+++ /dev/null
-/*
- * Copyright (c) 2006-2013 Apple Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- */
-
-/*
- * SecFramework.c - generic non API class specific functions
- */
-
-
-#include "SecFrameworkP.h"
-#include <pthread.h>
-#include <CoreFoundation/CFBundle.h>
-#include <CoreFoundation/CFURLAccess.h>
-#if 0
-#include "SecRandomP.h"
-#endif
-#include <CommonCrypto/CommonDigest.h>
-#include <Security/SecAsn1Coder.h>
-#include <Security/oidsalg.h>
-#include <fcntl.h>
-#include <sys/types.h>
-#include <unistd.h>
-#include <errno.h>
-#include <dlfcn.h>
-#include <string.h>
-#include <CoreFoundation/CFBundlePriv.h>
-
-#include <utilities/debugging.h>
-
-/* Security.framework's bundle id. */
-static CFStringRef kSecFrameworkBundleID = CFSTR("com.apple.Security");
-
-/* Security framework's own bundle used for localized string lookups. */
-static CFBundleRef kSecFrameworkBundle;
-static pthread_once_t kSecFrameworkBundleLookup = PTHREAD_ONCE_INIT;
-
-#if 0
-// copied from SecAsn1Coder.c
-
-bool SecAsn1OidCompare(const SecAsn1Oid *oid1, const SecAsn1Oid *oid2) {
- if (!oid1 || !oid2)
- return oid1 == oid2;
- if (oid1->Length != oid2->Length)
- return false;
- return !memcmp(oid1->Data, oid2->Data, oid1->Length);
-}
-#endif
-
-static void SecFrameworkBundleLookup(void) {
- // figure out the path to our executable
- Dl_info info;
- dladdr("", &info);
-
- // make a file URL from the returned string
- CFURLRef urlRef = CFURLCreateFromFileSystemRepresentation(NULL, (const UInt8*) info.dli_fname, strlen(info.dli_fname), false);
- kSecFrameworkBundle = _CFBundleCreateWithExecutableURLIfLooksLikeBundle(NULL, urlRef);
- CFRelease(urlRef);
-
- if (kSecFrameworkBundle)
- CFRetain(kSecFrameworkBundle);
-}
-
-CFStringRef SecFrameworkCopyLocalizedString(CFStringRef key,
- CFStringRef tableName) {
- pthread_once(&kSecFrameworkBundleLookup, SecFrameworkBundleLookup);
- if (kSecFrameworkBundle) {
- return CFBundleCopyLocalizedString(kSecFrameworkBundle, key, key,
- tableName);
- }
-
- CFRetain(key);
- return key;
-}
-
-CFURLRef SecFrameworkCopyResourceURL(CFStringRef resourceName,
- CFStringRef resourceType, CFStringRef subDirName) {
- CFURLRef url = NULL;
- pthread_once(&kSecFrameworkBundleLookup, SecFrameworkBundleLookup);
- if (kSecFrameworkBundle) {
- url = CFBundleCopyResourceURL(kSecFrameworkBundle, resourceName,
- resourceType, subDirName);
- if (!url) {
- secdebug("SecFramework", "resource: %@.%@ in %@ not found", resourceName,
- resourceType, subDirName);
- }
- }
-
- return url;
-}
-
-
-CFDataRef SecFrameworkCopyResourceContents(CFStringRef resourceName,
- CFStringRef resourceType, CFStringRef subDirName) {
- CFURLRef url = SecFrameworkCopyResourceURL(resourceName, resourceType,
- subDirName);
- CFDataRef data = NULL;
- if (url) {
- SInt32 error;
- if (!CFURLCreateDataAndPropertiesFromResource(kCFAllocatorDefault,
- url, &data, NULL, NULL, &error)) {
- secdebug("SecFramework", "read: %d", (int)error);
- }
- CFRelease(url);
- }
-
- return data;
-}
-
-/* Return the SHA1 digest of a chunk of data as newly allocated CFDataRef. */
-CFDataRef SecSHA1DigestCreate(CFAllocatorRef allocator,
- const UInt8 *data, CFIndex length) {
- CFMutableDataRef digest = CFDataCreateMutable(allocator,
- CC_SHA1_DIGEST_LENGTH);
- CFDataSetLength(digest, CC_SHA1_DIGEST_LENGTH);
- CC_SHA1(data, (CC_LONG)length, CFDataGetMutableBytePtr(digest));
- return digest;
-}
-
-#if 0
-CFDataRef SecDigestCreate(CFAllocatorRef allocator,
- const SecAsn1Oid *algorithm, const SecAsn1Item *params,
- const UInt8 *data, CFIndex length) {
- unsigned char *(*digestFcn)(const void *data, CC_LONG len, unsigned char *md);
- CFIndex digestLen;
-
- if (SecAsn1OidCompare(algorithm, &CSSMOID_SHA1)) {
- digestFcn = CC_SHA1;
- digestLen = CC_SHA1_DIGEST_LENGTH;
- } else if (SecAsn1OidCompare(algorithm, &CSSMOID_SHA224)) {
- digestFcn = CC_SHA224;
- digestLen = CC_SHA224_DIGEST_LENGTH;
- } else if (SecAsn1OidCompare(algorithm, &CSSMOID_SHA256)) {
- digestFcn = CC_SHA256;
- digestLen = CC_SHA256_DIGEST_LENGTH;
- } else if (SecAsn1OidCompare(algorithm, &CSSMOID_SHA384)) {
- digestFcn = CC_SHA384;
- digestLen = CC_SHA384_DIGEST_LENGTH;
- } else if (SecAsn1OidCompare(algorithm, &CSSMOID_SHA512)) {
- digestFcn = CC_SHA512;
- digestLen = CC_SHA512_DIGEST_LENGTH;
- } else {
- return NULL;
- }
-
- CFMutableDataRef digest = CFDataCreateMutable(allocator, digestLen);
- CFDataSetLength(digest, digestLen);
- digestFcn(data, length, CFDataGetMutableBytePtr(digest));
- return digest;
-}
-#endif
-
-#if 0
-
-/* Default random ref for /dev/random. */
-const SecRandomRef kSecRandomDefault = NULL;
-
-/* File descriptor for "/dev/random". */
-static int kSecRandomFD;
-static pthread_once_t kSecDevRandomOpen = PTHREAD_ONCE_INIT;
-
-static void SecDevRandomOpen(void) {
- kSecRandomFD = open("/dev/random", O_RDONLY);
-}
-
-int SecRandomCopyBytes(SecRandomRef rnd, size_t count, uint8_t *bytes) {
- if (rnd != kSecRandomDefault)
- return errSecParam;
- pthread_once(&kSecDevRandomOpen, SecDevRandomOpen);
- if (kSecRandomFD < 0)
- return -1;
- while (count) {
- ssize_t bytes_read = read(kSecRandomFD, bytes, count);
- if (bytes_read == -1) {
- if (errno == EINTR)
- continue;
- return -1;
- }
- if (bytes_read == 0) {
- return -1;
- }
- count -= bytes_read;
- }
-
- return 0;
-}
-
-#include <CommonCrypto/CommonDigest.h>
-#include <stdlib.h>
-
-/* FIPS rng declarations. */
-typedef struct __SecRandom *SecRandomRef;
-SecRandomRef SecRandomCreate(CFIndex randomAlg, CFIndex seedLength,
- const UInt8 *seed);
-void SecRandomCopyBytes(SecRandomRef randomref, CFIndex numBytes, UInt8 *outBytes);
-
-/* FIPS Rng implementation. */
-struct __SecRandom {
- CC_SHA1_CTX sha1;
- CFIndex bytesLeft;
- UInt8 block[64];
-};
-
-SecRandomRef SecRandomCreate(CFIndex randomAlg, CFIndex seedLength,
- const UInt8 *seed) {
- SecRandomRef result = (SecRandomRef)malloc(sizeof(struct __SecRandom));
- CC_SHA1_Init(&result->sha1);
- memset(result->block + 20, 0, 44);
- result->bytesLeft = 0;
-
- if (seedLength) {
- /* Digest the seed and put it into output. */
- CC_SHA1(seed, seedLength, result->block);
- } else {
- /* Seed 20 bytes from "/dev/srandom". */
- int fd = open("/dev/srandom", O_RDONLY);
- if (fd < 0)
- goto errOut;
-
- if (read(fd, result->block, 20) != 20)
- goto errOut;
-
- close(fd);
- }
-
- CC_SHA1_Update(&result->sha1, result->block, 64);
-
- return result;
-
-errOut:
- free(result);
- return NULL;
-}
-
-void SecRandomCopyBytes(SecRandomRef randomref, CFIndex numBytes,
- UInt8 *outBytes) {
- while (numBytes > 0) {
- if (!randomref->bytesLeft) {
- CC_SHA1_Update(&randomref->sha1, randomref->block, 64);
- OSWriteBigInt32(randomref->block, 0, randomref->sha1.h0);
- OSWriteBigInt32(randomref->block, 4, randomref->sha1.h1);
- OSWriteBigInt32(randomref->block, 8, randomref->sha1.h2);
- OSWriteBigInt32(randomref->block, 12, randomref->sha1.h3);
- OSWriteBigInt32(randomref->block, 16, randomref->sha1.h4);
- randomref->bytesLeft = 20;
- }
- CFIndex outLength = (numBytes > randomref->bytesLeft ?
- randomref->bytesLeft : numBytes);
- memcpy(outBytes, randomref->block + 20 - randomref->bytesLeft,
- outLength);
- randomref->bytesLeft -= outLength;
- outBytes += outLength;
- numBytes -= outLength;
- }
-}
-#endif
projects / apple / security.git / blobdiff