diff --git a/CASA/CASA.changes b/CASA/CASA.changes
index 0cffaaf5..36ca3e4b 100644
--- a/CASA/CASA.changes
+++ b/CASA/CASA.changes
@@ -1,3 +1,7 @@
+--------------------------------------------------------------------
+Tue Jun 27 14:22:53 MST 2006 - jnorman@novell.com
+Added miCASARemoveKey API to dll.
+
--------------------------------------------------------------------
Mon Jun 26 16:16:53 MST 2006 - jluciani@novell.com
- Added files sscs_string.h, micasa.h, and casa_status.h
diff --git a/CASA/include/micasa.h b/CASA/include/micasa.h
index cdf760a7..7f7dd217 100644
--- a/CASA/include/micasa.h
+++ b/CASA/include/micasa.h
@@ -510,6 +510,19 @@ miCASAReadBinaryKey
SSCS_EXT_T * ext
);
+SSCS_EXTERN_LIBCALL(int32_t)
+miCASARemoveKey
+(
+ void * context,
+ uint32_t ssFlags,
+ SSCS_KEYCHAIN_ID_T * keyChainID,
+ SSCS_SECRET_ID_T * sharedSecretID,
+ SS_UTF8_T * key,
+ uint32_t keyLen,
+ SSCS_PASSWORD_T * epPassword,
+ SSCS_EXT_T * ext
+);
+
SSCS_EXTERN_LIBCALL(int32_t)
miCASASetMasterPasscode
(
diff --git a/CASA/include/sscs_cache.h b/CASA/include/sscs_cache.h
index d8c053ff..afdcb84d 100644
--- a/CASA/include/sscs_cache.h
+++ b/CASA/include/sscs_cache.h
@@ -517,6 +517,19 @@ int sscs_CacheReadBinaryKey
void *reserved
);
+int sscs_CacheRemoveKey
+(
+ void *ssHandle,
+ uint32_t ssFlags,
+ SSCS_KEYCHAIN_ID_T *keychainID,
+ SSCS_SECRET_ID_T *secretID,
+ SS_UTF8_T *key,
+ uint32_t keyLen,
+ SSCS_PASSWORD_T *epPassword,
+ void *reserved
+);
+
+
int32_t sscs_SetMasterPasscode
(
void *ssHandle,
diff --git a/CASA/include/sscs_ipc.h b/CASA/include/sscs_ipc.h
index 9bdc6b33..4d03cf7b 100644
--- a/CASA/include/sscs_ipc.h
+++ b/CASA/include/sscs_ipc.h
@@ -204,6 +204,16 @@ int ipc_WriteKey
SSCS_EXT_T *ext
);
+int ipc_RemoveKey
+(
+ SSCS_SECRETSTORE_HANDLE_T *ssHandle,
+ SSCS_KEYCHAIN_ID_T *keychainID,
+ SSCS_SECRET_ID_T *secretID,
+ SS_UTF8_T *key,
+ uint32_t keyLen,
+ SSCS_PASSWORD_T *epPassword
+);
+
int ipc_ReadBinaryKey
(
SSCS_SECRETSTORE_HANDLE_T *ssHandle,
diff --git a/CASA/include/sscs_unx_cache_defines.h b/CASA/include/sscs_unx_cache_defines.h
index 99d03d49..f0b47c3e 100644
--- a/CASA/include/sscs_unx_cache_defines.h
+++ b/CASA/include/sscs_unx_cache_defines.h
@@ -130,7 +130,7 @@
#define RESP_WRITE_KEY_MSGID 0x1011
#define REQ_SET_MASTER_PASSWORD 0x0012
-#define RESP_SET_MASTER_PASSWORD 0x1021
+#define RESP_SET_MASTER_PASSWORD 0x1012
#define REQ_IS_SECRET_PERSISTENT 0x0013
#define RESP_IS_SECRET_PERSISTENT 0x1013
@@ -143,6 +143,10 @@
#define REQ_READ_BINARY_KEY_MSGID 0x0016
#define RESP_READ_BINARY_KEY_MSGID 0x1016
+
+#define REQ_REMOVE_KEY_MSGID 0x0017
+#define RESP_REMOVE_KEY_MSGID 0x1017
+
#define EXT_TYPE_WINDOWS_LUID 0x00000001;
#define WINDOWS_LUID_LEN 0x00000008;
diff --git a/CASA/micasacache/micasacache.def b/CASA/micasacache/micasacache.def
index 3e2096d1..494354d6 100644
--- a/CASA/micasacache/micasacache.def
+++ b/CASA/micasacache/micasacache.def
@@ -17,6 +17,7 @@ EXPORTS
sscs_IsSecretPersistent
sscs_CacheWriteKey
sscs_CacheWriteBinaryKey
+ sscs_CacheRemoveKey
sscs_CacheReadKey
sscs_CacheReadBinaryKey
sscs_CacheCloseSecretStore
diff --git a/CASA/micasacache/sscs_unx_cache.c b/CASA/micasacache/sscs_unx_cache.c
index 6b010112..3ce05672 100644
--- a/CASA/micasacache/sscs_unx_cache.c
+++ b/CASA/micasacache/sscs_unx_cache.c
@@ -631,6 +631,48 @@ int sscs_CacheWriteBinaryKey
return retVal;
}
+/* Removes Secret for a given Secret ID in a given keychain.
+ *
+ * Parameters:
+ * ssHandle
+ * (IN) Handle returned by sscs_CacheOpenSecretStore function. This will have
+ * context information regarding the SecretStore.
+ *
+ *
+ * keyChainID
+ * (IN) KeyChainID where the specified SecretID stored.
+ *
+ * secretID
+ * (IN) Specifies the unique secret ID within the keychain. This data is
+ * encoded in SSCS_SECRET_ID_T.
+ *
+ *
+ * epPassword
+ * (IN) Points to an optional field to pass in the Enhanced Protection Password
+ * for reading a secret.When the password is not present, you can pass in a NULL.
+ *
+ * Return Values:
+ */
+int32_t sscs_CacheRemoveKey
+(
+ void *ssHandle,
+ uint32_t ssFlags,
+ SSCS_KEYCHAIN_ID_T *keyChainID,
+ SSCS_SECRET_ID_T *secredID,
+ SS_UTF8_T *key,
+ uint32_t keyLen,
+ SSCS_PASSWORD_T *epPassword,
+ void *reserved
+)
+{
+ int32_t retVal = 0;
+ SSCS_SECRETSTORE_HANDLE_T *ssHandleCopy = (SSCS_SECRETSTORE_HANDLE_T *)ssHandle;
+
+ retVal = ipc_RemoveKey(ssHandleCopy,keyChainID,secredID,key,keyLen,epPassword);
+
+ return retVal;
+}
+
/* Reads Secret value for a given Secret ID in a given keychain.
*
diff --git a/CASA/micasacache/sscs_unx_ipc_client.c b/CASA/micasacache/sscs_unx_ipc_client.c
index e0da7b0a..75b538a9 100644
--- a/CASA/micasacache/sscs_unx_ipc_client.c
+++ b/CASA/micasacache/sscs_unx_ipc_client.c
@@ -1844,6 +1844,126 @@ int32_t ipc_SetMasterPasscode
return retCode;
}
+int32_t ipc_RemoveKey
+(
+ SSCS_SECRETSTORE_HANDLE_T *ssHandle,
+ SSCS_KEYCHAIN_ID_T *keychainID,
+ SSCS_SECRET_ID_T *secretID,
+ SS_UTF8_T *key,
+ uint32_t keyLen,
+ SSCS_PASSWORD_T *epPassword
+)
+{
+ int retVal = 0; //to be used in the function internally
+ int32_t retCode = NSSCS_SUCCESS; //to be returned to caller
+ int32_t sockReturn = 0; //obtained from the server
+
+ uint32_t dataLen = 0;
+ uint16_t msgid = 0;
+ uint32_t keychainIDLen = 0;
+ uint32_t secretIDLen = 0;
+ uint32_t msgLen = 0;
+
+ SSCS_PASSWORD_T myPassword = {0,0,""};
+
+ Byte gpReqBuf[MIN_REQUEST_BUF_LEN];
+ Byte gpReplyBuf[MIN_REPLY_BUF_LEN];
+ Byte *pReq = NULL, *pReply = NULL;
+ memset(gpReqBuf,0,sizeof(gpReqBuf));
+ memset(gpReplyBuf,0,sizeof(gpReplyBuf));
+
+ do
+ {
+ if((NULL == ssHandle)
+ || (NULL == ssHandle->platHandle)
+ || (NULL == keychainID)
+ || (NULL == secretID)
+ || (NULL == key)
+ || (keyLen < 1))
+ {
+ retCode = NSSCS_E_INVALID_PARAM;
+ break;
+ }
+
+ // Prepare Request buffer
+
+ keychainIDLen = keychainID->len;
+ secretIDLen = secretID->len;
+
+ if( keychainIDLen > NSSS_MAX_KEYCHAIN_ID_CHARS ||
+ secretIDLen > NSSS_MAX_SECRET_ID_CHARS )
+ {
+ retCode = NSSS_E_SECRET_ID_TOO_LONG;
+ break;
+ }
+ // epPassword is optional. So, the code should not break.
+ if( NULL == epPassword )
+ epPassword = &myPassword;
+ msgLen = MSGID_LEN + MSG_LEN +
+ MSG_STRING_LEN + // KeychainID length
+ keychainIDLen + // Keychain ID
+ MSG_STRING_LEN + // SecretID length
+ secretIDLen + // SecretID
+ MSG_STRING_LEN + //keyLen
+ keyLen + //key
+ MSG_STRING_LEN + // epPassword len
+ epPassword->pwordLen;
+
+ pReq = gpReqBuf;
+ msgid = REQ_REMOVE_KEY_MSGID;
+ memcpy(pReq, &msgid, MSGID_LEN);
+ pReq += MSGID_LEN;
+ memcpy(pReq, &msgLen, MSG_LEN);
+ pReq += MSG_LEN;
+ memcpy(pReq, &keychainIDLen, MSG_STRING_LEN);
+ pReq += MSG_STRING_LEN;
+ memcpy(pReq,keychainID->keychainID,keychainIDLen);
+ pReq += keychainIDLen ;
+ memcpy(pReq, &secretIDLen, MSG_STRING_LEN);
+ pReq += MSG_STRING_LEN;
+ memcpy(pReq, secretID->id, secretIDLen);
+ pReq += secretIDLen;
+
+ memcpy(pReq, &keyLen, MSG_STRING_LEN);
+ pReq += MSG_STRING_LEN;
+ memcpy(pReq, key, keyLen);
+ pReq += keyLen;
+
+ memcpy(pReq, &(epPassword->pwordLen), MSG_STRING_LEN);
+ pReq += MSG_STRING_LEN;
+ memcpy(pReq, epPassword->pword, epPassword->pwordLen);
+ pReq += epPassword->pwordLen;
+
+ retVal = IPC_WRITE(ssHandle->platHandle, gpReqBuf, msgLen);
+ if(retVal < 0)
+ {
+ //log debug info here
+ retCode = NSSCS_E_SYSTEM_FAILURE;
+ break;
+ }
+
+ // Read reply
+ pReply = gpReplyBuf;
+ retVal = IPC_READ(ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
+ if( 0 == retVal )
+ {
+ //log debug info here
+ retCode = NSSCS_E_SYSTEM_FAILURE;
+ break;
+ }
+
+ memcpy(&msgid,pReply, MSGID_LEN);
+ pReply += MSGID_LEN;
+ memcpy(&msgLen,pReply, MSG_LEN);
+ pReply += MSG_LEN;
+ memcpy(&sockReturn, pReply, MSG_DWORD_LEN);
+ retCode = mapReturnCode(sockReturn);
+
+ } while(0);
+ return retCode;
+}
+
+
int32_t ipc_ReadKey
(
SSCS_SECRETSTORE_HANDLE_T *ssHandle,
diff --git a/CASA/micasadk/micasa.def b/CASA/micasadk/micasa.def
index 1b0b3084..0a0f99a7 100644
--- a/CASA/micasadk/micasa.def
+++ b/CASA/micasadk/micasa.def
@@ -16,6 +16,7 @@ EXPORTS
miCASAWriteBinaryKey
miCASAReadKey
miCASAReadBinaryKey
+ miCASARemoveKey
miCASAGetStoreInformation
miCASAEnumerateSecretIDs
miCASARemoveSecretStore
diff --git a/CASA/micasadk/sscs_ndk.c b/CASA/micasadk/sscs_ndk.c
index 35cfdbdc..32639c6c 100644
--- a/CASA/micasadk/sscs_ndk.c
+++ b/CASA/micasadk/sscs_ndk.c
@@ -2066,6 +2066,125 @@ errorLevel2:
/* ############################### CODE ENDS HERE ############################# */
} //* end of miCASAReadBinaryKey
+/*
+ * NAME - miCASARemoveKey
+ *
+ * DESCRIPTION
+ * NOTE: This assume a SS_CREDSET SecretType
+ *
+ *
+ */
+SSCS_GLOBAL_LIBCALL(int32_t)
+miCASARemoveKey
+(
+ void * context,
+ uint32_t ssFlags,
+ SSCS_KEYCHAIN_ID_T * keyChainID,
+ SSCS_SECRET_ID_T * sharedSecretID,
+ SS_UTF8_T * key,
+ uint32_t keyLen,
+ SSCS_PASSWORD_T * epPassword,
+ SSCS_EXT_T * ext
+)
+{ /* beginning of the call */
+/* ########################## DECLARATIONS START HERE ######################### */
+
+ int32_t rc = 0, sidLen = 0, index = 0;
+ uint32_t escNameLen = 0;
+ SSCS_SECRET_ID_T secretID = {0};
+ SS_UTF8_T *escapedSHSName = NULL;
+ SS_UTF8_T *escapedSHSKey = NULL;
+ SSCS_CONTEXT_T *storeContext = (SSCS_CONTEXT_T *)context;
+
+/* ############################## CODE STARTS HERE ############################ */
+
+ // readData and epPassword are optional parameters
+ if((context == NULL) || (keyChainID == NULL) || (sharedSecretID == NULL) || (key == NULL))
+ {
+ return(NSSCS_E_INVALID_PARAM);
+ }
+
+ if(sharedSecretID->len > NSSCS_MAX_SECRET_ID_LEN/4)
+ {
+ return(NSSCS_E_BUFFER_LEN);
+ }
+
+ if (keyLen > NSSCS_MAX_SECRET_ID_LEN/4)
+ {
+ return(NSSCS_E_BUFFER_LEN);
+ }
+
+ if((escapedSHSName = (SS_UTF8_T *) malloc(NSSCS_MAX_SECRET_ID_LEN)) == NULL)
+ {
+ rc = NSSCS_E_SYSTEM_FAILURE;
+ goto errorLevel2;
+ }
+
+ if((escapedSHSKey = (SS_UTF8_T *) malloc(NSSCS_MAX_SECRET_ID_LEN)) == NULL)
+ {
+ rc = NSSCS_E_SYSTEM_FAILURE;
+ goto errorLevel1;
+ }
+
+ memset(secretID.id, 0, NSSCS_MAX_SECRET_ID_LEN);
+ memset(escapedSHSName, 0, NSSCS_MAX_SECRET_ID_LEN);
+ memset(escapedSHSKey, 0, NSSCS_MAX_SECRET_ID_LEN);
+
+ // escape delimited characters
+ if(sharedSecretID->len > NSSCS_MAX_SECRET_ID_LEN)
+ {
+ rc = NSSCS_E_BUFFER_LEN;
+ goto errorLevel1;
+ }
+
+ memcpy(escapedSHSName, sharedSecretID->id, sharedSecretID->len);
+ escNameLen = sharedSecretID->len;
+ sscsshs_ChkEscapeString(&escapedSHSName, &escNameLen);
+
+ memcpy(escapedSHSKey, key, keyLen);
+ sscsshs_ChkEscapeString(&escapedSHSKey, &keyLen);
+
+ if(escNameLen < 1)
+ {
+ rc = NSSCS_E_SECRET_ID_TOO_SHORT;
+ goto errorLevel1;
+ }
+
+ // convert to a SSCS_CRED_SET
+ sscs_Utf8Strncpy((SS_UTF8_T *)secretID.id, SSCS_CRED_SET_DELIMITED, SSCS_CRED_SET_CHARS_DELIMITED);
+ sscs_Utf8Strncat((SS_UTF8_T *)secretID.id, (SS_UTF8_T *)escapedSHSName, escNameLen);
+ secretID.len = SSCS_CRED_SET_CHARS_DELIMITED + escNameLen - 1;
+
+ rc = sscs_CacheRemoveKey(storeContext->ssHandle,
+ ssFlags,
+ keyChainID,
+ &secretID,
+ escapedSHSKey,
+ keyLen-1, // NOTE: micasad not saving NULL on key
+ epPassword,
+ ext);
+
+/* ############################### CODE EXITS HERE ############################# */
+
+errorLevel1:
+ if(escapedSHSName)
+ {
+ memset(escapedSHSName, 0, NSSCS_MAX_SECRET_ID_LEN);
+ free(escapedSHSName);
+ }
+
+ if(escapedSHSKey)
+ {
+ memset(escapedSHSKey, 0, NSSCS_MAX_SECRET_ID_LEN);
+ free(escapedSHSKey);
+ }
+
+errorLevel2:
+ memset(secretID.id, 0, NSSCS_MAX_SECRET_ID_LEN);
+ return(rc);
+
+/* ############################### CODE ENDS HERE ############################# */
+} //* end of miCASAReadKey
/*