2 * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
26 // tokendatabase - software database container implementation.
28 #include "tokendatabase.h"
30 #include "tokenaccess.h"
33 #include "localkey.h" // to retrieve local raw keys
34 #include <security_cdsa_client/wrapkey.h>
38 // Construct a TokenDbCommon
40 TokenDbCommon::TokenDbCommon(Session
&ssn
, Token
&tk
, const char *name
)
41 : DbCommon(ssn
), mDbName(name
? name
: ""), mHasAclState(false), mResetLevel(0)
43 secdebug("tokendb", "creating tokendbcommon %p: with token %p", this, &tk
);
47 TokenDbCommon::~TokenDbCommon()
49 secdebug("tokendb", "destroying tokendbcommon %p", this);
50 token().removeCommon(*this); // unregister from Token
53 Token
&TokenDbCommon::token() const
55 return parent
<Token
>();
58 std::string
TokenDbCommon::dbName() const
60 return token().printName();
65 // A TokenDbCommon holds per-session adornments for the ACL machine
67 Adornable
&TokenDbCommon::store()
69 StLock
<Mutex
> _(*this);
71 // if this is the first one, hook for lifetime
73 session().addReference(*this); // hold and slave to SSN lifetime
74 token().addCommon(*this); // register with Token
78 // return our (now active) adornments
82 void TokenDbCommon::resetAcls()
84 StLock
<Mutex
> _(*this);
86 clearAdornments(); // clear ACL state
87 session().removeReference(*this); // unhook from SSN
90 token().removeCommon(*this); // unregister from Token
95 // Send out a "keychain" notification for this database
97 void TokenDbCommon::notify(NotificationEvent event
)
99 DbCommon::notify(event
, DLDbIdentifier(dbName().c_str(), gGuidAppleSdCSPDL
,
100 subservice(), CSSM_SERVICE_DL
| CSSM_SERVICE_CSP
));
105 // Process (our part of) a "lock all" request.
106 // Smartcard tokens interpret a "lock" as a forced card reset, transmitted
107 // to tokend as an authenticate request.
108 // @@@ Virtual reset for multi-session tokens. Right now, we're using the sledge hammer.
110 void TokenDbCommon::lockProcessing()
112 Access
access(token());
113 access().authenticate(CSSM_DB_ACCESS_RESET
, NULL
);
117 // Construct a TokenDatabase given subservice information.
118 // We are currently ignoring the 'name' argument.
120 TokenDatabase::TokenDatabase(uint32 ssid
, Process
&proc
,
121 const char *name
, const AccessCredentials
*cred
)
124 // locate Token object
125 RefPointer
<Token
> token
= Token::find(ssid
);
127 Session
&session
= process().session();
128 StLock
<Mutex
> _(session
);
129 if (TokenDbCommon
*dbcom
= session
.findFirst
<TokenDbCommon
, uint32
>(&TokenDbCommon::subservice
, ssid
)) {
131 secdebug("tokendb", "open tokendb %p(%d) at known common %p",
132 this, subservice(), dbcom
);
134 // DbCommon not present; make a new one
135 parent(*new TokenDbCommon(proc
.session(), *token
, name
));
136 secdebug("tokendb", "open tokendb %p(%d) with new common %p",
137 this, subservice(), &common());
139 mOpenCreds
= copy(cred
, Allocator::standard());
140 proc
.addReference(*this);
143 TokenDatabase::~TokenDatabase()
145 Allocator::standard().free(mOpenCreds
);
150 // Basic Database virtual implementations
152 TokenDbCommon
&TokenDatabase::common() const
154 return parent
<TokenDbCommon
>();
157 TokenDaemon
&TokenDatabase::tokend()
159 return common().token().tokend();
162 const char *TokenDatabase::dbName() const
164 return common().dbName().c_str();
167 bool TokenDatabase::transient() const
169 //@@@ let tokend decide? Are there any secure transient keystores?
175 // Our ObjectAcl resides in the Token object.
177 SecurityServerAcl
&TokenDatabase::acl()
184 // We post-process the status version of getAcl to account for virtual (per-session)
187 void TokenDatabase::getAcl(const char *tag
, uint32
&count
, AclEntryInfo
*&acls
)
189 AclSource::getAcl(tag
, count
, acls
);
191 for (unsigned n
= 0; n
< count
; n
++) {
192 AclEntryPrototype
&proto
= acls
[n
];
193 if (unsigned pin
= pinFromAclTag(proto
.tag(), "?")) { // pin state response
194 secdebug("tokendb", "%p updating PIN%d state response", this, pin
);
195 TypedList
&subject
= proto
.subject();
196 // subject == { CSSM_WORID_PIN, pin-number, status [, count ] } # all numbers
197 if (subject
.length() > 2
198 && subject
[0].is(CSSM_LIST_ELEMENT_WORDID
)
199 && subject
[0] == CSSM_WORDID_PIN
200 && subject
[1].is(CSSM_LIST_ELEMENT_WORDID
)
201 && subject
[2].is(CSSM_LIST_ELEMENT_WORDID
)) {
202 uint32 pin
= subject
[1];
203 if (!common().attachment
<PreAuthorizationAcls::AclState
>((void *)pin
).accepted
) {
204 // we are not pre-authorized in this session
205 secdebug("tokendb", "%p session state forces PIN%d reporting unauthorized", this, pin
);
206 uint32 status
= subject
[2];
207 status
&= ~CSSM_ACL_PREAUTH_TRACKING_AUTHORIZED
; // clear authorized bit
210 if (subject
.length() > 3 && subject
[3].is(CSSM_LIST_ELEMENT_WORDID
))
211 secdebug("tokendb", "%p PIN%d count=%d", this, pin
, subject
[3].word());
220 bool TokenDatabase::isLocked()
222 Access
access(token());
224 bool lockState
= pinState(1);
225 // bool lockState = access().isLocked();
227 secdebug("tokendb", "returning isLocked=%d", lockState
);
231 bool TokenDatabase::pinState(uint32 pin
, int *pinCount
/* = NULL */)
235 this->getAcl("PIN1?", count
, acls
);
236 bool locked
= true; // preset locked
238 *pinCount
= -1; // preset unknown
241 secdebug("tokendb", "PIN%d query returned no entries", pin
);
244 secdebug("tokendb", "PIN%d query returned multiple entries", pin
);
248 TypedList
&subject
= acls
[0].proto().subject();
249 if (subject
.length() > 2
250 && subject
[0].is(CSSM_LIST_ELEMENT_WORDID
)
251 && subject
[0] == CSSM_WORDID_PIN
252 && subject
[1].is(CSSM_LIST_ELEMENT_WORDID
)
253 && subject
[2].is(CSSM_LIST_ELEMENT_WORDID
)) {
254 uint32 status
= subject
[2];
255 locked
= !(status
& CSSM_ACL_PREAUTH_TRACKING_AUTHORIZED
);
256 if (pinCount
&& locked
&& subject
.length() > 3 && subject
[3].is(CSSM_LIST_ELEMENT_WORDID
))
257 *pinCount
= subject
[3];
263 // release memory allocated by getAcl
264 ChunkFreeWalker free
;
265 for (uint32 n
= 0; n
< count
; n
++)
267 Allocator::standard().free(acls
);
275 // TokenDatabases implement the dbName-setting function.
276 // This sets the print name of the token, which is persistently
277 // stored in the token cache. So this is a de-facto rename of
278 // the token, at least on this system.
280 void TokenDatabase::dbName(const char *name
)
282 CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED
);
287 // Given a key handle and CssmKey returned from tokend, create a Key representing
288 // it. This takes care of raw returns by turning them into keys of the process's
289 // local transient store.
291 RefPointer
<Key
> TokenDatabase::makeKey(KeyHandle hKey
, const CssmKey
*key
,
292 uint32 moreAttributes
, const AclEntryPrototype
*owner
)
294 switch (key
->blobType()) {
295 case CSSM_KEYBLOB_REFERENCE
:
296 return new TokenKey(*this, hKey
, key
->header());
297 case CSSM_KEYBLOB_RAW
:
298 return process().makeTemporaryKey(*key
, moreAttributes
, owner
);
300 CssmError::throwMe(CSSM_ERRCODE_INTERNAL_ERROR
); // bad key return from tokend
302 //@@@ Server::releaseWhenDone(key);
307 // Adjust key attributes for newly created keys
309 static CSSM_KEYATTR_FLAGS
modattrs(CSSM_KEYATTR_FLAGS attrs
)
311 static const CSSM_KEYATTR_FLAGS CSSM_KEYATTR_RETURN_FLAGS
= 0xff000000;
312 switch (attrs
& CSSM_KEYATTR_RETURN_FLAGS
) {
313 case CSSM_KEYATTR_RETURN_REF
:
314 case CSSM_KEYATTR_RETURN_DATA
:
315 break; // as requested
316 case CSSM_KEYATTR_RETURN_NONE
:
317 CssmError::throwMe(CSSMERR_CSP_UNSUPPORTED_KEYATTR_MASK
);
318 case CSSM_KEYATTR_RETURN_DEFAULT
:
319 if (attrs
& CSSM_KEYATTR_PERMANENT
)
320 attrs
|= CSSM_KEYATTR_RETURN_REF
;
322 attrs
|= CSSM_KEYATTR_RETURN_DATA
;
330 // TokenDatabases support remote secret validation by sending a secret
331 // (aka passphrase et al) to tokend for processing.
333 bool TokenDatabase::validateSecret(const AclSubject
*subject
, const AccessCredentials
*cred
)
335 secdebug("tokendb", "%p attempting remote validation", this);
337 Access
access(token());
338 // @@@ Use cached mode
339 access().authenticate(CSSM_DB_ACCESS_READ
, cred
);
340 secdebug("tokendb", "%p remote validation successful", this);
344 secdebug("tokendb", "%p remote validation failed", this);
346 throw; // try not to mask error
354 void TokenDatabase::queryKeySizeInBits(Key
&key
, CssmKeySize
&result
)
356 Access
access(token());
359 access().queryKeySizeInBits(myKey(key
).tokenHandle(), result
);
365 // Signatures and MACs
367 void TokenDatabase::generateSignature(const Context
&context
, Key
&key
,
368 CSSM_ALGORITHMS signOnlyAlgorithm
, const CssmData
&data
, CssmData
&signature
)
370 Access
access(token(), key
);
372 key
.validate(CSSM_ACL_AUTHORIZATION_SIGN
, context
);
374 access().generateSignature(context
, myKey(key
).tokenHandle(), data
, signature
, signOnlyAlgorithm
);
379 void TokenDatabase::verifySignature(const Context
&context
, Key
&key
,
380 CSSM_ALGORITHMS verifyOnlyAlgorithm
, const CssmData
&data
, const CssmData
&signature
)
382 Access
access(token(), key
);
385 access().verifySignature(context
, myKey(key
).tokenHandle(), data
, signature
, verifyOnlyAlgorithm
);
389 void TokenDatabase::generateMac(const Context
&context
, Key
&key
,
390 const CssmData
&data
, CssmData
&mac
)
392 Access
access(token());
394 key
.validate(CSSM_ACL_AUTHORIZATION_MAC
, context
);
396 access().generateMac(context
, myKey(key
).tokenHandle(), data
, mac
);
400 void TokenDatabase::verifyMac(const Context
&context
, Key
&key
,
401 const CssmData
&data
, const CssmData
&mac
)
403 Access
access(token());
405 key
.validate(CSSM_ACL_AUTHORIZATION_MAC
, context
);
407 access().verifyMac(context
, myKey(key
).tokenHandle(), data
, mac
);
413 // Encryption/decryption
415 void TokenDatabase::encrypt(const Context
&context
, Key
&key
,
416 const CssmData
&clear
, CssmData
&cipher
)
418 Access
access(token());
420 key
.validate(CSSM_ACL_AUTHORIZATION_ENCRYPT
, context
);
422 access().encrypt(context
, myKey(key
).tokenHandle(), clear
, cipher
);
427 void TokenDatabase::decrypt(const Context
&context
, Key
&key
,
428 const CssmData
&cipher
, CssmData
&clear
)
430 Access
access(token());
432 key
.validate(CSSM_ACL_AUTHORIZATION_DECRYPT
, context
);
434 access().decrypt(context
, myKey(key
).tokenHandle(), cipher
, clear
);
440 // Key generation and derivation.
441 // Currently, we consider symmetric key generation to be fast, but
442 // asymmetric key generation to be (potentially) slow.
444 void TokenDatabase::generateKey(const Context
&context
,
445 const AccessCredentials
*cred
, const AclEntryPrototype
*owner
,
446 CSSM_KEYUSE usage
, CSSM_KEYATTR_FLAGS attrs
, RefPointer
<Key
> &newKey
)
448 Access
access(token());
453 access().generateKey(context
, cred
, owner
, usage
, modattrs(attrs
), hKey
, result
);
454 newKey
= makeKey(hKey
, result
, 0, owner
);
458 void TokenDatabase::generateKey(const Context
&context
,
459 const AccessCredentials
*cred
, const AclEntryPrototype
*owner
,
460 CSSM_KEYUSE pubUsage
, CSSM_KEYATTR_FLAGS pubAttrs
,
461 CSSM_KEYUSE privUsage
, CSSM_KEYATTR_FLAGS privAttrs
,
462 RefPointer
<Key
> &publicKey
, RefPointer
<Key
> &privateKey
)
464 Access
access(token());
467 KeyHandle hPrivate
, hPublic
;
468 CssmKey
*privKey
, *pubKey
;
469 access().generateKey(context
, cred
, owner
,
470 pubUsage
, modattrs(pubAttrs
), privUsage
, modattrs(privAttrs
),
471 hPublic
, pubKey
, hPrivate
, privKey
);
472 publicKey
= makeKey(hPublic
, pubKey
, 0, owner
);
473 privateKey
= makeKey(hPrivate
, privKey
, 0, owner
);
479 // Key wrapping and unwrapping.
480 // Note that the key argument (the key in the context) is optional because of the special
481 // case of "cleartext" (null algorithm) wrapping for import/export.
483 void TokenDatabase::wrapKey(const Context
&context
, const AccessCredentials
*cred
,
484 Key
*wrappingKey
, Key
&subjectKey
,
485 const CssmData
&descriptiveData
, CssmKey
&wrappedKey
)
487 Access
access(token());
488 InputKey
cWrappingKey(wrappingKey
);
489 InputKey
cSubjectKey(subjectKey
);
491 subjectKey
.validate(context
.algorithm() == CSSM_ALGID_NONE
?
492 CSSM_ACL_AUTHORIZATION_EXPORT_CLEAR
: CSSM_ACL_AUTHORIZATION_EXPORT_WRAPPED
,
495 wrappingKey
->validate(CSSM_ACL_AUTHORIZATION_ENCRYPT
, context
);
497 CssmKey
*rWrappedKey
;
498 access().wrapKey(context
, cred
,
499 cWrappingKey
, cWrappingKey
, cSubjectKey
, cSubjectKey
,
500 descriptiveData
, rWrappedKey
);
501 wrappedKey
= *rWrappedKey
;
502 //@@@ ownership of wrappedKey.keyData() ??
506 void TokenDatabase::unwrapKey(const Context
&context
,
507 const AccessCredentials
*cred
, const AclEntryPrototype
*owner
,
508 Key
*wrappingKey
, Key
*publicKey
, CSSM_KEYUSE usage
, CSSM_KEYATTR_FLAGS attrs
,
509 const CssmKey wrappedKey
, RefPointer
<Key
> &unwrappedKey
, CssmData
&descriptiveData
)
511 Access
access(token());
512 InputKey
cWrappingKey(wrappingKey
);
513 InputKey
cPublicKey(publicKey
);
516 wrappingKey
->validate(CSSM_ACL_AUTHORIZATION_DECRYPT
, context
);
517 // we are not checking access on the public key, if any
521 access().unwrapKey(context
, cred
, owner
,
522 cWrappingKey
, cWrappingKey
, cPublicKey
, cPublicKey
,
523 wrappedKey
, usage
, modattrs(attrs
), descriptiveData
, hKey
, result
);
524 unwrappedKey
= makeKey(hKey
, result
, modattrs(attrs
) & LocalKey::managedAttributes
, owner
);
532 void TokenDatabase::deriveKey(const Context
&context
, Key
*sourceKey
,
533 const AccessCredentials
*cred
, const AclEntryPrototype
*owner
,
534 CssmData
*param
, CSSM_KEYUSE usage
, CSSM_KEYATTR_FLAGS attrs
, RefPointer
<Key
> &derivedKey
)
536 Access
access(token());
537 InputKey
cSourceKey(sourceKey
);
540 sourceKey
->validate(CSSM_ACL_AUTHORIZATION_DERIVE
, cred
);
544 CssmData params
= param
? *param
: CssmData();
545 access().deriveKey(noDb
, context
,
546 cSourceKey
, cSourceKey
,
547 usage
, modattrs(attrs
), params
, cred
, owner
,
551 //@@@ leak? what's the rule here?
553 derivedKey
= makeKey(hKey
, result
, 0, owner
);
559 // Miscellaneous CSSM functions
561 void TokenDatabase::getOutputSize(const Context
&context
, Key
&key
,
562 uint32 inputSize
, bool encrypt
, uint32
&result
)
564 Access
access(token());
567 access().getOutputSize(context
, myKey(key
).tokenHandle(), inputSize
, encrypt
, result
);
573 // (Re-)Authenticate the database.
574 // We use dbAuthenticate as the catch-all "do something about authentication" call.
576 void TokenDatabase::authenticate(CSSM_DB_ACCESS_TYPE mode
, const AccessCredentials
*cred
)
578 Access
access(token());
581 if (mode
!= CSSM_DB_ACCESS_RESET
&& cred
) {
582 secdebug("tokendb", "%p authenticate calling validate", this);
583 if (unsigned pin
= pinFromAclTag(cred
->EntryTag
)) {
584 validate(CSSM_ACL_AUTHORIZATION_PREAUTH(pin
), cred
);
585 notify(kNotificationEventUnlocked
);
590 access().authenticate(mode
, cred
);
592 case CSSM_DB_ACCESS_RESET
:
593 // this mode is known to trigger "lockdown" (i.e. reset)
594 common().resetAcls();
595 notify(kNotificationEventLocked
);
599 // no idea what that did to the token;
600 // But let's remember the new creds for our own sake.
601 AccessCredentials
*newCred
= copy(cred
, Allocator::standard());
602 Allocator::standard().free(mOpenCreds
);
603 mOpenCreds
= newCred
;
611 // Data access interface.
613 // Note that the attribute vectors are passed between our two IPC interfaces
614 // as relocated but contiguous memory blocks (to avoid an extra copy). This means
615 // you can read them at will, but can't change them in transit unless you're
616 // willing to repack them right here.
618 void TokenDatabase::findFirst(const CssmQuery
&query
,
619 CssmDbRecordAttributeData
*inAttributes
, mach_msg_type_number_t inAttributesLength
,
620 CssmData
*data
, RefPointer
<Key
> &key
,
621 RefPointer
<Database::Search
> &rSearch
, RefPointer
<Database::Record
> &rRecord
,
622 CssmDbRecordAttributeData
* &outAttributes
, mach_msg_type_number_t
&outAttributesLength
)
624 Access
access(token());
625 RefPointer
<Search
> search
= new Search(*this);
626 RefPointer
<Record
> record
= new Record(*this);
628 KeyHandle hKey
= noKey
;
629 validate(CSSM_ACL_AUTHORIZATION_DB_READ
, openCreds());
631 record
->tokenHandle() = access().Tokend::ClientSession::findFirst(query
,
632 inAttributes
, inAttributesLength
, search
->tokenHandle(), NULL
, hKey
,
633 outAttributes
, outAttributesLength
);
634 if (!record
->tokenHandle()) { // no match (but no other error)
635 rRecord
= NULL
; // return null record
640 record
->validate(CSSM_ACL_AUTHORIZATION_DB_READ
, openCreds());
641 CssmDbRecordAttributeData
*noAttributes
;
642 mach_msg_type_number_t noAttributesLength
;
643 access().Tokend::ClientSession::findRecordHandle(record
->tokenHandle(),
644 NULL
, 0, data
, hKey
, noAttributes
, noAttributesLength
);
645 if (hKey
) { // tokend returned a key reference & data
646 CssmKey
&keyForm
= *data
->interpretedAs
<CssmKey
>(CSSMERR_CSP_INVALID_KEY
);
647 key
= new TokenKey(*this, hKey
, keyForm
.header());
650 rSearch
= search
->commit();
651 rRecord
= record
->commit();
655 void TokenDatabase::findNext(Database::Search
*rSearch
,
656 CssmDbRecordAttributeData
*inAttributes
, mach_msg_type_number_t inAttributesLength
,
657 CssmData
*data
, RefPointer
<Key
> &key
, RefPointer
<Database::Record
> &rRecord
,
658 CssmDbRecordAttributeData
* &outAttributes
, mach_msg_type_number_t
&outAttributesLength
)
660 Access
access(token());
661 RefPointer
<Record
> record
= new Record(*this);
662 Search
*search
= safe_cast
<Search
*>(rSearch
);
664 KeyHandle hKey
= noKey
;
665 validate(CSSM_ACL_AUTHORIZATION_DB_READ
, openCreds());
667 record
->tokenHandle() = access().Tokend::ClientSession::findNext(
668 search
->tokenHandle(), inAttributes
, inAttributesLength
,
669 NULL
, hKey
, outAttributes
, outAttributesLength
);
670 if (!record
->tokenHandle()) { // no more matches
671 releaseSearch(*search
); // release search handle (consumed by EOD)
672 rRecord
= NULL
; // return null record
677 record
->validate(CSSM_ACL_AUTHORIZATION_DB_READ
, openCreds());
678 CssmDbRecordAttributeData
*noAttributes
;
679 mach_msg_type_number_t noAttributesLength
;
680 access().Tokend::ClientSession::findRecordHandle(record
->tokenHandle(),
681 NULL
, 0, data
, hKey
, noAttributes
, noAttributesLength
);
682 if (hKey
) { // tokend returned a key reference & data
683 CssmKey
&keyForm
= *data
->interpretedAs
<CssmKey
>(CSSMERR_CSP_INVALID_KEY
);
684 key
= new TokenKey(*this, hKey
, keyForm
.header());
687 rRecord
= record
->commit();
691 void TokenDatabase::findRecordHandle(Database::Record
*rRecord
,
692 CssmDbRecordAttributeData
*inAttributes
, mach_msg_type_number_t inAttributesLength
,
693 CssmData
*data
, RefPointer
<Key
> &key
,
694 CssmDbRecordAttributeData
* &outAttributes
, mach_msg_type_number_t
&outAttributesLength
)
696 Access
access(token());
697 Record
*record
= safe_cast
<Record
*>(rRecord
);
700 KeyHandle hKey
= noKey
;
701 validate(CSSM_ACL_AUTHORIZATION_DB_READ
, openCreds());
703 record
->validate(CSSM_ACL_AUTHORIZATION_DB_READ
, openCreds());
705 access().Tokend::ClientSession::findRecordHandle(record
->tokenHandle(),
706 inAttributes
, inAttributesLength
, data
, hKey
, outAttributes
, outAttributesLength
);
708 if (hKey
!= noKey
&& data
) { // tokend returned a key reference & data
709 CssmKey
&keyForm
= *data
->interpretedAs
<CssmKey
>(CSSMERR_CSP_INVALID_KEY
);
710 key
= new TokenKey(*this, hKey
, keyForm
.header());
715 void TokenDatabase::insertRecord(CSSM_DB_RECORDTYPE recordType
,
716 const CssmDbRecordAttributeData
*attributes
, mach_msg_type_number_t attributesLength
,
717 const CssmData
&data
, RefPointer
<Database::Record
> &rRecord
)
719 Access
access(token());
720 RefPointer
<Record
> record
= new Record(*this);
723 validate(CSSM_ACL_AUTHORIZATION_DB_INSERT
, openCreds());
725 access().Tokend::ClientSession::insertRecord(recordType
,
726 attributes
, attributesLength
, data
, record
->tokenHandle());
731 void TokenDatabase::modifyRecord(CSSM_DB_RECORDTYPE recordType
, Record
*rRecord
,
732 const CssmDbRecordAttributeData
*attributes
, mach_msg_type_number_t attributesLength
,
733 const CssmData
*data
, CSSM_DB_MODIFY_MODE modifyMode
)
735 Access
access(token());
736 Record
*record
= safe_cast
<Record
*>(rRecord
);
739 validate(CSSM_ACL_AUTHORIZATION_DB_MODIFY
, openCreds());
740 record
->validate(CSSM_ACL_AUTHORIZATION_DB_MODIFY
, openCreds());
742 access().Tokend::ClientSession::modifyRecord(recordType
,
743 record
->tokenHandle(), attributes
, attributesLength
, data
, modifyMode
);
747 void TokenDatabase::deleteRecord(Database::Record
*rRecord
)
749 Access
access(token(), *this);
750 Record
*record
= safe_cast
<Record
*>(rRecord
);
753 validate(CSSM_ACL_AUTHORIZATION_DB_DELETE
, openCreds());
754 record
->validate(CSSM_ACL_AUTHORIZATION_DB_DELETE
, openCreds());
756 access().Tokend::ClientSession::deleteRecord(record
->tokenHandle());
762 // Record/Search object handling
764 TokenDatabase::Search::~Search()
768 database().token().tokend().Tokend::ClientSession::releaseSearch(mHandle
);
770 secdebug("tokendb", "%p release search handle %ld threw (ignored)",
775 TokenDatabase::Record::~Record()
779 database().token().tokend().Tokend::ClientSession::releaseRecord(mHandle
);
781 secdebug("tokendb", "%p release record handle %ld threw (ignored)",
788 // TokenAcl personality of Record
790 AclKind
TokenDatabase::Record::aclKind() const
795 Token
&TokenDatabase::Record::token()
797 return safer_cast
<TokenDatabase
&>(database()).token();
800 GenericHandle
TokenDatabase::Record::tokenHandle() const
802 return Handler::tokenHandle();
807 // Local utility classes
809 void TokenDatabase::InputKey::setup(Key
*key
)
811 if (TokenKey
*myKey
= dynamic_cast<TokenKey
*>(key
)) {
813 mKeyHandle
= myKey
->tokenHandle();
815 } else if (LocalKey
*hisKey
= dynamic_cast<LocalKey
*>(key
)) {
816 // a local key - turn into raw form
817 CssmClient::WrapKey
wrap(Server::csp(), CSSM_ALGID_NONE
);
818 wrap(hisKey
->cssmKey(), mKey
);
829 TokenDatabase::InputKey::~InputKey()
832 //@@@ Server::csp().freeKey(mKey) ??
833 Server::csp()->allocator().free(mKey
.keyData());