2 * Copyright (c) 2002 Apple Computer, Inc. All Rights Reserved.
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
20 File: IdentityCursor.cpp
22 Contains: Working with IdentityCursor
24 Copyright: 2002 by Apple Computer, Inc., all rights reserved.
29 #include <Security/IdentityCursor.h>
30 #include <Security/Identity.h>
31 #include <Security/Item.h>
32 #include <Security/Certificate.h>
33 #include <Security/KeyItem.h>
34 #include <Security/Schema.h>
37 #include <Security/KeySchema.h>
39 using namespace KeychainCore
;
41 IdentityCursor::IdentityCursor(const StorageManager::KeychainList
&searchList
, CSSM_KEYUSE keyUsage
) :
42 mSearchList(searchList
),
43 mKeyCursor(mSearchList
, CSSM_DL_DB_RECORD_PRIVATE_KEY
, NULL
)
45 // If keyUsage is CSSM_KEYUSE_ANY then we need a key that can do everything
46 if (keyUsage
& CSSM_KEYUSE_ANY
)
47 keyUsage
= CSSM_KEYUSE_ENCRYPT
| CSSM_KEYUSE_DECRYPT
48 | CSSM_KEYUSE_DERIVE
| CSSM_KEYUSE_SIGN
49 | CSSM_KEYUSE_VERIFY
| CSSM_KEYUSE_SIGN_RECOVER
50 | CSSM_KEYUSE_VERIFY_RECOVER
| CSSM_KEYUSE_WRAP
53 if (keyUsage
& CSSM_KEYUSE_ENCRYPT
)
54 mKeyCursor
->add(CSSM_DB_EQUAL
, KeySchema::Encrypt
, true);
55 if (keyUsage
& CSSM_KEYUSE_DECRYPT
)
56 mKeyCursor
->add(CSSM_DB_EQUAL
, KeySchema::Decrypt
, true);
57 if (keyUsage
& CSSM_KEYUSE_DERIVE
)
58 mKeyCursor
->add(CSSM_DB_EQUAL
, KeySchema::Derive
, true);
59 if (keyUsage
& CSSM_KEYUSE_SIGN
)
60 mKeyCursor
->add(CSSM_DB_EQUAL
, KeySchema::Sign
, true);
61 if (keyUsage
& CSSM_KEYUSE_VERIFY
)
62 mKeyCursor
->add(CSSM_DB_EQUAL
, KeySchema::Verify
, true);
63 if (keyUsage
& CSSM_KEYUSE_SIGN_RECOVER
)
64 mKeyCursor
->add(CSSM_DB_EQUAL
, KeySchema::SignRecover
, true);
65 if (keyUsage
& CSSM_KEYUSE_VERIFY_RECOVER
)
66 mKeyCursor
->add(CSSM_DB_EQUAL
, KeySchema::VerifyRecover
, true);
67 if (keyUsage
& CSSM_KEYUSE_WRAP
)
68 mKeyCursor
->add(CSSM_DB_EQUAL
, KeySchema::Wrap
, true);
69 if (keyUsage
& CSSM_KEYUSE_UNWRAP
)
70 mKeyCursor
->add(CSSM_DB_EQUAL
, KeySchema::Unwrap
, true);
73 IdentityCursor::~IdentityCursor() throw()
78 IdentityCursor::next(SecPointer
<Identity
> &identity
)
82 if (!mCertificateCursor
)
85 if (!mKeyCursor
->next(key
))
88 mCurrentKey
= static_cast<KeyItem
*>(key
.get());
90 CssmClient::DbUniqueRecord uniqueId
= mCurrentKey
->dbUniqueRecord();
91 CssmClient::DbAttributes
dbAttributes(uniqueId
->database(), 1);
92 dbAttributes
.add(KeySchema::Label
);
93 uniqueId
->get(&dbAttributes
, NULL
);
94 const CssmData
&keyHash
= dbAttributes
[0];
96 mCertificateCursor
= KCCursor(mSearchList
, CSSM_DL_DB_RECORD_X509_CERTIFICATE
, NULL
);
97 mCertificateCursor
->add(CSSM_DB_EQUAL
, Schema::kX509CertificatePublicKeyHash
, keyHash
);
101 if (mCertificateCursor
->next(cert
))
103 SecPointer
<Certificate
> certificate(static_cast<Certificate
*>(cert
.get()));
104 identity
= new Identity(mCurrentKey
, certificate
);
108 mCertificateCursor
= KCCursor();
projects / apple / security.git / blob