]> git.saurik.com Git - apple/security.git/blame_incremental - securityd/src/kckey.cpp
projects / apple / security.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
Security-59754.80.3.tar.gz
[apple/security.git] / securityd / src / kckey.cpp
... / ...
CommitLineData
1/*
2 * Copyright (c) 2000-2001,2004-2006,2008-2009 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25//
26// key - representation of securityd key objects
27//
28#include "kckey.h"
29#include "server.h"
30#include "database.h"
31#include <security_cdsa_utilities/acl_any.h>
32#include <security_cdsa_utilities/cssmendian.h>
33
34
35//
36// Create a Key object from a database-encoded blob.
37// Note that this doesn't decode the blob (yet).
38//
39KeychainKey::KeychainKey(Database &db, const KeyBlob *blob)
40 : LocalKey(db, n2h(blob->header.attributes()))
41{
42 // perform basic validation on the incoming blob
43 if (blob == NULL) {
44 CssmError::throwMe(CSSMERR_APPLEDL_INVALID_KEY_BLOB);
45 }
46 blob->validate(CSSMERR_APPLEDL_INVALID_KEY_BLOB);
47 if (blob->startCryptoBlob > blob->totalLength) {
48 CssmError::throwMe(CSSMERR_APPLEDL_INVALID_KEY_BLOB);
49 }
50 switch (blob->version()) {
51#if defined(COMPAT_OSX_10_0)
52 case KeyBlob::version_MacOS_10_0:
53 break;
54#endif
55 case KeyBlob::version_MacOS_10_1:
56 break;
57 case KeyBlob::version_partition:
58 break;
59 default:
60 CssmError::throwMe(CSSMERR_APPLEDL_INCOMPATIBLE_KEY_BLOB);
61 }
62
63 // set it up
64 mBlob = blob->copy(Allocator::standard());
65 mValidBlob = true;
66 db.addReference(*this);
67 secinfo("SSkey", "%p (handle %#x) created from blob version %x",
68 this, handle(), blob->version());
69}
70
71
72//
73// Create a Key from an explicit CssmKey.
74//
75KeychainKey::KeychainKey(Database &db, const CssmKey &newKey, uint32 moreAttributes,
76 const AclEntryPrototype *owner)
77 : LocalKey(db, newKey, moreAttributes)
78{
79 assert(moreAttributes & CSSM_KEYATTR_PERMANENT);
80 setOwner(owner);
81 mBlob = NULL;
82 mValidBlob = false;
83 db.addReference(*this);
84}
85
86
87KeychainKey::~KeychainKey()
88{
89 Allocator::standard().free(mBlob);
90 secinfo("SSkey", "%p destroyed", this);
91}
92
93
94KeychainDatabase &KeychainKey::database() const
95{
96 return referent<KeychainDatabase>();
97}
98
99
100//
101// Retrieve the actual CssmKey value for the key object.
102// This will decode its blob if needed (and appropriate).
103//
104void KeychainKey::getKey()
105{
106 decode();
107}
108
109void KeychainKey::getHeader(CssmKey::Header &hdr)
110{
111 assert(mValidBlob);
112 hdr = mBlob->header;
113 n2hi(hdr); // correct for endian-ness
114}
115
116
117//
118// Ensure that a key is fully decoded.
119// This makes the mKey key value available for use, as well as its ACL.
120// Caller must hold the key object lock.
121//
122void KeychainKey::decode()
123{
124 if (!mValidKey) {
125 assert(mValidBlob); // must have a blob to decode
126
127 // decode the key
128 void *publicAcl, *privateAcl;
129 CssmKey key;
130 database().decodeKey(mBlob, key, publicAcl, privateAcl);
131 mKey = CssmClient::Key(Server::csp(), key);
132 acl().importBlob(publicAcl, privateAcl);
133 // publicAcl points into the blob; privateAcl was allocated for us
134 Allocator::standard().free(privateAcl);
135
136 // extract managed attribute bits
137 mAttributes = mKey.header().attributes() & managedAttributes;
138 mKey.header().clearAttribute(managedAttributes);
139 mKey.header().setAttribute(forcedAttributes);
140
141 // key is valid now
142 mValidKey = true;
143 }
144}
145
146
147//
148// Encode a key into a blob.
149// We'll have to ask our Database to do this - we don't have its keys.
150// Note that this returns memory we own and keep.
151//
152KeyBlob *KeychainKey::blob()
153{
154 if (!mValidBlob) {
155 assert(mValidKey); // must have valid key to encode
156
157 // export Key ACL to blob form
158 CssmData pubAcl, privAcl;
159 acl().exportBlob(pubAcl, privAcl);
160
161 // assemble external key form
162 CssmKey externalKey = mKey;
163 externalKey.clearAttribute(forcedAttributes);
164 externalKey.setAttribute(mAttributes);
165
166 // encode the key and replace blob
167 KeyBlob *newBlob = database().encodeKey(externalKey, pubAcl, privAcl);
168 Allocator::standard().free(mBlob);
169 mBlob = newBlob;
170 mValidBlob = true;
171
172 // clean up and go
173 acl().allocator.free(pubAcl);
174 acl().allocator.free(privAcl);
175 }
176 return mBlob;
177}
178
179void KeychainKey::invalidateBlob()
180{
181 mValidBlob = false;
182}
183
184
185//
186// Override ACL-related methods and events.
187// Decode the key before ACL activity; invalidate the stored blob on ACL edits;
188// and return the key's database as "related".
189//
190void KeychainKey::instantiateAcl()
191{
192 StLock<Mutex> _(*this);
193 decode();
194}
195
196void KeychainKey::changedAcl()
197{
198 invalidateBlob();
199}
200
201
202//
203// Intercept Key validation and double-check that the keychain is (still) unlocked
204//
205void KeychainKey::validate(AclAuthorization auth, const AccessCredentials *cred,
206 Database *relatedDatabase)
207{
208 if(!mBlob->isClearText()) {
209 /* unlock not needed for cleartext keys */
210 if (KeychainDatabase *db = dynamic_cast<KeychainDatabase *>(relatedDatabase))
211 db->unlockDb(false);
212 }
213 SecurityServerAcl::validate(auth, cred, relatedDatabase);
214
215 // Need the common lock some more. unlockDb and validate (in validatePartition) also take it, so must be down here.
216 StMaybeLock<Mutex> lock(relatedDatabase && relatedDatabase->hasCommon() ? &(relatedDatabase->common()) : NULL);
217 database().activity(); // upon successful validation
218}
219
220
221//
222// We're a key (duh)
223//
224AclKind KeychainKey::aclKind() const
225{
226 return keyAcl;
227}
228
229
230Database *KeychainKey::relatedDatabase()
231{
232 return &database();
233}
234
235SecurityServerAcl &KeychainKey::acl()
236{
237 return *this;
238}
mirror of Security