X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/e3d460c9de4426da6c630c3ae3f46173a99f82d8..0d4552ce43ff8bf2e8666a9c5c44c3590eb117a8:/OSX/libsecurity_keychain/lib/Access.cpp

diff --git a/OSX/libsecurity_keychain/lib/Access.cpp b/OSX/libsecurity_keychain/lib/Access.cpp
index 2aa23a18..032bbb6e 100644
--- a/OSX/libsecurity_keychain/lib/Access.cpp
+++ b/OSX/libsecurity_keychain/lib/Access.cpp
@@ -27,11 +27,10 @@
 #include <security_keychain/Access.h>
 #include <Security/SecBase.h>
 #include "SecBridge.h"
-#include <security_utilities/devrandom.h>
-#include <security_cdsa_utilities/uniformrandom.h>
+#include <Security/SecRandom.h>
 #include <security_cdsa_client/aclclient.h>
 #include <vector>
-#include <SecBase.h>
+#include <Security/SecBase.h>
 using namespace KeychainCore;
 using namespace CssmClient;
 
@@ -270,7 +269,7 @@ void Access::removeAclsForRight(AclAuthorization right) {
     for (Map::const_iterator it = mAcls.begin(); it != mAcls.end(); ) {
         if (it->second->authorizesSpecifically(right)) {
             it = mAcls.erase(it);
-            secdebugfunc("SecAccess", "%p removed an acl, %d left", this, mAcls.size());
+            secinfo("SecAccess", "%p removed an acl, %lu left", this, mAcls.size());
         } else {
             it++;
         }
@@ -339,16 +338,16 @@ void Access::compile(const CSSM_ACL_OWNER_PROTOTYPE &owner,
 	StLock<Mutex>_(mMutex);
 	// add owner acl
 	mAcls[ownerHandle] = new ACL(AclOwnerPrototype::overlay(owner));
-    secdebugfunc("SecAccess", "form of owner is: %d", mAcls[ownerHandle]->form());
+    secinfo("SecAccess", "form of owner is: %d", mAcls[ownerHandle]->form());
 	
 	// add acl entries
 	const AclEntryInfo *acl = AclEntryInfo::overlay(acls);
 	for (uint32 n = 0; n < aclCount; n++) {
-		secdebug("SecAccess", "%p compiling entry %ld", this, acl[n].handle());
+		secinfo("SecAccess", "%p compiling entry %ld", this, acl[n].handle());
 		mAcls[acl[n].handle()] = new ACL(acl[n]);
-        secdebug("SecAccess", "form is: %d", mAcls[acl[n].handle()]->form());
+        secinfo("SecAccess", "form is: %d", mAcls[acl[n].handle()]->form());
 	}
-	secdebug("SecAccess", "%p %ld entries compiled", this, mAcls.size());
+	secinfo("SecAccess", "%p %ld entries compiled", this, mAcls.size());
 }
 
 
@@ -364,14 +363,15 @@ Access::Maker::Maker(Allocator &alloc, MakerType makerType)
 	{
 		// generate random key
 		mKey.malloc(keySize);
-		UniformRandomBlobs<DevRandomGenerator>().random(mKey.get());
-		
+        CssmData data = mKey.get();
+        MacOSError::check(SecRandomCopyBytes(kSecRandomDefault, data.length(), data.data()));
+        
 		// create entry info for resource creation
 		mInput = AclEntryPrototype(TypedList(allocator, CSSM_ACL_SUBJECT_TYPE_PASSWORD,
 			new(allocator) ListElement(mKey.get())));
 		mInput.proto().tag(creationEntryTag);
-        secdebugfunc("SecAccess", "made a CSSM_ACL_SUBJECT_TYPE_PASSWORD ACL entry for %p", this);
-        secdebugfunc("SecAccess", "mInput: %p, typedList %p", &mInput, mInput.Prototype.TypedSubject);
+        secinfo("SecAccess", "made a CSSM_ACL_SUBJECT_TYPE_PASSWORD ACL entry for %p", this);
+        secinfo("SecAccess", "mInput: %p, typedList %p", &mInput, &(mInput.Prototype.TypedSubject));
 
 		// create credential sample for access
 		mCreds += TypedList(allocator, CSSM_SAMPLE_TYPE_PASSWORD, new(allocator) ListElement(mKey.get()));
@@ -380,7 +380,7 @@ Access::Maker::Maker(Allocator &alloc, MakerType makerType)
 	{
 		// just make it an CSSM_ACL_SUBJECT_TYPE_ANY list
 		mInput = AclEntryPrototype(TypedList(allocator, CSSM_ACL_SUBJECT_TYPE_ANY));
-        secdebugfunc("SecAccess", "made a CSSM_ACL_SUBJECT_TYPE_ANY ACL entry for %p", this);
+        secinfo("SecAccess", "made a CSSM_ACL_SUBJECT_TYPE_ANY ACL entry for %p", this);
 	}
 }