diff --git a/CASA/micasad/cache/SecretStore.cs b/CASA/micasad/cache/SecretStore.cs index cb9fa520..fc344b69 100644 --- a/CASA/micasad/cache/SecretStore.cs +++ b/CASA/micasad/cache/SecretStore.cs @@ -27,7 +27,9 @@ using System.IO; using System.Xml; using System.Xml.Serialization; using System.Security.Cryptography; -using System.Text; +using System.Text; +using System.Diagnostics; + using sscs.cache; using sscs.common; using sscs.constants; @@ -60,11 +62,67 @@ namespace sscs.cache bool bIsStorePersistent = false; bool bIsServerStorePersistent = false; - string m_persistenceDirectory = null; - private static string POLICY_DIRECTORY = "/home/.casa"; - - private MPFileWatcher mpWatcher = null; - + string m_persistenceDirectory = null; + private static string POLICY_DIRECTORY = "/home/.casa"; + private MPFileWatcher mpWatcher = null; + + private static SecretStore casaStore; + + static SecretStore() + { + if (casaStore == null) + { + User casaUser; + +#if LINUX + Directory.CreateDirectory("/home/.casa/" + constants.ConstStrings.MICASA_SERVICE_NAME); + casaUser = new UnixUser(new UnixUserIdentifier(GetCasaServiceUID()), "/home/.casa/" + constants.ConstStrings.MICASA_SERVICE_NAME)); +#else + // create a data directory for server secrets + Process proc = Process.GetCurrentProcess(); + string exePath = proc.MainModule.FileName; + exePath = exePath.Substring(0, exePath.LastIndexOf("\\")); + Directory.CreateDirectory(exePath + "\\data"); + + // create a casa User + casaUser = new WinUser(new WinUserIdentifier(998, 0), exePath + "\\data"); +#endif + casaUser.SetUserName(constants.ConstStrings.MICASA_SERVICE_NAME); + casaStore = casaUser.GetSecretStore(); + casaStore.refCount++; + + casaStore.AddKeyChain(new KeyChain(constants.ConstStrings.SSCS_SERVER_KEY_CHAIN_ID + "\0")); + casaStore.StartPersistenceOfServerSecretsBySystemKey(); + } + } + +#if LINUX + static private int GetCasaServiceUID() + { + Mono.Unix.UnixUserInfo uui; + try + { + uui = new Mono.Unix.UnixUserInfo(constants.ConstStrings.MICASA_SERVICE_NAME); + } + catch + { + Process proc = new Process(); + + ProcessStartInfo psi = new ProcessStartInfo("useradd"); + psi.Arguments = constants.ConstStrings.MICASA_SERVICE_NAME; + psi.UseShellExecute = false; + psi.RedirectStandardOutput = true; + + proc.StartInfo = psi; + proc.Start(); + proc.WaitForExit(); + + uui = new Mono.Unix.UnixUserInfo(constants.ConstStrings.MICASA_SERVICE_NAME); + } + + return uui.UserId; + } +#endif private DateTime createTime; public DateTime CreateTime { @@ -741,6 +799,15 @@ namespace sscs.cache internal KeyChain GetKeyChain(string id) { + // if this is the server keychain, return the casaStore controlled one. + if (id.StartsWith(constants.ConstStrings.SSCS_SERVER_KEY_CHAIN_ID)) + { + KeyChain casakc = (KeyChain)casaStore.keyChainList[id]; + casakc.AccessedTime = DateTime.Now; + return casakc; + } + + if(keyChainList.ContainsKey(id)) { CSSSLogger.DbgLog("In " + CSSSLogger.GetExecutionPath(this) + " Keychain already exists."); @@ -757,6 +824,10 @@ namespace sscs.cache internal bool CheckIfKeyChainExists(string id) { + // return true if this is the server keychain + if (id.StartsWith(constants.ConstStrings.SSCS_SERVER_KEY_CHAIN_ID)) + return true; + if(keyChainList.ContainsKey(id)) return true; else @@ -769,7 +840,11 @@ namespace sscs.cache if (lss != null) lss.PersistStoreWithDelay(); if (slss != null) - slss.PersistServerStoreWithDelay(); + slss.PersistServerStoreWithDelay(); + + // persist casastore data + if (casaStore.slss != null) + casaStore.slss.PersistServerStoreWithDelay(); } /* This function would need to do any storage/cleanup required diff --git a/CASA/micasad/common/Constants.cs b/CASA/micasad/common/Constants.cs index e5d1e4d9..0591df21 100644 --- a/CASA/micasad/common/Constants.cs +++ b/CASA/micasad/common/Constants.cs @@ -143,7 +143,9 @@ namespace sscs.constants // these are used in the GUI too. internal static string CONFIG_PERSISTENT_DIRECTORY = "PersistentDirectory"; internal static string CONFIG_PERSIST_SECRETS = "PersistSecrets"; - internal static string CONFIG_DECRYPT_USING_DESKTOP_PASS = "DecryptUsingDesktopPassword"; + internal static string CONFIG_DECRYPT_USING_DESKTOP_PASS = "DecryptUsingDesktopPassword"; + + internal static string MICASA_SERVICE_NAME = "casa-service-user"; } diff --git a/CASA/micasad/common/UnixUser.cs b/CASA/micasad/common/UnixUser.cs index d3ea7ebf..44c829af 100644 --- a/CASA/micasad/common/UnixUser.cs +++ b/CASA/micasad/common/UnixUser.cs @@ -32,16 +32,22 @@ namespace sscs.common { internal class UnixUser : User { + private string m_userHome = null; + internal UnixUser() { } - internal UnixUser(UserIdentifier unixUserId) + internal UnixUser(UserIdentifier unixUserId, string sUserHome) { - + m_userHome = sUserHome; + this.UnixUser(unixUserId); + } + + internal UnixUser(UserIdentifier unixUserId) + { userId = unixUserId; - secretStore = new SecretStore(this); - + secretStore = new SecretStore(this); } override internal void SetUserName(string username) @@ -56,10 +62,17 @@ namespace sscs.common override internal string GetUserHomeDir() { - uint uid = (uint)userId.GetUID(); - Mono.Unix.UnixUserInfo uui = new Mono.Unix.UnixUserInfo(uid); - userName = uui.UserName; - return uui.HomeDirectory; + if (m_userHome == null) + { + uint uid = (uint)userId.GetUID(); + Mono.Unix.UnixUserInfo uui = new Mono.Unix.UnixUserInfo(uid); + userName = uui.UserName; + return uui.HomeDirectory; + } + else + { + return m_userHome; + } }