static int attlist7(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { itkExpatUnused(ptr); itkExpatUnused(end); itkExpatUnused(enc); switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_NONE; case XML_TOK_CLOSE_PAREN: state->handler = attlist8; return XML_ROLE_NONE; case XML_TOK_OR: state->handler = attlist6; return XML_ROLE_NONE; } return common(state, tok); }
static int doctype4(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { itkExpatUnused(ptr); itkExpatUnused(end); itkExpatUnused(enc); switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_NONE; case XML_TOK_OPEN_BRACKET: state->handler = internalSubset; return XML_ROLE_DOCTYPE_INTERNAL_SUBSET; case XML_TOK_DECL_CLOSE: state->handler = prolog2; return XML_ROLE_DOCTYPE_CLOSE; } return common(state, tok); }
static int element3(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_NONE; case XML_TOK_CLOSE_PAREN: state->handler = declClose; return XML_ROLE_GROUP_CLOSE; case XML_TOK_CLOSE_PAREN_ASTERISK: state->handler = declClose; return XML_ROLE_GROUP_CLOSE_REP; case XML_TOK_OR: state->handler = element4; return XML_ROLE_NONE; } return common(state, tok); }
static int notation4(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { itkExpatUnused(ptr); itkExpatUnused(end); itkExpatUnused(enc); switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_NONE; case XML_TOK_LITERAL: state->handler = declClose; return XML_ROLE_NOTATION_SYSTEM_ID; case XML_TOK_DECL_CLOSE: setTopLevel(state); return XML_ROLE_NOTATION_NO_SYSTEM_ID; } return common(state, tok); }
static int entity5(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_NONE; case XML_TOK_DECL_CLOSE: setTopLevel(state); return XML_ROLE_ENTITY_COMPLETE; case XML_TOK_NAME: if (XmlNameMatchesAscii(enc, ptr, end, KW_NDATA)) { state->handler = entity6; return XML_ROLE_NONE; } break; } return common(state, tok); }
static int entity0(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { itkExpatUnused(ptr); itkExpatUnused(end); itkExpatUnused(enc); switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_NONE; case XML_TOK_PERCENT: state->handler = entity1; return XML_ROLE_NONE; case XML_TOK_NAME: state->handler = entity2; return XML_ROLE_GENERAL_ENTITY_NAME; } return common(state, tok); }
static int prolog2(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { itkExpatUnused(ptr); itkExpatUnused(end); itkExpatUnused(enc); switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_NONE; case XML_TOK_PI: case XML_TOK_COMMENT: return XML_ROLE_NONE; case XML_TOK_INSTANCE_START: state->handler = error; return XML_ROLE_INSTANCE_START; } return common(state, tok); }
// Common transition function. Given a predicate determines if a method should transition to another level. CompLevel SimpleThresholdPolicy::common(Predicate p, Method* method, CompLevel cur_level) { CompLevel next_level = cur_level; int i = method->invocation_count(); int b = method->backedge_count(); if (is_trivial(method)) { next_level = CompLevel_simple; } else { switch(cur_level) { case CompLevel_none: // If we were at full profile level, would we switch to full opt? if (common(p, method, CompLevel_full_profile) == CompLevel_full_optimization) { next_level = CompLevel_full_optimization; } else if ((this->*p)(i, b, cur_level)) { next_level = CompLevel_full_profile; } break; case CompLevel_limited_profile: case CompLevel_full_profile: { MethodData* mdo = method->method_data(); if (mdo != NULL) { if (mdo->would_profile()) { int mdo_i = mdo->invocation_count_delta(); int mdo_b = mdo->backedge_count_delta(); if ((this->*p)(mdo_i, mdo_b, cur_level)) { next_level = CompLevel_full_optimization; } } else { next_level = CompLevel_full_optimization; } } } break; } } return MIN2(next_level, (CompLevel)TieredStopAtLevel); }
static int PTRCALL condSect0(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_NONE; case XML_TOK_NAME: if (XmlNameMatchesAscii(enc, ptr, end, KW_INCLUDE)) { state->handler = condSect1; return XML_ROLE_NONE; } if (XmlNameMatchesAscii(enc, ptr, end, KW_IGNORE)) { state->handler = condSect2; return XML_ROLE_NONE; } break; } return common(state, tok); }
static int PTRCALL notation1(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_NOTATION_NONE; case XML_TOK_NAME: if (XmlNameMatchesAscii(enc, ptr, end, KW_SYSTEM)) { state->handler = notation3; return XML_ROLE_NOTATION_NONE; } if (XmlNameMatchesAscii(enc, ptr, end, KW_PUBLIC)) { state->handler = notation2; return XML_ROLE_NOTATION_NONE; } break; } return common(state, tok); }
static int attlist1(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { cmExpatUnused(ptr); cmExpatUnused(end); cmExpatUnused(enc); switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_NONE; case XML_TOK_DECL_CLOSE: setTopLevel(state); return XML_ROLE_NONE; case XML_TOK_NAME: case XML_TOK_PREFIXED_NAME: state->handler = attlist2; return XML_ROLE_ATTRIBUTE_NAME; } return common(state, tok); }
static int PTRCALL attlist7(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { UNUSED(ptr); UNUSED(end); UNUSED(enc); switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_ATTLIST_NONE; case XML_TOK_CLOSE_PAREN: state->handler = attlist8; return XML_ROLE_ATTLIST_NONE; case XML_TOK_OR: state->handler = attlist6; return XML_ROLE_ATTLIST_NONE; } return common(state, tok); }
static int PTRCALL prolog1(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_NONE; case XML_TOK_PI: return XML_ROLE_PI; case XML_TOK_COMMENT: return XML_ROLE_COMMENT; case XML_TOK_BOM: /* This case can never arise. To reach this role function, the * parse must have passed through prolog0 and therefore have had * some form of input, even if only a space. At that point, a * byte order mark is no longer a valid character (though * technically it should be interpreted as a non-breaking space), * so will be rejected by the tokenizing stages. */ return XML_ROLE_NONE; /* LCOV_EXCL_LINE */ case XML_TOK_DECL_OPEN: if (!XmlNameMatchesAscii(enc, ptr + 2 * MIN_BYTES_PER_CHAR(enc), end, KW_DOCTYPE)) break; state->handler = doctype0; return XML_ROLE_DOCTYPE_NONE; case XML_TOK_INSTANCE_START: state->handler = error; return XML_ROLE_INSTANCE_START; } return common(state, tok); }
static bool readjson_len(struct req *req, int len) { char buf[BUFSIZ]; xstr *xs = xstr_create("", req); json *js; if (len < 0) { while (fgets(buf, sizeof(buf), stdin)) { if (!buf[0] || buf[0] == '\n') break; xstr_append(xs, buf); } } else { int r; while ((r = fread(buf, 1, MIN(len, sizeof(buf)), stdin))) { if (r < 0) { dbg(5, "fread() returned %d, len=%d\n", r, len); break; } /* always appends \0 */ xstr_append_size(xs, buf, r); len -= r; if (len <= 0) break; } } /* eof? */ if (xstr_length(xs) == 0) exit(0); js = json_create(req); req->params = json_parse(js, xstr_string(xs)); return common(req, false); }
// // Given a KeychainKey (that implicitly belongs to another keychain), // return it encoded using this keychain's operational secrets. // KeyBlob *KeychainDatabase::recodeKey(KeychainKey &oldKey) { if (mRecodingSource != &oldKey.referent<KeychainDatabase>()) { CssmError::throwMe(CSSMERR_CSP_INVALID_KEY); } oldKey.instantiateAcl(); // make sure key is decoded CssmData publicAcl, privateAcl; oldKey.exportBlob(publicAcl, privateAcl); // NB: blob's memory belongs to caller, not the common /* * Make sure the new key is in the same cleartext/encrypted state. */ bool inTheClear = false; assert(oldKey.blob()); if(oldKey.blob() && oldKey.blob()->isClearText()) { /* careful....*/ inTheClear = true; } KeyBlob *blob = common().encodeKeyCore(oldKey.cssmKey(), publicAcl, privateAcl, inTheClear); oldKey.acl().allocator.free(publicAcl); oldKey.acl().allocator.free(privateAcl); return blob; }
static int PTRCALL element5(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { UNUSED(ptr); UNUSED(end); UNUSED(enc); switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_ELEMENT_NONE; case XML_TOK_CLOSE_PAREN_ASTERISK: state->handler = declClose; state->role_none = XML_ROLE_ELEMENT_NONE; return XML_ROLE_GROUP_CLOSE_REP; case XML_TOK_OR: state->handler = element4; return XML_ROLE_ELEMENT_NONE; } return common(state, tok); }
static int PTRCALL prolog0(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { switch (tok) { case XML_TOK_PROLOG_S: state->handler = prolog1; return XML_ROLE_NONE; case XML_TOK_XML_DECL: state->handler = prolog1; return XML_ROLE_XML_DECL; case XML_TOK_PI: state->handler = prolog1; return XML_ROLE_PI; case XML_TOK_COMMENT: state->handler = prolog1; return XML_ROLE_COMMENT; case XML_TOK_BOM: return XML_ROLE_NONE; case XML_TOK_DECL_OPEN: if (!XmlNameMatchesAscii(enc, ptr + 2 * MIN_BYTES_PER_CHAR(enc), end, KW_DOCTYPE)) break; state->handler = doctype0; return XML_ROLE_DOCTYPE_NONE; case XML_TOK_INSTANCE_START: state->handler = error; return XML_ROLE_INSTANCE_START; } return common(state, tok); }
static int PTRCALL prolog2(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { UNUSED(ptr); UNUSED(end); UNUSED(enc); switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_NONE; case XML_TOK_PI: return XML_ROLE_PI; case XML_TOK_COMMENT: return XML_ROLE_COMMENT; case XML_TOK_INSTANCE_START: state->handler = error; return XML_ROLE_INSTANCE_START; } return common(state, tok); }
static int PTRCALL notation4(PROLOG_STATE *state, int tok, const char *ptr, const char *end, const ENCODING *enc) { UNUSED(ptr); UNUSED(end); UNUSED(enc); switch (tok) { case XML_TOK_PROLOG_S: return XML_ROLE_NOTATION_NONE; case XML_TOK_LITERAL: state->handler = declClose; state->role_none = XML_ROLE_NOTATION_NONE; return XML_ROLE_NOTATION_SYSTEM_ID; case XML_TOK_DECL_CLOSE: setTopLevel(state); return XML_ROLE_NOTATION_NO_SYSTEM_ID; } return common(state, tok); }
// // Given an AccessCredentials for this database, wring out the existing primary // database secret by whatever means necessary. // On entry, caller must hold the database common lock. It will be held // throughout except when user interaction is required. User interaction // requires relinquishing the database common lock and taking the UI lock. On // return from user interaction, the UI lock is relinquished and the database // common lock must be reacquired. At no time may the caller hold both locks. // On exit, the crypto core has its master secret. If things go wrong, // we will throw a suitable exception. Note that encountering any malformed // credential sample will throw, but this is not guaranteed -- don't assume // that NOT throwing means creds is entirely well-formed (it may just be good // enough to work THIS time). // // How this works: // Walk through the creds. Fish out those credentials (in order) that // are for unlock processing (they have no ACL subject correspondents), // and (try to) obey each in turn, until one produces a valid secret // or you run out. If no special samples are found at all, interpret that as // "use the system global default," which happens to be hard-coded right here. // void KeychainDatabase::establishOldSecrets(const AccessCredentials *creds) { bool forSystem = this->belongsToSystem(); // this keychain belongs to the system security domain // attempt system-keychain unlock if (forSystem) { SystemKeychainKey systemKeychain(kSystemUnlockFile); if (systemKeychain.matches(mBlob->randomSignature)) { secdebug("KCdb", "%p attempting system unlock", this); common().setup(mBlob, CssmClient::Key(Server::csp(), systemKeychain.key(), true)); if (decode()) return; } } list<CssmSample> samples; if (creds && creds->samples().collect(CSSM_SAMPLE_TYPE_KEYCHAIN_LOCK, samples)) { for (list<CssmSample>::iterator it = samples.begin(); it != samples.end(); it++) { TypedList &sample = *it; sample.checkProper(); switch (sample.type()) { // interactively prompt the user - no additional data case CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT: if (!forSystem) { if (interactiveUnlock()) return; } break; // try to use an explicitly given passphrase - Data:passphrase case CSSM_SAMPLE_TYPE_PASSWORD: if (sample.length() != 2) CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE); secdebug("KCdb", "%p attempting passphrase unlock", this); if (decode(sample[1])) return; break; // try to open with a given master key - Data:CSP or KeyHandle, Data:CssmKey case CSSM_SAMPLE_TYPE_SYMMETRIC_KEY: case CSSM_SAMPLE_TYPE_ASYMMETRIC_KEY: assert(mBlob); secdebug("KCdb", "%p attempting explicit key unlock", this); common().setup(mBlob, keyFromCreds(sample, 4)); if (decode()) return; break; // explicitly defeat the default action but don't try anything in particular case CSSM_WORDID_CANCELED: secdebug("KCdb", "%p defeat default action", this); break; default: // Unknown sub-sample for unlocking. // If we wanted to be fascist, we could now do // CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED); // But instead we try to be tolerant and continue on. // This DOES however count as an explicit attempt at specifying unlock, // so we will no longer try the default case below... secdebug("KCdb", "%p unknown sub-sample unlock (%d) ignored", this, sample.type()); break; } } } else { // default action assert(mBlob); if (!forSystem) { if (interactiveUnlock()) return; } } // out of options - no secret obtained CssmError::throwMe(CSSM_ERRCODE_OPERATION_AUTH_DENIED); }
// // The following unlock given an explicit passphrase, rather than using // (special cred sample based) default procedures. // void KeychainDatabase::unlockDb(const CssmData &passphrase) { StLock<Mutex> _(common()); makeUnlocked(passphrase); }
// // Unlock this database (if needed) by obtaining the master secret in some // suitable way and then proceeding to unlock with it. // Does absolutely nothing if the database is already unlocked. // The makeUnlocked forms are identical except the assume the caller already // holds the common lock. // void KeychainDatabase::unlockDb() { StLock<Mutex> _(common()); makeUnlocked(); }
const char *KeychainDatabase::dbName() const { return common().dbName(); }
void KeychainDatabase::changedAcl() { StLock<Mutex> _(common()); version = 0; }
// // Intercept ACL change requests and reset blob validity // void KeychainDatabase::instantiateAcl() { StLock<Mutex> _(common()); makeUnlocked(); }
// // Lock this database // void KeychainDatabase::lockDb() { common().lockDb(); }
int main() { common(); return 0;}
// // Same thing, but obtain a new secret somehow and set it into the common. // void KeychainDatabase::establishNewSecrets(const AccessCredentials *creds, SecurityAgent::Reason reason) { list<CssmSample> samples; if (creds && creds->samples().collect(CSSM_SAMPLE_TYPE_KEYCHAIN_CHANGE_LOCK, samples)) { for (list<CssmSample>::iterator it = samples.begin(); it != samples.end(); it++) { TypedList &sample = *it; sample.checkProper(); switch (sample.type()) { // interactively prompt the user case CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT: { secdebug("KCdb", "%p specified interactive passphrase", this); QueryNewPassphrase query(*this, reason); StSyncLock<Mutex, Mutex> uisync(common().uiLock(), common()); query.inferHints(Server::process()); CssmAutoData passphrase(Allocator::standard(Allocator::sensitive)); CssmAutoData oldPassphrase(Allocator::standard(Allocator::sensitive)); if (query(oldPassphrase, passphrase) == SecurityAgent::noReason) { common().setup(NULL, passphrase); change_secret_on_keybag(common(), oldPassphrase.data(), (int)oldPassphrase.length(), passphrase.data(), (int)passphrase.length()); return; } } break; // try to use an explicitly given passphrase case CSSM_SAMPLE_TYPE_PASSWORD: { secdebug("KCdb", "%p specified explicit passphrase", this); if (sample.length() != 2) CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE); common().setup(NULL, sample[1]); if (common().isLoginKeychain()) { CssmAutoData oldPassphrase(Allocator::standard(Allocator::sensitive)); list<CssmSample> oldSamples; creds->samples().collect(CSSM_SAMPLE_TYPE_KEYCHAIN_LOCK, oldSamples); for (list<CssmSample>::iterator oit = oldSamples.begin(); oit != oldSamples.end(); oit++) { TypedList &tmpList = *oit; tmpList.checkProper(); if (tmpList.type() == CSSM_SAMPLE_TYPE_PASSWORD) { if (tmpList.length() == 2) { oldPassphrase = tmpList[1].data(); } } } if (!oldPassphrase.length() && mSecret && mSecret.length()) { oldPassphrase = mSecret; } change_secret_on_keybag(common(), oldPassphrase.data(), (int)oldPassphrase.length(), sample[1].data().data(), (int)sample[1].data().length()); } return; } // try to open with a given master key case CSSM_WORDID_SYMMETRIC_KEY: case CSSM_SAMPLE_TYPE_ASYMMETRIC_KEY: secdebug("KCdb", "%p specified explicit master key", this); common().setup(NULL, keyFromCreds(sample, 3)); return; // explicitly defeat the default action but don't try anything in particular case CSSM_WORDID_CANCELED: secdebug("KCdb", "%p defeat default action", this); break; default: // Unknown sub-sample for acquiring new secret. // If we wanted to be fascist, we could now do // CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED); // But instead we try to be tolerant and continue on. // This DOES however count as an explicit attempt at specifying unlock, // so we will no longer try the default case below... secdebug("KCdb", "%p unknown sub-sample acquisition (%d) ignored", this, sample.type()); break; } } } else { // default action -- interactive (only) QueryNewPassphrase query(*this, reason); StSyncLock<Mutex, Mutex> uisync(common().uiLock(), common()); query.inferHints(Server::process()); CssmAutoData passphrase(Allocator::standard(Allocator::sensitive)); CssmAutoData oldPassphrase(Allocator::standard(Allocator::sensitive)); if (query(oldPassphrase, passphrase) == SecurityAgent::noReason) { common().setup(NULL, passphrase); change_secret_on_keybag(common(), oldPassphrase.data(), (int)oldPassphrase.length(), passphrase.data(), (int)passphrase.length()); return; } } // out of options - no secret obtained CssmError::throwMe(CSSM_ERRCODE_OPERATION_AUTH_DENIED); }
// Common transition function. Given a predicate determines if a method should transition to another level. CompLevel AdvancedThresholdPolicy::common(Predicate p, methodOop method, CompLevel cur_level) { if (is_trivial(method)) return CompLevel_simple; CompLevel next_level = cur_level; int i = method->invocation_count(); int b = method->backedge_count(); switch(cur_level) { case CompLevel_none: // If we were at full profile level, would we switch to full opt? if (common(p, method, CompLevel_full_profile) == CompLevel_full_optimization) { next_level = CompLevel_full_optimization; } else if ((this->*p)(i, b, cur_level)) { // C1-generated fully profiled code is about 30% slower than the limited profile // code that has only invocation and backedge counters. The observation is that // if C2 queue is large enough we can spend too much time in the fully profiled code // while waiting for C2 to pick the method from the queue. To alleviate this problem // we introduce a feedback on the C2 queue size. If the C2 queue is sufficiently long // we choose to compile a limited profiled version and then recompile with full profiling // when the load on C2 goes down. if (CompileBroker::queue_size(CompLevel_full_optimization) > Tier3DelayOn * compiler_count(CompLevel_full_optimization)) { next_level = CompLevel_limited_profile; } else { next_level = CompLevel_full_profile; } } break; case CompLevel_limited_profile: if (is_method_profiled(method)) { // Special case: we got here because this method was fully profiled in the interpreter. next_level = CompLevel_full_optimization; } else { methodDataOop mdo = method->method_data(); if (mdo != NULL) { if (mdo->would_profile()) { if (CompileBroker::queue_size(CompLevel_full_optimization) <= Tier3DelayOff * compiler_count(CompLevel_full_optimization) && (this->*p)(i, b, cur_level)) { next_level = CompLevel_full_profile; } } else { next_level = CompLevel_full_optimization; } } } break; case CompLevel_full_profile: { methodDataOop mdo = method->method_data(); if (mdo != NULL) { if (mdo->would_profile()) { int mdo_i = mdo->invocation_count_delta(); int mdo_b = mdo->backedge_count_delta(); if ((this->*p)(mdo_i, mdo_b, cur_level)) { next_level = CompLevel_full_optimization; } } else { next_level = CompLevel_full_optimization; } } } break; } return next_level; }
const bool matchParenthesis(const std::string & sentence) { std::stack<char> parenthesisStack; //std::vector <std::pair<char, char> > parenthesisPair; std::pair<char, char> common('(', ')'); std::pair<char, char> curly('{', '}'); std::pair<char, char> square('[', ']'); std::vector <std::pair<char, char>> parenthesisPairList{ common, curly, square }; std::vector <int> intVector { 23, 43, 12 }; std::vector <std::string> strVector{ "First", "Second", "Third" }; //parenthesisPair.push_back(common); //parenthesisPair.push_back(curly); //parenthesisPair.push_back(square); for (char i : sentence) { std::cout << i; switch (i) { case '{': case '(': case '[': parenthesisStack.push(i); break; case '}': char top; top = parenthesisStack.top(); if (top == '{') { parenthesisStack.pop(); } else { return false; } break; case ']': top = parenthesisStack.top(); if (top == '[' ) { parenthesisStack.pop(); } else { return false; } break; case ')': top = parenthesisStack.top(); if (top == '(') { parenthesisStack.pop(); } else { return false; } break; default: break; //std::cout << "No parenthesis " << std::endl; } } return (parenthesisStack.empty()); }