本文整理汇总了C++中SecPointer类的典型用法代码示例。如果您正苦于以下问题:C++ SecPointer类的具体用法?C++ SecPointer怎么用?C++ SecPointer使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了SecPointer类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: SecPolicyCreateAppleTimeStampingAndRevocationPolicies
// Takes the "context" policies to extract the revocation and apply it to timeStamp.
CFArrayRef
SecPolicyCreateAppleTimeStampingAndRevocationPolicies(CFTypeRef policyOrArray)
{
/* can't use SECAPI macros, since this function does not return OSStatus */
CFArrayRef resultPolicyArray=NULL;
try {
// Set default policy
CFRef<CFArrayRef> policyArray = cfArrayize(policyOrArray);
CFRef<SecPolicyRef> defaultPolicy = SecPolicyCreateWithOID(kSecPolicyAppleTimeStamping);
CFRef<CFMutableArrayRef> appleTimeStampingPolicies = makeCFMutableArray(1,defaultPolicy.get());
// Parse the policy and add revocation related ones
CFIndex numPolicies = CFArrayGetCount(policyArray);
for(CFIndex dex=0; dex<numPolicies; dex++) {
SecPolicyRef secPol = (SecPolicyRef)CFArrayGetValueAtIndex(policyArray, dex);
SecPointer<Policy> pol = Policy::required(SecPolicyRef(secPol));
const CssmOid &oid = pol->oid();
if ((oid == CssmOid::overlay(CSSMOID_APPLE_TP_REVOCATION))
|| (oid == CssmOid::overlay(CSSMOID_APPLE_TP_REVOCATION_CRL))
|| (oid == CssmOid::overlay(CSSMOID_APPLE_TP_REVOCATION_OCSP)))
{
CFArrayAppendValue(appleTimeStampingPolicies, secPol);
}
}
// Transfer of ownership
resultPolicyArray=appleTimeStampingPolicies.yield();
}
catch (...) {
CFReleaseNull(resultPolicyArray);
};
return resultPolicyArray;
}示例2: attributes
//
// Identify a guest by returning its StaticCode and running CodeDirectory hash.
// This uses cshosting RPCs to ask the host (or its proxy).
//
SecStaticCode *GenericCode::identifyGuest(SecCode *guest, CFDataRef *cdhashOut)
{
if (GenericCode *iguest = dynamic_cast<GenericCode *>(guest)) {
FilePathOut path;
CFRef<CFDataRef> cdhash;
CFDictionary attributes(errSecCSHostProtocolInvalidAttribute);
identifyGuest(iguest->guestRef(), path, cdhash.aref(), attributes.aref());
DiskRep::Context ctx;
if (CFNumberRef architecture = attributes.get<CFNumberRef>(kSecGuestAttributeArchitecture)) {
cpu_type_t cpu = cfNumber<cpu_type_t>(architecture);
if (CFNumberRef subarchitecture = attributes.get<CFNumberRef>(kSecGuestAttributeSubarchitecture))
ctx.arch = Architecture(cpu, cfNumber<cpu_subtype_t>(subarchitecture));
else
ctx.arch = Architecture(cpu);
}
SecPointer<GenericStaticCode> code = new GenericStaticCode(DiskRep::bestGuess(path, &ctx));
CODESIGN_GUEST_IDENTIFY_GENERIC(iguest, iguest->guestRef(), code);
if (cdhash) {
CODESIGN_GUEST_CDHASH_GENERIC(iguest, (void *)CFDataGetBytePtr(cdhash), (unsigned)CFDataGetLength(cdhash));
*cdhashOut = cdhash.yield();
}
return code.yield();
} else
MacOSError::throwMe(errSecCSNotAHost);
}示例3: active
//
// Given a bag of attribute values, automagically come up with a SecCode
// without any other information.
// This is meant to be the "just do what makes sense" generic call, for callers
// who don't want to engage in the fascinating dance of manual guest enumeration.
//
// Note that we expect the logic embedded here to change over time (in backward
// compatible fashion, one hopes), and that it's all right to use heuristics here
// as long as it's done sensibly.
//
// Be warned that the present logic is quite a bit ad-hoc, and will likely not
// handle arbitrary combinations of proxy hosting, dynamic hosting, and dedicated
// hosting all that well.
//
SecCode *SecCode::autoLocateGuest(CFDictionaryRef attributes, SecCSFlags flags)
{
// special case: with no attributes at all, return the root of trust
if (CFDictionaryGetCount(attributes) == 0)
return KernelCode::active()->retain();
// main logic: we need a pid, and we'll take a canonical guest id as an option
int pid = 0;
if (!cfscan(attributes, "{%O=%d}", kSecGuestAttributePid, &pid))
CSError::throwMe(errSecCSUnsupportedGuestAttributes, kSecCFErrorGuestAttributes, attributes);
if (SecCode *process =
KernelCode::active()->locateGuest(attributes)) {
SecPointer<SecCode> code;
code.take(process); // locateGuest gave us a retained object
if (code->staticCode()->flag(kSecCodeSignatureHost)) {
// might be a code host. Let's find out
CFRef<CFMutableDictionaryRef> rest = makeCFMutableDictionary(attributes);
CFDictionaryRemoveValue(rest, kSecGuestAttributePid);
if (SecCode *guest = code->locateGuest(rest))
return guest;
}
if (!CFDictionaryGetValue(attributes, kSecGuestAttributeCanonical)) {
// only "soft" attributes, and no hosting is happening. Return the (non-)host itself
return code.yield();
}
}
MacOSError::throwMe(errSecCSNoSuchCode);
}示例4: SecAccessCreateFromOwnerAndACL
/*!
*/
OSStatus SecAccessCreateFromOwnerAndACL(const CSSM_ACL_OWNER_PROTOTYPE *owner,
uint32 aclCount, const CSSM_ACL_ENTRY_INFO *acls,
SecAccessRef *accessRef)
{
BEGIN_SECAPI
Required(accessRef); // preflight
SecPointer<Access> access = new Access(Required(owner), aclCount, &Required(acls));
*accessRef = access->handle();
END_SECAPI
}示例5: SecCodeCopyHost
//
// Get the host for an Code
//
OSStatus SecCodeCopyHost(SecCodeRef guestRef, SecCSFlags flags, SecCodeRef *hostRef)
{
BEGIN_CSAPI
checkFlags(flags);
SecPointer<SecCode> host = SecCode::required(guestRef)->host();
CodeSigning::Required(hostRef) = host ? host->handle() : NULL;
END_CSAPI
}示例6: SecACLCopySimpleContents
/*!
*/
OSStatus SecACLCopySimpleContents(SecACLRef aclRef,
CFArrayRef *applicationList,
CFStringRef *promptDescription, CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR *promptSelector)
{
BEGIN_SECAPI
SecPointer<ACL> acl = ACL::required(aclRef);
switch (acl->form()) {
case ACL::allowAllForm:
Required(applicationList) = NULL;
Required(promptDescription) =
acl->promptDescription().empty() ? NULL
: makeCFString(acl->promptDescription());
Required(promptSelector) = acl->promptSelector();
break;
case ACL::appListForm:
Required(applicationList) =
makeCFArrayFrom(convert, acl->applications());
Required(promptDescription) = makeCFString(acl->promptDescription());
Required(promptSelector) = acl->promptSelector();
break;
case ACL::integrityForm:
Required(applicationList) = NULL;
Required(promptDescription) = makeCFString(acl->integrity().toHex());
// We don't have a prompt selector. Nullify.
Required(promptSelector).version = CSSM_ACL_KEYCHAIN_PROMPT_CURRENT_VERSION;
Required(promptSelector).flags = 0;
break;
default:
return errSecACLNotSimple; // custom or unknown
}
END_SECAPI
}示例7: SecACLSetSimpleContents
OSStatus SecACLSetSimpleContents(SecACLRef aclRef,
CFArrayRef applicationList,
CFStringRef description, const CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR *promptSelector)
{
BEGIN_SECAPI
SecPointer<ACL> acl = ACL::required(aclRef);
if(acl->form() == ACL::integrityForm) {
// If this is an integrity ACL, route the (unhexified) promptDescription into the right place
string hex = cfString(description);
if(hex.length() %2 == 0) {
// might be a valid hex string, try to set
CssmAutoData data(Allocator::standard());
data.malloc(hex.length() / 2);
data.get().fromHex(hex.c_str());
acl->setIntegrity(data);
}
} else {
// Otherwise, put it in the promptDescription where it belongs
acl->promptDescription() = description ? cfString(description) : "";
}
acl->promptSelector() = promptSelector ? *promptSelector : ACL::defaultSelector;
if(acl->form() != ACL::integrityForm) {
if (applicationList) {
// application-list + prompt
acl->form(ACL::appListForm);
setApplications(acl, applicationList);
} else {
// allow-any
acl->form(ACL::allowAllForm);
}
}
acl->modify();
END_SECAPI
}示例8: SecKeychainItemCopyAccess
OSStatus
SecKeychainItemCopyAccess(SecKeychainItemRef itemRef, SecAccessRef* accessRef)
{
BEGIN_SECKCITEMAPI
Required(accessRef); // preflight
SecPointer<Access> access = new Access(*aclBearer(reinterpret_cast<CFTypeRef>(__itemImplRef)));
*accessRef = access->handle();
END_SECKCITEMAPI
}示例9: CODESIGN_ALLOCATE_VALIDATE
void MachOEditor::parentAction()
{
if (mHelperOverridden) {
CODESIGN_ALLOCATE_VALIDATE((char*)mHelperPath, this->pid());
// check code identity of an overridden allocation helper
SecPointer<SecStaticCode> code = new SecStaticCode(DiskRep::bestGuess(mHelperPath));
code->validateDirectory();
code->validateExecutable();
code->validateResources();
code->validateRequirement((const Requirement *)appleReq, errSecCSReqFailed);
}
}示例10: SecAccessCreateFromObject
static
OSStatus SecAccessCreateFromObject(CFTypeRef sourceRef,
SecAccessRef *accessRef)
{
BEGIN_SECAPI
Required(accessRef); // preflight
SecPointer<Access> access = new Access(*aclBearer(sourceRef));
*accessRef = access->handle();
END_SECAPI
}示例11: SecACLSetAuthorizations
OSStatus SecACLSetAuthorizations(SecACLRef aclRef,
CSSM_ACL_AUTHORIZATION_TAG *tags, uint32 tagCount)
{
BEGIN_SECAPI
SecPointer<ACL> acl = ACL::required(aclRef);
if (acl->isOwner()) // can't change rights of the owner ACL
MacOSError::throwMe(errSecInvalidOwnerEdit);
AclAuthorizationSet &auths = acl->authorizations();
auths.clear();
copy(tags, tags + tagCount, insert_iterator<AclAuthorizationSet>(auths, auths.begin()));
acl->modify();
END_SECAPI
}示例12: SecPolicyCreateWithSecAsn1Oid
SecPolicyRef
SecPolicyCreateWithSecAsn1Oid(SecAsn1Oid *oidPtr)
{
SecPolicyRef policy = NULL;
try {
SecPointer<Policy> policyObj;
PolicyCursor::policy(oidPtr, policyObj);
policy = policyObj->handle();
}
catch (...) {}
return policy;
}示例13: SecStaticCode
//
// Add a code object to the whitelist
//
void OpaqueWhitelist::add(SecStaticCodeRef codeRef)
{
// make our own copy of the code object
SecPointer<SecStaticCode> code = new SecStaticCode(SecStaticCode::requiredStatic(codeRef)->diskRep());
CFCopyRef<CFDataRef> current = code->cdHash();
attachOpaque(code->handle(false), NULL); // compute and attach an opaque signature
CFDataRef opaque = code->cdHash();
SQLite::Statement insert(*this, "INSERT OR REPLACE INTO whitelist (current,opaque) VALUES (:current, :opaque)");
insert.bind(":current") = current.get();
insert.bind(":opaque") = opaque;
insert.execute();
}示例14: CFArrayGetCount
/*
* Given an app-specified array of Policies, determine if at least one of them
* matches the given policy OID.
*/
bool Trust::policySpecified(CFArrayRef policies, const CSSM_OID &inOid)
{
if(policies == NULL) {
return false;
}
CFIndex numPolicies = CFArrayGetCount(policies);
for(CFIndex dex=0; dex<numPolicies; dex++) {
SecPolicyRef secPol = (SecPolicyRef)CFArrayGetValueAtIndex(policies, dex);
SecPointer<Policy> pol = Policy::required(SecPolicyRef(secPol));
const CssmOid &oid = pol->oid();
if(oid == CssmOid::overlay(inOid)) {
return true;
}
}
return false;
}示例15: SecIdentitySearchCopyNext
OSStatus
SecIdentitySearchCopyNext(
SecIdentitySearchRef searchRef,
SecIdentityRef *identityRef)
{
BEGIN_SECAPI
RequiredParam(identityRef);
SecPointer<Identity> identityPtr;
if (!IdentityCursor::required(searchRef)->next(identityPtr))
return errSecItemNotFound;
*identityRef = identityPtr->handle();
END_SECAPI
}