* @APPLE_LICENSE_HEADER_END@
*/
+#include <security_utilities/casts.h>
#include "SecKeychainItemExtendedAttributes.h"
#include "SecKeychainItemPriv.h"
#include "ExtendedAttribute.h"
#include "SecBridge.h"
#include "StorageManager.h"
#include "KCCursor.h"
+#include <os/activity.h>
/* I'm not sure we need this */
#if 0
}
#endif
+extern "C" Boolean SecKeyIsCDSAKey(SecKeyRef ref);
+
/*
* Determine if incoming itemRef can be considered for
* this mechanism; throw if not.
CFTypeID id = CFGetTypeID(itemRef);
if((id == gTypes().ItemImpl.typeID) ||
(id == gTypes().Certificate.typeID) ||
- (id == gTypes().KeyItem.typeID)) {
+ (id == SecKeyGetTypeID() && SecKeyIsCDSAKey((SecKeyRef)itemRef))) {
return;
}
else {
StorageManager::KeychainList kcList;
kcList.push_back(inItem->keychain());
- KCCursor cursor(kcList, CSSM_DL_DB_RECORD_EXTENDED_ATTRIBUTE, &attrList);
+ KCCursor cursor(kcList, (SecItemClass) CSSM_DL_DB_RECORD_EXTENDED_ATTRIBUTE, &attrList);
try {
return cursor->next(foundItem);
}
CFStringRef attrName,
CFDataRef attrValue) /* NULL means delete the attribute */
{
-#if SECTRUST_OSX
-#warning This needs to detect SecCertificateRef items, and when it does, SecKeychainItemDelete must be updated
-#endif
+ // <rdar://25635468>
+ //%%% This needs to detect SecCertificateRef items, and when it does, SecKeychainItemDelete must be updated
+
BEGIN_SECAPI
+ os_activity_t activity = os_activity_create("SecKeychainItemSetExtendedAttribute", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+ os_activity_scope(activity);
+ os_release(activity);
if((itemRef == NULL) || (attrName == NULL)) {
return errSecParam;
return errSecSuccess;
}
- CSSM_DATA attrCValue = {CFDataGetLength(attrValue), (uint8 *)CFDataGetBytePtr(attrValue)};
+ CSSM_DATA attrCValue = {int_cast<CFIndex, CSSM_SIZE>(CFDataGetLength(attrValue)), (uint8 *)CFDataGetBytePtr(attrValue)};
if(haveMatch) {
/* update existing extended attribute record */
CFStringRef attrName,
CFDataRef *attrValue) /* RETURNED */
{
-#if SECTRUST_OSX
-#warning This needs to detect SecCertificateRef items
-#endif
+ // <rdar://25635468>
+ //%%% This needs to detect SecCertificateRef items
+
BEGIN_SECAPI
+ os_activity_t activity = os_activity_create("SecKeychainItemCopyExtendedAttribute", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+ os_activity_scope(activity);
+ os_release(activity);
if((itemRef == NULL) || (attrName == NULL) || (attrValue == NULL)) {
return errSecParam;
CFArrayRef *attrValues) /* optional, RETURNED, each element is a
* CFDataRef */
{
-#if SECTRUST_OSX
-#warning This needs to detect SecCertificateRef items, and when it does, SecKeychainItemDelete must be updated
-#endif
+ // <rdar://25635468>
+ //%%% This needs to detect SecCertificateRef items, and when it does, SecKeychainItemDelete must be updated
+
BEGIN_SECAPI
+ os_activity_t activity = os_activity_create("SecKeychainItemCopyAllExtendedAttributes", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+ os_activity_scope(activity);
+ os_release(activity);
if((itemRef == NULL) || (attrNames == NULL)) {
return errSecParam;
CFMutableArrayRef outValues = NULL;
OSStatus ourRtn = errSecSuccess;
- KCCursor cursor(kcList, CSSM_DL_DB_RECORD_EXTENDED_ATTRIBUTE, &attrList);
+ KCCursor cursor(kcList, (SecItemClass) CSSM_DL_DB_RECORD_EXTENDED_ATTRIBUTE, &attrList);
for(;;) {
bool gotOne = false;
Item foundItem;
projects / apple / security.git / blobdiff