SecurityTool/smartcards.m

   1 //
   2 //  smartcards.m
   3 //  SecurityTool
   4
   5 #import <Foundation/Foundation.h>
   6
   7 #import "smartcards.h"
   8
   9 const CFStringRef kTKSmartCardPreferencesDomain = CFSTR("com.apple.security.smartcard");
  10 const CFStringRef kTKDisabledTokensPreferencesKey  = CFSTR("DisabledTokens");
  11
  12 static void listDisabledTokens() {
  13     id value = (__bridge_transfer id)CFPreferencesCopyValue(kTKDisabledTokensPreferencesKey, kTKSmartCardPreferencesDomain, kCFPreferencesAnyUser, kCFPreferencesCurrentHost);
  14     if (![value isKindOfClass:NSArray.class])
  15         return;
  16
  17     NSArray *disabledTokens = (NSArray*)value;
  18     for (id tokenName in disabledTokens) {
  19         if ([tokenName isKindOfClass:NSString.class]) {
  20             printf("\t\"%s\"\n", [tokenName UTF8String]);
  21         }
  22     }
  23 }
  24
  25 static void disable(const char *tokenToDisable) {
  26     id value = (__bridge_transfer id)CFPreferencesCopyValue(kTKDisabledTokensPreferencesKey, kTKSmartCardPreferencesDomain, kCFPreferencesAnyUser, kCFPreferencesCurrentHost);
  27     if (![value isKindOfClass:NSArray.class])
  28         return;
  29     NSMutableArray *disabledTokens = [NSMutableArray arrayWithArray:value];
  30     NSString *tokenName = [NSString stringWithUTF8String:tokenToDisable];
  31     if (![disabledTokens containsObject:tokenName]) {
  32         [disabledTokens addObject:tokenName];
  33         CFPreferencesSetValue(kTKDisabledTokensPreferencesKey, (__bridge CFTypeRef)disabledTokens, kTKSmartCardPreferencesDomain, kCFPreferencesAnyUser, kCFPreferencesCurrentHost);
  34         if (!CFPreferencesSynchronize(kTKSmartCardPreferencesDomain, kCFPreferencesAnyUser, kCFPreferencesCurrentHost))
  35             printf("Permission denied!\n");
  36     }
  37     else
  38         printf("Token is already disabled.\n");
  39 }
  40
  41 static void enable(const char *tokenToEnable) {
  42     id value = (__bridge_transfer id)CFPreferencesCopyValue(kTKDisabledTokensPreferencesKey, kTKSmartCardPreferencesDomain, kCFPreferencesAnyUser, kCFPreferencesCurrentHost);
  43     if (![value isKindOfClass:NSArray.class])
  44         return;
  45
  46     NSString *tokenName = [NSString stringWithUTF8String:tokenToEnable];
  47     NSMutableArray *disabledTokens = [NSMutableArray arrayWithArray:value];
  48     if ([disabledTokens containsObject:tokenName]) {
  49         [disabledTokens removeObject:tokenName];
  50         CFPreferencesSetValue(kTKDisabledTokensPreferencesKey, (__bridge CFTypeRef)disabledTokens, kTKSmartCardPreferencesDomain, kCFPreferencesAnyUser, kCFPreferencesCurrentHost);
  51         if (!CFPreferencesSynchronize(kTKSmartCardPreferencesDomain, kCFPreferencesAnyUser, kCFPreferencesCurrentHost))
  52             printf("Permission denied!\n");
  53     }
  54     else
  55         printf("Token is already enabled.\n");
  56 }
  57
  58 static int token(int argc, char * const *argv)
  59 {
  60     int ch;
  61     while ((ch = getopt(argc, argv, "le:d:")) != -1)
  62     {
  63         switch  (ch)
  64         {
  65             case 'l':
  66                 listDisabledTokens();
  67                 return 0;
  68             case 'e':
  69                 enable(optarg);
  70                 return 0;
  71             case 'd':
  72                 disable(optarg);
  73                 return 0;
  74         }
  75     }
  76
  77     return 2; /* @@@ Return 2 triggers usage message. */
  78 }
  79
  80 int smartcards(int argc, char * const *argv) {
  81     int result = 2;
  82     require_quiet(argc > 2, out);
  83     @autoreleasepool {
  84         if (!strcmp("token", argv[1])) {
  85             result = token(argc - 1, argv + 1);
  86         }
  87     }
  88
  89 out:
  90     return result;
  91 }