Keychain/FileVaultSPI.cpp

   1 /*
   2  * Copyright (c) 2003 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17 /*
  18  *  FileVaultSPI.cpp
  19  *  Security
  20  *
  21  *  Created by john on Wed Jul 09 2003.
  22  *  Copyright (c) 2003 Apple. All rights reserved.
  23  *
  24  */
  25
  26 #include "FileVaultSPI.h"
  27 #include "SFFileVault.h"
  28 #include <Security/SecBridge.h>
  29 #include <Security/cfutilities.h>
  30
  31 #pragma mark -------------------- SecFileVault implementation --------------------
  32
  33 OSStatus SecFileVaultCreate (CFStringRef password, bool enableMasterPassword, CFURLRef dmgout, CFStringRef volumeName,
  34     CFStringRef sizeSpec)
  35 {
  36     // Note that we do not need the master keychain password, since we can encrypt the
  37     // image key with the public key.
  38     BEGIN_SECAPI
  39
  40         SFFileVault sffv;
  41         CFURLRef certificate = NULL;
  42         if (enableMasterPassword)
  43             sffv.getCertificate(&certificate);
  44
  45         sffv.create(password, certificate, dmgout, volumeName, sizeSpec);
  46         if (certificate)        //@@@ leak if error thrown
  47             CFRelease(certificate);
  48
  49     END_SECAPI
  50 }
  51
  52 OSStatus SecFileVaultUserMount (CFStringRef password, CFURLRef dmgin, CFURLRef mountpoint, CFStringRef *devicepath)
  53 {
  54     BEGIN_SECAPI
  55
  56         SFFileVault sffv;
  57         sffv.mount(password, NULL, dmgin, mountpoint, devicepath);
  58
  59     END_SECAPI
  60 }
  61
  62 OSStatus SecFileVaultMasterMount(CFURLRef dmgin, CFURLRef mountpoint, CFStringRef *devicepath)
  63 {
  64     BEGIN_SECAPI
  65
  66         SFFileVault sffv;
  67         sffv.mastermount(dmgin,mountpoint,devicepath);
  68
  69     END_SECAPI
  70 }
  71
  72 OSStatus SecFileVaultUnmount(CFURLRef mountpoint, CFStringRef devicepath)
  73 {
  74     BEGIN_SECAPI
  75
  76         SFFileVault sffv;
  77         sffv.unmount(mountpoint,devicepath);
  78
  79     END_SECAPI
  80 }
  81
  82 OSStatus SecFileVaultUserChangePassword(CFStringRef password, CFStringRef devicepath)
  83 {
  84     BEGIN_SECAPI
  85
  86         SFFileVault fv;
  87         fv.userChangePassword(password, devicepath);
  88
  89     END_SECAPI
  90 }
  91
  92 OSStatus SecFileVaultMakeMasterPassword(CFStringRef masterPasswordPassword)
  93 {
  94     BEGIN_SECAPI
  95
  96         SFFileVault fv;
  97         SecKeychainRef keychainRef;
  98         fv.makeMasterPassword(masterPasswordPassword,&keychainRef);
  99
 100     END_SECAPI
 101 }
 102
 103 Boolean SecFileVaultMasterPasswordEnabled(SecKeychainRef *keychainRef)
 104 {
 105     BEGIN_SECAPI
 106
 107         SFFileVault fv;
 108         return fv.masterPasswordEnabled(keychainRef);
 109
 110     END_SECAPI1(false)
 111 }
 112
 113 OSStatus SecFileVaultChangeMasterPasswordPassword(CFStringRef oldPassword,CFStringRef newPassword)
 114 {
 115     BEGIN_SECAPI
 116
 117         SFFileVault fv;
 118         fv.changeMasterPasswordPassword(oldPassword,newPassword);
 119
 120     END_SECAPI
 121 }
 122
 123 #pragma mark -------------------- SecFileVault extended implementation --------------------
 124
 125 OSStatus SecFileVaultMount(CFStringRef password, CFURLRef certificate, CFURLRef dmgin, CFURLRef mountpoint,
 126     CFStringRef *devicepath)
 127 {
 128     BEGIN_SECAPI
 129
 130         SFFileVault sffv;
 131         sffv.mount(password, certificate, dmgin, mountpoint, devicepath);
 132
 133     END_SECAPI
 134 }
 135
 136
 137 OSStatus SecFileVaultCreateUsingCertificate (CFStringRef password, CFURLRef certificate, CFURLRef dmgout, CFStringRef volumeName,
 138     CFStringRef sizeSpec)
 139 {
 140     BEGIN_SECAPI
 141
 142         SFFileVault sffv;
 143         sffv.create(password, certificate, dmgout, volumeName, sizeSpec);
 144
 145     END_SECAPI
 146 }
 147
 148