+/* Copyright (c) 2002-2006 Apple Computer, Inc.
+ *
+ * dbTool.cpp - DL/DB tool.
+ */
+#include <stdlib.h>
+#include <stdio.h>
+#include <time.h>
+#include <strings.h>
+#include <ctype.h>
+#include <Security/cssm.h>
+#include <Security/cssmapple.h>
+#include <Security/cssmapplePriv.h>
+#include "cspwrap.h"
+#include "common.h"
+#include "dbAttrs.h"
+#include "dbCert.h"
+#include "cspdlTesting.h"
+
+
+static void usage(char **argv)
+{
+ printf("usage: %s dbFileName command [options]\n", argv[0]);
+ printf("Commands:\n");
+ printf(" r Dump Schema Relations\n");
+ printf(" k Dump all keys\n");
+ printf(" c Dump certs\n");
+ printf(" a Dump all records\n");
+ printf(" d Delete records (interactively)\n");
+ printf(" D Delete records (noninteractively, requires really arg)\n");
+ printf(" i Import bad cert and its (good) private key\n");
+ printf("Options:\n");
+ printf(" v verbose\n");
+ printf(" q quiet\n");
+ printf(" R really! (for D command)\n");
+ printf(" d dump data\n");
+ printf(" c=certFile\n");
+ printf(" k=keyFile\n");
+ exit(1);
+}
+
+
+static unsigned indentVal = 0;
+static void indentIncr()
+{
+ indentVal += 3;
+}
+
+static void indentDecr()
+{
+ if(indentVal) {
+ indentVal -= 3;
+ }
+}
+
+static void doIndent()
+{
+ unsigned i;
+ for(i=0; i<indentVal; i++) {
+ printf(" ");
+ }
+}
+
+#define NORM_KEY_LEN 20
+
+/* print an attribute name, padding out to NORM_KEY_LEN columns */
+static void printName(
+ const CSSM_DB_ATTRIBUTE_INFO *attrInfo)
+{
+ switch(attrInfo->AttributeNameFormat) {
+ case CSSM_DB_ATTRIBUTE_NAME_AS_STRING:
+ {
+ char *attrName = attrInfo->Label.AttributeName;
+ printf("%s", attrName);
+ int len = strlen(attrName);
+ if(len > NORM_KEY_LEN) {
+ return;
+ }
+ int numSpaces = NORM_KEY_LEN - len;
+ for(int i=0; i<numSpaces; i++) {
+ putchar(' ');
+ }
+ break;
+ }
+ case CSSM_DB_ATTRIBUTE_NAME_AS_INTEGER:
+ {
+ /* OSType, endian dependent... */
+ char *cp = (char *)&(attrInfo->Label.AttributeID);
+ for(unsigned i=0; i<4; i++) {
+ putchar(*cp++);
+ }
+ printf(" ");
+ break;
+ }
+ default:
+ printf("Unknown attribute name format (%u)\n",
+ (unsigned)attrInfo->AttributeNameFormat);
+ break;
+ }
+}
+
+/*
+ * Attempt to print a numeric value as a string, per a NameValuePair table.
+ * If the value is in fact a collection of legal values (per the nameValues
+ * array), the value will just be printed in hex.
+ */
+static void printValueAsString(
+ unsigned val,
+ const NameValuePair *nameValues)
+{
+ if(nameValues != NULL) {
+ while(nameValues->name != NULL) {
+ if(nameValues->value == val) {
+ printf("%s", nameValues->name);
+ return;
+ }
+ nameValues++;
+ }
+ }
+ /* Oh well */
+ printf("0x%x", val);
+}
+
+static void safePrint(
+ uint8 *cp,
+ uint32 len)
+{
+ for(unsigned i=0; i<len; i++) {
+ printf("%c", *cp++);
+ }
+}
+
+/* See if a blob is printable. Used for BLOB and UINT32 types, the latter of
+ * which is sometimes used for OSType representation of attr name. */
+bool isPrintable(
+ const CSSM_DATA *dp)
+{
+ bool printable = true;
+ uint8 *cp = dp->Data;
+ for(unsigned i=0; i<dp->Length; i++) {
+ if(*cp == 0) {
+ if(i != (dp->Length - 1)) {
+ /* data contains NULL character before end */
+ printable = false;
+ }
+ /* else end of string */
+ break;
+ }
+ if(!isprint(*cp)) {
+ printable = false;
+ break;
+ }
+ cp++;
+ }
+ return printable;
+}
+
+#define MAX_BLOB_TO_PRINT 12
+static void printBlob(
+ const CSSM_DATA *data)
+{
+ unsigned toPrint = data->Length;
+ if(toPrint > MAX_BLOB_TO_PRINT) {
+ toPrint = MAX_BLOB_TO_PRINT;
+ }
+ for(unsigned i=0; i<toPrint; i++) {
+ unsigned dat = data->Data[i];
+ printf("%02X ", dat);
+ }
+ if(toPrint < data->Length) {
+ printf("...");
+ }
+}
+
+static void printAttrData(
+ const CSSM_DB_ATTRIBUTE_INFO *attrInfo,
+ const CSSM_DATA *attrData,
+ const NameValuePair *nameValues) // optional
+{
+ void *data = attrData->Data;
+
+ switch(attrInfo->AttributeFormat) {
+
+ case CSSM_DB_ATTRIBUTE_FORMAT_STRING:
+ putchar('\'');
+ safePrint(attrData->Data, attrData->Length);
+ putchar('\'');
+ break;
+ case CSSM_DB_ATTRIBUTE_FORMAT_SINT32:
+ case CSSM_DB_ATTRIBUTE_FORMAT_UINT32:
+ {
+ unsigned val = *(unsigned *)data;
+ printValueAsString(val, nameValues);
+ break;
+ }
+ case CSSM_DB_ATTRIBUTE_FORMAT_BLOB:
+ {
+ printf("BLOB length %u : ", (unsigned)attrData->Length);
+ /* see if it happens to be a printable string */
+ if(isPrintable(attrData)) {
+ putchar('\'');
+ safePrint(attrData->Data, attrData->Length);
+ putchar('\'');
+ }
+ else {
+ printBlob(attrData);
+ }
+ break;
+ }
+ case CSSM_DB_ATTRIBUTE_FORMAT_MULTI_UINT32:
+ {
+ printf("multi_int[");
+ uint32 numInts = attrData->Length / sizeof(uint32);
+ uint32 *uip = (uint32 *)data;
+ for(unsigned i=0; i<numInts; i++) {
+ if(i > 0) {
+ printf(", ");
+ }
+ printValueAsString(*uip++, nameValues);
+ }
+ printf("]");
+ break;
+ }
+ case CSSM_DB_ATTRIBUTE_FORMAT_TIME_DATE:
+ putchar('\'');
+ safePrint(attrData->Data, attrData->Length);
+ putchar('\'');
+ break;
+
+ default:
+ printf("***UNKNOWN FORMAT (%u), Length %u",
+ (unsigned)attrInfo->AttributeFormat, (unsigned)attrData->Length);
+ break;
+ }
+}
+
+/* free attribute(s) allocated by DL */
+static void freeAttrs(
+ CSSM_DB_RECORD_ATTRIBUTE_DATA *recordAttrs)
+{
+ unsigned i;
+
+ for(i=0; i<recordAttrs->NumberOfAttributes; i++) {
+ CSSM_DB_ATTRIBUTE_DATA_PTR attrData = &recordAttrs->AttributeData[i];
+ if(attrData == NULL) {
+ /* fault of caller, who allocated the CSSM_DB_ATTRIBUTE_DATA */
+ printf("***freeAttrs screwup: NULL attrData\n");
+ return;
+ }
+ unsigned j;
+ for(j=0; j<attrData->NumberOfValues; j++) {
+ CSSM_DATA_PTR data = &attrData->Value[j];
+ if(data == NULL) {
+ /* fault of MDS, who said there was a value here */
+ printf("***freeAttrs screwup: NULL data\n");
+ return;
+ }
+ CSSM_FREE(data->Data);
+ data->Data = NULL;
+ data->Length = 0;
+ }
+ CSSM_FREE(attrData->Value);
+ attrData->Value = NULL;
+ }
+}
+
+static void dumpDataBlob(
+ const CSSM_DATA *datap)
+{
+ doIndent();
+ printf("Record data length %lu ", datap->Length);
+ if(datap->Length != 0) {
+ printf(" : ");
+ printBlob(datap);
+ }
+ printf("\n");
+}
+
+static void dumpRecordAttrs(
+ const CSSM_DB_RECORD_ATTRIBUTE_DATA *recordAttrs,
+ const NameValuePair **nameValues, // parallel to recordAttrs
+ const CSSM_DATA *recordData = NULL) // optional data
+{
+ unsigned valNum;
+ unsigned dex;
+
+ for(dex=0; dex<recordAttrs->NumberOfAttributes; dex++) {
+ const CSSM_DB_ATTRIBUTE_DATA *attrData = &recordAttrs->AttributeData[dex];
+ doIndent();
+ printName(&attrData->Info);
+ printf(": ");
+ if(attrData->NumberOfValues == 0) {
+ printf("<<not present>>\n");
+ continue;
+ }
+ for(valNum=0; valNum<attrData->NumberOfValues; valNum++) {
+ printAttrData(&attrData->Info, &attrData->Value[valNum], nameValues[dex]);
+ if(valNum < (attrData->NumberOfValues - 1)) {
+ printf(", ");
+ }
+ }
+ printf("\n");
+ }
+ if(recordData) {
+ dumpDataBlob(recordData);
+ }
+}
+
+static void dumpRelation(
+ CSSM_DL_DB_HANDLE dlDbHand,
+ const RelationInfo *relInfo,
+ CSSM_BOOL dumpData)
+{
+ CSSM_QUERY query;
+ CSSM_DB_UNIQUE_RECORD_PTR record = NULL;
+ CSSM_RETURN crtn;
+ CSSM_HANDLE resultHand;
+ CSSM_DB_ATTRIBUTE_DATA *attrs;
+ CSSM_DB_RECORD_ATTRIBUTE_DATA recordAttrs;
+ unsigned attrDex;
+ unsigned recNum = 0;
+ uint32 numAttrs = relInfo->NumberOfAttributes;
+ CSSM_DATA data = {0, NULL};
+ CSSM_DATA_PTR datap = NULL;
+
+ if(dumpData) {
+ datap = &data;
+ }
+
+ /* build an attr array from known schema */
+ attrs = (CSSM_DB_ATTRIBUTE_DATA *)CSSM_MALLOC(
+ sizeof(CSSM_DB_ATTRIBUTE_DATA) * numAttrs);
+ memset(attrs, 0, sizeof(CSSM_DB_ATTRIBUTE_DATA) * numAttrs);
+ for(attrDex=0; attrDex<numAttrs; attrDex++) {
+ attrs[attrDex].Info = relInfo->AttributeInfo[attrDex];
+ }
+ recordAttrs.DataRecordType = relInfo->DataRecordType;
+ recordAttrs.NumberOfAttributes = numAttrs;
+ recordAttrs.AttributeData = attrs;
+
+ /* just search by recordType, no predicates */
+ query.RecordType = relInfo->DataRecordType;
+ query.Conjunctive = CSSM_DB_NONE;
+ query.NumSelectionPredicates = 0;
+ query.SelectionPredicate = NULL;
+ query.QueryLimits.TimeLimit = 0; // FIXME - meaningful?
+ query.QueryLimits.SizeLimit = 1; // FIXME - meaningful?
+ query.QueryFlags = 0; // CSSM_QUERY_RETURN_DATA...FIXME - used?
+
+ crtn = CSSM_DL_DataGetFirst(dlDbHand,
+ &query,
+ &resultHand,
+ &recordAttrs,
+ datap,
+ &record);
+ switch(crtn) {
+ case CSSM_OK:
+ break; // proceed
+ case CSSMERR_DL_ENDOFDATA:
+ printf("%s: no record found\n", relInfo->relationName);
+ CSSM_FREE(attrs);
+ return;
+ default:
+ printError("DataGetFirst", crtn);
+ CSSM_FREE(attrs);
+ return;
+ }
+ printf("%s:\n", relInfo->relationName);
+ printf(" record %d; numAttrs %d:\n",
+ recNum++, (int)recordAttrs.NumberOfAttributes);
+ indentIncr();
+
+ dumpRecordAttrs(&recordAttrs, relInfo->nameValues, datap);
+ CSSM_DL_FreeUniqueRecord(dlDbHand, record);
+ freeAttrs(&recordAttrs);
+ if(datap) {
+ CSSM_FREE(datap->Data);
+ }
+
+ /* now the rest of them */
+ /* hopefully we don't have to re-init the recordAttr array */
+ for(;;) {
+ crtn = CSSM_DL_DataGetNext(dlDbHand,
+ resultHand,
+ &recordAttrs,
+ datap,
+ &record);
+ switch(crtn) {
+ case CSSM_OK:
+ printf(" record %d; numAttrs %d:\n",
+ recNum++, (int)recordAttrs.NumberOfAttributes);
+ dumpRecordAttrs(&recordAttrs, relInfo->nameValues, datap);
+ CSSM_DL_FreeUniqueRecord(dlDbHand, record);
+ freeAttrs(&recordAttrs);
+ if(datap) {
+ CSSM_FREE(datap->Data);
+ }
+ break; // and go again
+ case CSSMERR_DL_ENDOFDATA:
+ /* normal termination */
+ break;
+ default:
+ printError("DataGetNext", crtn);
+ break;
+ }
+ if(crtn != CSSM_OK) {
+ break;
+ }
+ }
+ indentDecr();
+ CSSM_FREE(attrs);
+}
+
+/*
+ * Given a record type and a CSSM_DB_UNIQUE_RECORD, fetch and parse all the
+ * attributes we can.
+ */
+static void fetchParseRecord(
+ CSSM_DL_DB_HANDLE dlDbHand,
+ CSSM_DB_RECORD_ATTRIBUTE_DATA *inRecordAttrs,
+ CSSM_DB_UNIQUE_RECORD_PTR record,
+ const CSSM_DATA_PTR datap,
+ CSSM_BOOL dumpData)
+{
+ const RelationInfo *relInfo = NULL;
+
+ /* infer RelationInfo from recordType */
+ switch(inRecordAttrs->DataRecordType) {
+ case CSSM_DL_DB_RECORD_PUBLIC_KEY:
+ case CSSM_DL_DB_RECORD_PRIVATE_KEY:
+ case CSSM_DL_DB_RECORD_SYMMETRIC_KEY:
+ relInfo = &allKeysRelation;
+ break;
+ case CSSM_DL_DB_RECORD_GENERIC_PASSWORD:
+ case CSSM_DL_DB_RECORD_INTERNET_PASSWORD:
+ case CSSM_DL_DB_RECORD_APPLESHARE_PASSWORD:
+ relInfo = &genericKcRelation;
+ break;
+ case CSSM_DL_DB_RECORD_CERT:
+ relInfo = &certRecordRelation;
+ break;
+ case CSSM_DL_DB_RECORD_X509_CERTIFICATE:
+ relInfo = &x509CertRecordRelation;
+ break;
+ case CSSM_DL_DB_RECORD_X509_CRL:
+ relInfo = &x509CrlRecordRelation;
+ break;
+ case CSSM_DL_DB_RECORD_USER_TRUST:
+ relInfo = &userTrustRelation;
+ break;
+ case CSSM_DL_DB_RECORD_UNLOCK_REFERRAL:
+ relInfo = &referralRecordRelation;
+ break;
+ case CSSM_DL_DB_RECORD_EXTENDED_ATTRIBUTE:
+ relInfo = &extendedAttrRelation;
+ break;
+ case DBBlobRelationID:
+ relInfo = NULL;
+ doIndent();
+ printf("--- No attributes ---\n");
+ if(dumpData) {
+ dumpDataBlob(datap);
+ }
+ return;
+ default:
+ doIndent();
+ printf("<<unparsed>>\n");
+ if(dumpData) {
+ doIndent();
+ printf("Record blob (length %ld): ", datap->Length);
+ printBlob(datap);
+ printf("\n");
+ }
+ return;
+ }
+
+ CSSM_DB_ATTRIBUTE_DATA *attrs = NULL;
+ CSSM_DB_RECORD_ATTRIBUTE_DATA recordAttrs;
+ unsigned attrDex;
+ uint32 numAttrs = relInfo->NumberOfAttributes;
+ CSSM_RETURN crtn;
+ CSSM_DATA recordData = {0, NULL};
+ CSSM_DATA_PTR recordDataP = dumpData ? &recordData : NULL;
+
+ /* build an attr array from known schema */
+ attrs = (CSSM_DB_ATTRIBUTE_DATA *)CSSM_MALLOC(
+ sizeof(CSSM_DB_ATTRIBUTE_DATA) * numAttrs);
+ memset(attrs, 0, sizeof(CSSM_DB_ATTRIBUTE_DATA) * numAttrs);
+ for(attrDex=0; attrDex<numAttrs; attrDex++) {
+ attrs[attrDex].Info = relInfo->AttributeInfo[attrDex];
+ }
+
+ /* from inRecordAttrs, not the relInfo, which could be a typeless template */
+ recordAttrs.DataRecordType = relInfo->DataRecordType;
+ recordAttrs.NumberOfAttributes = numAttrs;
+ recordAttrs.AttributeData = attrs;
+
+ crtn = CSSM_DL_DataGetFromUniqueRecordId(dlDbHand,
+ record,
+ &recordAttrs,
+ recordDataP);
+ if(crtn) {
+ printError("CSSM_DL_DataGetFromUniqueRecordId", crtn);
+ goto abort;
+ }
+ dumpRecordAttrs(&recordAttrs, relInfo->nameValues, recordDataP);
+ freeAttrs(&recordAttrs);
+ if(recordData.Data) {
+ CSSM_FREE(recordData.Data);
+ }
+abort:
+ if(attrs) {
+ CSSM_FREE(attrs);
+ }
+ return;
+}
+
+static void deleteRecord(
+ CSSM_DL_DB_HANDLE dlDbHand,
+ CSSM_DB_UNIQUE_RECORD_PTR record,
+ CSSM_BOOL interact)
+{
+ if(interact) {
+ fpurge(stdin);
+ printf("\nDelete this record [y/anything] ? ");
+ char resp = getchar();
+ if(resp != 'y') {
+ return;
+ }
+ }
+ CSSM_RETURN crtn;
+ crtn = CSSM_DL_DataDelete(dlDbHand, record);
+ if(crtn) {
+ printError("CSSM_DL_DataDelete", crtn);
+ }
+ else if(interact) {
+ printf("...record deleted\n\n");
+ }
+}
+
+/*
+ * In this case we search for CSSM_DL_DB_RECORD_ANY. The current schema results
+ * in no single attribute which all interesting records have in common, so we
+ * can't grab any attributes at GetFirst/GetNext time. Instead we have
+ * to deal with the returned record per its record type.
+ */
+static void dumpAllRecords(
+ CSSM_DL_DB_HANDLE dlDbHand,
+ CSSM_BOOL deleteAll,
+ CSSM_BOOL interact,
+ CSSM_BOOL dumpData)
+{
+ CSSM_QUERY query;
+ CSSM_DB_UNIQUE_RECORD_PTR record = NULL;
+ CSSM_RETURN crtn;
+ CSSM_HANDLE resultHand;
+ CSSM_DB_RECORD_ATTRIBUTE_DATA recordAttrs;
+ CSSM_DATA data = {0, NULL};
+ CSSM_DATA_PTR datap = NULL;
+
+ if(dumpData) {
+ datap = &data;
+ }
+
+ recordAttrs.DataRecordType = CSSM_DL_DB_RECORD_ANY;
+ recordAttrs.NumberOfAttributes = 0;
+ recordAttrs.AttributeData = NULL;
+
+ /* just search by recordType, no predicates */
+ query.RecordType = CSSM_DL_DB_RECORD_ANY;
+ query.Conjunctive = CSSM_DB_NONE;
+ query.NumSelectionPredicates = 0;
+ query.SelectionPredicate = NULL;
+ query.QueryLimits.TimeLimit = 0; // FIXME - meaningful?
+ query.QueryLimits.SizeLimit = 1; // FIXME - meaningful?
+ query.QueryFlags = 0; // CSSM_QUERY_RETURN_DATA...FIXME - used?
+
+ crtn = CSSM_DL_DataGetFirst(dlDbHand,
+ &query,
+ &resultHand,
+ &recordAttrs,
+ datap,
+ &record);
+ switch(crtn) {
+ case CSSM_OK:
+ break; // proceed
+ case CSSMERR_DL_ENDOFDATA:
+ printf("CSSM_DL_DB_RECORD_ANY: no record found\n");
+ return;
+ default:
+ printError("DataGetFirst", crtn);
+ return;
+ }
+
+ /* could be anything; check it out */
+ if(interact) {
+ doIndent();
+ printValueAsString(recordAttrs.DataRecordType, recordTypeNames);
+ printf("\n");
+ indentIncr();
+ fetchParseRecord(dlDbHand, &recordAttrs, record, datap, dumpData);
+ indentDecr();
+ }
+ if(deleteAll && (recordAttrs.DataRecordType != DBBlobRelationID)) {
+ /* NEVER delete a DBBlob */
+ deleteRecord(dlDbHand, record, interact);
+ }
+ CSSM_DL_FreeUniqueRecord(dlDbHand, record);
+
+ /* now the rest of them */
+ /* hopefully we don't have to re-init the recordAttr array */
+ for(;;) {
+ crtn = CSSM_DL_DataGetNext(dlDbHand,
+ resultHand,
+ &recordAttrs,
+ datap,
+ &record);
+ switch(crtn) {
+ case CSSM_OK:
+ if(interact) {
+ doIndent();
+ printValueAsString(recordAttrs.DataRecordType, recordTypeNames);
+ printf("\n");
+ indentIncr();
+ fetchParseRecord(dlDbHand, &recordAttrs, record, datap, dumpData);
+ indentDecr();
+ }
+ if(deleteAll && (recordAttrs.DataRecordType != DBBlobRelationID)) {
+ /* NEVER delete a DBBlob */
+ deleteRecord(dlDbHand, record, interact);
+ }
+ CSSM_DL_FreeUniqueRecord(dlDbHand, record);
+ break; // and go again
+ case CSSMERR_DL_ENDOFDATA:
+ /* normal termination */
+ break;
+ default:
+ printError("DataGetNext", crtn);
+ break;
+ }
+ if(crtn != CSSM_OK) {
+ break;
+ }
+ }
+}
+
+int main(
+ int argc,
+ char **argv)
+{
+ int arg;
+ char *argp;
+ char *dbFileName;
+ char cmd;
+ CSSM_DL_DB_HANDLE dlDbHand;
+ CSSM_BOOL verbose = CSSM_FALSE;
+ CSSM_BOOL quiet = CSSM_FALSE;
+ char *certFile = NULL;
+ char *keyFile = NULL;
+ CSSM_BOOL interact = CSSM_TRUE;
+ CSSM_BOOL dumpData = CSSM_FALSE;
+
+ /* should be cmd line opts */
+ CSSM_ALGORITHMS keyAlg = CSSM_ALGID_RSA;
+ CSSM_BOOL pemFormat = CSSM_FALSE;
+ CSSM_KEYBLOB_FORMAT keyFormat = CSSM_KEYBLOB_RAW_FORMAT_NONE;
+ CSSM_RETURN crtn = CSSM_OK;
+
+ if(argc < 3) {
+ usage(argv);
+ }
+ dbFileName = argv[1];
+ cmd = argv[2][0];
+
+ for(arg=3; arg<argc; arg++) {
+ argp = argv[arg];
+ switch(argp[0]) {
+ case 'v':
+ verbose = CSSM_TRUE;
+ break;
+ case 'q':
+ quiet = CSSM_TRUE;
+ break;
+ case 'R':
+ if(cmd == 'D') {
+ interact = CSSM_FALSE;
+ }
+ break;
+ case 'd':
+ dumpData = CSSM_TRUE;
+ break;
+ case 'c':
+ certFile = &argp[2];
+ break;
+ case 'k':
+ keyFile = &argp[2];
+ break;
+ case 'h':
+ default:
+ usage(argv);
+ }
+ }
+
+ dlDbHand.DLHandle = dlStartup();
+ if(dlDbHand.DLHandle == 0) {
+ exit(1);
+ }
+ if(cmd == 'i') {
+ crtn = importBadCert(dlDbHand.DLHandle, dbFileName, certFile,
+ keyFile, keyAlg, pemFormat, keyFormat, verbose);
+ goto done;
+ }
+ crtn = dbCreateOpen(dlDbHand.DLHandle, dbFileName,
+ CSSM_FALSE, CSSM_FALSE, NULL, &dlDbHand.DBHandle);
+ if(crtn) {
+ exit(1);
+ }
+ switch(cmd) {
+ case 'r':
+ dumpRelation(dlDbHand, &schemaInfoRelation, dumpData);
+ break;
+ case 'k':
+ dumpRelation(dlDbHand, &allKeysRelation, dumpData);
+ break;
+ case 'c':
+ dumpRelation(dlDbHand, &x509CertRecordRelation, dumpData);
+ break;
+ case 'a':
+ dumpAllRecords(dlDbHand, CSSM_FALSE, CSSM_TRUE, dumpData);
+ break;
+ case 'd':
+ case 'D':
+ dumpAllRecords(dlDbHand, CSSM_TRUE, interact, dumpData);
+ if(!interact) {
+ /* we ignored errors.... */
+ if(!quiet) {
+ printf("...DB %s wiped clean\n", dbFileName);
+ }
+ }
+ break;
+ default:
+ usage(argv);
+ }
+ CSSM_DL_DbClose(dlDbHand);
+done:
+ CSSM_ModuleDetach(dlDbHand.DLHandle);
+ return crtn;
+}
projects / apple / security.git / blobdiff