projects / apple / security.git / blame
| Commit | Line | Data |
|---|---|---|
| d8f41ccd A |
1 | /* |
| 2 | * Copyright (c) 2000-2001,2004-2006,2008-2009 Apple Inc. All Rights Reserved. | |
| 3 | * | |
| 4 | * @APPLE_LICENSE_HEADER_START@ | |
| 5 | * | |
| 6 | * This file contains Original Code and/or Modifications of Original Code | |
| 7 | * as defined in and that are subject to the Apple Public Source License | |
| 8 | * Version 2.0 (the 'License'). You may not use this file except in | |
| 9 | * compliance with the License. Please obtain a copy of the License at | |
| 10 | * http://www.opensource.apple.com/apsl/ and read it before using this | |
| 11 | * file. | |
| 12 | * | |
| 13 | * The Original Code and all software distributed under the License are | |
| 14 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER | |
| 15 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, | |
| 16 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, | |
| 17 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. | |
| 18 | * Please see the License for the specific language governing rights and | |
| 19 | * limitations under the License. | |
| 20 | * | |
| 21 | * @APPLE_LICENSE_HEADER_END@ | |
| 22 | */ | |
| 23 | ||
| 24 | ||
| 25 | // | |
| 26 | // key - representation of securityd key objects | |
| 27 | // | |
| 28 | #include "kckey.h" | |
| 29 | #include "server.h" | |
| 30 | #include "database.h" | |
| 31 | #include <security_cdsa_utilities/acl_any.h> | |
| 32 | #include <security_cdsa_utilities/cssmendian.h> | |
| 33 | ||
| 34 | ||
| 35 | // | |
| 36 | // Create a Key object from a database-encoded blob. | |
| 37 | // Note that this doesn't decode the blob (yet). | |
| 38 | // | |
| 39 | KeychainKey::KeychainKey(Database &db, const KeyBlob *blob) | |
| 40 | : LocalKey(db, n2h(blob->header.attributes())) | |
| 41 | { | |
| 42 | // perform basic validation on the incoming blob | |
| 43 | assert(blob); | |
| 44 | blob->validate(CSSMERR_APPLEDL_INVALID_KEY_BLOB); | |
| 45 | switch (blob->version()) { | |
| 46 | #if defined(COMPAT_OSX_10_0) | |
| 47 | case KeyBlob::version_MacOS_10_0: | |
| 48 | break; | |
| 49 | #endif | |
| 50 | case KeyBlob::version_MacOS_10_1: | |
| 51 | break; | |
| e3d460c9 A |
52 | case KeyBlob::version_partition: |
| 53 | break; | |
| d8f41ccd A |
54 | default: |
| 55 | CssmError::throwMe(CSSMERR_APPLEDL_INCOMPATIBLE_KEY_BLOB); | |
| 56 | } | |
| 57 | ||
| 58 | // set it up | |
| 59 | mBlob = blob->copy(Allocator::standard()); | |
| 60 | mValidBlob = true; | |
| 61 | db.addReference(*this); | |
| fa7225c8 | 62 | secinfo("SSkey", "%p (handle %#x) created from blob version %x", |
| d8f41ccd A |
63 | this, handle(), blob->version()); |
| 64 | } | |
| 65 | ||
| 66 | ||
| 67 | // | |
| 68 | // Create a Key from an explicit CssmKey. | |
| 69 | // | |
| 70 | KeychainKey::KeychainKey(Database &db, const CssmKey &newKey, uint32 moreAttributes, | |
| 71 | const AclEntryPrototype *owner) | |
| 72 | : LocalKey(db, newKey, moreAttributes) | |
| 73 | { | |
| 74 | assert(moreAttributes & CSSM_KEYATTR_PERMANENT); | |
| 75 | setOwner(owner); | |
| 76 | mBlob = NULL; | |
| 77 | mValidBlob = false; | |
| 78 | db.addReference(*this); | |
| 79 | } | |
| 80 | ||
| 81 | ||
| 82 | KeychainKey::~KeychainKey() | |
| 83 | { | |
| 84 | Allocator::standard().free(mBlob); | |
| fa7225c8 | 85 | secinfo("SSkey", "%p destroyed", this); |
| d8f41ccd A |
86 | } |
| 87 | ||
| 88 | ||
| 89 | KeychainDatabase &KeychainKey::database() const | |
| 90 | { | |
| 91 | return referent<KeychainDatabase>(); | |
| 92 | } | |
| 93 | ||
| 94 | ||
| 95 | // | |
| 96 | // Retrieve the actual CssmKey value for the key object. | |
| 97 | // This will decode its blob if needed (and appropriate). | |
| 98 | // | |
| 99 | void KeychainKey::getKey() | |
| 100 | { | |
| 101 | decode(); | |
| 102 | } | |
| 103 | ||
| 104 | void KeychainKey::getHeader(CssmKey::Header &hdr) | |
| 105 | { | |
| 106 | assert(mValidBlob); | |
| 107 | hdr = mBlob->header; | |
| 108 | n2hi(hdr); // correct for endian-ness | |
| 109 | } | |
| 110 | ||
| 111 | ||
| 112 | // | |
| 113 | // Ensure that a key is fully decoded. | |
| 114 | // This makes the mKey key value available for use, as well as its ACL. | |
| 115 | // Caller must hold the key object lock. | |
| 116 | // | |
| 117 | void KeychainKey::decode() | |
| 118 | { | |
| 119 | if (!mValidKey) { | |
| 120 | assert(mValidBlob); // must have a blob to decode | |
| 121 | ||
| 122 | // decode the key | |
| 123 | void *publicAcl, *privateAcl; | |
| 124 | CssmKey key; | |
| 125 | database().decodeKey(mBlob, key, publicAcl, privateAcl); | |
| 126 | mKey = CssmClient::Key(Server::csp(), key); | |
| 127 | acl().importBlob(publicAcl, privateAcl); | |
| 128 | // publicAcl points into the blob; privateAcl was allocated for us | |
| 129 | Allocator::standard().free(privateAcl); | |
| 130 | ||
| 131 | // extract managed attribute bits | |
| 132 | mAttributes = mKey.header().attributes() & managedAttributes; | |
| 133 | mKey.header().clearAttribute(managedAttributes); | |
| 134 | mKey.header().setAttribute(forcedAttributes); | |
| 135 | ||
| 136 | // key is valid now | |
| 137 | mValidKey = true; | |
| 138 | } | |
| 139 | } | |
| 140 | ||
| 141 | ||
| 142 | // | |
| 143 | // Encode a key into a blob. | |
| 144 | // We'll have to ask our Database to do this - we don't have its keys. | |
| 145 | // Note that this returns memory we own and keep. | |
| 146 | // | |
| 147 | KeyBlob *KeychainKey::blob() | |
| 148 | { | |
| 149 | if (!mValidBlob) { | |
| 150 | assert(mValidKey); // must have valid key to encode | |
| 151 | ||
| 152 | // export Key ACL to blob form | |
| 153 | CssmData pubAcl, privAcl; | |
| 154 | acl().exportBlob(pubAcl, privAcl); | |
| 155 | ||
| 156 | // assemble external key form | |
| 157 | CssmKey externalKey = mKey; | |
| 158 | externalKey.clearAttribute(forcedAttributes); | |
| 159 | externalKey.setAttribute(mAttributes); | |
| 160 | ||
| 161 | // encode the key and replace blob | |
| 162 | KeyBlob *newBlob = database().encodeKey(externalKey, pubAcl, privAcl); | |
| 163 | Allocator::standard().free(mBlob); | |
| 164 | mBlob = newBlob; | |
| 165 | mValidBlob = true; | |
| 166 | ||
| 167 | // clean up and go | |
| 168 | acl().allocator.free(pubAcl); | |
| 169 | acl().allocator.free(privAcl); | |
| 170 | } | |
| 171 | return mBlob; | |
| 172 | } | |
| 173 | ||
| 174 | void KeychainKey::invalidateBlob() | |
| 175 | { | |
| 176 | mValidBlob = false; | |
| 177 | } | |
| 178 | ||
| 179 | ||
| 180 | // | |
| 181 | // Override ACL-related methods and events. | |
| 182 | // Decode the key before ACL activity; invalidate the stored blob on ACL edits; | |
| 183 | // and return the key's database as "related". | |
| 184 | // | |
| 185 | void KeychainKey::instantiateAcl() | |
| 186 | { | |
| 187 | StLock<Mutex> _(*this); | |
| 188 | decode(); | |
| 189 | } | |
| 190 | ||
| 191 | void KeychainKey::changedAcl() | |
| 192 | { | |
| 193 | invalidateBlob(); | |
| 194 | } | |
| 195 | ||
| 196 | ||
| 197 | // | |
| 198 | // Intercept Key validation and double-check that the keychain is (still) unlocked | |
| 199 | // | |
| 200 | void KeychainKey::validate(AclAuthorization auth, const AccessCredentials *cred, | |
| 201 | Database *relatedDatabase) | |
| 202 | { | |
| 203 | if(!mBlob->isClearText()) { | |
| 204 | /* unlock not needed for cleartext keys */ | |
| 205 | if (KeychainDatabase *db = dynamic_cast<KeychainDatabase *>(relatedDatabase)) | |
| fa7225c8 | 206 | db->unlockDb(false); |
| d8f41ccd A |
207 | } |
| 208 | SecurityServerAcl::validate(auth, cred, relatedDatabase); | |
| 209 | database().activity(); // upon successful validation | |
| 210 | } | |
| 211 | ||
| 212 | ||
| 213 | // | |
| 214 | // We're a key (duh) | |
| 215 | // | |
| 216 | AclKind KeychainKey::aclKind() const | |
| 217 | { | |
| 218 | return keyAcl; | |
| 219 | } | |
| 220 | ||
| 221 | ||
| 222 | Database *KeychainKey::relatedDatabase() | |
| 223 | { | |
| 224 | return &database(); | |
| 225 | } | |
| 226 | ||
| 227 | SecurityServerAcl &KeychainKey::acl() | |
| 228 | { | |
| 229 | return *this; | |
| 230 | } |