#include <security_keychain/PolicyCursor.h>
#include <security_keychain/Policies.h>
#include <Security/oidsalg.h>
#include <security_cdsa_client/tpclient.h>
using namespace KeychainCore;
using namespace CssmClient;
struct TheOneTP : public TP {
TheOneTP() : TP(gGuidAppleX509TP) { }
};
static ModuleNexus<TheOneTP> theOneTP;
static const CssmOid *theOidList[] = {
static_cast<const CssmOid *>(&CSSMOID_APPLE_ISIGN),
static_cast<const CssmOid *>(&CSSMOID_APPLE_X509_BASIC),
static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_SSL),
static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_SMIME),
static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_EAP),
static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_SW_UPDATE_SIGNING),
static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_IP_SEC),
static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_ICHAT),
static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_RESOURCE_SIGN),
static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_PKINIT_CLIENT),
static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_PKINIT_SERVER),
static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_CODE_SIGNING),
static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_PACKAGE_SIGNING),
static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_REVOCATION_CRL),
static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_REVOCATION_OCSP),
static_cast<const CssmOid *>(&CSSMOID_APPLE_TP_MACAPPSTORE_RECEIPT),
NULL };
PolicyCursor::PolicyCursor(const CSSM_OID* oid, const CSSM_DATA* value)
: mOid(Allocator::standard()), mOidGiven(false), mMutex(Mutex::recursive)
{
if (oid) {
mOid = CssmOid::required(oid);
mOidGiven = true;
}
mSearchPos = 0;
}
PolicyCursor::~PolicyCursor() throw()
{
}
bool PolicyCursor::next(SecPointer<Policy> &policy)
{
StLock<Mutex>_(mMutex);
while (theOidList[mSearchPos]) {
if (mOidGiven && mOid != *theOidList[mSearchPos]) {
mSearchPos++;
continue; }
policy = new Policy(theOneTP(), *theOidList[mSearchPos]);
mSearchPos++; return true; }
return false; }