SecurityTool/smartcards.m

   1 //
   2 //  smartcards.m
   3 //  SecurityTool
   4
   5 #import <Foundation/Foundation.h>
   6
   7 #import "smartcards.h"
   8
   9 const CFStringRef kTKSmartCardPreferencesDomain = CFSTR("com.apple.security.smartcard");
  10 const CFStringRef kTKDisabledTokensPreferencesKey  = CFSTR("DisabledTokens");
  11
  12 static void listDisabledTokens() {
  13     id value = (__bridge_transfer id)CFPreferencesCopyValue(kTKDisabledTokensPreferencesKey, kTKSmartCardPreferencesDomain, kCFPreferencesAnyUser, kCFPreferencesCurrentHost);
  14     if (value && ![value isKindOfClass:NSArray.class])
  15         return;
  16     NSArray *disabledTokens = (NSArray*)value;
  17     for (id tokenName in disabledTokens) {
  18         if ([tokenName isKindOfClass:NSString.class]) {
  19             printf("\t\"%s\"\n", [tokenName UTF8String]);
  20         }
  21     }
  22 }
  23
  24 static void disable(const char *tokenToDisable) {
  25     id value = (__bridge_transfer id)CFPreferencesCopyValue(kTKDisabledTokensPreferencesKey, kTKSmartCardPreferencesDomain, kCFPreferencesAnyUser, kCFPreferencesCurrentHost);
  26     if (value && ![value isKindOfClass:NSArray.class])
  27         return;
  28     NSMutableArray *disabledTokens = [NSMutableArray arrayWithArray:value];
  29     NSString *tokenName = [NSString stringWithUTF8String:tokenToDisable];
  30     if (![disabledTokens containsObject:tokenName]) {
  31         [disabledTokens addObject:tokenName];
  32         CFPreferencesSetValue(kTKDisabledTokensPreferencesKey, (__bridge CFTypeRef)disabledTokens, kTKSmartCardPreferencesDomain, kCFPreferencesAnyUser, kCFPreferencesCurrentHost);
  33         if (!CFPreferencesSynchronize(kTKSmartCardPreferencesDomain, kCFPreferencesAnyUser, kCFPreferencesCurrentHost))
  34             printf("Permission denied!\n");
  35     }
  36     else
  37         printf("Token is already disabled.\n");
  38 }
  39
  40 static void enable(const char *tokenToEnable) {
  41     id value = (__bridge_transfer id)CFPreferencesCopyValue(kTKDisabledTokensPreferencesKey, kTKSmartCardPreferencesDomain, kCFPreferencesAnyUser, kCFPreferencesCurrentHost);
  42     if (value && ![value isKindOfClass:NSArray.class])
  43         return;
  44     NSString *tokenName = [NSString stringWithUTF8String:tokenToEnable];
  45     NSMutableArray *disabledTokens = [NSMutableArray arrayWithArray:value];
  46     if ([disabledTokens containsObject:tokenName]) {
  47         [disabledTokens removeObject:tokenName];
  48         CFPreferencesSetValue(kTKDisabledTokensPreferencesKey, (__bridge CFTypeRef)disabledTokens, kTKSmartCardPreferencesDomain, kCFPreferencesAnyUser, kCFPreferencesCurrentHost);
  49         if (!CFPreferencesSynchronize(kTKSmartCardPreferencesDomain, kCFPreferencesAnyUser, kCFPreferencesCurrentHost))
  50             printf("Permission denied!\n");
  51     }
  52     else
  53         printf("Token is already enabled.\n");
  54 }
  55
  56 static int token(int argc, char * const *argv)
  57 {
  58     int ch;
  59     while ((ch = getopt(argc, argv, "le:d:")) != -1)
  60     {
  61         switch  (ch)
  62         {
  63             case 'l':
  64                 listDisabledTokens();
  65                 return 0;
  66             case 'e':
  67                 enable(optarg);
  68                 return 0;
  69             case 'd':
  70                 disable(optarg);
  71                 return 0;
  72         }
  73     }
  74
  75     return 2; /* @@@ Return 2 triggers usage message. */
  76 }
  77
  78 int smartcards(int argc, char * const *argv) {
  79     int result = 2;
  80     require_quiet(argc > 2, out);
  81     @autoreleasepool {
  82         if (!strcmp("token", argv[1])) {
  83             result = token(argc - 1, argv + 1);
  84         }
  85     }
  86
  87 out:
  88     return result;
  89 }