]> git.saurik.com Git - apple/securityd.git/blob - src/database.cpp
projects / apple / securityd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
securityd-16.tar.gz
[apple/securityd.git] / src / database.cpp
1 /*
2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved.
7 *
8 * This file contains Original Code and/or Modifications of Original Code
9 * as defined in and that are subject to the Apple Public Source License
10 * Version 2.0 (the 'License'). You may not use this file except in
11 * compliance with the License. Please obtain a copy of the License at
12 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * file.
14 *
15 * The Original Code and all software distributed under the License are
16 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
17 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
18 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
20 * Please see the License for the specific language governing rights and
21 * limitations under the License.
22 *
23 * @APPLE_LICENSE_HEADER_END@
24 */
25
26
27 //
28 // database - database session management
29 //
30 #include "database.h"
31 #include "agentquery.h"
32 #include "key.h"
33 #include "server.h"
34 #include "session.h"
35 #include <security_agent_client/agentclient.h>
36 #include <security_cdsa_utilities/acl_any.h> // for default owner ACLs
37 #include <security_cdsa_client/wrapkey.h>
38 #include <security_utilities/endian.h>
39
40
41 //
42 // DbCommon basics
43 //
44 DbCommon::DbCommon(Session &session)
45 {
46 referent(session);
47 }
48
49 Session &DbCommon::session() const
50 {
51 return referent<Session>();
52 }
53
54
55 //
56 // Database basics
57 //
58 Database::Database(Process &proc)
59 : SecurityServerAcl(dbAcl, Allocator::standard())
60 {
61 referent(proc);
62 }
63
64
65 Process& Database::process() const
66 {
67 return referent<Process>();
68 }
69
70
71 //
72 // Default behaviors
73 //
74 void DbCommon::sleepProcessing()
75 {
76 // nothing
77 }
78
79
80 void Database::releaseKey(Key &key)
81 {
82 removeReference(key);
83 }
84
85
86 //
87 // Implementation of a "system keychain unlock key store"
88 //
89 SystemKeychainKey::SystemKeychainKey(const char *path)
90 : mPath(path)
91 {
92 // explicitly set up a key header for a raw 3DES key
93 CssmKey::Header &hdr = mKey.header();
94 hdr.blobType(CSSM_KEYBLOB_RAW);
95 hdr.blobFormat(CSSM_KEYBLOB_RAW_FORMAT_OCTET_STRING);
96 hdr.keyClass(CSSM_KEYCLASS_SESSION_KEY);
97 hdr.algorithm(CSSM_ALGID_3DES_3KEY_EDE);
98 hdr.KeyAttr = 0;
99 hdr.KeyUsage = CSSM_KEYUSE_ANY;
100 mKey = CssmData::wrap(mBlob.masterKey);
101 }
102
103 SystemKeychainKey::~SystemKeychainKey()
104 {
105 }
106
107 bool SystemKeychainKey::matches(const DbBlob::Signature &signature)
108 {
109 return update() && signature == mBlob.signature;
110 }
111
112 bool SystemKeychainKey::update()
113 {
114 // if we checked recently, just assume it's okay
115 if (mUpdateThreshold > Time::now())
116 return mValid;
117
118 // check the file
119 struct stat st;
120 if (::stat(mPath.c_str(), &st)) {
121 // something wrong with the file; can't use it
122 mUpdateThreshold = Time::now() + Time::Interval(checkDelay);
123 return mValid = false;
124 }
125 if (mValid && Time::Absolute(st.st_mtimespec) == mCachedDate)
126 return true;
127 mUpdateThreshold = Time::now() + Time::Interval(checkDelay);
128
129 try {
130 secdebug("syskc", "reading system unlock record from %s", mPath.c_str());
131 AutoFileDesc fd(mPath, O_RDONLY);
132 if (fd.read(mBlob) != sizeof(mBlob))
133 return false;
134 if (mBlob.isValid()) {
135 mCachedDate = st.st_mtimespec;
136 return mValid = true;
137 } else
138 return mValid = false;
139 } catch (...) {
140 secdebug("syskc", "system unlock record not available");
141 return false;
142 }
143 }
mirror of securityd