2 // throw C++-dependent stuff in here
5 #include <Security/cssm.h>
7 #include <Security/SecBasePriv.h>
8 #include <security_cdsa_client/keychainacl.h>
9 #include <security_cdsa_utilities/cssmacl.h>
10 #include <security_cdsa_client/aclclient.h>
11 #include <security_cdsa_utilities/cssmdata.h>
12 #include <security_cdsa_utilities/cssmalloc.h>
13 #include <security_utilities/devrandom.h>
14 #include <CoreFoundation/CFString.h>
15 #include "cssmErrorStrings.h" /* generated error string table */
20 void printError(const char *op
, CSSM_RETURN err
)
25 const char *cssmErrToStr(CSSM_RETURN err
)
29 for(esp
=errStrings
; esp
->errStr
!=NULL
; esp
++) {
30 if(esp
->errCode
== err
) {
35 static char outbuf
[512];
36 sprintf(outbuf
, "UNKNOWN ERROR CODE %d", (int)err
);
42 * Open a DB, optionally:
44 * -- ensuring it's empty
46 * -- Specifying optional password to avoid SecurityAgent UI.
48 CSSM_RETURN
dbCreateOpen(
49 CSSM_DL_HANDLE dlHand
, // from dlStartup()
51 CSSM_BOOL doCreate
, // if false, must already exist
52 CSSM_BOOL deleteExist
,
53 const char *pwd
, // optional
54 CSSM_DB_HANDLE
*dbHand
)
60 /* first delete possible existing DB, ignore error */
61 crtn
= dbDelete(dlHand
, dbName
);
63 /* only allowed error is "no such file" */
65 case CSSMERR_DL_DATASTORE_DOESNOT_EXIST
:
68 printError("CSSM_DL_DbDelete", crtn
);
72 printf("***Hey! dbCreateOpen with deleteExist and !doCreate\n");
78 * Try to open existing DB. This does not have a means
79 * to specify password (yet).
81 crtn
= CSSM_DL_DbOpen(dlHand
,
84 CSSM_DB_ACCESS_READ
| CSSM_DB_ACCESS_WRITE
,
85 NULL
, // CSSM_ACCESS_CREDENTIALS *AccessCred
86 NULL
, // void *OpenParameters
92 printError("CSSM_DL_DbOpen", crtn
);
93 printf("Error opening %s\n", dbName
);
97 memset(&dbInfo
, 0, sizeof(CSSM_DBINFO
));
102 * This glorious code copied from crlRefresh. I didn't pretend
103 * to understand it when I put it there either.
105 Allocator
&alloc
= Allocator::standard();
106 CssmClient::AclFactory::PasswordChangeCredentials
107 pCreds((StringData(pwd
)), alloc
);
108 const AccessCredentials
* aa
= pCreds
;
109 TypedList
subject(alloc
, CSSM_ACL_SUBJECT_TYPE_ANY
);
110 AclEntryPrototype
protoType(subject
);
111 AuthorizationGroup
&authGroup
= protoType
.authorization();
112 CSSM_ACL_AUTHORIZATION_TAG tag
= CSSM_ACL_AUTHORIZATION_ANY
;
113 authGroup
.NumberOfAuthTags
= 1;
114 authGroup
.AuthTags
= &tag
;
116 const ResourceControlContext
rcc(protoType
,
117 const_cast<AccessCredentials
*>(aa
));
119 crtn
= CSSM_DL_DbCreate(dlHand
,
123 // &Security::KeychainCore::Schema::DBInfo,
124 CSSM_DB_ACCESS_PRIVILEGED
,
125 &rcc
, // CredAndAclEntry
126 NULL
, // OpenParameters
130 crtn
= CSSM_DL_DbCreate(dlHand
,
134 // &Security::KeychainCore::Schema::DBInfo,
135 CSSM_DB_ACCESS_PRIVILEGED
,
136 NULL
, // CredAndAclEntry
137 NULL
, // OpenParameters
141 printError("CSSM_DL_DbCreate", crtn
);
147 * *The* way for all tests to get random data.
149 void appGetRandomBytes(void *buf
, unsigned len
)
152 Security::DevRandomGenerator
devRand(false);
153 devRand
.random(buf
, len
);
156 printf("***Hey! DevRandomGenerator threw an exception!\n");
157 /* Yes, exit - I'd really like to catch one of these */
projects / apple / security.git / blob