/*
* Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
- *
+ *
* @APPLE_LICENSE_HEADER_START@
- *
+ *
* This file contains Original Code and/or Modifications of Original Code
* as defined in and that are subject to the Apple Public Source License
* Version 2.0 (the 'License'). You may not use this file except in
* compliance with the License. Please obtain a copy of the License at
* http://www.opensource.apple.com/apsl/ and read it before using this
* file.
- *
+ *
* The Original Code and all software distributed under the License are
* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
* Please see the License for the specific language governing rights and
* limitations under the License.
- *
+ *
* @APPLE_LICENSE_HEADER_END@
*
- * SecImport.cpp - high-level facility for importing Sec layer objects.
+ * SecImport.cpp - high-level facility for importing Sec layer objects.
*/
#include "SecImportExport.h"
#include "SecImportExportUtils.h"
#include <security_cdsa_utils/cuCdsaUtils.h>
#include <security_utilities/globalizer.h>
-
-#include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+#include <Security/SecBase.h>
#define SecImpInferDbg(args...) secdebug("SecImpInfer", ## args)
/*
* Do our best to ensure that a SecImportRep's type and format are known.
* A return of true means that both format and type (and, if the item
- * is a raw public or private key, the algorithm) are known.
+ * is a raw public or private key, the algorithm) are known.
*/
static bool impExpInferTypeAndFormat(
SecImportRep *rep,
- CFStringRef fileStr,
+ CFStringRef fileStr,
SecExternalFormat inputFormat,
SecExternalItemType itemType)
{
case kSecFormatUnknown:
break;
case kSecFormatPKCS7:
- case kSecFormatPKCS12:
+ case kSecFormatPKCS12:
case kSecFormatPEMSequence:
case kSecFormatNetscapeCertSequence:
rep->mExternType = kSecItemTypeAggregate;
case kSecFormatRawKey:
rep->mExternType = kSecItemTypeSessionKey;
break;
- case kSecFormatX509Cert:
+ case kSecFormatX509Cert:
rep->mExternType = kSecItemTypeCertificate;
break;
case kSecFormatWrappedPKCS8:
break;
}
}
-
+
/* some formats can be inferred from type */
if(rep->mExternFormat == kSecFormatUnknown) {
SecExternalItemType thisType;
break;
}
}
-
- /*
- * Wrapped private keys don't need algorithm
+
+ /*
+ * Wrapped private keys don't need algorithm
* Some formats implies algorithm
*/
bool isWrapped = false;
default:
break;
}
-
+
/* Are we there yet? */
bool done = true;
if((rep->mExternType == kSecItemTypeUnknown) ||
}
if(!done) {
/* infer from filename if possible */
- done = impExpImportParseFileExten(fileStr, &rep->mExternFormat,
+ done = impExpImportParseFileExten(fileStr, &rep->mExternFormat,
&rep->mExternType);
}
if(done) {
/* invoke black magic: try decoding various forms */
return impExpImportGuessByExamination(rep->mExternal, &rep->mExternFormat,
- &rep->mExternType, &rep->mKeyAlg);
+ &rep->mExternType, &rep->mKeyAlg);
}
-
+
class CSPDLMaker
{
protected:
CSSM_CSP_HANDLE mHandle;
+ RecursiveMutex mMutex;
public:
CSPDLMaker() : mHandle(cuCspStartup(CSSM_FALSE)) {}
CFStringRef fileNameOrExtension, // optional
SecExternalFormat *inputFormat, // optional, IN/OUT
SecExternalItemType *itemType, // optional, IN/OUT
- SecItemImportExportFlags flags,
+ SecItemImportExportFlags flags,
const SecKeyImportExportParameters *keyParams, // optional
SecKeychainRef importKeychain, // optional
CFArrayRef *outItems) /* optional */
{
BEGIN_IMP_EXP_SECAPI
-
+
bool isPem;
- OSStatus ortn = noErr;
- OSStatus pem_ortn = noErr;
+ OSStatus ortn = errSecSuccess;
+ OSStatus pem_ortn = errSecSuccess;
SecImportRep *rep = NULL;
SecExternalFormat callerInputFormat;
SecExternalItemType callerItemType;
CSSM_CSP_HANDLE cspHand = 0;
CFIndex dex;
CFStringRef ourFileStr = NULL;
-
+
if((importedData == NULL) || (CFDataGetLength(importedData) == 0)) {
- return paramErr;
+ return errSecParam;
}
/* all other args are optional */
-
+
if(inputFormat) {
callerInputFormat = *inputFormat;
}
else {
callerItemType = kSecItemTypeUnknown;
}
-
+
CFIndex numReps = 0;
SecExternalFormat tempFormat = callerInputFormat;
SecExternalItemType tempType = callerItemType;
ImpPrivKeyImportState keyImportState = PIS_NoLimit;
CFMutableArrayRef importReps = CFArrayCreateMutable(NULL, 0, NULL);
- CFMutableArrayRef createdKcItems = CFArrayCreateMutable(NULL, 0,
+ CFMutableArrayRef createdKcItems = CFArrayCreateMutable(NULL, 0,
&kCFTypeArrayCallBacks);
/* subsequent errors to errOut: */
-
- /*
+
+ /*
* importedData --> one or more SecImportReps.
* Note successful PEM decode can override caller's inputFormat and/or itemType.
*/
}
}
else {
- /*
- * Strip off possible .pem extension in case there's another one in
- * front of it
+ /*
+ * Strip off possible .pem extension in case there's another one in
+ * front of it
*/
assert(CFArrayGetCount(importReps) >= 1);
if(fileNameOrExtension) {
}
}
}
-
- /*
- * Ensure we know type and format (and, for raw keys, algorithm) of each item.
+
+ /*
+ * Ensure we know type and format (and, for raw keys, algorithm) of each item.
*/
- numReps = CFArrayGetCount(importReps);
+ numReps = CFArrayGetCount(importReps);
if(numReps > 1) {
- /*
+ /*
* Incoming kSecFormatPEMSequence, caller specs are useless now.
* Hopefully the PEM parsing disclosed the info we'll need.
*/
else {
cspHand = gCSPHandle();
}
-
+
if(keyParams && (keyParams->flags & kSecKeyImportOnlyOne)) {
keyImportState = PIS_AllowOne;
}
-
- /* Everything looks good: Go */
+
+ /* Everything looks good: Go */
for(CFIndex dex=0; dex<numReps; dex++) {
rep = (SecImportRep *)CFArrayGetValueAtIndex(importReps, dex);
- ortn = rep->importRep(importKeychain, cspHand, flags, keyParams,
+ ortn = rep->importRep(importKeychain, cspHand, flags, keyParams,
keyImportState, createdKcItems);
if(ortn) {
goto errOut;
*itemType = rep->mExternType;
}
}
- if((ortn == noErr) && (outItems != NULL)) {
+ if((ortn == errSecSuccess) && (outItems != NULL)) {
/* return the array */
*outItems = createdKcItems;
createdKcItems = NULL;
/* error occurred importing as PEM, and no other rep was imported */
return SecKeychainErrFromOSStatus(pem_ortn);
}
- return noErr;
-
+ return errSecSuccess;
+
END_IMP_EXP_SECAPI
}
CFStringRef fileNameOrExtension, /* optional */
SecExternalFormat *inputFormat, /* optional, IN/OUT */
SecExternalItemType *itemType, /* optional, IN/OUT */
- SecItemImportExportFlags flags,
+ SecItemImportExportFlags flags,
const SecItemImportExportKeyParameters *keyParams, /* optional */
SecKeychainRef importKeychain, /* optional */
CFArrayRef *outItems)
{
-
+
SecKeyImportExportParameters* oldStructPtr = NULL;
SecKeyImportExportParameters oldStruct;
memset(&oldStruct, 0, sizeof(oldStruct));
-
-
+
+
if (NULL != keyParams)
{
if (ConvertSecKeyImportExportParametersToSecImportExportKeyParameters(NULL,
oldStructPtr = &oldStruct;
}
}
-
- return SecKeychainItemImport(importedData, fileNameOrExtension, inputFormat,
+
+ return SecKeychainItemImport(importedData, fileNameOrExtension, inputFormat,
itemType, flags, oldStructPtr, importKeychain, outItems);
}
projects / apple / security.git / blobdiff