X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/b04fe171f0375ecd5d8a24747ca1dff85720a0ca..6b200bc335dc93c5516ccb52f14bd896d8c7fad7:/SecurityTests/clxutils/clAppUtils/keyPicker.cpp?ds=sidebyside

diff --git a/SecurityTests/clxutils/clAppUtils/keyPicker.cpp b/SecurityTests/clxutils/clAppUtils/keyPicker.cpp
deleted file mode 100644
index a8bbf5f0..00000000
--- a/SecurityTests/clxutils/clAppUtils/keyPicker.cpp
+++ /dev/null
@@ -1,365 +0,0 @@
-/*
- * Copyright (c) 2004-2006 Apple Computer, Inc. All Rights Reserved.
- * 
- * @APPLE_LICENSE_HEADER_START@
- * 
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- * 
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- * 
- * @APPLE_LICENSE_HEADER_END@
- */
-
-/*
- * keyPicker.cpp - select a key pair from a keychain
- */
- 
-#include "keyPicker.h"
-#include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
-#include <Security/Security.h>
-#include <stdexcept>
-#include <ctype.h>
-#include <clAppUtils/identPicker.h>		/* for kcFileName() */
-#include <vector>
-
-/*
- * Obtain either public key hash or PrintName for a given SecKeychainItem. Works on public keys,
- * private keys, identities, and certs. Caller must release the returned result. 
- */
-OSStatus getKcItemAttr(
-	SecKeychainItemRef kcItem,
-	WhichAttr whichAttr,
-	CFDataRef *rtnAttr)			/* RETURNED */
-{
-	/* main job is to figure out which attrType to ask for, and from what Sec item */
-	SecKeychainItemRef attrFromThis;
-	SecKeychainAttrType	attrType = 0;
-	OSStatus ortn;
-	bool releaseKcItem = false;
-	
-	CFTypeID cfId = CFGetTypeID(kcItem);
-	if(cfId == SecIdentityGetTypeID()) {
-		/* switch over to cert */
-		ortn = SecIdentityCopyCertificate((SecIdentityRef)kcItem, 
-			(SecCertificateRef *)&attrFromThis);
-		if(ortn)
-			cssmPerror("SecIdentityCopyCertificate", ortn);
-			return ortn;
-		kcItem = attrFromThis;
-		releaseKcItem = true;
-		cfId = SecCertificateGetTypeID();
-	}
-	
-	if(cfId == SecCertificateGetTypeID()) {
-		switch(whichAttr) {
-			case WA_Hash:
-				attrType = kSecPublicKeyHashItemAttr;
-				break;
-			case WA_PrintName:
-				attrType = kSecLabelItemAttr;
-				break;
-			default:
-				printf("getKcItemAttr: WhichAttr\n");
-				return paramErr;
-		}
-	}
-	else if(cfId == SecKeyGetTypeID()) {
-		switch(whichAttr) {
-			case WA_Hash:
-				attrType = kSecKeyLabel;
-				break;
-			case WA_PrintName:
-				attrType = kSecKeyPrintName;
-				break;
-			default:
-				printf("getKcItemAttr: WhichAttr\n");
-				return paramErr;
-		}
-	}
-	
-	SecKeychainAttributeInfo attrInfo;
-	attrInfo.count = 1;
-	attrInfo.tag = &attrType;
-	attrInfo.format = NULL;	// ???
-	SecKeychainAttributeList *attrList = NULL;
-	
-	ortn = SecKeychainItemCopyAttributesAndData(
-		kcItem, 
-		&attrInfo,
-		NULL,			// itemClass
-		&attrList, 
-		NULL,			// don't need the data
-		NULL);
-	if(releaseKcItem) {
-		CFRelease(kcItem);
-	}
-	if(ortn) {
-		cssmPerror("SecKeychainItemCopyAttributesAndData", ortn);
-		return paramErr;
-	}
-	SecKeychainAttribute *attr = attrList->attr;
-	*rtnAttr = CFDataCreate(NULL, (UInt8 *)attr->data, attr->length);
-	SecKeychainItemFreeAttributesAndData(attrList, NULL);
-	return noErr;
-}
-
-/*
- * Class representing one key in the keychain.
- */
-class PickerKey
-{
-public:
-	PickerKey(SecKeyRef keyRef);
-	~PickerKey();
-	
-	bool		isUsed()					{ return mIsUsed;}
-	void		isUsed(bool u)				{ mIsUsed = u; }
-	bool		isPrivate()					{ return mIsPrivate; }
-	CFDataRef	getPrintName()				{ return mPrintName; }
-	CFDataRef	getPubKeyHash()				{ return mPubKeyHash; }
-	SecKeyRef	keyRef()					{ return mKeyRef; }
-	
-	PickerKey	*partnerKey()				{ return mPartner; }
-	void		partnerKey(PickerKey *pk)	{ mPartner = pk; }
-	char		*kcFile()					{ return mKcFile; }
-	
-private:
-	SecKeyRef	mKeyRef;
-	CFDataRef	mPrintName;
-	CFDataRef	mPubKeyHash;
-	bool		mIsPrivate;		// private/public key
-	bool		mIsUsed;		// has been spoken for 
-	PickerKey	*mPartner;		// other member of public/private pair
-	char		*mKcFile;		// file name of keychain this lives on 
-};
-
-PickerKey::PickerKey(SecKeyRef keyRef)
-	:	mKeyRef(NULL), 
-		mPrintName(NULL), 
-		mPubKeyHash(NULL), 
-		mIsPrivate(false), 
-		mIsUsed(false),
-		mPartner(NULL),
-		mKcFile(NULL)
-{
-	if(CFGetTypeID(keyRef) != SecKeyGetTypeID()) {
-		throw std::invalid_argument("not a key");
-	}
-	
-	OSStatus ortn = getKcItemAttr((SecKeychainItemRef)keyRef, WA_Hash, &mPubKeyHash);
-	if(ortn) {
-		throw std::invalid_argument("pub key hash not available");
-	}
-	ortn = getKcItemAttr((SecKeychainItemRef)keyRef, WA_PrintName, &mPrintName);
-	if(ortn) {
-		throw std::invalid_argument("pub key hash not available");
-	}
-	
-	const CSSM_KEY *cssmKey;
-	ortn = SecKeyGetCSSMKey(keyRef, &cssmKey);
-	if(ortn) {
-		/* should never happen */
-		cssmPerror("SecKeyGetCSSMKey", ortn);
-		throw std::invalid_argument("SecKeyGetCSSMKey error");
-	}
-	if(cssmKey->KeyHeader.KeyClass == CSSM_KEYCLASS_PRIVATE_KEY) {
-		mIsPrivate = true;
-	}
-	
-	/* stash name of the keychain this lives on */
-	SecKeychainRef kcRef;
-	ortn = SecKeychainItemCopyKeychain((SecKeychainItemRef)keyRef, &kcRef);
-	if(ortn) {
-		cssmPerror("SecKeychainItemCopyKeychain", ortn);
-		mKcFile = strdup("Unnamed keychain");
-	}
-	else {
-		mKcFile = kcFileName(kcRef);
-	}
-
-	mKeyRef = keyRef;
-	CFRetain(mKeyRef);
-}
-
-PickerKey::~PickerKey()
-{
-	if(mKeyRef) {
-		CFRelease(mKeyRef);
-	}
-	if(mPubKeyHash) {
-		CFRelease(mPubKeyHash);
-	}
-	if(mPrintName) {
-		CFRelease(mPrintName);
-	}
-	if(mKcFile) {
-		free(mKcFile);
-	}
-}
-
-typedef std::vector<PickerKey *> KeyVector;
-
-/* 
- * add PickerKey objects of specified type to a KeyVector. 
- */
-static void getPickerKeys(
-	SecKeychainRef	kcRef,
-	SecItemClass	itemClass,	// actually CSSM_DL_DB_RECORD_{PRIVATE,PRIVATE}_KEY for now
-	KeyVector		&keyVector)
-{
-	SecKeychainSearchRef 	srchRef = NULL;
-	SecKeychainItemRef		kcItem;
-	
-	OSStatus ortn = SecKeychainSearchCreateFromAttributes(kcRef,
-		itemClass,
-		NULL,			// any attrs
-		&srchRef);
-	if(ortn) {
-		cssmPerror("SecKeychainSearchCreateFromAttributes", ortn);
-		return;
-	}
-	do {
-		ortn = SecKeychainSearchCopyNext(srchRef, &kcItem);
-		if(ortn) {
-			break;
-		}
-		try {
-			PickerKey *pickerKey = new PickerKey((SecKeyRef)kcItem);
-			keyVector.push_back(pickerKey);
-		}
-		catch(...) {
-			printf("**** key item that failed PickerKey construct ***\n");
-			/* but keep going */
-		}
-	} while(ortn == noErr);
-	CFRelease(srchRef);
-}
-
-/*
- * Print contents of a CFData assuming it's printable 
- */
-static void printCfData(CFDataRef cfd)
-{
-	CFIndex len = CFDataGetLength(cfd);
-	const UInt8 *cp = CFDataGetBytePtr(cfd);
-	for(CFIndex dex=0; dex<len; dex++) {
-		char c = cp[dex];
-		if(isprint(c)) {
-			putchar(c);
-		}
-		else {
-			printf(".%02X.", c);
-		}
-	}
-}
-
-OSStatus keyPicker(
-	SecKeychainRef  kcRef,		// NULL means the default list
-	SecKeyRef		*pubKey,	// RETURNED
-	SecKeyRef		*privKey)   // RETURNED
-{
-
-	/* First create a arrays of all of the keys, parsed and ready for use */
-	
-	std::vector<PickerKey *> privKeys;
-	std::vector<PickerKey *> pubKeys;
-	getPickerKeys(kcRef, CSSM_DL_DB_RECORD_PRIVATE_KEY, privKeys);
-	getPickerKeys(kcRef, CSSM_DL_DB_RECORD_PUBLIC_KEY,  pubKeys);
-	
-	/* now interate thru private keys, looking for a partner for each one */
-	int numPairs = 0;
-	unsigned numPrivKeys = privKeys.size();
-	unsigned numPubKeys  = pubKeys.size();
-	
-	for(unsigned privDex=0; privDex<numPrivKeys; privDex++) {
-		PickerKey *privPk = privKeys[privDex];
-		CFDataRef privHash = privPk->getPubKeyHash();
-		for(unsigned pubDex=0; pubDex<numPubKeys; pubDex++) {
-			PickerKey *pubPk = pubKeys[pubDex];
-			if(pubPk->isUsed()) {
-				/* already spoken for */
-				continue;
-			}
-			if(!CFEqual(privHash, pubPk->getPubKeyHash())) {  
-				/* public key hashes don't match */
-				continue;
-			}
-			
-			/* got a match */
-			pubPk->partnerKey(privPk);
-			privPk->partnerKey(pubPk);
-			pubPk->isUsed(true);
-			privPk->isUsed(true);
-			
-			/* display */
-			printf("[%d] privKey  : ", numPairs); printCfData(privPk->getPrintName()); printf("\n");
-			printf("    pubKey   : ");  printCfData(pubPk->getPrintName());printf("\n");
-			printf("    keychain : %s\n", privPk->kcFile());
-			
-			numPairs++;
-		}
-	}
-	
-	if(numPairs == 0) {
-		printf("*** keyPicker: no key pairs found.\n");
-		return paramErr;
-	}
-	
-	OSStatus ortn = noErr;
-	int ires;
-	while(1) {
-		fpurge(stdin);
-		printf("\nEnter key pair number or CR to quit : ");
-		fflush(stdout);
-		char resp[64];
-		getString(resp, sizeof(resp));
-		if(resp[0] == '\0') {
-			ortn = CSSMERR_CSSM_USER_CANCELED;
-			break;
-		}
-		ires = atoi(resp);
-		if((ires < 0) || (ires >= numPairs)) {
-			printf("***Invalid entry. Type a number between 0 and %d\n", numPairs-1);
-			continue;
-		}
-		break;
-	}
-	
-	if(ortn == noErr) {
-		/* find the ires'th partnered private key */
-		int goodOnes = 0;
-		for(unsigned privDex=0; privDex<numPrivKeys; privDex++) {
-			PickerKey *privPk = privKeys[privDex];
-			if(!privPk->isUsed()) {
-				continue;
-			}
-			if(goodOnes == ires) {
-				/* this is it */
-				*privKey = privPk->keyRef();
-				*pubKey = privPk->partnerKey()->keyRef();
-			}
-			goodOnes++;
-		}
-	}
-	
-	/* clean out PickerKey arrays */
-	for(unsigned privDex=0; privDex<numPrivKeys; privDex++) {
-		delete privKeys[privDex];
-	}
-	for(unsigned pubDex=0; pubDex<numPubKeys; pubDex++) {
-		delete pubKeys[pubDex];
-	}
-	return ortn;
-}
-