]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_keychain/lib/SecPolicySearch.cpp
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57740.1.18.tar.gz
[apple/security.git] / OSX / libsecurity_keychain / lib / SecPolicySearch.cpp
1 /*
2 * Copyright (c) 2002-2004,2011-2015 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 #include <Security/SecPolicySearch.h>
25 #include <Security/SecPolicyPriv.h>
26 #include <security_keychain/PolicyCursor.h>
27 #include <security_keychain/Policies.h>
28 #include "SecBridge.h"
29
30 //
31 // CF Boilerplate
32 CFTypeID
33 SecPolicySearchGetTypeID(void)
34 {
35 BEGIN_SECAPI
36
37 return gTypes().PolicyCursor.typeID;
38
39 END_SECAPI1(_kCFRuntimeNotATypeID)
40 }
41
42
43 OSStatus
44 SecPolicySearchCreate(
45 CSSM_CERT_TYPE certType,
46 const CSSM_OID* oid,
47 const CSSM_DATA* value,
48 SecPolicySearchRef* searchRef)
49 {
50 BEGIN_SECAPI
51 Required(searchRef); // preflight
52 PolicyCursor* pc = new PolicyCursor(oid, value);
53 if (pc == NULL)
54 {
55 return errSecPolicyNotFound;
56 }
57
58 SecPointer<PolicyCursor> cursor(pc);
59 *searchRef = cursor->handle();
60 END_SECAPI
61 }
62
63
64 OSStatus
65 SecPolicySearchCopyNext(
66 SecPolicySearchRef searchRef,
67 SecPolicyRef* policyRef)
68 {
69 BEGIN_SECAPI
70
71 RequiredParam(policyRef);
72 SecPointer<Policy> policy;
73
74 #if !SECTRUST_OSX
75 if (!PolicyCursor::required(searchRef)->next(policy))
76 return errSecPolicyNotFound;
77 *policyRef = policy->handle();
78 #else
79 /* bridge to support API functionality */
80 CFStringRef oidStr = NULL;
81 PolicyCursor *policyCursor = PolicyCursor::required(searchRef);
82 do {
83 if (!policyCursor->next(policy))
84 return errSecPolicyNotFound;
85 CssmOid oid = policy->oid();
86 CFStringRef str = SecPolicyGetStringForOID(&oid);
87 if (str) {
88 oidStr = str;
89 if (CFEqual(str, kSecPolicyAppleiChat) ||
90 CFEqual(str, kSecPolicyApplePKINITClient) ||
91 CFEqual(str, kSecPolicyApplePKINITServer)) {
92 oidStr = NULL; /* TBD: support for PKINIT policies in unified code */
93 }
94 else if (policyCursor->oidProvided() == false &&
95 CFEqual(str, kSecPolicyAppleRevocation)) {
96 oidStr = NULL; /* filter this out unless specifically requested */
97 }
98 }
99 }
100 while (!oidStr);
101 /* create and vend a unified SecPolicyRef instance */
102 CFRef<CFDictionaryRef> properties = policy->properties();
103 if ((*policyRef = SecPolicyCreateWithProperties(oidStr, properties)) != NULL) {
104 __secapiresult = errSecSuccess;
105 } else {
106 __secapiresult = errSecPolicyNotFound;
107 }
108 #endif
109
110 END_SECAPI
111 }
mirror of Security