1/* 2 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24// 25// UnlockReferralItem - Abstract interface to permanent user trust assignments 26// 27#include <security_keychain/UnlockReferralItem.h> 28#include <security_cdsa_utilities/Schema.h> 29#include <security_keychain/SecCFTypes.h> 30 31 32namespace Security { 33namespace KeychainCore { 34 35 36// 37// Construct a UnlockReferralItem from attributes and initial content 38// 39UnlockReferralItem::UnlockReferralItem() : 40 ItemImpl(CSSM_DL_DB_RECORD_UNLOCK_REFERRAL, 41 reinterpret_cast<SecKeychainAttributeList *>(NULL), 42 UInt32(0/*size*/), 43 NULL/*data*/) 44{ 45 secdebug("referral", "create %p", this); 46} 47 48 49// 50// Destroy it 51// 52UnlockReferralItem::~UnlockReferralItem() 53{ 54 secdebug("referral", "destroy %p", this); 55} 56 57 58// 59// Add item to keychain 60// 61PrimaryKey UnlockReferralItem::add(Keychain &keychain) 62{ 63 StLock<Mutex>_(mMutex); 64 // If we already have a Keychain we can't be added. 65 if (mKeychain) 66 MacOSError::throwMe(errSecDuplicateItem); 67 68 populateAttributes(); 69 70 CSSM_DB_RECORDTYPE recordType = mDbAttributes->recordType(); 71 72 Db db(keychain->database()); 73 // add the item to the (regular) db 74 try 75 { 76 mUniqueId = db->insert(recordType, mDbAttributes.get(), mData.get()); 77 secdebug("usertrust", "%p inserted", this); 78 } 79 catch (const CssmError &e) 80 { 81 if (e.osStatus() != CSSMERR_DL_INVALID_RECORDTYPE) 82 throw; 83 84 // Create the referral relation and try again. 85 secdebug("usertrust", "adding schema relation for user trusts"); 86#if 0 87 db->createRelation(CSSM_DL_DB_RECORD_UNLOCK_REFERRAL, 88 "CSSM_DL_DB_RECORD_UNLOCK_REFERRAL", 89 Schema::UnlockReferralSchemaAttributeCount, 90 Schema::UnlockReferralSchemaAttributeList, 91 Schema::UnlockReferralSchemaIndexCount, 92 Schema::UnlockReferralSchemaIndexList); 93 keychain->keychainSchema()->didCreateRelation( 94 CSSM_DL_DB_RECORD_UNLOCK_REFERRAL, 95 "CSSM_DL_DB_RECORD_UNLOCK_REFERRAL", 96 Schema::UnlockReferralSchemaAttributeCount, 97 Schema::UnlockReferralSchemaAttributeList, 98 Schema::UnlockReferralSchemaIndexCount, 99 Schema::UnlockReferralSchemaIndexList); 100#endif 101 //keychain->resetSchema(); 102 103 mUniqueId = db->insert(recordType, mDbAttributes.get(), mData.get()); 104 secdebug("usertrust", "%p inserted now", this); 105 } 106 107 mPrimaryKey = keychain->makePrimaryKey(recordType, mUniqueId); 108 mKeychain = keychain; 109 return mPrimaryKey; 110} 111 112 113void UnlockReferralItem::populateAttributes() 114{ 115#if 0 116 CssmAutoData encodedIndex(Allocator::standard()); 117 makeCertIndex(mCertificate, encodedIndex); 118 const CssmOid &policyOid = mPolicy->oid(); 119 120 mDbAttributes->add(Schema::attributeInfo(kSecTrustCertAttr), encodedIndex.get()); 121 mDbAttributes->add(Schema::attributeInfo(kSecTrustPolicyAttr), policyOid); 122#endif 123} 124 125 126} // end namespace KeychainCore 127} // end namespace Security 128