects)
105	CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_SUBJECT_VALUE);
106
107	// now compile the subSubjects
108	AclSubjectVector elements(totalSubjects);
109	const ListElement *subSubject = &list[3];
110	for (uint32 n = 0; n < totalSubjects; n++, subSubject = subSubject->next())
111	elements[n] = ObjectAcl::make(*subSubject);
112	return new ThresholdAclSubject(totalSubjects, minimumNeeded, elements);
113	}
114
115	ThresholdAclSubject *ThresholdAclSubject::Maker::make(Reader &pub, Reader &priv) const
116	{
117	uint32 totalSubjects; pub(totalSubjects);
118	uint32 minimumNeeded; pub(minimumNeeded);
119	AclSubjectVector subSubjects(totalSubjects);
120	for (uint32 n = 0; n < totalSubjects; n++) {
121	CSSM_ACL_SUBJECT_TYPE type; pub(type);
122	subSubjects[n] = ObjectAcl::make(type, pub, priv);
123	}
124	return new ThresholdAclSubject(totalSubjects, minimumNeeded, subSubjects);
125	}
126
127	ThresholdAclSubject::ThresholdAclSubject(uint32 n, uint32 k,
128	const AclSubjectVector &subSubjects)
129	: SimpleAclSubject(CSSM_ACL_SUBJECT_TYPE_THRESHOLD, CSSM_SAMPLE_TYPE_THRESHOLD),
130	minimumNeeded(k), totalSubjects(n), elements(subSubjects)
131	{
132	}
133
134
135	//
136	// Export the subject to a memory blob
137	//
138	template <class Action>
139	void ThresholdAclSubject::exportBlobForm(Action &pub, Action &priv)
140	{
141	pub(totalSubjects);
142	pub(minimumNeeded);
143	for (uint32 n = 0; n < totalSubjects; n++) {
144	AclSubjectPointer &subSubject = elements[n];
145	CSSM_ACL_SUBJECT_TYPE type = subSubject->type();
146	pub(type);
147	subSubject->exportBlob(pub, priv);
148	}
149	}
150
151	void ThresholdAclSubject::exportBlob(Writer::Counter &pub, Writer::Counter &priv)
152	{ exportBlobForm(pub, priv); }
153
154	void ThresholdAclSubject::exportBlob(Writer &pub, Writer &priv)
155	{ exportBlobForm(pub, priv); }
156
157
158	#ifdef DEBUGDUMP
159
160	void ThresholdAclSubject::debugDump() const
161	{
162	Debug::dump("Threshold(%ld of %ld)", minimumNeeded, totalSubjects);
163	for (unsigned int n = 0; n < elements.size(); n++) {
164	Debug::dump(" [");
165	elements[n]->debugDump();
166	Debug::dump("]");
167	}
168	}
169
170	#endif //DEBUGDUMP