]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_keychain/lib/PolicyCursor.cpp
Security-59754.80.3.tar.gz
[apple/security.git] / OSX / libsecurity_keychain / lib / PolicyCursor.cpp
1 /*
2 * Copyright (c) 2002-2004,2011-2012,2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 //
25 // PolicyCursor.cpp
26 //
27 #include <security_keychain/PolicyCursor.h>
28 #include <security_keychain/Policies.h>
29 #include <Security/oidsalg.h>
30 #include <security_cdsa_client/tpclient.h>
31
32 using namespace KeychainCore;
33 using namespace CssmClient;
34
35
36 //
37 // This preliminary implementation bypasses MDS and uses
38 // a fixed set of policies known to exist in the one known TP.
39 //
40 struct TheOneTP : public TP {
41 TheOneTP() : TP(gGuidAppleX509TP) { }
42 };
43
44 static ModuleNexus<TheOneTP> theOneTP;
45 static const CssmOid** theOidList() {
46 static const CssmOid* list[] = {
47 static_cast<const CssmOid *>(&CSSMOID_APPLE_ISIGN),
48 static_cast<const CssmOid *>(&CSSMOID_APPLE_X509_BASIC),
49 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_SSL),
50 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_SMIME),
51 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_EAP),
52 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_SW_UPDATE_SIGNING),
53 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_IP_SEC),
54 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_ICHAT),
55 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_RESOURCE_SIGN),
56 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_PKINIT_CLIENT),
57 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_PKINIT_SERVER),
58 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_CODE_SIGNING),
59 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_PACKAGE_SIGNING),
60 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_REVOCATION_CRL),
61 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_REVOCATION_OCSP),
62 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_MACAPPSTORE_RECEIPT),
63 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_APPLEID_SHARING),
64 static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_TIMESTAMPING),
65 NULL // sentinel
66 };
67 return list;
68 };
69
70
71 //
72 // Canonical Construction
73 //
74 PolicyCursor::PolicyCursor(const CSSM_OID* oid, const CSSM_DATA* value)
75 : mOid(Allocator::standard()), mOidGiven(false), mMutex(Mutex::recursive)
76 {
77 if (oid) {
78 mOid = CssmOid::required(oid);
79 mOidGiven = true;
80 }
81 mSearchPos = 0;
82 }
83
84
85 //
86 // Destroy
87 //
88 PolicyCursor::~PolicyCursor() _NOEXCEPT
89 {
90 }
91
92
93 //
94 // Crank the iterator
95 //
96 bool PolicyCursor::next(SecPointer<Policy> &policy)
97 {
98 StLock<Mutex>_(mMutex);
99
100 while (theOidList()[mSearchPos]) {
101 if (mOidGiven && mOid != *(theOidList()[mSearchPos])) {
102 mSearchPos++;
103 continue; // no oid match
104 }
105 // ignoring mValue - not used by current TP
106 policy = new Policy(theOneTP(), *(theOidList()[mSearchPos]));
107 mSearchPos++; // advance cursor
108 return true; // return next match
109 }
110 return false; // end of table, no more matches
111 }
112
113 //
114 // Return a new policy instance for an OID, outside of cursor iteration
115 //
116 void PolicyCursor::policy(const CSSM_OID* oid, SecPointer<Policy> &policy)
117 {
118 const CssmOid *policyOid = static_cast<const CssmOid *>(oid);
119 policy = new Policy(theOneTP(), *policyOid);
120 }
121