]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_cdsa_utilities/lib/AuthorizationData.cpp
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-59306.101.1.tar.gz
[apple/security.git] / OSX / libsecurity_cdsa_utilities / lib / AuthorizationData.cpp
1 /*
2 * Copyright (c) 2000-2006,2011-2012,2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 #include <security_cdsa_utilities/AuthorizationData.h>
25 #include <security_cdsa_utilities/AuthorizationWalkers.h>
26 #include <security_cdsa_utilities/walkers.h>
27 #include <Security/checkpw.h>
28 #include <grp.h>
29 #include <pwd.h>
30
31
32 // checkpw() that uses provided struct passwd
33 extern "C"
34 {
35 int checkpw_internal( const struct passwd *pw, const char* password );
36 }
37
38
39 namespace Authorization {
40
41
42 AuthValueRef::AuthValueRef(const AuthValue &value) :
43 RefPointer<AuthValue>(new AuthValue(value)) {}
44
45 AuthValueRef::AuthValueRef(const AuthorizationValue &value) :
46 RefPointer<AuthValue>(new AuthValue(value)) {}
47
48 AuthValue::AuthValue(const AuthorizationValue &value) :
49 mOwnsValue(false)
50 {
51 mValue.length = value.length;
52 mValue.data = value.data;
53 }
54
55 AuthValueRef::AuthValueRef(UInt32 length, void *data) :
56 RefPointer<AuthValue>(new AuthValue(length, data)) {}
57
58 AuthValue::AuthValue(UInt32 length, void *data) :
59 mOwnsValue(true)
60 {
61 mValue.length = length;
62 mValue.data = new uint8_t[length];
63 if (length)
64 memcpy(mValue.data, data, length);
65 }
66
67 AuthValue::~AuthValue()
68 {
69 if (mOwnsValue)
70 {
71 memset(mValue.data, 0, mValue.length);
72 delete[] reinterpret_cast<uint8_t*>(mValue.data);
73 }
74 }
75
76 AuthValue &
77 AuthValue::operator = (const AuthValue &other)
78 {
79 if (mOwnsValue)
80 {
81 memset(mValue.data, 0 , mValue.length);
82 delete[] reinterpret_cast<uint8_t*>(mValue.data);
83 }
84
85 mValue = other.mValue;
86 mOwnsValue = other.mOwnsValue;
87 other.mOwnsValue = false;
88 return *this;
89 }
90
91 void
92 AuthValue::fillInAuthorizationValue(AuthorizationValue &value)
93 {
94 value.length = mValue.length;
95 value.data = mValue.data;
96 }
97
98 AuthValueVector &
99 AuthValueVector::operator = (const AuthorizationValueVector& valueVector)
100 {
101 clear();
102 for (unsigned int i=0; i < valueVector.count; i++)
103 push_back(AuthValueRef(valueVector.values[i]));
104 return *this;
105 }
106
107 AuthItem::AuthItem(const AuthorizationItem &item) :
108 mFlags(item.flags),
109 mOwnsName(true),
110 mOwnsValue(true)
111 {
112 if (!item.name)
113 MacOSError::throwMe(errAuthorizationInternal);
114 size_t nameLen = strlen(item.name) + 1;
115 mName = new char[nameLen];
116 memcpy(const_cast<char *>(mName), item.name, nameLen);
117
118 mValue.length = item.valueLength;
119 mValue.data = new uint8_t[item.valueLength];
120 if (mValue.length)
121 memcpy(mValue.data, item.value, item.valueLength);
122 }
123
124
125 AuthItem::AuthItem(AuthorizationString name) :
126 mName(name),
127 mFlags(0),
128 mOwnsName(false),
129 mOwnsValue(false)
130 {
131 mValue.length = 0;
132 mValue.data = NULL;
133 }
134
135 AuthItem::AuthItem(AuthorizationString name, AuthorizationValue value, AuthorizationFlags flags) :
136 mFlags(flags),
137 mOwnsName(true),
138 mOwnsValue(true)
139 {
140 if (!name)
141 MacOSError::throwMe(errAuthorizationInternal);
142 size_t nameLen = strlen(name) + 1;
143 mName = new char[nameLen];
144 memcpy(const_cast<char *>(mName), name, nameLen);
145
146 mValue.length = value.length;
147 mValue.data = new uint8_t[value.length];
148 if (mValue.length)
149 memcpy(mValue.data, value.data, value.length);
150 }
151
152 AuthItem::~AuthItem()
153 {
154 if (mOwnsName)
155 delete[] mName;
156 if (mOwnsValue)
157 {
158 memset(mValue.data, 0, mValue.length);
159 delete[] reinterpret_cast<uint8_t*>(mValue.data);
160 }
161 }
162
163 bool
164 AuthItem::operator < (const AuthItem &other) const
165 {
166 return strcmp(mName, other.mName) < 0;
167 }
168
169 AuthItem &
170 AuthItem::operator = (const AuthItem &other)
171 {
172 if (mOwnsName)
173 delete[] mName;
174 if (mOwnsValue)
175 {
176 memset(mValue.data, 0, mValue.length);
177 delete[] reinterpret_cast<uint8_t*>(mValue.data);
178 }
179
180 mName = other.mName;
181 mValue = other.mValue;
182 mFlags = other.mFlags;
183 mOwnsName = other.mOwnsName;
184 other.mOwnsName = false;
185 mOwnsValue = other.mOwnsValue;
186 other.mOwnsValue = false;
187 return *this;
188 }
189
190 bool
191 AuthItem::getString(string &value)
192 {
193 // if terminating NUL is included, ignore it
194 size_t len = mValue.length;
195 if (len > 0 && (static_cast<char*>(mValue.data)[len - 1] == 0))
196 --len;
197 value = string(static_cast<char*>(mValue.data), len);
198 return true;
199 }
200
201 bool
202 AuthItem::getCssmData(CssmAutoData &value)
203 {
204 value = CssmData(static_cast<uint8_t*>(mValue.data), mValue.length);
205 return true;
206 }
207
208
209 AuthItemRef::AuthItemRef(const AuthorizationItem &item) : RefPointer<AuthItem>(new AuthItem(item)) {}
210
211 AuthItemRef::AuthItemRef(AuthorizationString name) : RefPointer<AuthItem>(new AuthItem(name)) {}
212
213 AuthItemRef::AuthItemRef(AuthorizationString name, AuthorizationValue value, AuthorizationFlags flags) : RefPointer<AuthItem>(new AuthItem(name, value, flags)) {}
214
215
216 //
217 // AuthItemSet
218 //
219 AuthItemSet::AuthItemSet()
220 {
221 }
222
223 AuthItemSet::~AuthItemSet()
224 {
225 }
226
227 AuthItemSet &
228 AuthItemSet::operator = (const AuthorizationItemSet& itemSet)
229 {
230 clear();
231
232 for (unsigned int i=0; i < itemSet.count; i++)
233 insert(AuthItemRef(itemSet.items[i]));
234
235 return *this;
236 }
237
238 AuthItemSet&
239 AuthItemSet::operator=(const AuthItemSet& itemSet)
240 {
241 std::set<AuthItemRef>::operator=(itemSet);
242
243 return *this;
244 }
245
246 AuthItemSet::AuthItemSet(const AuthorizationItemSet *itemSet)
247 {
248 if (NULL != itemSet && NULL != itemSet->items)
249 {
250 for (unsigned int i=0; i < itemSet->count; i++)
251 insert(AuthItemRef(itemSet->items[i]));
252 }
253 }
254
255 AuthItemSet::AuthItemSet(const AuthItemSet& itemSet)
256 : std::set<AuthItemRef>(itemSet)
257 {
258 }
259
260 AuthItem *
261 AuthItemSet::find(const char *name)
262 {
263 AuthItemSet::const_iterator found = find_if(this->begin(), this->end(), FindAuthItemByRightName(name) );
264 if (found != this->end())
265 return *found;
266
267 return NULL;
268 }
269
270 } // end namespace Authorization
mirror of Security