X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/b04fe171f0375ecd5d8a24747ca1dff85720a0ca..6b200bc335dc93c5516ccb52f14bd896d8c7fad7:/SecurityTests/xdr_rpc/securityd_data_saver.cpp diff --git a/SecurityTests/xdr_rpc/securityd_data_saver.cpp b/SecurityTests/xdr_rpc/securityd_data_saver.cpp deleted file mode 100644 index 8c2b466e..00000000 --- a/SecurityTests/xdr_rpc/securityd_data_saver.cpp +++ /dev/null @@ -1,205 +0,0 @@ -/* - * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * This file contains Original Code and/or Modifications of Original Code - * as defined in and that are subject to the Apple Public Source License - * Version 2.0 (the 'License'). You may not use this file except in - * compliance with the License. Please obtain a copy of the License at - * http://www.opensource.apple.com/apsl/ and read it before using this - * file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. - * Please see the License for the specific language governing rights and - * limitations under the License. - * - * @APPLE_LICENSE_HEADER_END@ - */ - -#include "securityd_data_saver.h" - -/* - * Please don't use this as an exemplar for new write...() calls. This was - * the first, is messy, and probably should be rewritten. At the very - * least, its correctness should be revisited. - */ -void -SecuritydDataSave::writeContext(Context *context, intptr_t attraddr, - mach_msg_type_number_t attrSize) -{ - // finish the preamble - uint32_t dtype = CONTEXT; - writeAll(&dtype, sizeof(dtype)); - - // save size of a CSSM_CONTEXT (not strictly necessary) - uint32_t csize = sizeof(CSSM_CONTEXT); - writeAll(&csize, sizeof(csize)); // write the length first! - writeAll(context, csize); - - // save the original base address for relocation - csize = sizeof(attraddr); - writeAll(&csize, sizeof(csize)); - writeAll(&attraddr, csize); - - // finally, save off the attributes - csize = attrSize; - writeAll(&csize, sizeof(csize)); - writeAll(context->ContextAttributes, csize); -} - -void -SecuritydDataSave::writeAclEntryInfo(AclEntryInfo *acls, - mach_msg_type_number_t aclsLength) -{ - // finish the preamble - uint32_t dtype = ACL_ENTRY_INFO; - writeAll(&dtype, sizeof(dtype)); - - // write the base pointer, then the ACL itself - uint32_t ptrsize = sizeof(acls); - writeAll(&ptrsize, sizeof(ptrsize)); - writeAll(&acls, ptrsize); - writeAll(&aclsLength, sizeof(aclsLength)); - writeAll(acls, aclsLength); -} - -void -SecuritydDataSave::writeAclEntryInput(AclEntryInput *acl, - mach_msg_type_number_t aclLength) -{ - // finish the preamble - uint32_t dtype = ACL_ENTRY_INPUT; - writeAll(&dtype, sizeof(dtype)); - - // write the pointer, then the ACL itself - uint32_t ptrsize = sizeof(acl); - writeAll(&ptrsize, sizeof(ptrsize)); - writeAll(&acl, ptrsize); - writeAll(&aclLength, sizeof(aclLength)); - writeAll(acl, aclLength); -} - - -// -// Excerpts from securityd's transition.cpp showing where SecuritydDataSave -// is (to be) used -// - -#if 0 -kern_return_t ucsp_server_findFirst(UCSP_ARGS, DbHandle db, - COPY_IN(CssmQuery, query), - COPY_IN(CssmDbRecordAttributeData, inAttributes), - COPY_OUT(CssmDbRecordAttributeData, outAttributes), - boolean_t getData, - DATA_OUT(data), KeyHandle *hKey, SearchHandle *hSearch, RecordHandle *hRecord) -{ - BEGIN_IPC - relocate(query, queryBase, queryLength); - SecuritydDataSave sds("/var/tmp/Query_findFirst"); - sds.writeQuery(query, queryLength); - relocate(inAttributes, inAttributesBase, inAttributesLength); - - RefPointer search; - RefPointer record; - RefPointer key; - CssmData outData; //OutputData outData(data, dataLength); - CssmDbRecordAttributeData *outAttrs; mach_msg_type_number_t outAttrsLength; - Server::database(db)->findFirst(*query, inAttributes, inAttributesLength, - getData ? &outData : NULL, key, search, record, outAttrs, outAttrsLength); - - // handle nothing-found case without exceptions - if (!record) { - *hRecord = noRecord; - *hSearch = noSearch; - *hKey = noKey; - } else { - // return handles - *hRecord = record->handle(); - *hSearch = search->handle(); - *hKey = key ? key->handle() : noKey; - - // return attributes (assumes relocated flat blob) - flips(outAttrs, outAttributes, outAttributesBase); - *outAttributesLength = outAttrsLength; - - // return data (temporary fix) - if (getData) { - *data = outData.data(); - *dataLength = outData.length(); - } - } - END_IPC(DL) -} - -kern_return_t ucsp_server_decrypt(UCSP_ARGS, CONTEXT_ARGS, KeyHandle keyh, - DATA_IN(cipher), DATA_OUT(clear)) -{ - BEGIN_IPC - SecuritydDataSave td("/var/tmp/securityd_Context_decrypt"); // XXX/gh get sample Context for XDR testing - relocate(context, contextBase, attributes, attrSize); - // save attributes base addr for backwards compatibility - intptr_t attraddr = reinterpret_cast(&context->ContextAttributes); - td.writeContext(&context, attraddr, attrSize); - RefPointer key = Server::key(keyh); - OutputData clearOut(clear, clearLength); - key->database().decrypt(context, *key, DATA(cipher), clearOut); - END_IPC(CSP) -} - -// ... - -kern_return_t ucsp_server_getAcl(UCSP_ARGS, AclKind kind, KeyHandle key, - boolean_t haveTag, const char *tag, - uint32 *countp, COPY_OUT(AclEntryInfo, acls)) -{ - BEGIN_IPC - uint32 count; - AclEntryInfo *aclList; - Server::aclBearer(kind, key).getAcl(haveTag ? tag : NULL, count, aclList); - *countp = count; - Copier aclsOut(aclList, count); // make flat copy - - { // release the chunked memory originals - ChunkFreeWalker free; - for (uint32 n = 0; n < count; n++) - walk(free, aclList[n]); - - // release the memory allocated for the list itself when we are done - Allocator::standard().free (aclList); - } - - // set result (note: this is *almost* flips(), but on an array) - *aclsLength = aclsOut.length(); - *acls = *aclsBase = aclsOut; - if (flipClient()) { - FlipWalker w; - for (uint32 n = 0; n < count; n++) - walk(w, (*acls)[n]); - w.doFlips(); - Flippers::flip(*aclsBase); - } - SecuritydDataSave sds("/var/tmp/AclEntryInfo_getAcl"); - sds.writeAclEntryInfo(*acls, *aclsLength); - Server::releaseWhenDone(aclsOut.keep()); - END_IPC(CSP) -} - -kern_return_t ucsp_server_changeAcl(UCSP_ARGS, AclKind kind, KeyHandle key, - COPY_IN(AccessCredentials, cred), CSSM_ACL_EDIT_MODE mode, CSSM_ACL_HANDLE handle, - COPY_IN(AclEntryInput, acl)) -{ - BEGIN_IPC - relocate(cred, credBase, credLength); - relocate(acl, aclBase, aclLength); - SecuritydDataSave sds("/var/tmp/AclEntryInput_changeAcl"); - sds.writeAclEntryInput(acl, aclLength); - Server::aclBearer(kind, key).changeAcl(AclEdit(mode, handle, acl), cred); - END_IPC(CSP) -} - -#endif /* 0 -- example code */