geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Binary support in shared libraries

Browse Source
This commit is contained in:
Jim Norman
2005-12-09 17:42:13 +00:00
parent c30b2b3195
commit f0946f22d5
12 changed files with 854 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
c_micasacache/link.w32
View File

@@ -41,6 +41,7 @@ LINK_DEF_BLD = \
echo "/EXPORT:sscs_SetMasterPassword">> $(LINKDEF);\
echo "/EXPORT:sscs_IsSecretPersistent">> $(LINKDEF);\
echo "/EXPORT:sscs_CacheWriteKey">> $(LINKDEF);\
echo "/EXPORT:sscs_CacheReadKey">> $(LINKDEF);\
echo "/EXPORT:sscs_CacheWriteBinaryKey">> $(LINKDEF);\
echo "/EXPORT:sscs_CacheReadBinaryKey">> $(LINKDEF);\
echo "/EXPORT:sscs_CacheCloseSecretStore">> $(LINKDEF);\
echo "/EXPORT:sscs_CacheOpenSecretStore">> $(LINKDEF);

2
c_micasacache/link_mdd.w32
View File

@@ -48,5 +48,7 @@ LINK_DEF_BLD = \
echo "/EXPORT:sscs_IsSecretPersistent">> $(LINKDEF);\
echo "/EXPORT:sscs_CacheWriteKey">> $(LINKDEF);\
echo "/EXPORT:sscs_CacheReadKey">> $(LINKDEF);\
echo "/EXPORT:sscs_CacheWriteBinaryKey">> $(LINKDEF);\
echo "/EXPORT:sscs_CacheReadBinaryKey">> $(LINKDEF);\
echo "/EXPORT:sscs_CacheCloseSecretStore">> $(LINKDEF);\
echo "/EXPORT:sscs_CacheOpenSecretStore">> $(LINKDEF);

92
c_micasacache/sscs_unx_cache.c
View File

@@ -291,14 +291,14 @@ int32_t sscs_CacheEnumerateSecretIDs
*/
int32_t sscs_CacheReadSecret
(
void *ssHandle,
uint32_t ssFlags,
void *ssHandle,
uint32_t ssFlags,
SSCS_KEYCHAIN_ID_T *keychainID,
SSCS_SECRET_ID_T *secretID,
SSCS_SECRET_ID_T *secretID,
SSCS_SECRET_T *secretData,
SSCS_PASSWORD_T *epPassword,
uint32_t *bytesRequired,
void *reserved
uint32_t *bytesRequired,
void *reserved
)
{
int32_t retVal = 0;
@@ -574,16 +574,16 @@ int32_t sscs_SetMasterPassword
*/
int sscs_CacheWriteKey
(
void *ssHandle,
uint32_t ssFlags,
void *ssHandle,
uint32_t ssFlags,
SSCS_KEYCHAIN_ID_T *keyChainID,
SSCS_SECRET_ID_T *secretID,
SS_UTF8_T *key,
uint32_t keyLen,
uint8_t *val,
uint32_t valLen,
SS_UTF8_T *key,
uint32_t keyLen,
uint8_t *val,
int32_t valLen,
SSCS_PASSWORD_T *epPassword,
void *reserved
void *reserved
)
{
int32_t retVal = 0;
@@ -593,6 +593,32 @@ int sscs_CacheWriteKey
return retVal;
}
int sscs_CacheWriteBinaryKey
(
void *ssHandle,
uint32_t ssFlags,
SSCS_KEYCHAIN_ID_T *keyChainID,
SSCS_SECRET_ID_T *secretID,
SS_UTF8_T *key,
uint32_t keyLen,
uint8_t *val,
uint32_t valLen,
SSCS_PASSWORD_T *epPassword,
void *reserved
)
{
int32_t retVal = 0;
SSCS_SECRETSTORE_HANDLE_T *ssHandleCopy = (SSCS_SECRETSTORE_HANDLE_T *)ssHandle;
retVal = ipc_WriteBinaryKey(ssHandleCopy,ssFlags,keyChainID,secretID,key,keyLen,val,valLen,epPassword, reserved);
return retVal;
}
/* Reads Secret value for a given Secret ID in a given keychain.
*
* Parameters:
@@ -624,17 +650,17 @@ int sscs_CacheWriteKey
*/
int32_t sscs_CacheReadKey
(
void *ssHandle,
uint32_t ssFlags,
void *ssHandle,
uint32_t ssFlags,
SSCS_KEYCHAIN_ID_T *keychainID,
SSCS_SECRET_ID_T *secretID,
SS_UTF8_T *key,
uint32_t keyLen,
uint8_t *val,
uint32_t valLen,
SSCS_SECRET_ID_T *secretID,
SS_UTF8_T *key,
uint32_t keyLen,
uint8_t *val,
uint32_t *valLen,
SSCS_PASSWORD_T *epPassword,
uint32_t *bytesRequired,
void *reserved
uint32_t *bytesRequired,
void *reserved
)
{
int32_t retVal = 0;
@@ -644,6 +670,30 @@ int32_t sscs_CacheReadKey
return retVal;
}
int32_t sscs_CacheReadBinaryKey
(
void *ssHandle,
uint32_t ssFlags,
SSCS_KEYCHAIN_ID_T *keychainID,
SSCS_SECRET_ID_T *secretID,
SS_UTF8_T *key,
uint32_t keyLen,
uint8_t *val,
uint32_t *valLen,
SSCS_PASSWORD_T *epPassword,
uint32_t *bytesRequired,
void *reserved
)
{
int32_t retVal = 0;
SSCS_SECRETSTORE_HANDLE_T *ssHandleCopy = (SSCS_SECRETSTORE_HANDLE_T *)ssHandle;
retVal = ipc_ReadBinaryKey(ssHandleCopy,keychainID,secretID,key,keyLen,val,valLen,epPassword,bytesRequired);
return retVal;
}
int sscs_IsSecretPersistent
(
void *ssHandle,

390
c_micasacache/sscs_unx_ipc_client.c
View File

@@ -1801,9 +1801,9 @@ int32_t ipc_ReadKey
SS_UTF8_T *key,
uint32_t keyLen,
uint8_t *val,
uint32_t valLen,
uint32_t *valLen,
SSCS_PASSWORD_T *epPassword,
uint32_t *bytesRequired
uint32_t *bytesRequired
)
{
int retVal = 0; //to be used in the function internally
@@ -1917,7 +1917,173 @@ int32_t ipc_ReadKey
break;
}
// Let me check if the buffer passed by application is big enough
if(dataLen <= valLen)
if(dataLen <= *valLen)
{
// Read the secret into application buffer.
retVal = IPC_READ(*(int *)ssHandle->platHandle, val, dataLen);
if( retVal < 0 )
{
retCode = NSSCS_E_SYSTEM_FAILURE;
break;
}
// set the length of the data
*valLen = dataLen;
}
else
{
//buffer allocated by application is not sufficient to hold the data.
*bytesRequired = dataLen;
{
// Cleanup the channel by reading the remaining and return error.
int n;
n = dataLen;
while(n)
{
int bytes = IPC_READ(*(int *)ssHandle->platHandle, gpReplyBuf, MIN_REPLY_BUF_LEN);
if( bytes > 0)
n -= MIN_REPLY_BUF_LEN;
else
break;
}
// Read the sscs return code also.
IPC_READ(*(int *)ssHandle->platHandle, (Byte *) &sockReturn, MSG_DWORD_LEN);
retCode = NSSCS_E_ENUM_BUFF_TOO_SHORT;
break;
}
}
// Read the sscs return code also.
IPC_READ(*(int *)ssHandle->platHandle, (Byte *) &sockReturn, MSG_DWORD_LEN);
retCode = mapReturnCode(sockReturn);
} while(0);
return retCode;
}
int32_t ipc_ReadBinaryKey
(
SSCS_SECRETSTORE_HANDLE_T *ssHandle,
SSCS_KEYCHAIN_ID_T *keychainID,
SSCS_SECRET_ID_T *secretID,
SS_UTF8_T *key,
uint32_t keyLen,
uint8_t *val,
uint32_t *valLen,
SSCS_PASSWORD_T *epPassword,
uint32_t *bytesRequired
)
{
int retVal = 0; //to be used in the function internally
int32_t retCode = NSSCS_SUCCESS; //to be returned to caller
int32_t sockReturn = 0; //obtained from the server
uint32_t dataLen = 0;
uint16_t msgid = 0;
uint32_t keychainIDLen = 0;
uint32_t secretIDLen = 0;
uint32_t msgLen = 0;
SSCS_PASSWORD_T myPassword = {0,0,""};
Byte gpReqBuf[MIN_REQUEST_BUF_LEN];
Byte gpReplyBuf[MIN_REPLY_BUF_LEN];
Byte *pReq = NULL, *pReply = NULL;
memset(gpReqBuf,0,sizeof(gpReqBuf));
memset(gpReplyBuf,0,sizeof(gpReplyBuf));
do
{
if((NULL == ssHandle) || (NULL == ssHandle->platHandle) || (NULL == keychainID) || (NULL == secretID) || (NULL == bytesRequired))
{
retCode = NSSCS_E_INVALID_PARAM;
break;
}
// Prepare Request buffer
keychainIDLen = keychainID->len;
secretIDLen = secretID->len;
if( keychainIDLen > NSSS_MAX_KEYCHAIN_ID_CHARS ||
secretIDLen > NSSS_MAX_SECRET_ID_CHARS )
{
retCode = NSSS_E_SECRET_ID_TOO_LONG;
break;
}
// epPassword is optional. So, the code should not break.
if( NULL == epPassword )
epPassword = &myPassword;
msgLen = MSGID_LEN + MSG_LEN +
MSG_STRING_LEN + // KeychainID length
keychainIDLen + // Keychain ID
MSG_STRING_LEN + // SecretID length
secretIDLen + // SecretID
MSG_STRING_LEN + //keyLen
keyLen + //key
MSG_STRING_LEN + // epPassword len
epPassword->pwordLen;
pReq = gpReqBuf;
msgid = REQ_READ_BINARY_KEY_MSGID;
memcpy(pReq, &msgid, MSGID_LEN);
pReq += MSGID_LEN;
memcpy(pReq, &msgLen, MSG_LEN);
pReq += MSG_LEN;
memcpy(pReq, &keychainIDLen, MSG_STRING_LEN);
pReq += MSG_STRING_LEN;
memcpy(pReq,keychainID->keychainID,keychainIDLen);
pReq += keychainIDLen ;
memcpy(pReq, &secretIDLen, MSG_STRING_LEN);
pReq += MSG_STRING_LEN;
memcpy(pReq, secretID->id, secretIDLen);
pReq += secretIDLen;
memcpy(pReq, &keyLen, MSG_STRING_LEN);
pReq += MSG_STRING_LEN;
memcpy(pReq, key, keyLen);
pReq += keyLen;
memcpy(pReq, &(epPassword->pwordLen), MSG_STRING_LEN);
pReq += MSG_STRING_LEN;
memcpy(pReq, epPassword->pword, epPassword->pwordLen);
pReq += epPassword->pwordLen;
retVal = IPC_WRITE(*(int *)ssHandle->platHandle, gpReqBuf, msgLen);
if(retVal < 0)
{
//log debug info here
retCode = NSSCS_E_SYSTEM_FAILURE;
break;
}
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if( 0 == retVal )
{
//log debug info here
retCode = NSSCS_E_SYSTEM_FAILURE;
break;
}
memcpy(&msgid,pReply, MSGID_LEN);
pReply += MSGID_LEN;
memcpy(&msgLen,pReply, MSG_LEN);
pReply += MSG_LEN;
memcpy(&dataLen,pReply, MSG_DWORD_LEN);
if( 0 == dataLen )
{
// Cleanup the channel by reading the return code.
retVal = IPC_READ(*(int *)ssHandle->platHandle,&sockReturn, MSG_DWORD_LEN);
if( retVal < 0 )
{
retCode = NSSCS_E_SYSTEM_FAILURE;
break;
}
retCode = mapReturnCode(sockReturn);
break;
}
// Let me check if the buffer passed by application is big enough
if(dataLen <= *valLen)
{
// Read the secret into application buffer.
retVal = IPC_READ(*(int *)ssHandle->platHandle, val, dataLen);
@@ -2070,7 +2236,223 @@ int ipc_WriteKey
pReq = gpReqBuf;
}
msgid = REQ_WRITE_KEY_MSGID;
msgid = REQ_WRITE_KEY_MSGID;
memcpy(pReq, &msgid, MSGID_LEN);
pReq += MSGID_LEN;
memcpy(pReq, &msgLen, MSG_LEN);
pReq += MSG_LEN;
memcpy(pReq, &keychainIDLen, MSG_STRING_LEN);
pReq += MSG_STRING_LEN;
memcpy(pReq,keychainID->keychainID,keychainIDLen );
pReq += keychainIDLen;
memcpy(pReq, &secretIDLen, MSG_STRING_LEN);
pReq += MSG_STRING_LEN;
memcpy(pReq, secretID->id,secretIDLen);
pReq += secretIDLen;
memcpy(pReq,&keyLen,MSG_STRING_LEN);
pReq += MSG_STRING_LEN;
memcpy(pReq,key,keyLen);
pReq += keyLen;
memcpy(pReq,&valLen,MSG_STRING_LEN);
pReq += MSG_STRING_LEN;
memcpy(pReq,val,valLen);
pReq += valLen;
memcpy(pReq, &(epPassword->pwordLen), MSG_STRING_LEN);
pReq += MSG_STRING_LEN;
memcpy(pReq, epPassword->pword, epPassword->pwordLen);
pReq += epPassword->pwordLen;
// marshall the extension if there is one
if (ext)
{
if (ext->extID == WINDOWS_LOGIN_ID)
{
extID = EXT_TYPE_WINDOWS_LUID;
memcpy(pReq, &extID, MSG_DWORD_LEN);
pReq += MSG_DWORD_LEN;
luidLen = WINDOWS_LUID_LEN;
memcpy(pReq, &luidLen, MSG_DWORD_LEN);
pReq += MSG_DWORD_LEN;
memcpy(pReq, ext->ext, 8);
pReq += 8;
}
else
{
uint32_t extID = 0;
memcpy(pReq,&extID,MSG_DWORD_LEN);
}
}
else
{
uint32_t extID = 0;
memcpy(pReq,&extID,MSG_DWORD_LEN);
}
if(tmpBuf != NULL)
{
retVal = IPC_WRITE(*(int *)ssHandle->platHandle,tmpBuf,msgLen);
}
else
{
retVal = IPC_WRITE(*(int *)ssHandle->platHandle,gpReqBuf, msgLen);
}
if(retVal < 0)
{
//log debug info here
retCode = NSSCS_E_SYSTEM_FAILURE;
break;
}
// Read reply
pReply = gpReplyBuf;
retVal = IPC_READ(*(int *)ssHandle->platHandle, pReply, MSG_REPLY_GENERAL);
if(retVal < 0)
{
//log debug info here
retCode = NSSCS_E_SYSTEM_FAILURE;
break;
}
memcpy(&msgid,pReply, MSGID_LEN);
pReply += MSGID_LEN;
memcpy(&msgLen,pReply, MSG_LEN);
pReply += MSG_LEN;
memcpy(&sockReturn, pReply, MSG_DWORD_LEN);
retCode = mapReturnCode(sockReturn);
}while(0);
if( tmpBuf != NULL )
{
free(tmpBuf);
tmpBuf = NULL;
}
return retCode;
}
int ipc_WriteBinaryKey
(
SSCS_SECRETSTORE_HANDLE_T *ssHandle,
uint32_t ssFlags,
SSCS_KEYCHAIN_ID_T *keychainID,
SSCS_SECRET_ID_T *secretID,
SS_UTF8_T *key,
uint32_t keyLen,
uint8_t *val,
uint32_t valLen,
SSCS_PASSWORD_T *epPassword,
SSCS_EXT_T *ext
)
{
int retVal = 0; //to be used in the function internally
int32_t retCode = NSSCS_SUCCESS; //to be returned to caller
int32_t sockReturn = 0; //obtained from the server
Byte gpReqBuf[MIN_REQUEST_BUF_LEN];
Byte gpReplyBuf[MIN_REPLY_BUF_LEN];
Byte *pReq = NULL, *pReply = NULL;
Byte *tmpBuf = NULL;
uint16_t msgid = 0;
uint32_t keychainIDLen = 0;
uint32_t secretIDLen = 0;
uint32_t msgLen = 0;
uint32_t extID = 0;
uint32_t luidLen = 0;
SSCS_PASSWORD_T myPassword = {0,0,""};
memset(gpReqBuf,0,sizeof(gpReqBuf));
memset(gpReplyBuf,0,sizeof(gpReplyBuf));
do
{
if((NULL == ssHandle) || (NULL == ssHandle->platHandle) || (NULL == keychainID) || (NULL == secretID) ||(NULL == key))
{
retCode = NSSCS_E_INVALID_PARAM;
break;
}
// Prepare Request buffer
keychainIDLen = keychainID->len;
secretIDLen = secretID->len;
if( keychainIDLen > NSSS_MAX_KEYCHAIN_ID_CHARS ||
secretIDLen > NSSS_MAX_SECRET_ID_CHARS )
{
retCode = NSSS_E_SECRET_ID_TOO_LONG;
break;
}
// epPassword is optional. So, the code should not break.
if(epPassword == NULL)
epPassword = &myPassword;
msgLen = MSGID_LEN + MSG_LEN +
MSG_STRING_LEN + // KeychainID length
keychainIDLen + // Keychain ID
MSG_STRING_LEN + // SecretID length
secretIDLen + // SecretID
MSG_STRING_LEN + // Secret Value Length
keyLen +
MSG_STRING_LEN +
valLen +
MSG_STRING_LEN + // epPassword len
epPassword->pwordLen;
// is there an ext, account for it
if (ext)
{
// The login capture on Windows determines the LUID of the user
// and sends it as an Extension, marshall it across the pipe
// see the WriteSecret verb for handling it.
if (ext->extID == WINDOWS_LOGIN_ID)
{
// 4 byte ext type, 4 byte len and 8 bytes of LUID
msgLen += MSG_DWORD_LEN + MSG_DWORD_LEN + WINDOWS_LUID_LEN;
// as setup in the capture module
//ext.extID = WINDOWS_LOGON_ID;
//ext.version = 0x00010000; // 1.0.0
//ext.ext = (void *)lpLogonId;
// _LUID { DWORD LowPart; LONG HighPart; // 8 byte
}
else
msgLen += MSG_DWORD_LEN;
}
else
{
// the cache daemon expects a ext, add it here
msgLen += MSG_DWORD_LEN;
}
if( msgLen > MIN_REQUEST_BUF_LEN )
{
tmpBuf = (Byte*)malloc(msgLen);
if( NULL == tmpBuf )
{
retCode = NSSCS_E_SYSTEM_FAILURE;
break;
}
memset(tmpBuf,0,msgLen);
pReq = tmpBuf;
}
else
{
pReq = gpReqBuf;
}
msgid = REQ_WRITE_BINARY_KEY_MSGID;
memcpy(pReq, &msgid, MSGID_LEN);
pReq += MSGID_LEN;
memcpy(pReq, &msgLen, MSG_LEN);