2 * Copyright (c) 2006-2017 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 * SecFramework.c - generic non API class specific functions
29 /* Allows us to build genanchors against the BaseSDK. */
30 #undef __ENVIRONMENT_IPHONE_OS_VERSION_MIN_REQUIRED__
31 #undef __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__
34 #include "SecFramework.h"
35 #include <dispatch/dispatch.h>
36 #include <CoreFoundation/CFBundle.h>
37 #include <CoreFoundation/CFURLAccess.h>
38 #include <Security/SecRandom.h>
39 #include <CommonCrypto/CommonRandomSPI.h>
41 #include <sys/types.h>
43 #include <utilities/debugging.h>
44 #include <utilities/SecCFWrappers.h>
45 #include <Security/SecBase.h>
48 #if !(TARGET_IPHONE_SIMULATOR && defined(IPHONE_SIMULATOR_HOST_MIN_VERSION_REQUIRED) && IPHONE_SIMULATOR_HOST_MIN_VERSION_REQUIRED < 1090)
49 #include <sys/guarded.h>
50 #define USE_GUARDED_OPEN 1
52 #define USE_GUARDED_OPEN 0
56 /* Security.framework's bundle id. */
58 static CFStringRef kSecFrameworkBundleID
= CFSTR("com.apple.Security");
60 static CFStringRef kSecFrameworkBundleID
= CFSTR("com.apple.security");
63 CFGiblisGetSingleton(CFBundleRef
, SecFrameworkGetBundle
, bundle
, ^{
64 *bundle
= CFRetainSafe(CFBundleGetBundleWithIdentifier(kSecFrameworkBundleID
));
67 CFStringRef
SecFrameworkCopyLocalizedString(CFStringRef key
,
68 CFStringRef tableName
) {
69 CFBundleRef bundle
= SecFrameworkGetBundle();
71 return CFBundleCopyLocalizedString(bundle
, key
, key
, tableName
);
73 return CFRetainSafe(key
);
76 CFURLRef
SecFrameworkCopyResourceURL(CFStringRef resourceName
,
77 CFStringRef resourceType
, CFStringRef subDirName
) {
79 CFBundleRef bundle
= SecFrameworkGetBundle();
81 url
= CFBundleCopyResourceURL(bundle
, resourceName
,
82 resourceType
, subDirName
);
84 secwarning("resource: %@.%@ in %@ not found", resourceName
,
85 resourceType
, subDirName
);
92 CFDataRef
SecFrameworkCopyResourceContents(CFStringRef resourceName
,
93 CFStringRef resourceType
, CFStringRef subDirName
) {
94 CFURLRef url
= SecFrameworkCopyResourceURL(resourceName
, resourceType
,
96 CFDataRef data
= NULL
;
99 if (!CFURLCreateDataAndPropertiesFromResource(kCFAllocatorDefault
,
100 url
, &data
, NULL
, NULL
, &error
)) {
101 secwarning("read: %ld", (long) error
);
109 static CFStringRef
copyErrorMessageFromBundle(OSStatus status
, CFStringRef tableName
);
111 // caller MUST release the string, since it is gotten with "CFCopyLocalizedStringFromTableInBundle"
112 // intended use of reserved param is to pass in CFStringRef with name of the Table for lookup
113 // Will look by default in "SecErrorMessages.strings" in the resources of Security.framework.
117 SecCopyErrorMessageString(OSStatus status
, void *reserved
)
119 CFStringRef result
= copyErrorMessageFromBundle(status
, CFSTR("SecErrorMessages"));
121 result
= copyErrorMessageFromBundle(status
, CFSTR("SecDebugErrorMessages"));
125 // no error message found, so format a faked-up error message from the status
126 result
= CFStringCreateWithFormat(NULL
, NULL
, CFSTR("OSStatus %d"), (int)status
);
133 copyErrorMessageFromBundle(OSStatus status
,CFStringRef tableName
)
136 CFStringRef errorString
= nil
;
137 CFStringRef keyString
= nil
;
138 CFBundleRef secBundle
= NULL
;
140 // Make a bundle instance using the URLRef.
141 secBundle
= CFBundleGetBundleWithIdentifier(kSecFrameworkBundleID
);
145 // Convert status to Int32 string representation, e.g. "-25924"
146 keyString
= CFStringCreateWithFormat (kCFAllocatorDefault
, NULL
, CFSTR("%d"), (int)status
);
150 errorString
= CFCopyLocalizedStringFromTableInBundle(keyString
, tableName
, secBundle
, NULL
);
151 if (CFStringCompare(errorString
, keyString
, 0) == kCFCompareEqualTo
) // no real error message
154 CFRelease(errorString
);
159 CFRelease(keyString
);
165 const SecRandomRef kSecRandomDefault
= NULL
;
167 int SecRandomCopyBytes(SecRandomRef rnd
, size_t count
, void *bytes
) {
168 if (rnd
!= kSecRandomDefault
)
170 return CCRandomCopyBytes(kCCRandomDefault
, bytes
, count
);