securityd_data_saver.cpp [plain text]
#include "securityd_data_saver.h"
void
SecuritydDataSave::writeContext(Context *context, intptr_t attraddr,
mach_msg_type_number_t attrSize)
{
uint32_t dtype = CONTEXT;
writeAll(&dtype, sizeof(dtype));
uint32_t csize = sizeof(CSSM_CONTEXT);
writeAll(&csize, sizeof(csize)); writeAll(context, csize);
csize = sizeof(attraddr);
writeAll(&csize, sizeof(csize));
writeAll(&attraddr, csize);
csize = attrSize;
writeAll(&csize, sizeof(csize));
writeAll(context->ContextAttributes, csize);
}
void
SecuritydDataSave::writeAclEntryInfo(AclEntryInfo *acls,
mach_msg_type_number_t aclsLength)
{
uint32_t dtype = ACL_ENTRY_INFO;
writeAll(&dtype, sizeof(dtype));
uint32_t ptrsize = sizeof(acls);
writeAll(&ptrsize, sizeof(ptrsize));
writeAll(&acls, ptrsize);
writeAll(&aclsLength, sizeof(aclsLength));
writeAll(acls, aclsLength);
}
void
SecuritydDataSave::writeAclEntryInput(AclEntryInput *acl,
mach_msg_type_number_t aclLength)
{
uint32_t dtype = ACL_ENTRY_INPUT;
writeAll(&dtype, sizeof(dtype));
uint32_t ptrsize = sizeof(acl);
writeAll(&ptrsize, sizeof(ptrsize));
writeAll(&acl, ptrsize);
writeAll(&aclLength, sizeof(aclLength));
writeAll(acl, aclLength);
}
#if 0
kern_return_t ucsp_server_findFirst(UCSP_ARGS, DbHandle db,
COPY_IN(CssmQuery, query),
COPY_IN(CssmDbRecordAttributeData, inAttributes),
COPY_OUT(CssmDbRecordAttributeData, outAttributes),
boolean_t getData,
DATA_OUT(data), KeyHandle *hKey, SearchHandle *hSearch, RecordHandle *hRecord)
{
BEGIN_IPC
relocate(query, queryBase, queryLength);
SecuritydDataSave sds("/var/tmp/Query_findFirst");
sds.writeQuery(query, queryLength);
relocate(inAttributes, inAttributesBase, inAttributesLength);
RefPointer<Database::Search> search;
RefPointer<Database::Record> record;
RefPointer<Key> key;
CssmData outData; CssmDbRecordAttributeData *outAttrs; mach_msg_type_number_t outAttrsLength;
Server::database(db)->findFirst(*query, inAttributes, inAttributesLength,
getData ? &outData : NULL, key, search, record, outAttrs, outAttrsLength);
if (!record) {
*hRecord = noRecord;
*hSearch = noSearch;
*hKey = noKey;
} else {
*hRecord = record->handle();
*hSearch = search->handle();
*hKey = key ? key->handle() : noKey;
flips(outAttrs, outAttributes, outAttributesBase);
*outAttributesLength = outAttrsLength;
if (getData) {
*data = outData.data();
*dataLength = outData.length();
}
}
END_IPC(DL)
}
kern_return_t ucsp_server_decrypt(UCSP_ARGS, CONTEXT_ARGS, KeyHandle keyh,
DATA_IN(cipher), DATA_OUT(clear))
{
BEGIN_IPC
SecuritydDataSave td("/var/tmp/securityd_Context_decrypt"); relocate(context, contextBase, attributes, attrSize);
intptr_t attraddr = reinterpret_cast<intptr_t>(&context->ContextAttributes);
td.writeContext(&context, attraddr, attrSize);
RefPointer<Key> key = Server::key(keyh);
OutputData clearOut(clear, clearLength);
key->database().decrypt(context, *key, DATA(cipher), clearOut);
END_IPC(CSP)
}
kern_return_t ucsp_server_getAcl(UCSP_ARGS, AclKind kind, KeyHandle key,
boolean_t haveTag, const char *tag,
uint32 *countp, COPY_OUT(AclEntryInfo, acls))
{
BEGIN_IPC
uint32 count;
AclEntryInfo *aclList;
Server::aclBearer(kind, key).getAcl(haveTag ? tag : NULL, count, aclList);
*countp = count;
Copier<AclEntryInfo> aclsOut(aclList, count);
{ ChunkFreeWalker free;
for (uint32 n = 0; n < count; n++)
walk(free, aclList[n]);
Allocator::standard().free (aclList);
}
*aclsLength = aclsOut.length();
*acls = *aclsBase = aclsOut;
if (flipClient()) {
FlipWalker w;
for (uint32 n = 0; n < count; n++)
walk(w, (*acls)[n]);
w.doFlips();
Flippers::flip(*aclsBase);
}
SecuritydDataSave sds("/var/tmp/AclEntryInfo_getAcl");
sds.writeAclEntryInfo(*acls, *aclsLength);
Server::releaseWhenDone(aclsOut.keep());
END_IPC(CSP)
}
kern_return_t ucsp_server_changeAcl(UCSP_ARGS, AclKind kind, KeyHandle key,
COPY_IN(AccessCredentials, cred), CSSM_ACL_EDIT_MODE mode, CSSM_ACL_HANDLE handle,
COPY_IN(AclEntryInput, acl))
{
BEGIN_IPC
relocate(cred, credBase, credLength);
relocate(acl, aclBase, aclLength);
SecuritydDataSave sds("/var/tmp/AclEntryInput_changeAcl");
sds.writeAclEntryInput(acl, aclLength);
Server::aclBearer(kind, key).changeAcl(AclEdit(mode, handle, acl), cred);
END_IPC(CSP)
}
#endif