2 * Copyright (c) 2004,2011,2014 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 // UnlockReferralItem - Abstract interface to permanent user trust assignments
27 #include <security_keychain/UnlockReferralItem.h>
28 #include <security_cdsa_utilities/Schema.h>
29 #include <security_keychain/SecCFTypes.h>
33 namespace KeychainCore
{
37 // Construct a UnlockReferralItem from attributes and initial content
39 UnlockReferralItem::UnlockReferralItem() :
40 ItemImpl(CSSM_DL_DB_RECORD_UNLOCK_REFERRAL
,
41 reinterpret_cast<SecKeychainAttributeList
*>(NULL
),
45 secdebug("referral", "create %p", this);
52 UnlockReferralItem::~UnlockReferralItem()
54 secdebug("referral", "destroy %p", this);
59 // Add item to keychain
61 PrimaryKey
UnlockReferralItem::add(Keychain
&keychain
)
63 StLock
<Mutex
>_(mMutex
);
64 // If we already have a Keychain we can't be added.
66 MacOSError::throwMe(errSecDuplicateItem
);
70 CSSM_DB_RECORDTYPE recordType
= mDbAttributes
->recordType();
72 Db
db(keychain
->database());
73 // add the item to the (regular) db
76 mUniqueId
= db
->insert(recordType
, mDbAttributes
.get(), mData
.get());
77 secdebug("usertrust", "%p inserted", this);
79 catch (const CssmError
&e
)
81 if (e
.osStatus() != CSSMERR_DL_INVALID_RECORDTYPE
)
84 // Create the referral relation and try again.
85 secdebug("usertrust", "adding schema relation for user trusts");
87 db
->createRelation(CSSM_DL_DB_RECORD_UNLOCK_REFERRAL
,
88 "CSSM_DL_DB_RECORD_UNLOCK_REFERRAL",
89 Schema::UnlockReferralSchemaAttributeCount
,
90 Schema::UnlockReferralSchemaAttributeList
,
91 Schema::UnlockReferralSchemaIndexCount
,
92 Schema::UnlockReferralSchemaIndexList
);
93 keychain
->keychainSchema()->didCreateRelation(
94 CSSM_DL_DB_RECORD_UNLOCK_REFERRAL
,
95 "CSSM_DL_DB_RECORD_UNLOCK_REFERRAL",
96 Schema::UnlockReferralSchemaAttributeCount
,
97 Schema::UnlockReferralSchemaAttributeList
,
98 Schema::UnlockReferralSchemaIndexCount
,
99 Schema::UnlockReferralSchemaIndexList
);
101 //keychain->resetSchema();
103 mUniqueId
= db
->insert(recordType
, mDbAttributes
.get(), mData
.get());
104 secdebug("usertrust", "%p inserted now", this);
107 mPrimaryKey
= keychain
->makePrimaryKey(recordType
, mUniqueId
);
108 mKeychain
= keychain
;
113 void UnlockReferralItem::populateAttributes()
116 CssmAutoData
encodedIndex(Allocator::standard());
117 makeCertIndex(mCertificate
, encodedIndex
);
118 const CssmOid
&policyOid
= mPolicy
->oid();
120 mDbAttributes
->add(Schema::attributeInfo(kSecTrustCertAttr
), encodedIndex
.get());
121 mDbAttributes
->add(Schema::attributeInfo(kSecTrustPolicyAttr
), policyOid
);
126 } // end namespace KeychainCore
127 } // end namespace Security