File: AnyPolicy.swift

package info (click to toggle)
swiftlang 6.0.3-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 2,519,992 kB
  • sloc: cpp: 9,107,863; ansic: 2,040,022; asm: 1,135,751; python: 296,500; objc: 82,456; f90: 60,502; lisp: 34,951; pascal: 19,946; sh: 18,133; perl: 7,482; ml: 4,937; javascript: 4,117; makefile: 3,840; awk: 3,535; xml: 914; fortran: 619; cs: 573; ruby: 573
file content (92 lines) | stat: -rw-r--r-- 3,257 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
 
//===----------------------------------------------------------------------===//
//
// This source file is part of the SwiftCertificates open source project
//
// Copyright (c) 2022-2023 Apple Inc. and the SwiftCertificates project authors
// Licensed under Apache License v2.0
//
// See LICENSE.txt for license information
// See CONTRIBUTORS.txt for the list of SwiftCertificates project authors
//
// SPDX-License-Identifier: Apache-2.0
//
//===----------------------------------------------------------------------===//
import SwiftASN1

/// ``AnyPolicy`` can be used to erase the concrete type of some ``VerifierPolicy``.
///  Only use ``AnyPolicy`` if type erasure is necessary.
///  Instead try to use conditional inclusion of different policies using ``PolicyBuilder``.
///
/// Use ``AnyPolicy`` at the top level during construction of a ``Verifier`` to get a ``Verifier`` of type `Verifier<AnyPolicy>` e.g.:
/// ```swift
/// let verifier = Verifier(rootCertificates: CertificateStore()) {
///     AnyPolicy {
///         RFC5280Policy(validationTime: Date())
///     }
/// }
/// ```
public struct AnyPolicy: VerifierPolicy {
    @usableFromInline
    var policy: any VerifierPolicy

    @inlinable
    /// Erases the type of some ``VerifierPolicy`` to ``AnyPolicy``.
    /// - Parameter policy: the concrete ``VerifierPolicy``
    public init(_ policy: some VerifierPolicy) {
        self.policy = policy
    }

    /// Erases the type of some ``VerifierPolicy`` to ``AnyPolicy``.
    /// - Parameter policy: the ``VerifierPolicy`` constructed using the ``PolicyBuilder`` DSL.
    @inlinable
    public init(@PolicyBuilder makePolicy: () throws -> some VerifierPolicy) rethrows {
        self.init(try makePolicy())
    }

    @inlinable
    public var verifyingCriticalExtensions: [SwiftASN1.ASN1ObjectIdentifier] {
        policy.verifyingCriticalExtensions
    }

    @inlinable
    public mutating func chainMeetsPolicyRequirements(chain: UnverifiedCertificateChain) async -> PolicyEvaluationResult
    {
        await policy.chainMeetsPolicyRequirements(chain: chain)
    }
}

struct LegacyPolicySet: VerifierPolicy {
    let verifyingCriticalExtensions: [ASN1ObjectIdentifier]

    var policies: [any VerifierPolicy]

    init(policies: [any VerifierPolicy]) {
        self.policies = policies

        var extensions: [ASN1ObjectIdentifier] = []
        extensions.reserveCapacity(policies.reduce(into: 0, { $0 += $1.verifyingCriticalExtensions.count }))

        for policy in policies {
            extensions.append(contentsOf: policy.verifyingCriticalExtensions)
        }

        self.verifyingCriticalExtensions = extensions
    }

    mutating func chainMeetsPolicyRequirements(chain: UnverifiedCertificateChain) async -> PolicyEvaluationResult {
        var policyIndex = self.policies.startIndex

        while policyIndex < self.policies.endIndex {
            switch await self.policies[policyIndex].chainMeetsPolicyRequirements(chain: chain) {
            case .meetsPolicy:
                ()
            case .failsToMeetPolicy(reason: let reason):
                return .failsToMeetPolicy(reason: reason)
            }

            self.policies.formIndex(after: &policyIndex)
        }

        return .meetsPolicy
    }
}