SecTrustedApplication.cpp [plain text]
#include <Security/SecTrustedApplicationPriv.h>
#include <security_keychain/TrustedApplication.h>
#include <security_keychain/Certificate.h>
#include <securityd_client/ssclient.h> // for code equivalence SPIs
#include "SecBridge.h"
#pragma clang diagnostic push
#pragma clang diagnostic ignored "-Wunused-function"
static inline CssmData cfData(CFDataRef data)
{
return CssmData(const_cast<UInt8 *>(CFDataGetBytePtr(data)),
CFDataGetLength(data));
}
#pragma clang diagnostic pop
CFTypeID
SecTrustedApplicationGetTypeID(void)
{
BEGIN_SECAPI
return gTypes().TrustedApplication.typeID;
END_SECAPI1(_kCFRuntimeNotATypeID)
}
OSStatus
SecTrustedApplicationCreateFromPath(const char *path, SecTrustedApplicationRef *appRef)
{
BEGIN_SECAPI
SecPointer<TrustedApplication> app =
path ? new TrustedApplication(path) : new TrustedApplication;
Required(appRef) = app->handle();
END_SECAPI
}
OSStatus SecTrustedApplicationCopyData(SecTrustedApplicationRef appRef,
CFDataRef *dataRef)
{
BEGIN_SECAPI
const char *path = TrustedApplication::required(appRef)->path();
Required(dataRef) = CFDataCreate(NULL, (const UInt8 *)path, strlen(path) + 1);
END_SECAPI
}
OSStatus SecTrustedApplicationSetData(SecTrustedApplicationRef appRef,
CFDataRef dataRef)
{
BEGIN_SECAPI
if (!dataRef)
return errSecParam;
TrustedApplication::required(appRef)->data(dataRef);
END_SECAPI
}
OSStatus
SecTrustedApplicationValidateWithPath(SecTrustedApplicationRef appRef, const char *path)
{
BEGIN_SECAPI
TrustedApplication &app = *TrustedApplication::required(appRef);
if (!app.verifyToDisk(path))
return CSSMERR_CSP_VERIFY_FAILED;
END_SECAPI
}
OSStatus SecTrustedApplicationCopyExternalRepresentation(
SecTrustedApplicationRef appRef,
CFDataRef *externalRef)
{
BEGIN_SECAPI
TrustedApplication &app = *TrustedApplication::required(appRef);
Required(externalRef) = app.externalForm();
END_SECAPI
}
OSStatus SecTrustedApplicationCreateWithExternalRepresentation(
CFDataRef externalRef,
SecTrustedApplicationRef *appRef)
{
BEGIN_SECAPI
Required(appRef) = (new TrustedApplication(externalRef))->handle();
END_SECAPI
}
OSStatus
SecTrustedApplicationMakeEquivalent(SecTrustedApplicationRef oldRef,
SecTrustedApplicationRef newRef, UInt32 flags)
{
BEGIN_SECAPI
return errSecParam;
END_SECAPI
}
OSStatus
SecTrustedApplicationRemoveEquivalence(SecTrustedApplicationRef appRef, UInt32 flags)
{
BEGIN_SECAPI
return errSecParam;
END_SECAPI
}
OSStatus
SecTrustedApplicationIsUpdateCandidate(const char *installroot, const char *path)
{
BEGIN_SECAPI
return CSSMERR_DL_RECORD_NOT_FOUND; END_SECAPI
}
OSStatus
SecTrustedApplicationUseAlternateSystem(const char *systemRoot)
{
BEGIN_SECAPI
return errSecParam;
END_SECAPI
}
OSStatus SecTrustedApplicationCreateFromRequirement(const char *description,
SecRequirementRef requirement, SecTrustedApplicationRef *appRef)
{
BEGIN_SECAPI
if (description == NULL)
description = "csreq://"; SecPointer<TrustedApplication> app = new TrustedApplication(description, requirement);
Required(appRef) = app->handle();
END_SECAPI
}
OSStatus SecTrustedApplicationCopyRequirement(SecTrustedApplicationRef appRef,
SecRequirementRef *requirement)
{
BEGIN_SECAPI
Required(requirement) = TrustedApplication::required(appRef)->requirement();
if (*requirement)
CFRetain(*requirement);
END_SECAPI
}
OSStatus SecTrustedApplicationCreateApplicationGroup(const char *groupName,
SecCertificateRef anchor, SecTrustedApplicationRef *appRef)
{
BEGIN_SECAPI
CFRef<SecRequirementRef> req;
MacOSError::check(SecRequirementCreateGroup(CFTempString(groupName), anchor,
kSecCSDefaultFlags, &req.aref()));
string description = string("group://") + groupName;
if (anchor) {
Certificate *cert = Certificate::required(anchor);
const CssmData &hash = cert->publicKeyHash();
description = description + "?cert=" + cfString(cert->commonName())
+ "&hash=" + hash.toHex();
}
SecPointer<TrustedApplication> app = new TrustedApplication(description, req);
Required(appRef) = app->handle();
END_SECAPI
}