keychainacl.cpp
1 /* 2 * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved. 3 * 4 * The contents of this file constitute Original Code as defined in and are 5 * subject to the Apple Public Source License Version 1.2 (the 'License'). 6 * You may not use this file except in compliance with the License. Please obtain 7 * a copy of the License at http://www.apple.com/publicsource and read it before 8 * using this file. 9 * 10 * This Original Code and all software distributed under the License are 11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS 12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT 13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR 14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the 15 * specific language governing rights and limitations under the License. 16 */ 17 18 19 // 20 // keychainacl - Keychain-related ACL and credential forms 21 // 22 #ifdef __MWERKS__ 23 #define _CPP_KEYCHAINACL 24 #endif 25 26 #include "keychainacl.h" 27 #include <security_cdsa_utilities/cssmwalkers.h> 28 29 using namespace CssmClient; 30 31 32 // 33 // Construct the factory. 34 // @@@ Leaks. 35 // 36 KeychainAclFactory::KeychainAclFactory(Allocator &alloc) 37 : allocator(alloc), nullCred(alloc, 1), kcCred(alloc, 2), kcUnlockCred(alloc, 1) 38 { 39 // the credential objects self-initialize to empty 40 nullCred.sample(0) = TypedList(alloc, CSSM_SAMPLE_TYPE_THRESHOLD); 41 42 kcCred.sample(0) = TypedList(alloc, CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT); 43 kcCred.sample(1) = TypedList(alloc, CSSM_SAMPLE_TYPE_THRESHOLD, 44 new(alloc) ListElement(TypedList(alloc, CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT))); 45 46 // @@@ This leaks a ListElement(CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT) 47 kcUnlockCred.sample(0) = TypedList(alloc, CSSM_SAMPLE_TYPE_KEYCHAIN_LOCK, 48 new(alloc) ListElement(CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT)); 49 } 50 51 KeychainAclFactory::~KeychainAclFactory() 52 { 53 } 54 55 56 // 57 // Produce credentials. 58 // These are constants that don't need to be allocated per use. 59 // 60 const AccessCredentials *KeychainAclFactory::nullCredentials() 61 { 62 return &nullCred; 63 } 64 65 const AccessCredentials *KeychainAclFactory::keychainPromptCredentials() 66 { 67 return &kcCred; 68 } 69 70 const AccessCredentials *KeychainAclFactory::keychainPromptUnlockCredentials() 71 { 72 return &kcUnlockCred; 73 } 74 75 const AutoCredentials *KeychainAclFactory::passwordChangeCredentials(const CssmData &password) 76 { 77 AutoCredentials *cred = new AutoCredentials(allocator, 1); 78 // @@@ This leaks a ListElement(CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT) and ListElement(password) 79 cred->sample(0) = TypedList(allocator, CSSM_SAMPLE_TYPE_KEYCHAIN_CHANGE_LOCK, 80 new(allocator) ListElement(CSSM_SAMPLE_TYPE_PASSWORD), 81 new(allocator) ListElement(password)); 82 return cred; 83 } 84 85 const AutoCredentials *KeychainAclFactory::passwordUnlockCredentials(const CssmData &password) 86 { 87 AutoCredentials *cred = new AutoCredentials(allocator, 1); 88 // @@@ This leaks a ListElement(CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT) and ListElement(password) 89 cred->sample(0) = TypedList(allocator, CSSM_SAMPLE_TYPE_KEYCHAIN_LOCK, 90 new(allocator) ListElement(CSSM_SAMPLE_TYPE_PASSWORD), 91 new(allocator) ListElement(password)); 92 return cred; 93 } 94 95 96 // 97 // 98 AclEntryInput *KeychainAclFactory::keychainPromptOwner(const CssmData &description) 99 { 100 // @@@ Make sure this works for a NULL description 101 AclEntryPrototype proto(TypedList(allocator, CSSM_ACL_SUBJECT_TYPE_KEYCHAIN_PROMPT, 102 new(allocator) ListElement(allocator, description))); 103 return new(allocator) AclEntryInput(proto); 104 } 105 106 AclEntryInput *KeychainAclFactory::anyOwner() 107 { 108 AclEntryPrototype proto(TypedList(allocator, CSSM_ACL_SUBJECT_TYPE_ANY)); 109 return new(allocator) AclEntryInput(proto); 110 } 111 112 void KeychainAclFactory::release(AclEntryInput *input) 113 { 114 DataWalkers::chunkFree(input, allocator); 115 }