X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5dd5f9ec28f304ca377c42fd7f711d6cf12b90e1..5c19dc3ae3bd8e40a9c028b0deddd50ff337692c:/Security/libsecurity_cdsa_utilities/lib/acl_threshold.h diff --git a/Security/libsecurity_cdsa_utilities/lib/acl_threshold.h b/Security/libsecurity_cdsa_utilities/lib/acl_threshold.h deleted file mode 100644 index 437f78f0..00000000 --- a/Security/libsecurity_cdsa_utilities/lib/acl_threshold.h +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright (c) 2000-2004,2006,2011,2014 Apple Inc. All Rights Reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * This file contains Original Code and/or Modifications of Original Code - * as defined in and that are subject to the Apple Public Source License - * Version 2.0 (the 'License'). You may not use this file except in - * compliance with the License. Please obtain a copy of the License at - * http://www.opensource.apple.com/apsl/ and read it before using this - * file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. - * Please see the License for the specific language governing rights and - * limitations under the License. - * - * @APPLE_LICENSE_HEADER_END@ - */ - - -// -// acl_threshold - Threshold-based group ACL subjects. -// -// This subject type implements threshold (k of n) subjects as per CSSM standard. -// Subsubjects are stored and evaluated in the order received. Any subsubject -// is presented with all subsamples of the corresponding threshold sample, but -// not any other samples possibly present in the credentials. Subsubject evaluation -// stops as soon as the threshold is satisfied, or as soon as it becomes numerically -// impossible to satisfy the threshold with future matches. -// Note that this subject will reject out of hand any threshold sample that -// contains more than subsamples. This defeats "sample stuffing" attacks -// where the attacker provides thousands of samples in the hope that some may -// match by accident. It will however accept threshold samples with fewer than -// subsamples, as long as there are at least subsamples. -// -#ifndef _ACL_THRESHOLD -#define _ACL_THRESHOLD - -#include -#include - - -namespace Security { - -class ThresholdAclSubject : public SimpleAclSubject { - typedef ObjectAcl::AclSubjectPointer AclSubjectPointer; - typedef vector AclSubjectVector; -public: - bool validate(const AclValidationContext &baseCtx, const TypedList &sample) const; - CssmList toList(Allocator &alloc) const; - - ThresholdAclSubject(uint32 n, uint32 k, const AclSubjectVector &subSubjects); - - void exportBlob(Writer::Counter &pub, Writer::Counter &priv); - void exportBlob(Writer &pub, Writer &priv); - - unsigned count() const { return totalSubjects; } - AclSubject *subject(unsigned n) const { return elements[n]; } - void add(AclSubject *subject, unsigned beforePosition); - - IFDUMP(void debugDump() const); - - class Maker : public AclSubject::Maker { - public: - Maker() : AclSubject::Maker(CSSM_ACL_SUBJECT_TYPE_THRESHOLD) { } - ThresholdAclSubject *make(const TypedList &list) const; - ThresholdAclSubject *make(Version, Reader &pub, Reader &priv) const; - }; - -private: - uint32 minimumNeeded; // number of matches needed - uint32 totalSubjects; // number of subSubjects - AclSubjectVector elements; // sub-subject vector - - template - void exportBlobForm(Action &pub, Action &priv); -}; - -} // namespace Security - - -#endif //_ACL_THRESHOLD