OLD | NEW |
1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/crypto/cssm_init.h" | 5 #include "base/crypto/mac_security_services_lock.h" |
6 | 6 |
7 #include <Security/SecBase.h> | |
8 | |
9 #include "base/logging.h" | |
10 #include "base/mac/scoped_cftyperef.h" | |
11 #include "base/singleton.h" | 7 #include "base/singleton.h" |
12 #include "base/synchronization/lock.h" | 8 #include "base/synchronization/lock.h" |
13 #include "base/sys_string_conversions.h" | |
14 | |
15 // When writing crypto code for Mac OS X, you may find the following | |
16 // documentation useful: | |
17 // - Common Security: CDSA and CSSM, Version 2 (with corrigenda) | |
18 // http://www.opengroup.org/security/cdsa.htm | |
19 // - Apple Cryptographic Service Provider Functional Specification | |
20 // - CryptoSample: http://developer.apple.com/SampleCode/CryptoSample/ | |
21 | 9 |
22 namespace { | 10 namespace { |
23 | 11 |
24 void* CSSMMalloc(CSSM_SIZE size, void* alloc_ref) { | 12 // This singleton pertains to Apple's wrappers over their own CSSM handles, |
25 return malloc(size); | 13 // as opposed to our own CSSM_CSP_HANDLE in cssm_init.cc. |
26 } | |
27 | |
28 void CSSMFree(void* mem_ptr, void* alloc_ref) { | |
29 free(mem_ptr); | |
30 } | |
31 | |
32 void* CSSMRealloc(void* ptr, CSSM_SIZE size, void* alloc_ref) { | |
33 return realloc(ptr, size); | |
34 } | |
35 | |
36 void* CSSMCalloc(uint32 num, CSSM_SIZE size, void* alloc_ref) { | |
37 return calloc(num, size); | |
38 } | |
39 | |
40 class CSSMInitSingleton { | |
41 public: | |
42 static CSSMInitSingleton* GetInstance() { | |
43 return Singleton<CSSMInitSingleton, | |
44 LeakySingletonTraits<CSSMInitSingleton> >::get(); | |
45 } | |
46 | |
47 CSSM_CSP_HANDLE csp_handle() const { return csp_handle_; } | |
48 CSSM_CL_HANDLE cl_handle() const { return cl_handle_; } | |
49 CSSM_TP_HANDLE tp_handle() const { return tp_handle_; } | |
50 | |
51 private: | |
52 CSSMInitSingleton() | |
53 : inited_(false), csp_loaded_(false), cl_loaded_(false), | |
54 tp_loaded_(false), csp_handle_(NULL), cl_handle_(NULL), | |
55 tp_handle_(NULL) { | |
56 static CSSM_VERSION version = {2, 0}; | |
57 // TODO(wtc): what should our caller GUID be? | |
58 static const CSSM_GUID test_guid = { | |
59 0xFADE, 0, 0, { 1, 2, 3, 4, 5, 6, 7, 0 } | |
60 }; | |
61 CSSM_RETURN crtn; | |
62 CSSM_PVC_MODE pvc_policy = CSSM_PVC_NONE; | |
63 crtn = CSSM_Init(&version, CSSM_PRIVILEGE_SCOPE_NONE, &test_guid, | |
64 CSSM_KEY_HIERARCHY_NONE, &pvc_policy, NULL); | |
65 if (crtn) { | |
66 NOTREACHED(); | |
67 return; | |
68 } | |
69 inited_ = true; | |
70 | |
71 crtn = CSSM_ModuleLoad(&gGuidAppleCSP, CSSM_KEY_HIERARCHY_NONE, NULL, NULL); | |
72 if (crtn) { | |
73 NOTREACHED(); | |
74 return; | |
75 } | |
76 csp_loaded_ = true; | |
77 crtn = CSSM_ModuleLoad( | |
78 &gGuidAppleX509CL, CSSM_KEY_HIERARCHY_NONE, NULL, NULL); | |
79 if (crtn) { | |
80 NOTREACHED(); | |
81 return; | |
82 } | |
83 cl_loaded_ = true; | |
84 crtn = CSSM_ModuleLoad( | |
85 &gGuidAppleX509TP, CSSM_KEY_HIERARCHY_NONE, NULL, NULL); | |
86 if (crtn) { | |
87 NOTREACHED(); | |
88 return; | |
89 } | |
90 tp_loaded_ = true; | |
91 | |
92 const CSSM_API_MEMORY_FUNCS cssmMemoryFunctions = { | |
93 CSSMMalloc, | |
94 CSSMFree, | |
95 CSSMRealloc, | |
96 CSSMCalloc, | |
97 NULL | |
98 }; | |
99 | |
100 crtn = CSSM_ModuleAttach(&gGuidAppleCSP, &version, &cssmMemoryFunctions, 0, | |
101 CSSM_SERVICE_CSP, 0, CSSM_KEY_HIERARCHY_NONE, | |
102 NULL, 0, NULL, &csp_handle_); | |
103 DCHECK(crtn == CSSM_OK); | |
104 crtn = CSSM_ModuleAttach(&gGuidAppleX509CL, &version, &cssmMemoryFunctions, | |
105 0, CSSM_SERVICE_CL, 0, CSSM_KEY_HIERARCHY_NONE, | |
106 NULL, 0, NULL, &cl_handle_); | |
107 DCHECK(crtn == CSSM_OK); | |
108 crtn = CSSM_ModuleAttach(&gGuidAppleX509TP, &version, &cssmMemoryFunctions, | |
109 0, CSSM_SERVICE_TP, 0, CSSM_KEY_HIERARCHY_NONE, | |
110 NULL, 0, NULL, &tp_handle_); | |
111 DCHECK(crtn == CSSM_OK); | |
112 } | |
113 | |
114 ~CSSMInitSingleton() { | |
115 CSSM_RETURN crtn; | |
116 if (csp_handle_) { | |
117 CSSM_RETURN crtn = CSSM_ModuleDetach(csp_handle_); | |
118 DCHECK(crtn == CSSM_OK); | |
119 } | |
120 if (cl_handle_) { | |
121 CSSM_RETURN crtn = CSSM_ModuleDetach(cl_handle_); | |
122 DCHECK(crtn == CSSM_OK); | |
123 } | |
124 if (tp_handle_) { | |
125 CSSM_RETURN crtn = CSSM_ModuleDetach(tp_handle_); | |
126 DCHECK(crtn == CSSM_OK); | |
127 } | |
128 if (csp_loaded_) { | |
129 crtn = CSSM_ModuleUnload(&gGuidAppleCSP, NULL, NULL); | |
130 DCHECK(crtn == CSSM_OK); | |
131 } | |
132 if (cl_loaded_) { | |
133 crtn = CSSM_ModuleUnload(&gGuidAppleX509CL, NULL, NULL); | |
134 DCHECK(crtn == CSSM_OK); | |
135 } | |
136 if (tp_loaded_) { | |
137 crtn = CSSM_ModuleUnload(&gGuidAppleX509TP, NULL, NULL); | |
138 DCHECK(crtn == CSSM_OK); | |
139 } | |
140 if (inited_) { | |
141 crtn = CSSM_Terminate(); | |
142 DCHECK(crtn == CSSM_OK); | |
143 } | |
144 } | |
145 | |
146 bool inited_; // True if CSSM_Init has been called successfully. | |
147 bool csp_loaded_; // True if gGuidAppleCSP has been loaded | |
148 bool cl_loaded_; // True if gGuidAppleX509CL has been loaded. | |
149 bool tp_loaded_; // True if gGuidAppleX509TP has been loaded. | |
150 CSSM_CSP_HANDLE csp_handle_; | |
151 CSSM_CL_HANDLE cl_handle_; | |
152 CSSM_TP_HANDLE tp_handle_; | |
153 | |
154 friend struct DefaultSingletonTraits<CSSMInitSingleton>; | |
155 }; | |
156 | |
157 // This singleton is separate as it pertains to Apple's wrappers over | |
158 // their own CSSM handles, as opposed to our own CSSM_CSP_HANDLE. | |
159 class SecurityServicesSingleton { | 14 class SecurityServicesSingleton { |
160 public: | 15 public: |
161 static SecurityServicesSingleton* GetInstance() { | 16 static SecurityServicesSingleton* GetInstance() { |
162 return Singleton<SecurityServicesSingleton, | 17 return Singleton<SecurityServicesSingleton, |
163 LeakySingletonTraits<SecurityServicesSingleton> >::get(); | 18 LeakySingletonTraits<SecurityServicesSingleton> >::get(); |
164 } | 19 } |
165 | 20 |
166 base::Lock& lock() { return lock_; } | 21 base::Lock& lock() { return lock_; } |
167 | 22 |
168 private: | 23 private: |
169 friend struct DefaultSingletonTraits<SecurityServicesSingleton>; | 24 friend struct DefaultSingletonTraits<SecurityServicesSingleton>; |
170 | 25 |
171 SecurityServicesSingleton() {} | 26 SecurityServicesSingleton() {} |
172 ~SecurityServicesSingleton() {} | 27 ~SecurityServicesSingleton() {} |
173 | 28 |
174 base::Lock lock_; | 29 base::Lock lock_; |
175 | 30 |
176 DISALLOW_COPY_AND_ASSIGN(SecurityServicesSingleton); | 31 DISALLOW_COPY_AND_ASSIGN(SecurityServicesSingleton); |
177 }; | 32 }; |
178 | 33 |
179 } // namespace | 34 } // namespace |
180 | 35 |
181 namespace base { | 36 namespace base { |
182 | 37 |
183 void EnsureCSSMInit() { | |
184 CSSMInitSingleton::GetInstance(); | |
185 } | |
186 | |
187 CSSM_CSP_HANDLE GetSharedCSPHandle() { | |
188 return CSSMInitSingleton::GetInstance()->csp_handle(); | |
189 } | |
190 | |
191 CSSM_CL_HANDLE GetSharedCLHandle() { | |
192 return CSSMInitSingleton::GetInstance()->cl_handle(); | |
193 } | |
194 | |
195 CSSM_TP_HANDLE GetSharedTPHandle() { | |
196 return CSSMInitSingleton::GetInstance()->tp_handle(); | |
197 } | |
198 | |
199 void* CSSMMalloc(CSSM_SIZE size) { | |
200 return ::CSSMMalloc(size, NULL); | |
201 } | |
202 | |
203 void CSSMFree(void* ptr) { | |
204 ::CSSMFree(ptr, NULL); | |
205 } | |
206 | |
207 void LogCSSMError(const char* fn_name, CSSM_RETURN err) { | |
208 if (!err) | |
209 return; | |
210 base::mac::ScopedCFTypeRef<CFStringRef> cfstr( | |
211 SecCopyErrorMessageString(err, NULL)); | |
212 LOG(ERROR) << fn_name << " returned " << err | |
213 << " (" << SysCFStringRefToUTF8(cfstr) << ")"; | |
214 } | |
215 | |
216 base::Lock& GetMacSecurityServicesLock() { | 38 base::Lock& GetMacSecurityServicesLock() { |
217 return SecurityServicesSingleton::GetInstance()->lock(); | 39 return SecurityServicesSingleton::GetInstance()->lock(); |
218 } | 40 } |
219 | 41 |
220 ScopedCSSMData::ScopedCSSMData() { | |
221 memset(&data_, 0, sizeof(data_)); | |
222 } | |
223 | |
224 ScopedCSSMData::~ScopedCSSMData() { | |
225 if (data_.Data) { | |
226 CSSMFree(data_.Data); | |
227 data_.Data = NULL; | |
228 } | |
229 } | |
230 | |
231 } // namespace base | 42 } // namespace base |
OLD | NEW |