SecurityTests/xdr_rpc/securityd_data_saver.h

   1 /*
   2  * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 #ifndef _SECURITYD_DATA_SAVER_H_
  25 #define _SECURITYD_DATA_SAVER_H_
  26
  27 #include <mach/message.h>
  28 #include <security_utilities/unix++.h>
  29 #include <security_cdsa_utilities/context.h>
  30 #include <security_cdsa_utilities/cssmdb.h>
  31
  32 //
  33 // Possible enhancement: have class silently do nothing on write if the
  34 // file already exists.  This would keep us from writing > 1 of the given
  35 // object.
  36 //
  37 // XXX/gh  this should handle readPreamble() as well
  38 //
  39 class SecuritydDataSave: public Security::UnixPlusPlus::AutoFileDesc
  40 {
  41 public:
  42         // For x-platform consistency, sentry and version must be fixed-size
  43         static const uint32_t sentry = 0x1234;          // byte order sentry value
  44         static const uint32_t version = 1;
  45         // define type of data saved; naming convention is to strip CSSM_
  46         // most of these will probably never be used <shrug>
  47         enum
  48         {
  49                 s32     = 32,   // signed 32-bit
  50                 u32     = 33,   // unsigned 32-bit
  51                 s64     = 64,
  52                 u64     = 65,
  53                 // leave some space: we might need to discriminate among the
  54                 // various integer types (although I can't see why we'd care to
  55                 // save them by themselves)
  56                 DATA    = 1000,
  57                 GUID    = 1001,
  58                 VERSION = 1002,
  59                 SUBSERVICE_UID = 1003,
  60                 NET_ADDRESS    = 1004,
  61                 CRYPTO_DATA    = 1005,
  62                 LIST           = 1006,
  63                 LIST_ELEMENT   = 1007,
  64                 TUPLE          = 1008,
  65                 TUPLEGROUP     = 1009,
  66                 SAMPLE         = 1010,
  67                 SAMPLEGROUP    = 1011,
  68                 MEMORY_FUNCS   = 1012,
  69                 ENCODED_CERT   = 1013,
  70                 PARSED_CERT    = 1014,
  71                 CERT_PAIR      = 1015,
  72                 CERTGROUP      = 1016,
  73                 BASE_CERTS     = 1017,
  74                 ACCESS_CREDENTIALS = 1018,
  75                 AUTHORIZATIONGROUP = 1019,
  76                 ACL_VALIDITY_PERIOD = 1020,
  77                 ACL_ENTRY_PROTOTYPE = 1021,
  78                 ACL_OWNER_PROTOTYPE = 1022,
  79                 ACL_ENTRY_INPUT     = 1023,
  80                 RESOURCE_CONTROL_CONTEXT = 1024,
  81                 ACL_ENTRY_INFO           = 1025,
  82                 ACL_EDIT                 = 1026,
  83                 FUNC_NAME_ADDR           = 1027,
  84                 DATE                     = 1028,
  85                 RANGE                    = 1029,
  86                 QUERY_SIZE_DATA          = 1030,
  87                 KEY_SIZE                 = 1031,
  88                 KEYHEADER                = 1032,
  89                 KEY                      = 1033,
  90                 DL_DB_HANDLE             = 1034,
  91                 CONTEXT_ATTRIBUTE        = 1035,
  92                 CONTEXT                  = 1036,
  93                 PKCS1_OAEP_PARAMS        = 1037,
  94                 CSP_OPERATIONAL_STATISTICS = 1038,
  95                 PKCS5_PBKDF1_PARAMS        = 1039,
  96                 PKCS5_PBKDF2_PARAMS        = 1040,
  97                 KEA_DERIVE_PARAMS          = 1041,
  98                 TP_AUTHORITY_ID            = 1042,
  99                 FIELD                      = 1043,
 100                 TP_POLICYINFO              = 1044,
 101                 DL_DB_LIST                 = 1045,
 102                 TP_CALLERAUTH_CONTEXT      = 1046,
 103                 ENCODED_CRL                = 1047,
 104                 PARSED_CRL                 = 1048,
 105                 CRL_PAIR                   = 1049,
 106                 CRLGROUP                   = 1050,
 107                 FIELDGROUP                 = 1051,
 108                 EVIDENCE                   = 1052,
 109                 TP_VERIFY_CONTEXT          = 1053,
 110                 TP_VERIFY_CONTEXT_RESULT   = 1054,
 111                 TP_REQUEST_SET             = 1055,
 112                 TP_RESULT_SET              = 1056,
 113                 TP_CONFIRM_RESPONSE        = 1057,
 114                 TP_CERTISSUE_INPUT         = 1058,
 115                 TP_CERTISSUE_OUTPUT        = 1059,
 116                 TP_CERTCHANGE_INPUT        = 1060,
 117                 TP_CERTCHANGE_OUTPUT       = 1061,
 118                 TP_CERTVERIFY_INPUT        = 1062,
 119                 TP_CERTVERIFY_OUTPUT       = 1063,
 120                 TP_CERTNOTARIZE_INPUT      = 1064,
 121                 TP_CERTNOTARIZE_OUTPUT     = 1065,
 122                 TP_CERTRECLAIM_INPUT       = 1066,
 123                 TP_CERTRECLAIM_OUTPUT      = 1067,
 124                 TP_CRLISSUE_INPUT          = 1068,
 125                 TP_CRLISSUE_OUTPUT         = 1069,
 126                 CERT_BUNDLE_HEADER         = 1070,
 127                 CERT_BUNDLE                = 1071,
 128                 DB_ATTRIBUTE_INFO          = 1072,
 129                 DB_ATTRIBUTE_DATA          = 1073,
 130                 DB_RECORD_ATTRIBUTE_INFO   = 1074,
 131                 DB_RECORD_ATTRIBUTE_DATA   = 1075,
 132                 DB_PARSING_MODULE_INFO     = 1076,
 133                 DB_INDEX_INFO              = 1077,
 134                 DB_UNIQUE_RECORD           = 1078,
 135                 DB_RECORD_INDEX_INFO       = 1079,
 136                 DBINFO                     = 1080,
 137                 SELECTION_PREDICATE        = 1081,
 138                 QUERY_LIMITS               = 1082,
 139                 QUERY                      = 1083,
 140                 DL_PKCS11_ATTRIBUTE        = 1084,      // a pointer
 141                 NAME_LIST                  = 1085,
 142                 DB_SCHEMA_ATTRIBUTE_INFO   = 1086,
 143                 DB_SCHEMA_INDEX_INFO       = 1087
 144         };
 145         static const int sdsFlags = O_RDWR|O_CREAT|O_APPEND;
 146
 147 public:
 148         SecuritydDataSave(const char *file) : AutoFileDesc(file, sdsFlags, 0644), mFile(file)
 149         {
 150                 writePreamble();
 151         }
 152         SecuritydDataSave(const SecuritydDataSave &sds) : AutoFileDesc(sds.fd()), mFile(sds.file()) { }
 153
 154         ~SecuritydDataSave() { }
 155
 156         const char *file() const { return mFile; }
 157
 158         void writeContext(Security::Context *context, intptr_t attraddr,
 159                                           mach_msg_type_number_t attrSize);
 160         void writeAclEntryInfo(AclEntryInfo *acls,
 161                                                    mach_msg_type_number_t aclsLength);
 162         void writeAclEntryInput(AclEntryInput *acl,
 163                                                         mach_msg_type_number_t aclLength);
 164         void writeQuery(Security::CssmQuery *query,
 165                                         mach_msg_type_number_t queryLength)
 166         {
 167                 // finish the preamble
 168                 uint32_t dtype = QUERY;
 169                 writeAll(&dtype, sizeof(dtype));
 170
 171                 writeDataWithBase(query, queryLength);
 172         }
 173
 174 private:
 175         // slightly misleading, in that the saved data type is also part of the
 176         // preamble but must be written by the appropriate write...() routine
 177         void writePreamble()
 178         {
 179                 uint32_t value = sentry;
 180                 writeAll(&value, sizeof(value));
 181                 value = version;
 182                 writeAll(&value, sizeof(value));
 183         }
 184
 185         // The usual pattern for data structures that include pointers is
 186         // (1) let securityd relocate() the RPC-delivered raw data, thus
 187         //     transforming the raw data into walked (flattened) data
 188         // (2) write the size of the data pointer
 189         // (3) write the data pointer (for xdr_test reconstitution)
 190         // (4) write the length (in bytes) of the flattened data, and finally
 191         // (5) write the flattened data
 192         //
 193         // writeDataWithBase() does (2) - (5)
 194         void writeDataWithBase(void *data, mach_msg_type_number_t datalen)
 195         {
 196                 uint32_t ptrsize = sizeof(data);
 197                 writeAll(&ptrsize, sizeof(ptrsize));
 198                 writeAll(&data, ptrsize);
 199                 writeAll(&datalen, sizeof(datalen));
 200                 writeAll(data, datalen);
 201         }
 202
 203 private:
 204         const char *mFile;
 205 };
 206
 207
 208 #endif  /* _SECURITYD_DATA_SAVER_H_ */