--- /dev/null
+/*
+ * Copyright (c) 2011-2012,2014 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ *
+ * createFVMaster.c
+ */
+
+#include "createFVMaster.h"
+
+#include "readline_cssm.h"
+#include "security_tool.h"
+
+#include <pwd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <fcntl.h>
+
+#include <Security/SecKeychain.h>
+#include <Security/SecCertificate.h>
+#include <Security/SecKeychain.h>
+#include <Security/oidsalg.h>
+#include <Security/oidsattr.h>
+#include <limits.h>
+#include <utilities/SecCFRelease.h>
+
+#include "srCdsaUtils.h"
+
+#include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+
+const char * const _masterKeychainName = "FileVaultMaster.keychain";
+const char * const _masterKeychainPath = "./FileVaultMaster";
+
+/*
+ * Parameters used to create key pairs and certificates in
+ * SR_CertificateAndKeyCreate().
+ */
+#define SR_KEY_ALGORITHM CSSM_ALGID_RSA
+#define SR_KEY_SIZE_IN_BITS 1024
+
+#define SR2_KEY_SIZE_IN_BITS 2048 // Recommended size for FileVault2 (FDE)
+
+/*
+ * The CSSM_ALGORITHMS and OID values defining the signature
+ * algorithm in the generated certificate.
+ */
+#define SR_CERT_SIGNATURE_ALGORITHM CSSM_ALGID_SHA256WithRSA
+#define SR_CERT_SIGNATURE_ALG_OID CSSMOID_SHA256WithRSA
+
+OSStatus makeMasterPassword(const char *fvmkcName, const char *masterPasswordPassword, uint32 keySizeInBits, SecKeychainRef *keychainRef);
+
+OSStatus createPair(CFStringRef hostName,CFStringRef userName,SecKeychainRef keychainRef, uint32 keySizeInBits, CFDataRef *cert);
+OSStatus generateKeyPair(CSSM_CSP_HANDLE cspHand, CSSM_DL_DB_HANDLE dlDbHand, CSSM_ALGORITHMS keyAlg,
+ uint32 keySizeInBits, const char *keyLabel, CSSM_KEY_PTR *pubKeyPtr, CSSM_KEY_PTR *privKeyPtr);
+OSStatus createRootCert(CSSM_TP_HANDLE tpHand, CSSM_CL_HANDLE clHand, CSSM_CSP_HANDLE cspHand,
+ CSSM_KEY_PTR subjPubKey, CSSM_KEY_PTR signerPrivKey, const char *hostName, const char *userName,
+ CSSM_ALGORITHMS sigAlg, const CSSM_OID *sigOid, CSSM_DATA_PTR certData);
+
+static char *secCopyCString(CFStringRef theString);
+
+OSStatus makeMasterPassword(const char *fvmkcName, const char *masterPasswordPassword, uint32 keySizeInBits, SecKeychainRef *keychainRef)
+{
+ /*
+ OSStatus SecFileVaultMakeMasterPassword(CFStringRef masterPasswordPassword);
+
+ *** In the real code, this will be done directly rather than exec'ing a tool, since there are too many parameters to specify
+ *** this needs to be done as root, since the keychain will be a system keychain
+ /usr/bin/certtool y c k=/Library/Keychains/FileVaultMaster.keychain p=<masterPasswordPassword>
+ /usr/bin/certtool c k=/Library/Keychains/FileVaultMaster.keychain o=/Library/Keychains/FileVaultMaster.cer
+ Two steps: create the keychain, then create the keypair
+ */
+
+ SecAccessRef initialAccess = NULL;
+
+ if (!masterPasswordPassword)
+ {
+ sec_error("You must supply a non-empty password");
+ return -2;
+ }
+
+ // We return an error if the keychain already exists
+ OSStatus status = SecKeychainCreate(fvmkcName, (UInt32) strlen(masterPasswordPassword), masterPasswordPassword, false, initialAccess, keychainRef);
+ if (status!=noErr)
+ {
+ if (status==errSecDuplicateKeychain || status==CSSMERR_DL_DATASTORE_ALREADY_EXISTS)
+ sec_error("The keychain file %s already exists", fvmkcName);
+ return status;
+ }
+
+ // Create the key pair
+ char host[PATH_MAX];
+ int rx = gethostname(host, sizeof(host));
+ if (rx)
+ strcpy(host, "localhost");
+
+ CFStringRef hostName = CFSTR("FileVault Recovery Key"); // This is what shows up in Keychain Access display
+ CFStringRef userName = CFStringCreateWithCString(kCFAllocatorDefault, host, kCFStringEncodingUTF8);
+ CFDataRef certData = NULL;
+ printf("Generating a %d bit key pair; this may take several minutes\n", keySizeInBits);
+ status = createPair(hostName,userName,*keychainRef,keySizeInBits, &certData);
+ CFReleaseNull(userName);
+ if (status)
+ sec_error("Error in createPair: %s", sec_errstr(status));
+ if (certData)
+ CFRelease(certData);
+
+ return status;
+}
+
+OSStatus createPair(CFStringRef hostName,CFStringRef userName,SecKeychainRef keychainRef, uint32 keySizeInBits, CFDataRef *cert)
+{
+ SecCertificateRef certRef = NULL;
+ CSSM_DL_DB_HANDLE dlDbHand = {0, 0};
+ CSSM_CSP_HANDLE cspHand = 0;
+ CSSM_TP_HANDLE tpHand = 0;
+ CSSM_CL_HANDLE clHand = 0;
+ CSSM_KEY_PTR pubKey = NULL;
+ CSSM_KEY_PTR privKey = NULL;
+ CSSM_DATA certData = {0, NULL};
+ char *hostStr = NULL;
+ char *userStr = NULL;
+ OSStatus ortn;
+ CSSM_OID algOid = SR_CERT_SIGNATURE_ALG_OID;
+
+ hostStr = secCopyCString(hostName);
+ userStr = secCopyCString(userName);
+ if (!hostStr || !userStr) // could not convert to UTF-8
+ {
+ ortn = paramErr;
+ goto xit;
+ }
+
+ // open keychain, connect to all the CDSA modules we'll need
+
+ ortn = SecKeychainGetCSPHandle(keychainRef, &cspHand);
+ if (ortn)
+ goto xit;
+
+ ortn = SecKeychainGetDLDBHandle(keychainRef, &dlDbHand);
+ if (ortn)
+ goto xit;
+
+ tpHand = srTpStartup();
+ if (tpHand == 0)
+ {
+ ortn = ioErr;
+ goto xit;
+ }
+
+ clHand = srClStartup();
+ if (clHand == 0)
+ {
+ ortn = ioErr;
+ goto xit;
+ }
+
+ // generate key pair, private key stored in keychain
+ ortn = generateKeyPair(cspHand, dlDbHand, SR_KEY_ALGORITHM, keySizeInBits,
+ "FileVault Master Password Key", &pubKey, &privKey);
+ if (ortn)
+ goto xit;
+
+ // generate the cert
+ ortn = createRootCert(tpHand,clHand,cspHand,pubKey,privKey,hostStr,userStr,
+ SR_CERT_SIGNATURE_ALGORITHM,&algOid,&certData);
+ if (ortn)
+ goto xit;
+
+ // store the cert in the same DL/DB as the key pair [see SecCertificateCreateFromData]
+ ortn = SecCertificateCreateFromData(&certData, CSSM_CERT_X_509v3, CSSM_CERT_ENCODING_DER, &certRef);
+ if (ortn)
+ goto xit;
+
+ ortn = SecCertificateAddToKeychain(certRef, keychainRef);
+ if (ortn)
+ goto xit;
+
+ // return the cert to caller
+ *cert = CFDataCreate(NULL, certData.Data, certData.Length);
+
+ // cleanup
+xit:
+ if (certRef)
+ CFRelease(certRef);
+ if (certData.Data)
+ free(certData.Data);
+ if (hostStr)
+ free(hostStr);
+ if (userStr)
+ free(userStr);
+ if (tpHand)
+ CSSM_ModuleDetach(tpHand);
+ if (clHand)
+ CSSM_ModuleDetach(clHand);
+ if (pubKey)
+ {
+ CSSM_FreeKey(cspHand,
+ NULL, // access cred
+ pubKey,
+ CSSM_FALSE); // delete
+ APP_FREE(pubKey);
+ }
+ if (privKey)
+ {
+ CSSM_FreeKey(cspHand,
+ NULL, // access cred
+ privKey,
+ CSSM_FALSE); // delete
+ APP_FREE(privKey);
+ }
+
+ return ortn;
+}
+
+/*
+* Given a CFStringRef, this function allocates and returns a pointer
+* to a null-terminated 'C' string copy. If conversion of the string
+* to UTF8 fails for some reason, the function will return NULL.
+*
+* The caller must free this pointer
+*/
+
+char *secCopyCString(CFStringRef theString)
+{
+ CFIndex maxLength = CFStringGetMaximumSizeForEncoding(CFStringGetLength(theString), kCFStringEncodingUTF8) + 1;
+ char* buffer = (char*) malloc(maxLength);
+ Boolean converted = CFStringGetCString(theString, buffer, maxLength, kCFStringEncodingUTF8);
+ if (!converted) {
+ free(buffer);
+ buffer = NULL;
+ }
+ return buffer;
+}
+
+
+#pragma mark -------------------- SecFileVaultCert private implementation --------------------
+
+OSStatus createRootCert(
+ CSSM_TP_HANDLE tpHand,
+ CSSM_CL_HANDLE clHand,
+ CSSM_CSP_HANDLE cspHand,
+ CSSM_KEY_PTR subjPubKey,
+ CSSM_KEY_PTR signerPrivKey,
+ const char *hostName, // CSSMOID_CommonName
+ const char *userName, // CSSMOID_Description
+ CSSM_ALGORITHMS sigAlg,
+ const CSSM_OID *sigOid,
+ CSSM_DATA_PTR certData) // mallocd and RETURNED
+{
+ CE_DataAndType exts[2];
+ CE_DataAndType *extp = exts;
+ unsigned numExts;
+ CSSM_DATA refId; // mallocd by
+ // CSSM_TP_SubmitCredRequest
+ CSSM_APPLE_TP_CERT_REQUEST certReq;
+ CSSM_TP_REQUEST_SET reqSet;
+ sint32 estTime;
+ CSSM_BOOL confirmRequired;
+ CSSM_TP_RESULT_SET_PTR resultSet=NULL;
+ CSSM_ENCODED_CERT *encCert=NULL;
+ CSSM_APPLE_TP_NAME_OID subjectNames[2];
+ CSSM_TP_CALLERAUTH_CONTEXT CallerAuthContext;
+ CSSM_FIELD policyId;
+
+ numExts = 0;
+
+ certReq.challengeString = NULL;
+
+ /* KeyUsage extension */
+ extp->type = DT_KeyUsage;
+ extp->critical = CSSM_FALSE;
+ extp->extension.keyUsage = CE_KU_DigitalSignature |
+ CE_KU_KeyCertSign |
+ CE_KU_KeyEncipherment |
+ CE_KU_DataEncipherment;
+ extp++;
+ numExts++;
+
+ /* BasicConstraints */
+ extp->type = DT_BasicConstraints;
+ extp->critical = CSSM_TRUE;
+ extp->extension.basicConstraints.cA = CSSM_FALSE;
+ extp->extension.basicConstraints.pathLenConstraintPresent = CSSM_FALSE;
+ extp++;
+ numExts++;
+
+ /* name array */
+ subjectNames[0].string = hostName;
+ subjectNames[0].oid = &CSSMOID_CommonName;
+ subjectNames[1].string = userName;
+ subjectNames[1].oid = &CSSMOID_Description;
+
+ /* certReq */
+ certReq.cspHand = cspHand;
+ certReq.clHand = clHand;
+ certReq.serialNumber = arc4random();
+ certReq.numSubjectNames = 2;
+ certReq.subjectNames = subjectNames;
+
+ certReq.numIssuerNames = 0; // root for now
+ certReq.issuerNames = NULL;
+ certReq.issuerNameX509 = NULL;
+ certReq.certPublicKey = subjPubKey;
+ certReq.issuerPrivateKey = signerPrivKey;
+ certReq.signatureAlg = sigAlg;
+ certReq.signatureOid = *sigOid;
+ certReq.notBefore = 0;
+ certReq.notAfter = 60 * 60 * 24 * 365; // seconds from now, one year
+ certReq.numExtensions = numExts;
+ certReq.extensions = exts;
+
+ reqSet.NumberOfRequests = 1;
+ reqSet.Requests = &certReq;
+
+ /* a CSSM_TP_CALLERAUTH_CONTEXT to specify an OID */
+ memset(&CallerAuthContext, 0, sizeof(CSSM_TP_CALLERAUTH_CONTEXT));
+ memset(&policyId, 0, sizeof(CSSM_FIELD));
+ policyId.FieldOid = CSSMOID_APPLE_TP_LOCAL_CERT_GEN;
+
+ CallerAuthContext.Policy.NumberOfPolicyIds = 1;
+ CallerAuthContext.Policy.PolicyIds = &policyId;
+
+ CSSM_RETURN crtn = CSSM_TP_SubmitCredRequest(tpHand,
+ NULL, // PreferredAuthority
+ CSSM_TP_AUTHORITY_REQUEST_CERTISSUE,
+ &reqSet,
+ &CallerAuthContext,
+ &estTime,
+ &refId);
+
+ if(crtn) {
+ sec_error("CSSM_TP_SubmitCredRequest: %s", sec_errstr(crtn));
+ goto xit;
+ }
+ crtn = CSSM_TP_RetrieveCredResult(tpHand,
+ &refId,
+ NULL, // CallerAuthCredentials
+ &estTime,
+ &confirmRequired,
+ &resultSet);
+ if(crtn) {
+ sec_error("CSSM_TP_RetrieveCredResult: %s", sec_errstr(crtn));
+ goto xit;
+ }
+ if(resultSet == NULL) {
+ sec_error("CSSM_TP_RetrieveCredResult: returned NULL result set");
+ crtn = ioErr;
+ goto xit;
+ }
+ encCert = (CSSM_ENCODED_CERT *)resultSet->Results;
+ certData->Length = encCert->CertBlob.Length;
+ certData->Data = malloc(encCert->CertBlob.Length);
+ if (certData->Data)
+ memcpy(certData->Data, encCert->CertBlob.Data, encCert->CertBlob.Length);
+ crtn = noErr;
+
+xit:
+ /* free resources allocated by TP */
+ APP_FREE(refId.Data);
+ if (encCert)
+ {
+ if (encCert->CertBlob.Data)
+ {
+ APP_FREE(encCert->CertBlob.Data);
+ }
+ APP_FREE(encCert);
+ }
+ APP_FREE(resultSet);
+ return crtn;
+}
+
+/* Convert a reference key to a raw key. */
+static CSSM_RETURN refKeyToRaw(
+ CSSM_CSP_HANDLE cspHand,
+ const CSSM_KEY *refKey,
+ CSSM_KEY_PTR rawKey) // RETURNED
+{
+ CSSM_CC_HANDLE ccHand;
+ CSSM_RETURN crtn;
+ CSSM_ACCESS_CREDENTIALS creds;
+
+ memset(rawKey, 0, sizeof(CSSM_KEY));
+ memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
+ crtn = CSSM_CSP_CreateSymmetricContext(cspHand,
+ CSSM_ALGID_NONE,
+ CSSM_ALGMODE_NONE,
+ &creds, // passPhrase
+ NULL, // wrapping key
+ NULL, // init vector
+ CSSM_PADDING_NONE, // Padding
+ 0, // Params
+ &ccHand);
+ if(crtn) {
+ sec_error("CSSM_CSP_CreateSymmetricContext: refKeyToRaw context err: %s", sec_errstr(crtn));
+ return crtn;
+ }
+
+ crtn = CSSM_WrapKey(ccHand,
+ &creds,
+ refKey,
+ NULL, // DescriptiveData
+ rawKey);
+ if(crtn != CSSM_OK) {
+ sec_error("CSSM_WrapKey: refKeyToRaw wrap err: %s", sec_errstr(crtn));
+ return crtn;
+ }
+ CSSM_DeleteContext(ccHand);
+ return CSSM_OK;
+}
+
+/*
+ * Find private key by label, modify its Label attr to be the
+ * hash of the associated public key.
+ */
+static CSSM_RETURN setPubKeyHash(
+ CSSM_CSP_HANDLE cspHand,
+ CSSM_DL_DB_HANDLE dlDbHand,
+ const CSSM_KEY *pubOrPrivKey, // to get hash; raw or ref/CSPDL
+ const char *keyLabel) // look up by this
+{
+ CSSM_QUERY query;
+ CSSM_SELECTION_PREDICATE predicate;
+ CSSM_DB_UNIQUE_RECORD_PTR record = NULL;
+ CSSM_RETURN crtn;
+ CSSM_DATA labelData;
+ CSSM_HANDLE resultHand;
+
+ labelData.Data = (uint8 *)keyLabel;
+ labelData.Length = strlen(keyLabel) + 1; // incl. NULL
+ query.RecordType = CSSM_DL_DB_RECORD_PRIVATE_KEY;
+ query.Conjunctive = CSSM_DB_NONE;
+ query.NumSelectionPredicates = 1;
+ predicate.DbOperator = CSSM_DB_EQUAL;
+
+ predicate.Attribute.Info.AttributeNameFormat =
+ CSSM_DB_ATTRIBUTE_NAME_AS_STRING;
+ predicate.Attribute.Info.Label.AttributeName = "Label";
+ predicate.Attribute.Info.AttributeFormat =
+ CSSM_DB_ATTRIBUTE_FORMAT_BLOB;
+ predicate.Attribute.Value = &labelData;
+ query.SelectionPredicate = &predicate;
+
+ query.QueryLimits.TimeLimit = 0;
+ query.QueryLimits.SizeLimit = 1;
+ query.QueryFlags = 0;
+
+ /* build Record attribute with one attr */
+ CSSM_DB_RECORD_ATTRIBUTE_DATA recordAttrs;
+ CSSM_DB_ATTRIBUTE_DATA attr;
+ attr.Info.AttributeNameFormat = CSSM_DB_ATTRIBUTE_NAME_AS_STRING;
+ attr.Info.Label.AttributeName = "Label";
+ attr.Info.AttributeFormat = CSSM_DB_ATTRIBUTE_FORMAT_BLOB;
+
+ recordAttrs.DataRecordType = CSSM_DL_DB_RECORD_PRIVATE_KEY;
+ recordAttrs.NumberOfAttributes = 1;
+ recordAttrs.AttributeData = &attr;
+
+ crtn = CSSM_DL_DataGetFirst(dlDbHand,
+ &query,
+ &resultHand,
+ &recordAttrs,
+ NULL, // hopefully optional ...theData,
+ &record);
+ /* abort only on success */
+ if(crtn != CSSM_OK) {
+ sec_error("CSSM_DL_DataGetFirst: setPubKeyHash: can't find private key: %s", sec_errstr(crtn));
+ return crtn;
+ }
+
+ /*
+ * If specified key is a ref key, do NULL unwrap for use with raw CSP.
+ * If the CSPDL and SecurityServer support the key digest passthrough
+ * this is unnecessary.
+ */
+ CSSM_KEY rawKeyToDigest;
+ if(pubOrPrivKey->KeyHeader.BlobType == CSSM_KEYBLOB_REFERENCE) {
+ crtn = refKeyToRaw(cspHand, pubOrPrivKey, &rawKeyToDigest);
+ if(crtn) {
+ sec_error("setPubKeyHash: Error converting public key to raw format: %s", sec_errstr(crtn));
+ return crtn;
+ }
+ }
+ else {
+ /* use as is */
+ rawKeyToDigest = *pubOrPrivKey;
+ }
+
+ /* connect to raw CSP */
+ CSSM_CSP_HANDLE rawCspHand = srCspStartup(CSSM_TRUE);
+ if(rawCspHand == 0) {
+ printf("***Error connecting to raw CSP; aborting.\n");
+ return -1;
+ }
+
+ /* calculate hash of pub key from private or public part */
+ CSSM_DATA_PTR keyDigest = NULL;
+ CSSM_CC_HANDLE ccHand;
+ crtn = CSSM_CSP_CreatePassThroughContext(rawCspHand,
+ &rawKeyToDigest,
+ &ccHand);
+ if(ccHand == 0) {
+ sec_error("CSSM_CSP_CreatePassThroughContext: Error calculating public key hash. Aborting: %s", sec_errstr(crtn));
+ return -1;
+ }
+ crtn = CSSM_CSP_PassThrough(ccHand,
+ CSSM_APPLECSP_KEYDIGEST,
+ NULL,
+ (void **)&keyDigest);
+ if(crtn) {
+ sec_error("CSSM_CSP_PassThrough(PUBKEYHASH): Error calculating public key hash. Aborting: %s", sec_errstr(crtn));
+ return crtn;
+ }
+ if(pubOrPrivKey->KeyHeader.BlobType == CSSM_KEYBLOB_REFERENCE) {
+ /* created in refKeyToRaw().... */
+ CSSM_FreeKey(cspHand, NULL, &rawKeyToDigest, CSSM_FALSE);
+ }
+ CSSM_DeleteContext(ccHand);
+ CSSM_ModuleDetach(rawCspHand);
+
+ /*
+ * Replace Label attr data with hash.
+ * NOTE: the module which allocated this attribute data - a DL -
+ * was loaded and attached by the Sec layer, not by us. Thus
+ * we can't use the memory allocator functions *we* used when
+ * attaching to the CSPDL - we have to use the ones
+ * which the Sec layer registered with the DL.
+ */
+ CSSM_API_MEMORY_FUNCS memFuncs;
+ crtn = CSSM_GetAPIMemoryFunctions(dlDbHand.DLHandle, &memFuncs);
+ if(crtn) {
+ sec_error("CSSM_GetAPIMemoryFunctions(DLHandle): Error: %s", sec_errstr(crtn));
+ /* oh well, leak and continue */
+ }
+ else {
+ memFuncs.free_func(attr.Value->Data, memFuncs.AllocRef);
+ memFuncs.free_func(attr.Value, memFuncs.AllocRef);
+ }
+ attr.Value = keyDigest;
+
+ /* modify key attributes */
+ crtn = CSSM_DL_DataModify(dlDbHand,
+ CSSM_DL_DB_RECORD_PRIVATE_KEY,
+ record,
+ &recordAttrs,
+ NULL, // DataToBeModified
+ CSSM_DB_MODIFY_ATTRIBUTE_REPLACE);
+ if(crtn) {
+ sec_error("CSSM_DL_DataModify(PUBKEYHASH): Error setting public key hash. Aborting: %s", sec_errstr(crtn));
+ return crtn;
+ }
+ crtn = CSSM_DL_DataAbortQuery(dlDbHand, resultHand);
+ if(crtn) {
+ sec_error("CSSM_DL_DataAbortQuery: Error while stopping query: %s", sec_errstr(crtn));
+ /* let's keep going in this case */
+ }
+ crtn = CSSM_DL_FreeUniqueRecord(dlDbHand, record);
+ if(crtn) {
+ sec_error("CSSM_DL_FreeUniqueRecord: Error while freeing record: %s", sec_errstr(crtn));
+ /* let's keep going in this case */
+ crtn = CSSM_OK;
+ }
+
+ /* free resources */
+ if (keyDigest)
+ {
+ srAppFree(keyDigest->Data, NULL);
+ srAppFree(keyDigest, NULL);
+ }
+ return CSSM_OK;
+}
+
+/*
+ * Generate a key pair using the CSPDL.
+ */
+OSStatus generateKeyPair(
+ CSSM_CSP_HANDLE cspHand,
+ CSSM_DL_DB_HANDLE dlDbHand,
+ CSSM_ALGORITHMS keyAlg, // e.g., CSSM_ALGID_RSA
+ uint32 keySizeInBits,
+ const char *keyLabel, // C string
+ CSSM_KEY_PTR *pubKeyPtr, // mallocd, created, RETURNED
+ CSSM_KEY_PTR *privKeyPtr) // mallocd, created, RETURNED
+{
+ CSSM_KEY_PTR pubKey = (CSSM_KEY_PTR)(APP_MALLOC(sizeof(CSSM_KEY)));
+ CSSM_KEY_PTR privKey = (CSSM_KEY_PTR)(APP_MALLOC(sizeof(CSSM_KEY)));
+ if((pubKey == NULL) || (privKey == NULL)) {
+ return memFullErr;
+ }
+
+ CSSM_RETURN crtn;
+ CSSM_KEYUSE pubKeyUse;
+ CSSM_KEYUSE privKeyUse;
+
+ pubKeyUse = CSSM_KEYUSE_VERIFY | CSSM_KEYUSE_ENCRYPT |
+ CSSM_KEYUSE_WRAP;
+ privKeyUse = CSSM_KEYUSE_SIGN | CSSM_KEYUSE_DECRYPT |
+ CSSM_KEYUSE_UNWRAP;
+
+ crtn = srCspGenKeyPair(cspHand,
+ &dlDbHand,
+ keyAlg,
+ keyLabel,
+ (int) strlen(keyLabel) + 1,
+ keySizeInBits,
+ pubKey,
+ pubKeyUse,
+ CSSM_KEYATTR_EXTRACTABLE | CSSM_KEYATTR_RETURN_REF,
+ privKey,
+ privKeyUse,
+ CSSM_KEYATTR_SENSITIVE | CSSM_KEYATTR_RETURN_REF |
+ CSSM_KEYATTR_PERMANENT | CSSM_KEYATTR_EXTRACTABLE);
+
+ if(crtn) {
+ APP_FREE(pubKey);
+ APP_FREE(privKey);
+ return paramErr;
+ }
+
+ /* bind private key to cert by public key hash */
+ crtn = setPubKeyHash(cspHand,
+ dlDbHand,
+ pubKey,
+ keyLabel);
+ if(crtn) {
+ sec_error("setPubKeyHash: Error setting public key hash. Continuing at peril: %s", sec_errstr(crtn));
+ }
+
+ *pubKeyPtr = pubKey;
+ *privKeyPtr = privKey;
+ return noErr;
+}
+
+//==========================================================================
+
+int
+keychain_createMFV(int argc, char * const *argv)
+{
+ int zero_password = 0;
+ char *password = NULL;
+ const char *keychainName = NULL;
+ int result = 0, ch = 0;
+ Boolean do_prompt = FALSE;
+ SecKeychainRef keychainRef = NULL;
+ uint32 keySizeInBits = SR2_KEY_SIZE_IN_BITS; // default
+
+/* AG: getopts optstring name [args]
+ AG: while loop calling getopt is used to extract password from cl from user
+ password is the only option to keychain_create
+ optstring is a string containing the legitimate option
+ characters. If such a character is followed by a colon,
+ the option requires an argument, so getopt places a
+ pointer to the following text in the same argv-element, or
+ the text of the following argv-element, in optarg.
+*/
+ while ((ch = getopt(argc, argv, "hp:s:P")) != -1)
+ {
+ switch (ch)
+ {
+ case 'p':
+ password = optarg;
+ break;
+ case 'P':
+ do_prompt = TRUE;
+ break;
+ case 's':
+ // Specify the keysize in bits (default 1024)
+ keySizeInBits = atoi(optarg);
+ if (!(keySizeInBits == SR_KEY_SIZE_IN_BITS || keySizeInBits == SR2_KEY_SIZE_IN_BITS || keySizeInBits == 4096))
+ return SHOW_USAGE_MESSAGE;
+ break;
+ case '?':
+ default:
+ return SHOW_USAGE_MESSAGE;
+ }
+ }
+/*
+ AG: The external variable optind is the index of the next
+ array element of argv[] to be processed; it communicates
+ from one call of getopt() to the next which element to
+ process.
+ The variable optind is the index of the next element of the argv[] vector to be processed. It shall be initialized to 1 by the system, and getopt() shall update it when it finishes with each element of argv[]. When an element of argv[] contains multiple option characters, it is unspecified how getopt() determines which options have already been processed.
+
+*/
+ argc -= optind;
+ argv += optind;
+
+ if (argc > 1)
+ return SHOW_USAGE_MESSAGE;
+
+ keychainName = (argc == 1)?*argv:_masterKeychainName;
+ if (!keychainName || *keychainName == '\0')
+ return -1;
+
+ if (!password && !do_prompt)
+ {
+ int compare = 1;
+ int tries;
+
+ for (tries = 3; tries-- > 0;)
+ {
+ char *firstpass;
+
+ password = getpass("password for new keychain: ");
+ if (!password)
+ {
+ result = -1;
+ goto loser;
+ }
+
+ firstpass = malloc(strlen(password) + 1);
+ strcpy(firstpass, password);
+ password = getpass("retype password for new keychain: ");
+ compare = password ? strcmp(password, firstpass) : 1;
+ memset(firstpass, 0, strlen(firstpass));
+ free(firstpass);
+ if (!password)
+ {
+ result = -1;
+ goto loser;
+ }
+
+ if (compare)
+ {
+ fprintf(stderr, "passwords don't match\n");
+ memset(password, 0, strlen(password));
+ }
+ else
+ {
+ zero_password = 1;
+ break;
+ }
+ }
+
+ if (compare)
+ {
+ result = 1;
+ goto loser;
+ }
+ }
+
+ do
+ {
+ // result = do_create(keychain, password, do_prompt);
+ result = makeMasterPassword(keychainName, password, keySizeInBits, &keychainRef);
+ if (keychainRef)
+ CFRelease(keychainRef);
+ if (zero_password)
+ memset(password, 0, strlen(password));
+ if (result)
+ goto loser;
+
+ argc--;
+ argv++;
+ keychainName = *argv;
+ } while (argc > 0);
+
+loser:
+
+ return result;
+}
projects / apple / security.git / blobdiff