2 * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved.
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
20 // keychainacl - Keychain-related ACL and credential forms
23 #define _CPP_KEYCHAINACL
26 #include "keychainacl.h"
27 #include <security_cdsa_utilities/cssmwalkers.h>
29 using namespace CssmClient
;
33 // Construct the factory.
36 KeychainAclFactory::KeychainAclFactory(Allocator
&alloc
)
37 : allocator(alloc
), nullCred(alloc
, 1), kcCred(alloc
, 2), kcUnlockCred(alloc
, 1)
39 // the credential objects self-initialize to empty
40 nullCred
.sample(0) = TypedList(alloc
, CSSM_SAMPLE_TYPE_THRESHOLD
);
42 kcCred
.sample(0) = TypedList(alloc
, CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT
);
43 kcCred
.sample(1) = TypedList(alloc
, CSSM_SAMPLE_TYPE_THRESHOLD
,
44 new(alloc
) ListElement(TypedList(alloc
, CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT
)));
46 // @@@ This leaks a ListElement(CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT)
47 kcUnlockCred
.sample(0) = TypedList(alloc
, CSSM_SAMPLE_TYPE_KEYCHAIN_LOCK
,
48 new(alloc
) ListElement(CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT
));
51 KeychainAclFactory::~KeychainAclFactory()
57 // Produce credentials.
58 // These are constants that don't need to be allocated per use.
60 const AccessCredentials
*KeychainAclFactory::nullCredentials()
65 const AccessCredentials
*KeychainAclFactory::keychainPromptCredentials()
70 const AccessCredentials
*KeychainAclFactory::keychainPromptUnlockCredentials()
75 const AutoCredentials
*KeychainAclFactory::passwordChangeCredentials(const CssmData
&password
)
77 AutoCredentials
*cred
= new AutoCredentials(allocator
, 1);
78 // @@@ This leaks a ListElement(CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT) and ListElement(password)
79 cred
->sample(0) = TypedList(allocator
, CSSM_SAMPLE_TYPE_KEYCHAIN_CHANGE_LOCK
,
80 new(allocator
) ListElement(CSSM_SAMPLE_TYPE_PASSWORD
),
81 new(allocator
) ListElement(password
));
85 const AutoCredentials
*KeychainAclFactory::passwordUnlockCredentials(const CssmData
&password
)
87 AutoCredentials
*cred
= new AutoCredentials(allocator
, 1);
88 // @@@ This leaks a ListElement(CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT) and ListElement(password)
89 cred
->sample(0) = TypedList(allocator
, CSSM_SAMPLE_TYPE_KEYCHAIN_LOCK
,
90 new(allocator
) ListElement(CSSM_SAMPLE_TYPE_PASSWORD
),
91 new(allocator
) ListElement(password
));
98 AclEntryInput
*KeychainAclFactory::keychainPromptOwner(const CssmData
&description
)
100 // @@@ Make sure this works for a NULL description
101 AclEntryPrototype
proto(TypedList(allocator
, CSSM_ACL_SUBJECT_TYPE_KEYCHAIN_PROMPT
,
102 new(allocator
) ListElement(allocator
, description
)));
103 return new(allocator
) AclEntryInput(proto
);
106 AclEntryInput
*KeychainAclFactory::anyOwner()
108 AclEntryPrototype
proto(TypedList(allocator
, CSSM_ACL_SUBJECT_TYPE_ANY
));
109 return new(allocator
) AclEntryInput(proto
);
112 void KeychainAclFactory::release(AclEntryInput
*input
)
114 DataWalkers::chunkFree(input
, allocator
);
121 void KeychainAclFactory::comment(TypedList
&subject
)
123 subject
.insert(new(allocator
) ListElement(CSSM_ACL_SUBJECT_TYPE_COMMENT
),
127 void KeychainAclFactory::uncomment(TypedList
&subject
)
129 ListElement
*first
= subject
.first();
130 assert(*first
== CSSM_ACL_SUBJECT_TYPE_COMMENT
);
132 destroy(first
, allocator
);
projects / apple / security.git / blob