X-Git-Url: https://git.saurik.com/apple/securityd.git/blobdiff_plain/eeadf2e6470f45ea0275a6019635573f2a7b5a2c..4cd1cad0dea00daa03e1b54fdf2797a02373ad5b:/src/tempdatabase.cpp diff --git a/src/tempdatabase.cpp b/src/tempdatabase.cpp index 4d64dae..e09e222 100644 --- a/src/tempdatabase.cpp +++ b/src/tempdatabase.cpp @@ -1,10 +1,8 @@ /* - * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2004,2008 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * - * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. - * * This file contains Original Code and/or Modifications of Original Code * as defined in and that are subject to the Apple Public Source License * Version 2.0 (the 'License'). You may not use this file except in @@ -37,23 +35,47 @@ #include "agentquery.h" -class TempKey : public LocalKey { +// +// Temporary-space Key objects are almost normal LocalKeys, with the key +// matter always preloaded (and thus no deferral of instantiation). +// A TempKey bears its own ACL. +// +class TempKey : public LocalKey, public SecurityServerAcl { public: TempKey(Database &db, const CssmKey &newKey, uint32 moreAttributes, const AclEntryPrototype *owner = NULL); -}; + Database *relatedDatabase(); + + SecurityServerAcl &acl() { return *this; } + +public: + // SecurityServerAcl personality + AclKind aclKind() const; +}; TempKey::TempKey(Database &db, const CssmKey &newKey, uint32 moreAttributes, const AclEntryPrototype *owner) - : LocalKey(db, newKey, moreAttributes, owner) + : LocalKey(db, newKey, moreAttributes) { - secdebug("SS adhoc", "Creating temporary (local) key"); // XXX/gh + setOwner(owner); db.addReference(*this); } +AclKind TempKey::aclKind() const +{ + return keyAcl; +} + + +Database *TempKey::relatedDatabase() +{ + return NULL; +} + + // // Create a Database object from initial parameters (create operation) // @@ -73,6 +95,11 @@ const char *TempDatabase::dbName() const return "(transient)"; } +bool TempDatabase::transient() const +{ + return true; +} + // // Invoke the Security Agent to get a passphrase (other than for a Keychain) @@ -83,14 +110,10 @@ void TempDatabase::getSecurePassphrase(const Context &context, uint32 verify = context.getInt(CSSM_ATTRIBUTE_VERIFY_PASSPHRASE, CSSMERR_CSSM_ATTRIBUTE_NOT_IN_CONTEXT); CssmData *promptData = context.get(CSSM_ATTRIBUTE_PROMPT); - const char *prompt = NULL; - if (promptData) - prompt = *promptData; - QueryGenericPassphrase agentQuery; agentQuery.inferHints(Server::process()); - agentQuery(prompt, verify, passphrase); + agentQuery(promptData, verify, passphrase); } @@ -117,9 +140,9 @@ void TempDatabase::makeSecurePassphraseKey(const Context &context, CssmClient::UnwrapKey unwrap(Server::csp(), CSSM_ALGID_NONE); CssmKey cspKey; - unwrap(rawKey, Key::KeySpec(usage, attrs), cspKey); + unwrap(rawKey, TempKey::KeySpec(usage, attrs), cspKey); - newKey = makeKey(cspKey, attrs & Key::managedAttributes, owner); + newKey = makeKey(cspKey, attrs & TempKey::managedAttributes, owner); } @@ -150,5 +173,6 @@ void TempDatabase::generateKey(const Context &context, RefPointer TempDatabase::makeKey(const CssmKey &newKey, uint32 moreAttributes, const AclEntryPrototype *owner) { + assert(!newKey.attribute(CSSM_KEYATTR_PERMANENT)); return new TempKey(*this, newKey, moreAttributes, owner); }