Keychain/SecAccess.cpp

   1 /*
   2  * Copyright (c) 2002 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18 #include <Security/SecAccess.h>
  19 #include <Security/Access.h>
  20 #include "SecBridge.h"
  21
  22
  23 //
  24 // CF boilerplate
  25 //
  26 CFTypeID SecAccessGetTypeID(void)
  27 {
  28         BEGIN_SECAPI
  29         return gTypes().access.typeId;
  30         END_SECAPI1(_kCFRuntimeNotATypeID)
  31 }
  32
  33
  34 //
  35 // API bridge calls
  36 //
  37 /*!
  38  *      Create a new SecAccessRef that is set to the default configuration
  39  *      of a (newly created) security object.
  40  */
  41 OSStatus SecAccessCreate(CFStringRef descriptor, CFArrayRef trustedList, SecAccessRef *accessRef)
  42 {
  43         BEGIN_SECAPI
  44         Required(descriptor);
  45         RefPointer<Access> access;
  46         if (trustedList) {
  47                 CFIndex length = CFArrayGetCount(trustedList);
  48                 ACL::ApplicationList trusted;
  49                 for (CFIndex n = 0; n < length; n++)
  50                         trusted.push_back(gTypes().trustedApplication.required(
  51                                 SecTrustedApplicationRef(CFArrayGetValueAtIndex(trustedList, n))));
  52                 access = new Access(cfString(descriptor), trusted);
  53         } else {
  54                 access = new Access(cfString(descriptor));
  55         }
  56         Required(accessRef) = gTypes().access.handle(*access);
  57         END_SECAPI
  58 }
  59
  60
  61 /*!
  62  */
  63 OSStatus SecAccessCreateFromOwnerAndACL(const CSSM_ACL_OWNER_PROTOTYPE *owner,
  64         uint32 aclCount, const CSSM_ACL_ENTRY_INFO *acls,
  65         SecAccessRef *accessRef)
  66 {
  67         BEGIN_SECAPI
  68         Required(accessRef);    // preflight
  69         RefPointer<Access> access = new Access(Required(owner), aclCount, &Required(acls));
  70         *accessRef = gTypes().access.handle(*access);
  71         END_SECAPI
  72 }
  73
  74
  75 /*!
  76  */
  77 OSStatus SecAccessGetOwnerAndACL(SecAccessRef accessRef,
  78         CSSM_ACL_OWNER_PROTOTYPE_PTR *owner,
  79         uint32 *aclCount, CSSM_ACL_ENTRY_INFO_PTR *acls)
  80 {
  81         BEGIN_SECAPI
  82 #if 0
  83         gTypes().access.required(accessRef)->copyOwnerAndAcl(
  84                 Required(owner), Required(aclCount), Required(acls));
  85 #endif
  86         END_SECAPI
  87 }
  88
  89
  90 /*!
  91  */
  92 OSStatus SecAccessCopyACLList(SecAccessRef accessRef,
  93         CFArrayRef *aclList)
  94 {
  95         BEGIN_SECAPI
  96         Required(aclList) = gTypes().access.required(accessRef)->copySecACLs();
  97         END_SECAPI
  98 }
  99
 100
 101 /*!
 102  */
 103 OSStatus SecAccessCopySelectedACLList(SecAccessRef accessRef,
 104         CSSM_ACL_AUTHORIZATION_TAG action,
 105         CFArrayRef *aclList)
 106 {
 107         BEGIN_SECAPI
 108         Required(aclList) = gTypes().access.required(accessRef)->copySecACLs(action);
 109         END_SECAPI
 110 }