| OLD | NEW |
|---|
| 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/crypto/cssm_init.h" | 5 #include "base/crypto/mac_security_services_lock.h" |
| 6 | 6 |
| 7 #include <Security/SecBase.h> | |
| 8 | |
| 9 #include "base/logging.h" | |
| 10 #include "base/mac/scoped_cftyperef.h" | |
| 11 #include "base/singleton.h" | 7 #include "base/singleton.h" |
| 12 #include "base/synchronization/lock.h" | 8 #include "base/synchronization/lock.h" |
| 13 #include "base/sys_string_conversions.h" | |
| 14 | |
| 15 // When writing crypto code for Mac OS X, you may find the following | |
| 16 // documentation useful: | |
| 17 // - Common Security: CDSA and CSSM, Version 2 (with corrigenda) | |
| 18 // http://www.opengroup.org/security/cdsa.htm | |
| 19 // - Apple Cryptographic Service Provider Functional Specification | |
| 20 // - CryptoSample: http://developer.apple.com/SampleCode/CryptoSample/ | |
| 21 | 9 |
| 22 namespace { | 10 namespace { |
| 23 | 11 |
| 24 void* CSSMMalloc(CSSM_SIZE size, void* alloc_ref) { | 12 // This singleton pertains to Apple's wrappers over their own CSSM handles, |
| 25 return malloc(size); | 13 // as opposed to our own CSSM_CSP_HANDLE in cssm_init.cc. |
| 26 } | |
| 27 | |
| 28 void CSSMFree(void* mem_ptr, void* alloc_ref) { | |
| 29 free(mem_ptr); | |
| 30 } | |
| 31 | |
| 32 void* CSSMRealloc(void* ptr, CSSM_SIZE size, void* alloc_ref) { | |
| 33 return realloc(ptr, size); | |
| 34 } | |
| 35 | |
| 36 void* CSSMCalloc(uint32 num, CSSM_SIZE size, void* alloc_ref) { | |
| 37 return calloc(num, size); | |
| 38 } | |
| 39 | |
| 40 class CSSMInitSingleton { | |
| 41 public: | |
| 42 static CSSMInitSingleton* GetInstance() { | |
| 43 return Singleton<CSSMInitSingleton, | |
| 44 LeakySingletonTraits<CSSMInitSingleton> >::get(); | |
| 45 } | |
| 46 | |
| 47 CSSM_CSP_HANDLE csp_handle() const { return csp_handle_; } | |
| 48 CSSM_CL_HANDLE cl_handle() const { return cl_handle_; } | |
| 49 CSSM_TP_HANDLE tp_handle() const { return tp_handle_; } | |
| 50 | |
| 51 private: | |
| 52 CSSMInitSingleton() | |
| 53 : inited_(false), csp_loaded_(false), cl_loaded_(false), | |
| 54 tp_loaded_(false), csp_handle_(NULL), cl_handle_(NULL), | |
| 55 tp_handle_(NULL) { | |
| 56 static CSSM_VERSION version = {2, 0}; | |
| 57 // TODO(wtc): what should our caller GUID be? | |
| 58 static const CSSM_GUID test_guid = { | |
| 59 0xFADE, 0, 0, { 1, 2, 3, 4, 5, 6, 7, 0 } | |
| 60 }; | |
| 61 CSSM_RETURN crtn; | |
| 62 CSSM_PVC_MODE pvc_policy = CSSM_PVC_NONE; | |
| 63 crtn = CSSM_Init(&version, CSSM_PRIVILEGE_SCOPE_NONE, &test_guid, | |
| 64 CSSM_KEY_HIERARCHY_NONE, &pvc_policy, NULL); | |
| 65 if (crtn) { | |
| 66 NOTREACHED(); | |
| 67 return; | |
| 68 } | |
| 69 inited_ = true; | |
| 70 | |
| 71 crtn = CSSM_ModuleLoad(&gGuidAppleCSP, CSSM_KEY_HIERARCHY_NONE, NULL, NULL); | |
| 72 if (crtn) { | |
| 73 NOTREACHED(); | |
| 74 return; | |
| 75 } | |
| 76 csp_loaded_ = true; | |
| 77 crtn = CSSM_ModuleLoad( | |
| 78 &gGuidAppleX509CL, CSSM_KEY_HIERARCHY_NONE, NULL, NULL); | |
| 79 if (crtn) { | |
| 80 NOTREACHED(); | |
| 81 return; | |
| 82 } | |
| 83 cl_loaded_ = true; | |
| 84 crtn = CSSM_ModuleLoad( | |
| 85 &gGuidAppleX509TP, CSSM_KEY_HIERARCHY_NONE, NULL, NULL); | |
| 86 if (crtn) { | |
| 87 NOTREACHED(); | |
| 88 return; | |
| 89 } | |
| 90 tp_loaded_ = true; | |
| 91 | |
| 92 const CSSM_API_MEMORY_FUNCS cssmMemoryFunctions = { | |
| 93 CSSMMalloc, | |
| 94 CSSMFree, | |
| 95 CSSMRealloc, | |
| 96 CSSMCalloc, | |
| 97 NULL | |
| 98 }; | |
| 99 | |
| 100 crtn = CSSM_ModuleAttach(&gGuidAppleCSP, &version, &cssmMemoryFunctions, 0, | |
| 101 CSSM_SERVICE_CSP, 0, CSSM_KEY_HIERARCHY_NONE, | |
| 102 NULL, 0, NULL, &csp_handle_); | |
| 103 DCHECK(crtn == CSSM_OK); | |
| 104 crtn = CSSM_ModuleAttach(&gGuidAppleX509CL, &version, &cssmMemoryFunctions, | |
| 105 0, CSSM_SERVICE_CL, 0, CSSM_KEY_HIERARCHY_NONE, | |
| 106 NULL, 0, NULL, &cl_handle_); | |
| 107 DCHECK(crtn == CSSM_OK); | |
| 108 crtn = CSSM_ModuleAttach(&gGuidAppleX509TP, &version, &cssmMemoryFunctions, | |
| 109 0, CSSM_SERVICE_TP, 0, CSSM_KEY_HIERARCHY_NONE, | |
| 110 NULL, 0, NULL, &tp_handle_); | |
| 111 DCHECK(crtn == CSSM_OK); | |
| 112 } | |
| 113 | |
| 114 ~CSSMInitSingleton() { | |
| 115 CSSM_RETURN crtn; | |
| 116 if (csp_handle_) { | |
| 117 CSSM_RETURN crtn = CSSM_ModuleDetach(csp_handle_); | |
| 118 DCHECK(crtn == CSSM_OK); | |
| 119 } | |
| 120 if (cl_handle_) { | |
| 121 CSSM_RETURN crtn = CSSM_ModuleDetach(cl_handle_); | |
| 122 DCHECK(crtn == CSSM_OK); | |
| 123 } | |
| 124 if (tp_handle_) { | |
| 125 CSSM_RETURN crtn = CSSM_ModuleDetach(tp_handle_); | |
| 126 DCHECK(crtn == CSSM_OK); | |
| 127 } | |
| 128 if (csp_loaded_) { | |
| 129 crtn = CSSM_ModuleUnload(&gGuidAppleCSP, NULL, NULL); | |
| 130 DCHECK(crtn == CSSM_OK); | |
| 131 } | |
| 132 if (cl_loaded_) { | |
| 133 crtn = CSSM_ModuleUnload(&gGuidAppleX509CL, NULL, NULL); | |
| 134 DCHECK(crtn == CSSM_OK); | |
| 135 } | |
| 136 if (tp_loaded_) { | |
| 137 crtn = CSSM_ModuleUnload(&gGuidAppleX509TP, NULL, NULL); | |
| 138 DCHECK(crtn == CSSM_OK); | |
| 139 } | |
| 140 if (inited_) { | |
| 141 crtn = CSSM_Terminate(); | |
| 142 DCHECK(crtn == CSSM_OK); | |
| 143 } | |
| 144 } | |
| 145 | |
| 146 bool inited_; // True if CSSM_Init has been called successfully. | |
| 147 bool csp_loaded_; // True if gGuidAppleCSP has been loaded | |
| 148 bool cl_loaded_; // True if gGuidAppleX509CL has been loaded. | |
| 149 bool tp_loaded_; // True if gGuidAppleX509TP has been loaded. | |
| 150 CSSM_CSP_HANDLE csp_handle_; | |
| 151 CSSM_CL_HANDLE cl_handle_; | |
| 152 CSSM_TP_HANDLE tp_handle_; | |
| 153 | |
| 154 friend struct DefaultSingletonTraits<CSSMInitSingleton>; | |
| 155 }; | |
| 156 | |
| 157 // This singleton is separate as it pertains to Apple's wrappers over | |
| 158 // their own CSSM handles, as opposed to our own CSSM_CSP_HANDLE. | |
| 159 class SecurityServicesSingleton { | 14 class SecurityServicesSingleton { |
| 160 public: | 15 public: |
| 161 static SecurityServicesSingleton* GetInstance() { | 16 static SecurityServicesSingleton* GetInstance() { |
| 162 return Singleton<SecurityServicesSingleton, | 17 return Singleton<SecurityServicesSingleton, |
| 163 LeakySingletonTraits<SecurityServicesSingleton> >::get(); | 18 LeakySingletonTraits<SecurityServicesSingleton> >::get(); |
| 164 } | 19 } |
| 165 | 20 |
| 166 base::Lock& lock() { return lock_; } | 21 base::Lock& lock() { return lock_; } |
| 167 | 22 |
| 168 private: | 23 private: |
| 169 friend struct DefaultSingletonTraits<SecurityServicesSingleton>; | 24 friend struct DefaultSingletonTraits<SecurityServicesSingleton>; |
| 170 | 25 |
| 171 SecurityServicesSingleton() {} | 26 SecurityServicesSingleton() {} |
| 172 ~SecurityServicesSingleton() {} | 27 ~SecurityServicesSingleton() {} |
| 173 | 28 |
| 174 base::Lock lock_; | 29 base::Lock lock_; |
| 175 | 30 |
| 176 DISALLOW_COPY_AND_ASSIGN(SecurityServicesSingleton); | 31 DISALLOW_COPY_AND_ASSIGN(SecurityServicesSingleton); |
| 177 }; | 32 }; |
| 178 | 33 |
| 179 } // namespace | 34 } // namespace |
| 180 | 35 |
| 181 namespace base { | 36 namespace base { |
| 182 | 37 |
| 183 void EnsureCSSMInit() { | |
| 184 CSSMInitSingleton::GetInstance(); | |
| 185 } | |
| 186 | |
| 187 CSSM_CSP_HANDLE GetSharedCSPHandle() { | |
| 188 return CSSMInitSingleton::GetInstance()->csp_handle(); | |
| 189 } | |
| 190 | |
| 191 CSSM_CL_HANDLE GetSharedCLHandle() { | |
| 192 return CSSMInitSingleton::GetInstance()->cl_handle(); | |
| 193 } | |
| 194 | |
| 195 CSSM_TP_HANDLE GetSharedTPHandle() { | |
| 196 return CSSMInitSingleton::GetInstance()->tp_handle(); | |
| 197 } | |
| 198 | |
| 199 void* CSSMMalloc(CSSM_SIZE size) { | |
| 200 return ::CSSMMalloc(size, NULL); | |
| 201 } | |
| 202 | |
| 203 void CSSMFree(void* ptr) { | |
| 204 ::CSSMFree(ptr, NULL); | |
| 205 } | |
| 206 | |
| 207 void LogCSSMError(const char* fn_name, CSSM_RETURN err) { | |
| 208 if (!err) | |
| 209 return; | |
| 210 base::mac::ScopedCFTypeRef<CFStringRef> cfstr( | |
| 211 SecCopyErrorMessageString(err, NULL)); | |
| 212 LOG(ERROR) << fn_name << " returned " << err | |
| 213 << " (" << SysCFStringRefToUTF8(cfstr) << ")"; | |
| 214 } | |
| 215 | |
| 216 base::Lock& GetMacSecurityServicesLock() { | 38 base::Lock& GetMacSecurityServicesLock() { |
| 217 return SecurityServicesSingleton::GetInstance()->lock(); | 39 return SecurityServicesSingleton::GetInstance()->lock(); |
| 218 } | 40 } |
| 219 | 41 |
| 220 ScopedCSSMData::ScopedCSSMData() { | |
| 221 memset(&data_, 0, sizeof(data_)); | |
| 222 } | |
| 223 | |
| 224 ScopedCSSMData::~ScopedCSSMData() { | |
| 225 if (data_.Data) { | |
| 226 CSSMFree(data_.Data); | |
| 227 data_.Data = NULL; | |
| 228 } | |
| 229 } | |
| 230 | |
| 231 } // namespace base | 42 } // namespace base |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6659019:
Separate GetMacSecurityServicesLock from cssm_init.h so that we can use... (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/