]> git.saurik.com Git - apple/security.git/blame - OSX/libsecurity_keychain/lib/SecPolicySearch.cpp
projects / apple / security.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Security-58286.51.6.tar.gz
[apple/security.git] / OSX / libsecurity_keychain / lib / SecPolicySearch.cpp
CommitLineData
b1ab9ed8 1/*
5c19dc3a
A		 2 * Copyright (c) 2002-2004,2011-2015 Apple Inc. All Rights Reserved.
3 *
b1ab9ed8 4 * @APPLE_LICENSE_HEADER_START@
5c19dc3a 5 *
b1ab9ed8
A		 6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
5c19dc3a 12 *
b1ab9ed8
A		 13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
5c19dc3a 20 *
b1ab9ed8
A		 21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24#include <Security/SecPolicySearch.h>
5c19dc3a 25#include <Security/SecPolicyPriv.h>
b1ab9ed8
A		 26#include <security_keychain/PolicyCursor.h>
27#include <security_keychain/Policies.h>
28#include "SecBridge.h"
29
b1ab9ed8
A		 30//
31// CF Boilerplate
32CFTypeID
33SecPolicySearchGetTypeID(void)
34{
35 BEGIN_SECAPI
36
37 return gTypes().PolicyCursor.typeID;
38
39 END_SECAPI1(_kCFRuntimeNotATypeID)
40}
41
42
43OSStatus
44SecPolicySearchCreate(
45 CSSM_CERT_TYPE certType,
46 const CSSM_OID* oid,
47 const CSSM_DATA* value,
48 SecPolicySearchRef* searchRef)
49{
50 BEGIN_SECAPI
51 Required(searchRef); // preflight
52 PolicyCursor* pc = new PolicyCursor(oid, value);
53 if (pc == NULL)
54 {
55 return errSecPolicyNotFound;
56 }
5c19dc3a 57
b1ab9ed8
A		 58 SecPointer<PolicyCursor> cursor(pc);
59 *searchRef = cursor->handle();
60 END_SECAPI
61}
62
63
64OSStatus
65SecPolicySearchCopyNext(
5c19dc3a 66 SecPolicySearchRef searchRef,
b1ab9ed8
A		 67 SecPolicyRef* policyRef)
68{
5c19dc3a
A		 69 BEGIN_SECAPI
70
b1ab9ed8
A		 71 RequiredParam(policyRef);
72 SecPointer<Policy> policy;
5c19dc3a 73
5c19dc3a
A		 74 /* bridge to support API functionality */
75 CFStringRef oidStr = NULL;
76 PolicyCursor *policyCursor = PolicyCursor::required(searchRef);
77 do {
78 if (!policyCursor->next(policy))
79 return errSecPolicyNotFound;
80 CssmOid oid = policy->oid();
81 CFStringRef str = SecPolicyGetStringForOID(&oid);
82 if (str) {
83 oidStr = str;
84 if (CFEqual(str, kSecPolicyAppleiChat) ||
85 CFEqual(str, kSecPolicyApplePKINITClient) ||
86 CFEqual(str, kSecPolicyApplePKINITServer)) {
87 oidStr = NULL; /* TBD: support for PKINIT policies in unified code */
88 }
89 else if (policyCursor->oidProvided() == false &&
90 CFEqual(str, kSecPolicyAppleRevocation)) {
91 oidStr = NULL; /* filter this out unless specifically requested */
92 }
93 }
94 }
95 while (!oidStr);
96 /* create and vend a unified SecPolicyRef instance */
97 CFRef<CFDictionaryRef> properties = policy->properties();
98 if ((*policyRef = SecPolicyCreateWithProperties(oidStr, properties)) != NULL) {
99 __secapiresult = errSecSuccess;
100 } else {
101 __secapiresult = errSecPolicyNotFound;
102 }
5c19dc3a 103
b1ab9ed8
A		 104 END_SECAPI
105}
mirror of Security