-/*
- * Copyright (c) 2000-2004,2006,2011,2013-2014 Apple Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- */
-
-
-//
-// sstransit - Securityd client side transition support.
-//
-#include "sstransit.h"
-#include <security_cdsa_client/cspclient.h>
-#include <security_utilities/mach++.h>
-
-namespace Security {
-namespace SecurityServer {
-
-using MachPlusPlus::check;
-using MachPlusPlus::VMGuard;
-
-//
-// DataOutput helper.
-// This happens "at the end" of a glue method, via the DataOutput destructor.
-//
-DataOutput::~DataOutput()
-{
- // @@@ Why are we setting up a VMGuard if mData is NULL?
- VMGuard _(mData, mLength);
- if (mData) // was assigned to; IPC returned OK
- if (mTarget) { // output CssmData exists
- if (mTarget->data()) { // caller provided buffer
- if (mTarget->length() < mLength)
- CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
- mTarget->length(mLength); // no allocation; shorten buffer
- } else { // allocate buffer
- *mTarget = CssmData(allocator.malloc(mLength), mLength);
- }
- memcpy(mTarget->data(), mData, mLength);
- }
-}
-
-
-//
-// Copy an AccessCredentials for shipment.
-// In addition, scan the samples for "special" database locking samples
-// and translate certain items for safe shipment. Note that this overwrites
-// part of the CssmList value (CSPHandle -> SS/KeyHandle), but we do it on
-// the COPY, so that's okay.
-//
-DatabaseAccessCredentials::DatabaseAccessCredentials(const AccessCredentials *creds, Allocator &alloc)
- : Copier<AccessCredentials>(creds, alloc)
-{
- if (creds) {
- for (uint32 n = 0; n < value()->samples().length(); n++) {
- TypedList sample = value()->samples()[n];
- sample.checkProper();
- switch (sample.type()) {
- case CSSM_SAMPLE_TYPE_KEYCHAIN_LOCK:
- sample.snip(); // skip sample type (snip() advances to next)
- sample.checkProper();
- if (sample.type() == CSSM_SAMPLE_TYPE_SYMMETRIC_KEY ||
- sample.type() == CSSM_SAMPLE_TYPE_ASYMMETRIC_KEY) {
- secdebug("SSclient", "key sample encountered");
- // proper form is sample[1] = DATA:CSPHandle, sample[2] = DATA:CSSM_KEY,
- // sample[3] = auxiliary data (not changed)
- if (sample.length() != 4
- || sample[1].type() != CSSM_LIST_ELEMENT_DATUM
- || sample[2].type() != CSSM_LIST_ELEMENT_DATUM
- || sample[3].type() != CSSM_LIST_ELEMENT_DATUM)
- CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
- mapKeySample(
- sample[1].data(),
- *sample[2].data().interpretedAs<CssmKey>(CSSM_ERRCODE_INVALID_SAMPLE_VALUE));
- }
- break;
- case CSSM_SAMPLE_TYPE_KEYCHAIN_CHANGE_LOCK:
- sample.snip(); // skip sample type
- sample.checkProper();
- if (sample.type() == CSSM_SAMPLE_TYPE_SYMMETRIC_KEY ||
- sample.type() == CSSM_SAMPLE_TYPE_ASYMMETRIC_KEY) {
- secdebug("SSclient", "key sample encountered");
- // proper form is sample[1] = DATA:CSPHandle, sample[2] = DATA:CSSM_KEY
- if (sample.length() != 3
- || sample[1].type() != CSSM_LIST_ELEMENT_DATUM
- || sample[2].type() != CSSM_LIST_ELEMENT_DATUM)
- CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
- mapKeySample(
- sample[1].data(),
- *sample[2].data().interpretedAs<CssmKey>(CSSM_ERRCODE_INVALID_SAMPLE_VALUE));
- }
- break;
- default:
- break;
- }
- }
- }
-}
-
-void DatabaseAccessCredentials::mapKeySample(CssmData &cspHandleData, CssmKey &key)
-{
- // We use a CSP passthrough to get the securityd key handle for a (reference) key.
- // We try the passthrough on everyone, since there's multiple CSP/DL modules
- // that play games with securityd, and we want to give everyone a chance to play.
-
- // @@@ can't use CssmClient (it makes its own attachments)
- CSSM_CC_HANDLE ctx;
- CSSM_CSP_HANDLE &cspHandle = *cspHandleData.interpretedAs<CSSM_CSP_HANDLE>(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
- CssmError::check(CSSM_CSP_CreatePassThroughContext(cspHandle, &key, &ctx));
- KeyHandle ssKey;
- CSSM_RETURN passthroughError =
- CSSM_CSP_PassThrough(ctx, CSSM_APPLESCPDL_CSP_GET_KEYHANDLE, NULL, (void **)&ssKey);
- CSSM_DeleteContext(ctx); // ignore error
- switch (passthroughError) {
- case CSSM_OK: // got the passthrough; rewrite the sample
- assert(sizeof(CSSM_CSP_HANDLE) >= sizeof(KeyHandle)); // future insurance
- cspHandle = ssKey;
- cspHandleData.length(sizeof(KeyHandle));
- secdebug("SSclient", "key sample mapped to key 0x%x", ssKey);
- return;
- case CSSMERR_CSP_INVALID_PASSTHROUGH_ID:
- return; // CSP didn't understand the callback; leave the sample alone
- default:
- CssmError::throwMe(passthroughError); // error
- }
-}
-
-
-//
-// Inbound/outbound transit for the elaborate data-access attribute vectors
-//
-DataRetrieval::DataRetrieval(CssmDbRecordAttributeData *&attributes, Allocator &alloc)
- : Copier<CssmDbRecordAttributeData>(attributes),
- mAllocator(alloc), mAttributes(attributes), mAddr(NULL), mBase(NULL), mLength(0)
-{
-}
-
-DataRetrieval::~DataRetrieval()
-{
- if (mAddr) {
- relocate(mAddr, mBase);
- assert(mAttributes->size() == mAddr->size());
-
- // global (per-record) fields
- mAttributes->recordType(mAddr->recordType());
- mAttributes->semanticInformation(mAddr->semanticInformation());
-
- // transfer data values (but not infos, which we keep in the original vector)
- for (uint32 n = 0; n < mAttributes->size(); n++)
- mAttributes->at(n).copyValues(mAddr->at(n), mAllocator);
- }
-}
-
-
-} // namespace SecurityServer
-} // end namespace Security
projects / apple / security.git / blobdiff