Added miCASARemoveKey API to dll.

CASA/CASA.changes

@@ -1,3 +1,7 @@
+--------------------------------------------------------------------
+Tue Jun 27 14:22:53 MST 2006 - jnorman@novell.com
+Added miCASARemoveKey API to dll.
+
 --------------------------------------------------------------------
 Mon Jun 26 16:16:53 MST 2006 - jluciani@novell.com
 - Added files sscs_string.h, micasa.h, and casa_status.h

CASA/include/micasa.h

@@ -510,6 +510,19 @@ miCASAReadBinaryKey
 	SSCS_EXT_T			*	ext
 );
 
+SSCS_EXTERN_LIBCALL(int32_t)
+miCASARemoveKey
+(
+	void				*	context,	
+	uint32_t				ssFlags, 
+	SSCS_KEYCHAIN_ID_T	*	keyChainID, 	
+	SSCS_SECRET_ID_T	*	sharedSecretID,
+	SS_UTF8_T           *	key,
+	uint32_t                keyLen,
+  	SSCS_PASSWORD_T		*	epPassword, 
+	SSCS_EXT_T			*	ext
+);
+
 SSCS_EXTERN_LIBCALL(int32_t)
 miCASASetMasterPasscode
 (

CASA/include/sscs_cache.h

@@ -517,6 +517,19 @@ int sscs_CacheReadBinaryKey
 	void				*reserved
 );
 
+int sscs_CacheRemoveKey 
+(
+	void 				*ssHandle,
+    uint32_t	         ssFlags,
+	SSCS_KEYCHAIN_ID_T	*keychainID,
+	SSCS_SECRET_ID_T    *secretID,
+    SS_UTF8_T           *key,
+    uint32_t             keyLen,
+	SSCS_PASSWORD_T		*epPassword,
+	void				*reserved
+);
+
+
 int32_t sscs_SetMasterPasscode
 (
     void *ssHandle,

CASA/include/sscs_ipc.h

@@ -204,6 +204,16 @@ int ipc_WriteKey
     SSCS_EXT_T				  *ext
 );
 
+int ipc_RemoveKey
+(
+    SSCS_SECRETSTORE_HANDLE_T *ssHandle,
+    SSCS_KEYCHAIN_ID_T        *keychainID,
+    SSCS_SECRET_ID_T          *secretID,
+    SS_UTF8_T                 *key,
+    uint32_t                   keyLen,
+    SSCS_PASSWORD_T           *epPassword
+);
+
 int ipc_ReadBinaryKey
 (
     SSCS_SECRETSTORE_HANDLE_T *ssHandle,

CASA/include/sscs_unx_cache_defines.h

@@ -130,7 +130,7 @@
 #define RESP_WRITE_KEY_MSGID                    0x1011
 
 #define REQ_SET_MASTER_PASSWORD                 0x0012
-#define RESP_SET_MASTER_PASSWORD                0x1021
+#define RESP_SET_MASTER_PASSWORD                0x1012
 
 #define REQ_IS_SECRET_PERSISTENT                0x0013
 #define RESP_IS_SECRET_PERSISTENT               0x1013
@@ -143,6 +143,10 @@
 
 #define REQ_READ_BINARY_KEY_MSGID	            0x0016
 #define RESP_READ_BINARY_KEY_MSGID		        0x1016
+
+#define REQ_REMOVE_KEY_MSGID					0x0017
+#define RESP_REMOVE_KEY_MSGID				    0x1017
+
 #define EXT_TYPE_WINDOWS_LUID					0x00000001;
 #define WINDOWS_LUID_LEN						0x00000008;
 

CASA/micasacache/micasacache.def

@@ -17,6 +17,7 @@ EXPORTS
 	sscs_IsSecretPersistent
 	sscs_CacheWriteKey
 	sscs_CacheWriteBinaryKey
+	sscs_CacheRemoveKey
 	sscs_CacheReadKey
 	sscs_CacheReadBinaryKey
 	sscs_CacheCloseSecretStore

CASA/micasacache/sscs_unx_cache.c

@@ -631,6 +631,48 @@ int sscs_CacheWriteBinaryKey
     return retVal;
 }
 
+/* Removes Secret for a given Secret ID in a given keychain.
+ *
+ * Parameters:
+ *		ssHandle
+ *			(IN) Handle returned by sscs_CacheOpenSecretStore function. This will have 
+ *			context information regarding the SecretStore.
+ *
+ *
+ *		keyChainID
+ *			(IN) KeyChainID where the specified SecretID stored.
+ *
+ *		secretID
+ *			(IN) Specifies the unique secret ID within the keychain. 			This data is 
+ *			encoded in SSCS_SECRET_ID_T.
+ *
+ *
+ *		epPassword
+ *			(IN) Points to an optional field to pass in the Enhanced Protection Password 
+ *			for reading a secret.When the password is not present, you can pass in a NULL.
+ *
+ * Return Values:
+ */
+int32_t sscs_CacheRemoveKey 
+(
+	void 				*ssHandle,
+    uint32_t	         ssFlags,
+	SSCS_KEYCHAIN_ID_T	*keyChainID,
+	SSCS_SECRET_ID_T	*secredID,
+    SS_UTF8_T           *key,
+    uint32_t             keyLen,
+	SSCS_PASSWORD_T 	*epPassword,
+    void                *reserved
+)
+{
+    int32_t retVal = 0;
+    SSCS_SECRETSTORE_HANDLE_T *ssHandleCopy = (SSCS_SECRETSTORE_HANDLE_T *)ssHandle;
+	
+    retVal = ipc_RemoveKey(ssHandleCopy,keyChainID,secredID,key,keyLen,epPassword);
+	
+    return retVal;
+}
+
 
 /* Reads Secret value for a given Secret ID in a given keychain.
  *

CASA/micasacache/sscs_unx_ipc_client.c

@@ -1844,6 +1844,126 @@ int32_t ipc_SetMasterPasscode
     return retCode;
 }
 
+int32_t ipc_RemoveKey
+(
+    SSCS_SECRETSTORE_HANDLE_T *ssHandle,
+    SSCS_KEYCHAIN_ID_T        *keychainID,
+    SSCS_SECRET_ID_T          *secretID,
+    SS_UTF8_T                 *key,
+    uint32_t                   keyLen,
+    SSCS_PASSWORD_T           *epPassword    
+)
+{
+    int retVal         = 0; //to be used in the function internally
+    int32_t retCode    = NSSCS_SUCCESS; //to be returned to caller
+    int32_t sockReturn = 0; //obtained from the server
+
+    uint32_t dataLen       = 0;
+    uint16_t msgid         = 0;
+    uint32_t keychainIDLen = 0;
+    uint32_t secretIDLen   = 0;
+    uint32_t msgLen        = 0;
+
+    SSCS_PASSWORD_T    myPassword = {0,0,""};
+
+    Byte gpReqBuf[MIN_REQUEST_BUF_LEN];
+    Byte gpReplyBuf[MIN_REPLY_BUF_LEN];
+    Byte *pReq = NULL, *pReply = NULL;
+    memset(gpReqBuf,0,sizeof(gpReqBuf));
+    memset(gpReplyBuf,0,sizeof(gpReplyBuf));
+
+    do
+    {
+        if((NULL == ssHandle) 
+			|| (NULL == ssHandle->platHandle) 
+			|| (NULL == keychainID) 
+			|| (NULL == secretID) 
+			|| (NULL == key)
+			|| (keyLen < 1))
+        {
+            retCode = NSSCS_E_INVALID_PARAM;
+            break;
+        }
+
+        // Prepare Request buffer
+        
+        keychainIDLen = keychainID->len;
+        secretIDLen   = secretID->len;
+
+        if( keychainIDLen > NSSS_MAX_KEYCHAIN_ID_CHARS || 
+            secretIDLen > NSSS_MAX_SECRET_ID_CHARS )
+        {
+            retCode = NSSS_E_SECRET_ID_TOO_LONG;
+            break;
+        }
+        // epPassword is optional. So, the code should not break.
+        if( NULL == epPassword )
+			epPassword = &myPassword;
+			msgLen = MSGID_LEN + MSG_LEN + 
+                 MSG_STRING_LEN + // KeychainID length
+                 keychainIDLen + // Keychain ID
+                 MSG_STRING_LEN + // SecretID length
+                 secretIDLen + // SecretID
+                 MSG_STRING_LEN + //keyLen
+                 keyLen + //key
+                 MSG_STRING_LEN + // epPassword len
+                 epPassword->pwordLen; 
+            
+        pReq = gpReqBuf;
+        msgid = REQ_REMOVE_KEY_MSGID;
+        memcpy(pReq, &msgid, MSGID_LEN);
+        pReq += MSGID_LEN;
+        memcpy(pReq, &msgLen, MSG_LEN);
+        pReq += MSG_LEN;
+        memcpy(pReq, &keychainIDLen, MSG_STRING_LEN);
+        pReq += MSG_STRING_LEN;
+        memcpy(pReq,keychainID->keychainID,keychainIDLen);
+        pReq += keychainIDLen ;
+        memcpy(pReq, &secretIDLen, MSG_STRING_LEN);
+        pReq += MSG_STRING_LEN;
+        memcpy(pReq, secretID->id, secretIDLen);
+        pReq += secretIDLen;
+        
+        memcpy(pReq, &keyLen, MSG_STRING_LEN);
+        pReq += MSG_STRING_LEN;
+        memcpy(pReq, key, keyLen);
+        pReq += keyLen;
+ 
+        memcpy(pReq, &(epPassword->pwordLen), MSG_STRING_LEN);
+        pReq += MSG_STRING_LEN;
+        memcpy(pReq, epPassword->pword, epPassword->pwordLen);
+        pReq += epPassword->pwordLen;
+
+        retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
+        if(retVal < 0)
+        {
+            //log debug info here
+            retCode = NSSCS_E_SYSTEM_FAILURE;
+            break;
+        }
+
+        // Read reply
+        pReply = gpReplyBuf;
+        retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
+        if( 0 == retVal )
+        {
+            //log debug info here
+            retCode = NSSCS_E_SYSTEM_FAILURE;
+            break;
+        }
+
+        memcpy(&msgid,pReply, MSGID_LEN);
+        pReply += MSGID_LEN;
+        memcpy(&msgLen,pReply, MSG_LEN);
+        pReply += MSG_LEN;
+		memcpy(&sockReturn, pReply, MSG_DWORD_LEN);                
+        retCode = mapReturnCode(sockReturn);
+
+    } while(0);
+    return retCode;
+}
+
+
 int32_t ipc_ReadKey
 (
     SSCS_SECRETSTORE_HANDLE_T *ssHandle,

CASA/micasadk/micasa.def

@@ -16,6 +16,7 @@ EXPORTS
 	miCASAWriteBinaryKey
 	miCASAReadKey
 	miCASAReadBinaryKey
+	miCASARemoveKey
 	miCASAGetStoreInformation
 	miCASAEnumerateSecretIDs
 	miCASARemoveSecretStore

CASA/micasadk/sscs_ndk.c

@@ -2066,6 +2066,125 @@ errorLevel2:
 /* ############################### CODE ENDS HERE ############################# */
 } //* end of miCASAReadBinaryKey
 
+/*
+ * NAME - miCASARemoveKey
+ *
+ * DESCRIPTION
+ * NOTE: This assume a SS_CREDSET SecretType
+ *	
+ *		   
+ */
+SSCS_GLOBAL_LIBCALL(int32_t)
+miCASARemoveKey
+(
+	void				*	context,	
+	uint32_t				ssFlags, 
+	SSCS_KEYCHAIN_ID_T	*	keyChainID, 	
+	SSCS_SECRET_ID_T	*	sharedSecretID,
+    SS_UTF8_T			*	key,
+    uint32_t				keyLen,
+	SSCS_PASSWORD_T		*	epPassword, 
+	SSCS_EXT_T			*	ext
+)
+{ /* beginning of the call */
+/* ########################## DECLARATIONS START HERE ######################### */
+
+	int32_t					rc = 0,	sidLen = 0, index = 0;
+	uint32_t				escNameLen = 0;
+	SSCS_SECRET_ID_T		secretID = {0};
+	SS_UTF8_T				*escapedSHSName = NULL;	
+	SS_UTF8_T				*escapedSHSKey = NULL;		
+	SSCS_CONTEXT_T			*storeContext = (SSCS_CONTEXT_T *)context; 
+										  
+/* ############################## CODE STARTS HERE ############################ */
+
+	// readData and epPassword are optional parameters
+	if((context == NULL) || (keyChainID == NULL) || (sharedSecretID == NULL) || (key == NULL))
+	{
+		return(NSSCS_E_INVALID_PARAM);
+	}
+
+	if(sharedSecretID->len > NSSCS_MAX_SECRET_ID_LEN/4)
+	{
+		return(NSSCS_E_BUFFER_LEN);		
+	}
+
+	if (keyLen > NSSCS_MAX_SECRET_ID_LEN/4)
+	{
+		return(NSSCS_E_BUFFER_LEN);
+	}
+	
+	if((escapedSHSName = (SS_UTF8_T *) malloc(NSSCS_MAX_SECRET_ID_LEN)) == NULL) 
+	{
+		rc = NSSCS_E_SYSTEM_FAILURE;
+		goto errorLevel2;
+	}
+	
+	if((escapedSHSKey = (SS_UTF8_T *) malloc(NSSCS_MAX_SECRET_ID_LEN)) == NULL) 
+	{
+		rc = NSSCS_E_SYSTEM_FAILURE;
+		goto errorLevel1;
+	}
+
+	memset(secretID.id, 0, NSSCS_MAX_SECRET_ID_LEN);
+	memset(escapedSHSName, 0, NSSCS_MAX_SECRET_ID_LEN);
+	memset(escapedSHSKey, 0, NSSCS_MAX_SECRET_ID_LEN);	
+	
+	// escape delimited characters
+	if(sharedSecretID->len > NSSCS_MAX_SECRET_ID_LEN)
+	{
+		rc = NSSCS_E_BUFFER_LEN;
+		goto errorLevel1;
+	}
+
+	memcpy(escapedSHSName, sharedSecretID->id, sharedSecretID->len);
+	escNameLen = sharedSecretID->len;
+	sscsshs_ChkEscapeString(&escapedSHSName, &escNameLen);
+
+	memcpy(escapedSHSKey, key, keyLen);
+	sscsshs_ChkEscapeString(&escapedSHSKey, &keyLen);	
+		
+	if(escNameLen < 1)
+	{
+		rc = NSSCS_E_SECRET_ID_TOO_SHORT;
+		goto errorLevel1;
+	}
+
+	// convert to a SSCS_CRED_SET
+	sscs_Utf8Strncpy((SS_UTF8_T *)secretID.id, SSCS_CRED_SET_DELIMITED, SSCS_CRED_SET_CHARS_DELIMITED);
+	sscs_Utf8Strncat((SS_UTF8_T *)secretID.id, (SS_UTF8_T *)escapedSHSName, escNameLen);
+	secretID.len = SSCS_CRED_SET_CHARS_DELIMITED + escNameLen - 1;
+	
+	rc = sscs_CacheRemoveKey(storeContext->ssHandle, 
+								ssFlags, 
+								keyChainID, 
+								&secretID, 
+								escapedSHSKey,
+								keyLen-1,   // NOTE: micasad not saving NULL on key											
+								epPassword, 						
+								ext);		
+
+/* ############################### CODE EXITS HERE ############################# */
+
+errorLevel1:
+	if(escapedSHSName)
+	{
+		memset(escapedSHSName, 0, NSSCS_MAX_SECRET_ID_LEN);
+		free(escapedSHSName);
+	}
+
+	if(escapedSHSKey)
+	{
+		memset(escapedSHSKey, 0, NSSCS_MAX_SECRET_ID_LEN);			
+		free(escapedSHSKey);
+	}
+
+errorLevel2:
+	memset(secretID.id, 0, NSSCS_MAX_SECRET_ID_LEN);
+	return(rc); 
+
+/* ############################### CODE ENDS HERE ############################# */
+} //* end of miCASAReadKey
 
 
 /*