OSX/libsecurityd/lib/ssblob.cpp

   1 /*
   2  * Copyright (c) 2000-2004,2006,2011,2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 //
  26 // ssclient - SecurityServer client interface library
  27 //
  28 #include "ssblob.h"
  29
  30
  31 namespace Security {
  32 namespace SecurityServer {
  33
  34 uint32 CommonBlob::getCurrentVersion() {
  35   uint32 ret = version_MacOS_10_0;
  36   // If the integrity protections are turned on, use version_partition.
  37   // else, use version_MacOS_10_0.
  38   CFTypeRef integrity = (CFNumberRef)CFPreferencesCopyValue(CFSTR("KeychainIntegrity"), CFSTR("com.apple.security"), kCFPreferencesAnyUser, kCFPreferencesCurrentHost);
  39   if (integrity && CFGetTypeID(integrity) == CFBooleanGetTypeID()) {
  40     bool integrityProtections = CFBooleanGetValue((CFBooleanRef)integrity);
  41
  42     if(integrityProtections) {
  43       secdebugfunc("integrity", "creating a partition keychain; global is on");
  44       ret = version_partition;
  45     } else {
  46       secdebugfunc("integrity", "creating a old-style keychain; global is off");
  47       ret = version_MacOS_10_0;
  48     }
  49     CFRelease(integrity);
  50   }
  51
  52   return ret;
  53 }
  54
  55
  56 void CommonBlob::initialize()
  57 {
  58     magic = magicNumber;
  59
  60     this->blobVersion = getCurrentVersion();
  61 }
  62
  63 //
  64 // Initialize the blob header for a given version
  65 //
  66 void CommonBlob::initialize(uint32 version)
  67 {
  68     magic = magicNumber;
  69
  70     secdebugfunc("integrity", "creating a partition keychain with version %d", version);
  71     this->blobVersion = version;
  72 }
  73
  74
  75 //
  76 // Verify the blob header for basic sane-ness.
  77 //
  78 bool CommonBlob::isValid() const
  79 {
  80         return magic == magicNumber;
  81 }
  82
  83 void CommonBlob::validate(CSSM_RETURN failureCode) const
  84 {
  85     if (!isValid())
  86         CssmError::throwMe(failureCode);
  87 }
  88
  89 /*
  90  * This string is placed in KeyBlob.blobSignature to indicate a cleartext
  91  * public key.
  92  */
  93 static const char clearPubKeySig[] = "Cleartext public key";
  94
  95 bool KeyBlob::isClearText()
  96 {
  97         return (memcmp(blobSignature, clearPubKeySig,
  98                 sizeof(blobSignature)) == 0);
  99 }
 100
 101 void KeyBlob::setClearTextSignature()
 102 {
 103         memmove(blobSignature, clearPubKeySig, sizeof(blobSignature));
 104 }
 105
 106
 107
 108 } // end namespace SecurityServer
 109
 110 } // end namespace Security