#include <Security/aclclient.h>
#include <Security/keychainacl.h>
#include <Security/walkers.h>
namespace Security {
namespace CssmClient {
AclBearer::~AclBearer()
{ }
void AclBearer::addAcl(const AclEntryInput &input, const CSSM_ACCESS_CREDENTIALS *cred)
{
changeAcl(AclEdit(input), cred);
}
void AclBearer::changeAcl(CSSM_ACL_HANDLE handle, const AclEntryInput &input,
const CSSM_ACCESS_CREDENTIALS *cred)
{
changeAcl(AclEdit(handle, input), cred);
}
void AclBearer::deleteAcl(CSSM_ACL_HANDLE handle, const CSSM_ACCESS_CREDENTIALS *cred)
{
changeAcl(AclEdit(handle), cred);
}
void AclBearer::deleteAcl(const char *tag, const CSSM_ACCESS_CREDENTIALS *cred)
{
AutoAclEntryInfoList entries;
getAcl(entries, tag);
for (uint32 n = 0; n < entries.count(); n++)
deleteAcl(entries[n].handle(), cred);
}
struct Statics {
Statics();
CssmAllocator &alloc;
AutoCredentials nullCred;
AutoCredentials promptCred;
AutoCredentials unlockCred;
};
namespace {
ModuleNexus<Statics> statics;
}
Statics::Statics()
: alloc(CssmAllocator::standard()),
nullCred(alloc, 1),
promptCred(alloc, 2),
unlockCred(alloc, 1)
{
nullCred.sample(0) = TypedList(alloc, CSSM_SAMPLE_TYPE_THRESHOLD);
promptCred.sample(0) = TypedList(alloc, CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT);
promptCred.sample(1) = TypedList(alloc, CSSM_SAMPLE_TYPE_THRESHOLD,
new(alloc) ListElement(TypedList(alloc, CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT)));
unlockCred.sample(0) = TypedList(alloc, CSSM_SAMPLE_TYPE_KEYCHAIN_LOCK,
new(alloc) ListElement(CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT));
}
AclFactory::AclFactory()
{ }
AclFactory::~AclFactory()
{ }
const AccessCredentials *AclFactory::nullCred() const
{ return &statics().nullCred; }
const AccessCredentials *AclFactory::promptCred() const
{ return &statics().promptCred; }
const AccessCredentials *AclFactory::unlockCred() const
{ return &statics().unlockCred; }
AclFactory::PasswordChangeCredentials::PasswordChangeCredentials (const CssmData& password, CssmAllocator& allocator) :
mAllocator (allocator)
{
mCredentials = new (allocator) AutoCredentials (allocator);;
mCredentials->sample(0) = TypedList(allocator, CSSM_SAMPLE_TYPE_KEYCHAIN_CHANGE_LOCK, new (allocator) ListElement (CSSM_SAMPLE_TYPE_PASSWORD),
new (allocator) ListElement (password));
}
AclFactory::PasswordChangeCredentials::~PasswordChangeCredentials ()
{
DataWalkers::chunkFree (mCredentials, mAllocator);
}
} }