[apple/security.git] / Keychain / IdentityCursor.cpp

/*
 * Copyright (c) 2002 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


/*
	File:		IdentityCursor.cpp

	Contains:	Working with IdentityCursor

	Copyright:	2002 by Apple Computer, Inc., all rights reserved.

	To Do:
*/

#include <Security/IdentityCursor.h>
#include <Security/Identity.h>
#include <Security/Item.h>
#include <Security/Certificate.h>
#include <Security/KeyItem.h>
#include <Security/Schema.h>

// From AppleCSPDL
#include <Security/KeySchema.h>

using namespace KeychainCore;

IdentityCursor::IdentityCursor(const StorageManager::KeychainList &searchList, CSSM_KEYUSE keyUsage) :
	mSearchList(searchList),
	mKeyCursor(mSearchList, CSSM_DL_DB_RECORD_PRIVATE_KEY, NULL)
{
	// If keyUsage is CSSM_KEYUSE_ANY then we need a key that can do everything
	if (keyUsage & CSSM_KEYUSE_ANY)
		keyUsage = CSSM_KEYUSE_ENCRYPT | CSSM_KEYUSE_DECRYPT
						   | CSSM_KEYUSE_DERIVE | CSSM_KEYUSE_SIGN
						   | CSSM_KEYUSE_VERIFY | CSSM_KEYUSE_SIGN_RECOVER
						   | CSSM_KEYUSE_VERIFY_RECOVER | CSSM_KEYUSE_WRAP
						   | CSSM_KEYUSE_UNWRAP;

	if (keyUsage & CSSM_KEYUSE_ENCRYPT)
		mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::Encrypt, true);
	if (keyUsage & CSSM_KEYUSE_DECRYPT)
		mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::Decrypt, true);
	if (keyUsage & CSSM_KEYUSE_DERIVE)
		mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::Derive, true);
	if (keyUsage & CSSM_KEYUSE_SIGN)
		mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::Sign, true);
	if (keyUsage & CSSM_KEYUSE_VERIFY)
		mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::Verify, true);
	if (keyUsage & CSSM_KEYUSE_SIGN_RECOVER)
		mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::SignRecover, true);
	if (keyUsage & CSSM_KEYUSE_VERIFY_RECOVER)
		mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::VerifyRecover, true);
	if (keyUsage & CSSM_KEYUSE_WRAP)
		mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::Wrap, true);
	if (keyUsage & CSSM_KEYUSE_UNWRAP)
		mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::Unwrap, true);
}

IdentityCursor::~IdentityCursor() throw()
{
}

bool
IdentityCursor::next(SecPointer<Identity> &identity)
{
	for (;;)
	{
		if (!mCertificateCursor)
		{
			Item key;
			if (!mKeyCursor->next(key))
				return false;
	
			mCurrentKey = static_cast<KeyItem *>(key.get());

			CssmClient::DbUniqueRecord uniqueId = mCurrentKey->dbUniqueRecord();
			CssmClient::DbAttributes dbAttributes(uniqueId->database(), 1);
			dbAttributes.add(KeySchema::Label);
			uniqueId->get(&dbAttributes, NULL);
			const CssmData &keyHash = dbAttributes[0];

			mCertificateCursor = KCCursor(mSearchList, CSSM_DL_DB_RECORD_X509_CERTIFICATE, NULL);
			mCertificateCursor->add(CSSM_DB_EQUAL, Schema::kX509CertificatePublicKeyHash, keyHash);
		}
	
		Item cert;
		if (mCertificateCursor->next(cert))
		{
			SecPointer<Certificate> certificate(static_cast<Certificate *>(cert.get()));
			identity = new Identity(mCurrentKey, certificate);
			return true;
		}
		else
			mCertificateCursor = KCCursor();
	}
}
Commit	Line	Data
29654253 A	1	/*
	2	* Copyright (c) 2002 Apple Computer, Inc. All Rights Reserved.
	3	*
	4	* The contents of this file constitute Original Code as defined in and are
	5	* subject to the Apple Public Source License Version 1.2 (the 'License').
	6	* You may not use this file except in compliance with the License. Please obtain
	7	* a copy of the License at http://www.apple.com/publicsource and read it before
	8	* using this file.
	9	*
	10	* This Original Code and all software distributed under the License are
	11	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
	12	* OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
	13	* LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
	14	* PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
	15	* specific language governing rights and limitations under the License.
	16	*/
	17
	18
	19	/*
	20	File: IdentityCursor.cpp
	21
	22	Contains: Working with IdentityCursor
	23
	24	Copyright: 2002 by Apple Computer, Inc., all rights reserved.
	25
	26	To Do:
	27	*/
	28
	29	#include <Security/IdentityCursor.h>
	30	#include <Security/Identity.h>
	31	#include <Security/Item.h>
	32	#include <Security/Certificate.h>
	33	#include <Security/KeyItem.h>
	34	#include <Security/Schema.h>
	35
	36	// From AppleCSPDL
	37	#include <Security/KeySchema.h>
	38
	39	using namespace KeychainCore;
	40
	41	IdentityCursor::IdentityCursor(const StorageManager::KeychainList &searchList, CSSM_KEYUSE keyUsage) :
	42	mSearchList(searchList),
	43	mKeyCursor(mSearchList, CSSM_DL_DB_RECORD_PRIVATE_KEY, NULL)
	44	{
	45	// If keyUsage is CSSM_KEYUSE_ANY then we need a key that can do everything
	46	if (keyUsage & CSSM_KEYUSE_ANY)
	47	keyUsage = CSSM_KEYUSE_ENCRYPT \| CSSM_KEYUSE_DECRYPT
	48	\| CSSM_KEYUSE_DERIVE \| CSSM_KEYUSE_SIGN
	49	\| CSSM_KEYUSE_VERIFY \| CSSM_KEYUSE_SIGN_RECOVER
	50	\| CSSM_KEYUSE_VERIFY_RECOVER \| CSSM_KEYUSE_WRAP
	51	\| CSSM_KEYUSE_UNWRAP;
	52
	53	if (keyUsage & CSSM_KEYUSE_ENCRYPT)
	54	mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::Encrypt, true);
	55	if (keyUsage & CSSM_KEYUSE_DECRYPT)
	56	mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::Decrypt, true);
	57	if (keyUsage & CSSM_KEYUSE_DERIVE)
	58	mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::Derive, true);
	59	if (keyUsage & CSSM_KEYUSE_SIGN)
	60	mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::Sign, true);
	61	if (keyUsage & CSSM_KEYUSE_VERIFY)
	62	mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::Verify, true);
	63	if (keyUsage & CSSM_KEYUSE_SIGN_RECOVER)
	64	mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::SignRecover, true);
65	if (keyUsage & CSSM_KEYUSE_VERIFY_RECOVER)
66	mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::VerifyRecover, true);
67	if (keyUsage & CSSM_KEYUSE_WRAP)
68	mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::Wrap, true);
69	if (keyUsage & CSSM_KEYUSE_UNWRAP)
70	mKeyCursor->add(CSSM_DB_EQUAL, KeySchema::Unwrap, true);
71	}
72
df0e469f	73	IdentityCursor::~IdentityCursor() throw()
29654253 A	74	{
	75	}
	76
	77	bool
df0e469f	78	IdentityCursor::next(SecPointer<Identity> &identity)
29654253 A	79	{
	80	for (;;)
	81	{
	82	if (!mCertificateCursor)
	83	{
	84	Item key;
	85	if (!mKeyCursor->next(key))
	86	return false;
	87
	88	mCurrentKey = static_cast<KeyItem *>(key.get());
	89
	90	CssmClient::DbUniqueRecord uniqueId = mCurrentKey->dbUniqueRecord();
	91	CssmClient::DbAttributes dbAttributes(uniqueId->database(), 1);
	92	dbAttributes.add(KeySchema::Label);
	93	uniqueId->get(&dbAttributes, NULL);
	94	const CssmData &keyHash = dbAttributes[0];
	95
	96	mCertificateCursor = KCCursor(mSearchList, CSSM_DL_DB_RECORD_X509_CERTIFICATE, NULL);
	97	mCertificateCursor->add(CSSM_DB_EQUAL, Schema::kX509CertificatePublicKeyHash, keyHash);
	98	}
	99
	100	Item cert;
	101	if (mCertificateCursor->next(cert))
	102	{
df0e469f	103	SecPointer<Certificate> certificate(static_cast<Certificate *>(cert.get()));
29654253 A	104	identity = new Identity(mCurrentKey, certificate);
	105	return true;
	106	}
	107	else
	108	mCertificateCursor = KCCursor();
	109	}
	110	}