]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_cdsa_client/lib/keychainacl.cpp
Security-59754.41.1.tar.gz
[apple/security.git] / OSX / libsecurity_cdsa_client / lib / keychainacl.cpp
1 /*
2 * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 //
20 // keychainacl - Keychain-related ACL and credential forms
21 //
22 #ifdef __MWERKS__
23 #define _CPP_KEYCHAINACL
24 #endif
25
26 #include "keychainacl.h"
27 #include <security_cdsa_utilities/cssmwalkers.h>
28
29 using namespace CssmClient;
30
31
32 //
33 // Construct the factory.
34 // @@@ Leaks.
35 //
36 KeychainAclFactory::KeychainAclFactory(Allocator &alloc)
37 : allocator(alloc), nullCred(alloc, 1), kcCred(alloc, 2), kcUnlockCred(alloc, 1)
38 {
39 // the credential objects self-initialize to empty
40 nullCred.sample(0) = TypedList(alloc, CSSM_SAMPLE_TYPE_THRESHOLD);
41
42 kcCred.sample(0) = TypedList(alloc, CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT);
43 kcCred.sample(1) = TypedList(alloc, CSSM_SAMPLE_TYPE_THRESHOLD,
44 new(alloc) ListElement(TypedList(alloc, CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT)));
45
46 // @@@ This leaks a ListElement(CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT)
47 kcUnlockCred.sample(0) = TypedList(alloc, CSSM_SAMPLE_TYPE_KEYCHAIN_LOCK,
48 new(alloc) ListElement(CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT));
49 }
50
51 KeychainAclFactory::~KeychainAclFactory()
52 {
53 }
54
55
56 //
57 // Produce credentials.
58 // These are constants that don't need to be allocated per use.
59 //
60 const AccessCredentials *KeychainAclFactory::nullCredentials()
61 {
62 return &nullCred;
63 }
64
65 const AccessCredentials *KeychainAclFactory::keychainPromptCredentials()
66 {
67 return &kcCred;
68 }
69
70 const AccessCredentials *KeychainAclFactory::keychainPromptUnlockCredentials()
71 {
72 return &kcUnlockCred;
73 }
74
75 const AutoCredentials *KeychainAclFactory::passwordChangeCredentials(const CssmData &password)
76 {
77 AutoCredentials *cred = new AutoCredentials(allocator, 1);
78 // @@@ This leaks a ListElement(CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT) and ListElement(password)
79 cred->sample(0) = TypedList(allocator, CSSM_SAMPLE_TYPE_KEYCHAIN_CHANGE_LOCK,
80 new(allocator) ListElement(CSSM_SAMPLE_TYPE_PASSWORD),
81 new(allocator) ListElement(password));
82 return cred;
83 }
84
85 const AutoCredentials *KeychainAclFactory::passwordUnlockCredentials(const CssmData &password)
86 {
87 AutoCredentials *cred = new AutoCredentials(allocator, 1);
88 // @@@ This leaks a ListElement(CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT) and ListElement(password)
89 cred->sample(0) = TypedList(allocator, CSSM_SAMPLE_TYPE_KEYCHAIN_LOCK,
90 new(allocator) ListElement(CSSM_SAMPLE_TYPE_PASSWORD),
91 new(allocator) ListElement(password));
92 return cred;
93 }
94
95
96 //
97 //
98 AclEntryInput *KeychainAclFactory::keychainPromptOwner(const CssmData &description)
99 {
100 // @@@ Make sure this works for a NULL description
101 AclEntryPrototype proto(TypedList(allocator, CSSM_ACL_SUBJECT_TYPE_KEYCHAIN_PROMPT,
102 new(allocator) ListElement(allocator, description)));
103 return new(allocator) AclEntryInput(proto);
104 }
105
106 AclEntryInput *KeychainAclFactory::anyOwner()
107 {
108 AclEntryPrototype proto(TypedList(allocator, CSSM_ACL_SUBJECT_TYPE_ANY));
109 return new(allocator) AclEntryInput(proto);
110 }
111
112 void KeychainAclFactory::release(AclEntryInput *input)
113 {
114 DataWalkers::chunkFree(input, allocator);
115 }