diff --git a/c_micasadk/sscs_ndk.c b/c_micasadk/sscs_ndk.c index 1177e2ba..9913a975 100644 --- a/c_micasadk/sscs_ndk.c +++ b/c_micasadk/sscs_ndk.c @@ -2711,7 +2711,8 @@ miCASAGetCredential if (*credentialType == SSCS_CRED_TYPE_BINARY_F) { - return miCASAReadBinaryKey( + // first check appSecretID + rcode = miCASAReadBinaryKey( context, ssFlags, &kc, @@ -2722,7 +2723,27 @@ miCASAGetCredential binaryCred->dataLen, NULL, &bytesRequired, - ext); + ext); + + if ((rcode != NSSCS_SUCCESS) && (sharedSecretID != NULL)) + { + // try shared if set + rcode = miCASAReadBinaryKey( + context, + ssFlags, + &kc, + sharedSecretID, + binaryCred->id, + binaryCred->idLen, + binaryCred->data, + binaryCred->dataLen, + NULL, + &bytesRequired, + ext); + } + + miCASACloseSecretStoreCache(context, ssFlags, NULL); + return rcode; } // create a SHS Handle @@ -2882,6 +2903,12 @@ miCASASetCredential SSCS_BASIC_CREDENTIAL *basicCred; SSCS_BINARY_CREDENTIAL *binaryCred; + // check params + if ((appSecretID == NULL) || (credential == NULL)) + { + return(NSSCS_E_INVALID_PARAM); + } + // open secretStore sscs_Utf8Strcpy(store.ssName, SSCS_DEFAULT_SECRETSTORE_ID); store.version = 1; @@ -2903,7 +2930,11 @@ miCASASetCredential { binaryCred = (SSCS_BINARY_CREDENTIAL *)credential; - return miCASAWriteBinaryKey( + // TODO: set shared if passed in + + + // set apps binary key + rcode = miCASAWriteBinaryKey( context, ssFlags, &kc, @@ -2914,14 +2945,14 @@ miCASASetCredential binaryCred->dataLen, NULL, ext); + + miCASACloseSecretStoreCache(context, ssFlags, NULL); + return rcode; + } else basicCred = (SSCS_BASIC_CREDENTIAL *)credential; - // check params - if ((appSecretID == NULL) || (credential == NULL)) - { - return(NSSCS_E_INVALID_PARAM); - } + // determine username key name, ie CN, LDAPDN, etc if (basicCred->unFlags & USERNAME_TYPE_NDS_DN_F)