Keychain/SecAccess.cpp

   1 /*
   2  * Copyright (c) 2002 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18 #include <Security/SecAccess.h>
  19 #include <Security/Access.h>
  20 #include "SecBridge.h"
  21
  22
  23 //
  24 // CF boilerplate
  25 //
  26 CFTypeID SecAccessGetTypeID(void)
  27 {
  28         BEGIN_SECAPI
  29         return gTypes().Access.typeID;
  30         END_SECAPI1(_kCFRuntimeNotATypeID)
  31 }
  32
  33
  34 //
  35 // API bridge calls
  36 //
  37 /*!
  38  *      Create a new SecAccessRef that is set to the default configuration
  39  *      of a (newly created) security object.
  40  */
  41 OSStatus SecAccessCreate(CFStringRef descriptor, CFArrayRef trustedList, SecAccessRef *accessRef)
  42 {
  43         BEGIN_SECAPI
  44         Required(descriptor);
  45         SecPointer<Access> access;
  46         if (trustedList) {
  47                 CFIndex length = CFArrayGetCount(trustedList);
  48                 ACL::ApplicationList trusted;
  49                 for (CFIndex n = 0; n < length; n++)
  50                         trusted.push_back(TrustedApplication::required(
  51                                 SecTrustedApplicationRef(CFArrayGetValueAtIndex(trustedList, n))));
  52                 access = new Access(cfString(descriptor), trusted);
  53         } else {
  54                 access = new Access(cfString(descriptor));
  55         }
  56         Required(accessRef) = access->handle();
  57         END_SECAPI
  58 }
  59
  60
  61 /*!
  62  */
  63 OSStatus SecAccessCreateFromOwnerAndACL(const CSSM_ACL_OWNER_PROTOTYPE *owner,
  64         uint32 aclCount, const CSSM_ACL_ENTRY_INFO *acls,
  65         SecAccessRef *accessRef)
  66 {
  67         BEGIN_SECAPI
  68         Required(accessRef);    // preflight
  69         SecPointer<Access> access = new Access(Required(owner), aclCount, &Required(acls));
  70         *accessRef = access->handle();
  71         END_SECAPI
  72 }
  73
  74
  75 /*!
  76  */
  77 OSStatus SecAccessGetOwnerAndACL(SecAccessRef accessRef,
  78         CSSM_ACL_OWNER_PROTOTYPE_PTR *owner,
  79         uint32 *aclCount, CSSM_ACL_ENTRY_INFO_PTR *acls)
  80 {
  81         BEGIN_SECAPI
  82         Access::required(accessRef)->copyOwnerAndAcl(
  83                 Required(owner), Required(aclCount), Required(acls));
  84         END_SECAPI
  85 }
  86
  87
  88 /*!
  89  */
  90 OSStatus SecAccessCopyACLList(SecAccessRef accessRef,
  91         CFArrayRef *aclList)
  92 {
  93         BEGIN_SECAPI
  94         Required(aclList) = Access::required(accessRef)->copySecACLs();
  95         END_SECAPI
  96 }
  97
  98
  99 /*!
 100  */
 101 OSStatus SecAccessCopySelectedACLList(SecAccessRef accessRef,
 102         CSSM_ACL_AUTHORIZATION_TAG action,
 103         CFArrayRef *aclList)
 104 {
 105         BEGIN_SECAPI
 106         Required(aclList) = Access::required(accessRef)->copySecACLs(action);
 107         END_SECAPI
 108 }