X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..07691282a056c4efea71e1e505527601e8cc166b:/OSX/libsecurity_keychain/lib/SecKeychainItemExtendedAttributes.cpp

diff --git a/OSX/libsecurity_keychain/lib/SecKeychainItemExtendedAttributes.cpp b/OSX/libsecurity_keychain/lib/SecKeychainItemExtendedAttributes.cpp
index 1f7e0061..60c98f31 100644
--- a/OSX/libsecurity_keychain/lib/SecKeychainItemExtendedAttributes.cpp
+++ b/OSX/libsecurity_keychain/lib/SecKeychainItemExtendedAttributes.cpp
@@ -21,12 +21,14 @@
  * @APPLE_LICENSE_HEADER_END@
  */
 
+#include <security_utilities/casts.h>
 #include "SecKeychainItemExtendedAttributes.h"
 #include "SecKeychainItemPriv.h"
 #include "ExtendedAttribute.h"
 #include "SecBridge.h"
 #include "StorageManager.h"
 #include "KCCursor.h"
+#include <os/activity.h>
 
 /* I'm not sure we need this */
 #if 0
@@ -42,6 +44,8 @@ static CFTypeID SecKeychainItemExtendedAttributesGetTypeID(void)
 }
 #endif
 
+extern "C" Boolean SecKeyIsCDSAKey(SecKeyRef ref);
+
 /*
  * Determine if incoming itemRef can be considered for 
  * this mechanism; throw if not.
@@ -52,7 +56,7 @@ static void isItemRefCapable(
 	CFTypeID id = CFGetTypeID(itemRef);
 	if((id == gTypes().ItemImpl.typeID) ||
 	   (id == gTypes().Certificate.typeID) || 
-	   (id == gTypes().KeyItem.typeID)) {
+	   (id == SecKeyGetTypeID() && SecKeyIsCDSAKey((SecKeyRef)itemRef))) {
 		return;
 	}
 	else {
@@ -120,7 +124,7 @@ static bool lookupExtendedAttr(
 	StorageManager::KeychainList kcList;
 	kcList.push_back(inItem->keychain());
 	
-	KCCursor cursor(kcList, CSSM_DL_DB_RECORD_EXTENDED_ATTRIBUTE, &attrList);
+	KCCursor cursor(kcList, (SecItemClass) CSSM_DL_DB_RECORD_EXTENDED_ATTRIBUTE, &attrList);
 	try {
 		return cursor->next(foundItem);
 	}
@@ -140,10 +144,13 @@ OSStatus SecKeychainItemSetExtendedAttribute(
 	CFStringRef					attrName,
 	CFDataRef					attrValue)			/* NULL means delete the attribute */
 {
-#if SECTRUST_OSX
-#warning This needs to detect SecCertificateRef items, and when it does, SecKeychainItemDelete must be updated
-#endif
+    // <rdar://25635468>
+    //%%% This needs to detect SecCertificateRef items, and when it does, SecKeychainItemDelete must be updated
+
     BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecKeychainItemSetExtendedAttribute", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 	
 	if((itemRef == NULL) || (attrName == NULL)) {
 		return errSecParam;
@@ -161,7 +168,7 @@ OSStatus SecKeychainItemSetExtendedAttribute(
 		return errSecSuccess;
 	}
 
-	CSSM_DATA attrCValue = {CFDataGetLength(attrValue), (uint8 *)CFDataGetBytePtr(attrValue)};
+	CSSM_DATA attrCValue = {int_cast<CFIndex, CSSM_SIZE>(CFDataGetLength(attrValue)), (uint8 *)CFDataGetBytePtr(attrValue)};
 	
 	if(haveMatch) {
 		/* update existing extended attribute record */
@@ -190,10 +197,13 @@ OSStatus SecKeychainItemCopyExtendedAttribute(
 	CFStringRef					attrName,
 	CFDataRef					*attrValue)		/* RETURNED */
 {
-#if SECTRUST_OSX
-#warning This needs to detect SecCertificateRef items
-#endif
+    // <rdar://25635468>
+    //%%% This needs to detect SecCertificateRef items
+
     BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecKeychainItemCopyExtendedAttribute", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 	
 	if((itemRef == NULL) || (attrName == NULL) || (attrValue == NULL)) {
 		return errSecParam;
@@ -231,10 +241,13 @@ OSStatus SecKeychainItemCopyAllExtendedAttributes(
 	CFArrayRef					*attrValues)		/* optional, RETURNED, each element is a 
 													 *   CFDataRef */
 {
-#if SECTRUST_OSX
-#warning This needs to detect SecCertificateRef items, and when it does, SecKeychainItemDelete must be updated
-#endif
+    // <rdar://25635468>
+    //%%% This needs to detect SecCertificateRef items, and when it does, SecKeychainItemDelete must be updated
+
     BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecKeychainItemCopyAllExtendedAttributes", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 	
 	if((itemRef == NULL) || (attrNames == NULL)) {
 		return errSecParam;
@@ -272,7 +285,7 @@ OSStatus SecKeychainItemCopyAllExtendedAttributes(
 	CFMutableArrayRef outValues = NULL;
 	OSStatus ourRtn = errSecSuccess;
 	
-	KCCursor cursor(kcList, CSSM_DL_DB_RECORD_EXTENDED_ATTRIBUTE, &attrList);
+	KCCursor cursor(kcList, (SecItemClass) CSSM_DL_DB_RECORD_EXTENDED_ATTRIBUTE, &attrList);
 	for(;;) {
 		bool gotOne = false;
 		Item foundItem;