X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/b04fe171f0375ecd5d8a24747ca1dff85720a0ca..6b200bc335dc93c5516ccb52f14bd896d8c7fad7:/SecurityTests/clxutils/rootStoreTool/parseTrustedRootList.cpp

diff --git a/SecurityTests/clxutils/rootStoreTool/parseTrustedRootList.cpp b/SecurityTests/clxutils/rootStoreTool/parseTrustedRootList.cpp
deleted file mode 100644
index e4851e59..00000000
--- a/SecurityTests/clxutils/rootStoreTool/parseTrustedRootList.cpp
+++ /dev/null
@@ -1,297 +0,0 @@
-/*
- * parseTrustedRootList.cpp - parse the contents of a TrustedRootList record.
- *
- * Created May 26 2005 by dmitch. 
- */
- 
-#include <stdlib.h>
-#include <strings.h>
-#include <stdio.h>
-#include <unistd.h>
-#include "parseTrustedRootList.h"
-#include "rootUtils.h"
-
-#include <Security/TrustSettingsSchema.h>		/* private header */
-#include <Security/SecTrustSettings.h>			
-#include <CoreFoundation/CoreFoundation.h>
-#include <security_utilities/cfutilities.h>
-
-/*
- * Data is obtained from a SecKeychainItemRef; it's expected to be the XML encoding
- * of a CFPropertyList (specifically of a CFDictionaryRef).
- */
-int parseTrustedRootList(
-	CFDataRef plistData)
-{
-	/* First decode the XML */
-	CFStringRef errStr = NULL;
-	CFRef<CFPropertyListRef> rawPropList;
-	int ourRtn = 0;
-	OidParser parser;
-	
-	rawPropList.take(CFPropertyListCreateFromXMLData(
-		NULL,
-		plistData,
-		kCFPropertyListImmutable,
-		&errStr));
-	CFPropertyListRef cfRawPropList = rawPropList;
-	if(cfRawPropList == NULL) {
-		printf("***parseTrustedRootList: Error decoding TrustedRootList XML data\n");
-		if(errStr != NULL) {
-			printf("Error string: "); CFShow(errStr);
-			CFRelease(errStr);
-		}
-		return -1;
-	}
-	if(errStr != NULL) {
-		CFRelease(errStr);
-	}
-	
-	CFDictionaryRef topDict = (CFDictionaryRef)cfRawPropList;
-	if(CFGetTypeID(topDict) != CFDictionaryGetTypeID()) {
-		printf("***parseTrustedRootList: malformed propList");
-		return -1;
-	}
-
-	printf("=== Parsed User Trust Record ===\n");
-	
-	/* that dictionary has two entries */
-	CFNumberRef cfVers = (CFNumberRef)CFDictionaryGetValue(topDict, kTrustRecordVersion);
-	if((cfVers == NULL) || (CFGetTypeID(cfVers) != CFNumberGetTypeID())) {
-		printf("***parseTrustedRootList: malformed version");
-	}
-	else {
-		SInt32 vers;
-		if(!CFNumberGetValue(cfVers, kCFNumberSInt32Type, &vers)) {
-			printf("***parseTrustedRootList: malformed version");
-		}
-		else {
-			printf("Version = %ld\n", vers);
-		}
-	}
-	
-	CFDictionaryRef certsDict = (CFDictionaryRef)CFDictionaryGetValue(topDict, 
-		kTrustRecordTrustList);
-	if((certsDict == NULL) || (CFGetTypeID(certsDict) != CFDictionaryGetTypeID())) {
-		printf("***parseTrustedRootList: malformed mTrustArray");
-		return -1;
-	}
-	
-	CFIndex numCerts = CFDictionaryGetCount(certsDict);
-	const void *dictKeys[numCerts];
-	const void *dictValues[numCerts];
-	CFDictionaryGetKeysAndValues(certsDict, dictKeys, dictValues);
-
-	CFDataRef certApp;
-	CFDataRef certPolicy;
-	CFDictionaryRef ucDict;
-	CFArrayRef usageConstraints;
-	CFDataRef cfd;
-	CFIndex numUsageConstraints;
-	CFStringRef policyStr;
-	CFNumberRef cfNum;
-	CFDateRef modDate;
-	
-	printf("Number of cert entries: %ld\n", numCerts);
-	
-	for(CFIndex dex=0; dex<numCerts; dex++) {
-		printf("Cert %ld:\n", dex);
-		indentIncr();
-		
-		/* per-cert key is ASCII representation of SHA1(cert) */
-		CFStringRef certHashStr = (CFStringRef)dictKeys[dex];
-		if(CFGetTypeID(certHashStr) != CFStringGetTypeID()) {
-			printf("***parseTrustedRootList: malformed certsDict key");
-			ourRtn = -1;
-			goto nextCert;
-		}
-		indent(); printf("Cert Hash              : ");
-		printCfStr(certHashStr);
-		printf("\n");
-	
-		/* get per-cert dictionary */
-		CFDictionaryRef certDict = (CFDictionaryRef)dictValues[dex];
-		if(CFGetTypeID(certDict) != CFDictionaryGetTypeID()) {
-			printf("***parseTrustedRootList: malformed certDict");
-			ourRtn = -1;
-			goto nextCert;
-		}
-		
-		/* 
-		 * That dictionary has exactly four entries...but the first
- 		 * 
-		 * First, the issuer. This is in non-normalized form.
-		 */
-		cfd = (CFDataRef)CFDictionaryGetValue(certDict, kTrustRecordIssuer);
-		if(cfd == NULL) {
-			printf("***parseTrustedRootList: missing issuer");
-			ourRtn = -1;
-			goto nextCert;
-		}
-		if(CFGetTypeID(cfd) != CFDataGetTypeID()) {
-			printf("***parseTrustedRootList: malformed issuer");
-			ourRtn = -1;
-			goto nextCert;
-		}
-		indent(); 
-		if(CFDataGetLength(cfd) == 0) {
-			/* that's for a default setting */
-			printf("Issuer                 : <none>\n");
-		}
-		else {
-			printf("Issuer                 : \n");
-			indentIncr(); printCfName(cfd, parser);
-			indentDecr();
-		}
-
-		/* Serial number */
-		cfd = (CFDataRef)CFDictionaryGetValue(certDict, kTrustRecordSerialNumber);
-		if(cfd == NULL) {
-			printf("***parseTrustedRootList: missing serial number");
-			ourRtn = -1;
-			goto nextCert;
-		}
-		if(CFGetTypeID(cfd) != CFDataGetTypeID()) {
-			printf("***parseTrustedRootList: malformed serial number");
-			ourRtn = -1;
-			goto nextCert;
-		}
-		indent(); printData("Serial Number          ", cfd, PD_Hex, parser);
-
-		/* modification date */
-		modDate = (CFDateRef)CFDictionaryGetValue(certDict, kTrustRecordModDate);
-		if(modDate == NULL) {
-			printf("***parseTrustedRootList: missing modification date");
-			ourRtn = -1;
-			goto nextCert;
-		}
-		if(CFGetTypeID(modDate) != CFDateGetTypeID()) {
-			printf("***parseTrustedRootList: malformed modification date");
-			ourRtn = -1;
-			goto nextCert;
-		}
-		indent(); 
-		printf("Modification Date      : ");
-		printCFDate(modDate);
-		printf("\n");
-		
-		/* 
-		 * Array of usageConstraint dictionaries - the array itself must be there,
-		 * though it might be empty. 
-		 */
-		usageConstraints = (CFArrayRef)CFDictionaryGetValue(certDict,
-				kTrustRecordTrustSettings);
-		numUsageConstraints = 0;
-		if(usageConstraints != NULL) {
-			if(CFGetTypeID(usageConstraints) != CFArrayGetTypeID()) {
-				printf("***parseTrustedRootList: malformed Usage Constraints array");
-				ourRtn = -1;
-				goto nextCert;
-			}
-		
-			numUsageConstraints = CFArrayGetCount(usageConstraints);
-		}
-		indent(); printf("Num usage constraints  : ");
-		if(usageConstraints) {
-			printf("%ld\n", numUsageConstraints);
-		}
-		else {
-			printf("<not present>\n");
-		}		
-
-		/* grind thru the usageConstraint dictionaries */
-		for(CFIndex apDex=0; apDex<numUsageConstraints; apDex++) {
-			indent(); printf("Usage constraint %ld:\n", apDex);
-			indentIncr();
-			
-			ucDict = (CFDictionaryRef)CFArrayGetValueAtIndex(usageConstraints, apDex);
-			if(CFGetTypeID(ucDict) != CFDictionaryGetTypeID()) {
-				printf("***parseTrustedRootList: malformed usageConstraint dictionary");
-				ourRtn = -1;
-				goto nextAp;
-			}
-			
-			/* policy - optional - an OID */
-			certPolicy = (CFDataRef)CFDictionaryGetValue(ucDict, kSecTrustSettingsPolicy);
-			if(certPolicy != NULL) {
-				if(CFGetTypeID(certPolicy) != CFDataGetTypeID()) {
-					printf("***parseTrustedRootList: malformed certPolicy");
-					ourRtn = -1;
-					goto nextAp;
-				}
-				indent(); printData("Policy OID          ", certPolicy, PD_OID, parser);
-			}
-			
-			/* app - optional - data - opaque */
-			certApp = (CFDataRef)CFDictionaryGetValue(ucDict, kSecTrustSettingsApplication);
-			if(certApp != NULL) {
-				if(CFGetTypeID(certApp) != CFDataGetTypeID()) {
-					printf("***parseTrustedRootList: malformed certApp");
-					ourRtn = -1;
-					goto nextAp;
-				}
-				indent(); printData("Application         ", certApp, PD_Hex, parser);
-			}
-			
-			/* policy string */
-			policyStr = (CFStringRef)CFDictionaryGetValue(ucDict, kSecTrustSettingsPolicyString);
-			if(policyStr != NULL) {
-				if(CFGetTypeID(policyStr) != CFStringGetTypeID()) {
-					printf("***parseTrustedRootList: malformed policyStr");
-					ourRtn = -1;
-					goto nextAp;
-				}
-				indent(); printf("Policy String       : ");
-				printCfStr(policyStr); printf("\n");
-			}
-
-			/* Allowed error */
-			cfNum = (CFNumberRef)CFDictionaryGetValue(ucDict, kSecTrustSettingsAllowedError);
-			if(cfNum != NULL) {
-				if(CFGetTypeID(cfNum) != CFNumberGetTypeID()) {
-					printf("***parseTrustedRootList: malformed allowedError");
-					ourRtn = -1;
-					goto nextAp;
-				}
-				indent(); printf("Allowed Error       : ");
-				printCssmErr(cfNum); printf("\n");
-			}
-
-			/* ResultType */
-			cfNum = (CFNumberRef)CFDictionaryGetValue(ucDict, kSecTrustSettingsResult);
-			if(cfNum != NULL) {
-				if(CFGetTypeID(cfNum) != CFNumberGetTypeID()) {
-					printf("***parseTrustedRootList: malformed Result");
-					ourRtn = -1;
-					goto nextAp;
-				}
-				indent(); printf("Result Type         : ");
-				printResult(cfNum); printf("\n");
-			}
-
-			/* key usage */
-			cfNum = (CFNumberRef)CFDictionaryGetValue(ucDict, kSecTrustSettingsKeyUsage);
-			if(cfNum != NULL) {
-				if(CFGetTypeID(cfNum) != CFNumberGetTypeID()) {
-					printf("***parseTrustedRootList: malformed keyUsage");
-					ourRtn = -1;
-					goto nextAp;
-				}
-				indent(); printf("Key Usage           : ");
-				printKeyUsage(cfNum); printf("\n");
-			}
-
-		nextAp:
-			indentDecr();
-		}
-		
-	nextCert:
-		indentDecr();
-	} /* for each cert dictionary  in top-level array */
-	
-	printf("=== End of Parsed User Trust Record ===\n");
-	return ourRtn;
-
-}
-
-