]> git.saurik.com Git - apple/security.git/blobdiff - OSX/libsecurity_keychain/lib/SecIdentity.cpp
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-58286.20.16.tar.gz
[apple/security.git] / OSX / libsecurity_keychain / lib / SecIdentity.cpp
diff --git a/OSX/libsecurity_keychain/lib/SecIdentity.cpp b/OSX/libsecurity_keychain/lib/SecIdentity.cpp
index c870ec7340312117359ba7d64ba78f611f818f93..1cb7b5955bbf336959bcf328c742efde461d64b1 100644 (file)
--- a/OSX/libsecurity_keychain/lib/SecIdentity.cpp
+++ b/OSX/libsecurity_keychain/lib/SecIdentity.cpp
@@ -38,6 +38,7 @@
 #include <utilities/SecCFRelease.h>
 #include <sys/param.h>
 #include <syslog.h>
 #include <utilities/SecCFRelease.h>
 #include <sys/param.h>
 #include <syslog.h>
+#include <os/activity.h>
 
 /* private function declarations */
 OSStatus
 
 /* private function declarations */
 OSStatus
@@ -108,6 +109,9 @@ CFTypeID
 SecIdentityGetTypeID(void)
 {
        BEGIN_SECAPI
 SecIdentityGetTypeID(void)
 {
        BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecIdentityGetTypeID", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 
        return gTypes().Identity.typeID;
 
 
        return gTypes().Identity.typeID;
 
@@ -121,6 +125,9 @@ SecIdentityCopyCertificate(
             SecCertificateRef *certificateRef)
 {
        BEGIN_SECAPI
             SecCertificateRef *certificateRef)
 {
        BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecIdentityCopyCertificate", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 
        if (!identityRef || !certificateRef) {
                return errSecParam;
 
        if (!identityRef || !certificateRef) {
                return errSecParam;
@@ -179,6 +186,9 @@ SecIdentityCopyPrivateKey(
             SecKeyRef *privateKeyRef)
 {
     BEGIN_SECAPI
             SecKeyRef *privateKeyRef)
 {
     BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecIdentityCopyPrivateKey", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 
        Required(privateKeyRef) = (SecKeyRef)CFRetain(Identity::required(identityRef)->privateKeyRef());
 
 
        Required(privateKeyRef) = (SecKeyRef)CFRetain(Identity::required(identityRef)->privateKeyRef());
 
@@ -461,14 +471,19 @@ OSStatus SecIdentityCopyPreference(
     // (Note that behavior is unchanged if the specified name is not a URL.)
 
     BEGIN_SECAPI
     // (Note that behavior is unchanged if the specified name is not a URL.)
 
     BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecIdentityCopyPreference", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 
     CFTypeRef val = (CFTypeRef)CFPreferencesCopyValue(CFSTR("LogIdentityPreferenceLookup"),
                     CFSTR("com.apple.security"),
                     kCFPreferencesCurrentUser,
                     kCFPreferencesAnyHost);
     Boolean logging = false;
 
     CFTypeRef val = (CFTypeRef)CFPreferencesCopyValue(CFSTR("LogIdentityPreferenceLookup"),
                     CFSTR("com.apple.security"),
                     kCFPreferencesCurrentUser,
                     kCFPreferencesAnyHost);
     Boolean logging = false;
-    if (val && CFGetTypeID(val) == CFBooleanGetTypeID()) {
-        logging = CFBooleanGetValue((CFBooleanRef)val);
+    if (val) {
+        if (CFGetTypeID(val) == CFBooleanGetTypeID()) {
+            logging = CFBooleanGetValue((CFBooleanRef)val);
+        }
     }
      CFReleaseNull(val);
 
     }
      CFReleaseNull(val);
 
@@ -556,8 +571,15 @@ OSStatus SecIdentitySetPreference(
        }
 
     BEGIN_SECAPI
        }
 
     BEGIN_SECAPI
-
-       SecPointer<Certificate> certificate(Identity::required(identity)->certificate());
+    os_activity_t activity = os_activity_create("SecIdentitySetPreference", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
+
+    CFRef<SecCertificateRef>  certRef;
+    OSStatus status = SecIdentityCopyCertificate(identity, certRef.take());
+    if(status != errSecSuccess) {
+        MacOSError::throwMe(status);
+    }
 
        // determine the account attribute
        //
 
        // determine the account attribute
        //
@@ -569,7 +591,7 @@ OSStatus SecIdentitySetPreference(
        // If the key usage is 0 (i.e. the normal case), we omit the appended key usage string.
        //
     CFStringRef labelStr = nil;
        // If the key usage is 0 (i.e. the normal case), we omit the appended key usage string.
        //
     CFStringRef labelStr = nil;
-       certificate->inferLabel(false, &labelStr);
+    SecCertificateInferLabel(certRef.get(), &labelStr);
        if (!labelStr) {
         MacOSError::throwMe(errSecDataTooLarge); // data is "in a format which cannot be displayed"
        }
        if (!labelStr) {
         MacOSError::throwMe(errSecDataTooLarge); // data is "in a format which cannot be displayed"
        }
@@ -617,7 +639,7 @@ OSStatus SecIdentitySetPreference(
 
        // generic attribute (store persistent certificate reference)
        CFDataRef pItemRef = nil;
 
        // generic attribute (store persistent certificate reference)
        CFDataRef pItemRef = nil;
-    certificate->copyPersistentReference(pItemRef);
+    SecKeychainItemCreatePersistentReference((SecKeychainItemRef)certRef.get(), &pItemRef);
        if (!pItemRef) {
                MacOSError::throwMe(errSecInvalidItemRef);
     }
        if (!pItemRef) {
                MacOSError::throwMe(errSecInvalidItemRef);
     }
@@ -665,6 +687,9 @@ SecIdentityFindPreferenceItem(
        SecKeychainItemRef *itemRef)
 {
     BEGIN_SECAPI
        SecKeychainItemRef *itemRef)
 {
     BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecIdentityFindPreferenceItem", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 
        StorageManager::KeychainList keychains;
        globals().storageManager.optionalSearchList(keychainOrArray, keychains);
 
        StorageManager::KeychainList keychains;
        globals().storageManager.optionalSearchList(keychainOrArray, keychains);
@@ -703,6 +728,9 @@ SecIdentityFindPreferenceItemWithNameAndKeyUsage(
        SecKeychainItemRef *itemRef)
 {
     BEGIN_SECAPI
        SecKeychainItemRef *itemRef)
 {
     BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecIdentityFindPreferenceItemWithNameAndKeyUsage", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 
        StorageManager::KeychainList keychains;
        globals().storageManager.optionalSearchList(keychainOrArray, keychains);
 
        StorageManager::KeychainList keychains;
        globals().storageManager.optionalSearchList(keychainOrArray, keychains);
@@ -870,6 +898,9 @@ OSStatus SecIdentityAddPreferenceItem(
     // (Note that behavior is unchanged if the specified idString is not a URL.)
 
     BEGIN_SECAPI
     // (Note that behavior is unchanged if the specified idString is not a URL.)
 
     BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecIdentityAddPreferenceItem", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 
     OSStatus status = errSecInternalComponent;
     CFArrayRef names = _SecIdentityCopyPossiblePaths(idString);
 
     OSStatus status = errSecInternalComponent;
     CFArrayRef names = _SecIdentityCopyPossiblePaths(idString);
@@ -926,6 +957,9 @@ OSStatus SecIdentityUpdatePreferenceItem(
                        SecIdentityRef identityRef)
 {
     BEGIN_SECAPI
                        SecIdentityRef identityRef)
 {
     BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecIdentityUpdatePreferenceItem", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 
        if (!itemRef || !identityRef)
                MacOSError::throwMe(errSecParam);
 
        if (!itemRef || !identityRef)
                MacOSError::throwMe(errSecParam);
@@ -994,6 +1028,9 @@ OSStatus SecIdentityCopyFromPreferenceItem(
                        SecIdentityRef *identityRef)
 {
     BEGIN_SECAPI
                        SecIdentityRef *identityRef)
 {
     BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecIdentityCopyFromPreferenceItem", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 
        if (!itemRef || !identityRef)
                MacOSError::throwMe(errSecParam);
 
        if (!itemRef || !identityRef)
                MacOSError::throwMe(errSecParam);
@@ -1055,6 +1092,9 @@ OSStatus SecIdentityCopySystemIdentity(
    CFStringRef *actualDomain) /* optional */
 {
     BEGIN_SECAPI
    CFStringRef *actualDomain) /* optional */
 {
     BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecIdentityCopySystemIdentity", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 
        StLock<Mutex> _(systemIdentityLock());
        auto_ptr<Dictionary> identDict;
 
        StLock<Mutex> _(systemIdentityLock());
        auto_ptr<Dictionary> identDict;
@@ -1123,6 +1163,9 @@ OSStatus SecIdentitySetSystemIdentity(
    SecIdentityRef idRef)
 {
     BEGIN_SECAPI
    SecIdentityRef idRef)
 {
     BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecIdentitySetSystemIdentity", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 
        StLock<Mutex> _(systemIdentityLock());
        if(geteuid() != 0) {
 
        StLock<Mutex> _(systemIdentityLock());
        if(geteuid() != 0) {
mirror of Security