securityd-55199.3.tar.gz

[apple/securityd.git] / src / tempdatabase.cpp

diff --git a/src/tempdatabase.cpp b/src/tempdatabase.cpp
index 4d64dae858b4f99321809de9a455c159b9d11ee7..e09e222e839727642e811d97ce6c6366ce8d929a 100644 (file)
--- a/src/tempdatabase.cpp
+++ b/src/tempdatabase.cpp
@@ -1,10 +1,8 @@
 /*
- * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ * Copyright (c) 2004,2008 Apple Inc. All Rights Reserved.
  * 
  * @APPLE_LICENSE_HEADER_START@
  * 
- * Copyright (c) 1999-2003 Apple Computer, Inc.  All Rights Reserved.
- * 
  * This file contains Original Code and/or Modifications of Original Code
  * as defined in and that are subject to the Apple Public Source License
  * Version 2.0 (the 'License'). You may not use this file except in
@@ -37,23 +35,47 @@
 #include "agentquery.h"
 
 
-class TempKey : public LocalKey {
+//
+// Temporary-space Key objects are almost normal LocalKeys, with the key
+// matter always preloaded (and thus no deferral of instantiation).
+// A TempKey bears its own ACL.
+//
+class TempKey : public LocalKey, public SecurityServerAcl {
 public:
        TempKey(Database &db, const CssmKey &newKey, uint32 moreAttributes,
                const AclEntryPrototype *owner = NULL);
-};
        
+       Database *relatedDatabase();
+       
+       SecurityServerAcl &acl()        { return *this; }
+
+public:
+       // SecurityServerAcl personality
+       AclKind aclKind() const;
+};
 
 
 TempKey::TempKey(Database &db, const CssmKey &newKey, uint32 moreAttributes,
                const AclEntryPrototype *owner)
-       : LocalKey(db, newKey, moreAttributes, owner)
+       : LocalKey(db, newKey, moreAttributes)
 {
-       secdebug("SS adhoc", "Creating temporary (local) key"); // XXX/gh
+       setOwner(owner);
        db.addReference(*this);
 }
 
 
+AclKind TempKey::aclKind() const
+{
+       return keyAcl;
+}
+
+
+Database *TempKey::relatedDatabase()
+{
+       return NULL;
+}
+
+
 //
 // Create a Database object from initial parameters (create operation)
 //
@@ -73,6 +95,11 @@ const char *TempDatabase::dbName() const
        return "(transient)";
 }
 
+bool TempDatabase::transient() const
+{
+       return true;
+}
+
 
 //
 // Invoke the Security Agent to get a passphrase (other than for a Keychain)
@@ -83,14 +110,10 @@ void TempDatabase::getSecurePassphrase(const Context &context,
     uint32 verify = context.getInt(CSSM_ATTRIBUTE_VERIFY_PASSPHRASE, CSSMERR_CSSM_ATTRIBUTE_NOT_IN_CONTEXT);
     
     CssmData *promptData = context.get<CssmData>(CSSM_ATTRIBUTE_PROMPT);
-    const char *prompt = NULL; 
        
-       if (promptData)
-               prompt = *promptData;
-    
     QueryGenericPassphrase agentQuery;
     agentQuery.inferHints(Server::process());
-    agentQuery(prompt, verify, passphrase);
+    agentQuery(promptData, verify, passphrase);
 }
 
 
@@ -117,9 +140,9 @@ void TempDatabase::makeSecurePassphraseKey(const Context &context,
        
        CssmClient::UnwrapKey unwrap(Server::csp(), CSSM_ALGID_NONE);
        CssmKey cspKey;
-       unwrap(rawKey, Key::KeySpec(usage, attrs), cspKey);
+       unwrap(rawKey, TempKey::KeySpec(usage, attrs), cspKey);
        
-       newKey = makeKey(cspKey, attrs & Key::managedAttributes, owner);
+       newKey = makeKey(cspKey, attrs & TempKey::managedAttributes, owner);
 }
 
 
@@ -150,5 +173,6 @@ void TempDatabase::generateKey(const Context &context,
 RefPointer<Key> TempDatabase::makeKey(const CssmKey &newKey,
        uint32 moreAttributes, const AclEntryPrototype *owner)
 {
+       assert(!newKey.attribute(CSSM_KEYATTR_PERMANENT));
        return new TempKey(*this, newKey, moreAttributes, owner);
 }