Only grant permissions to new extensions from sync if they have the expected version
[chromium-blink-merge.git] / crypto / cssm_init.cc
blob495e71b68abc7787c90cf85d747e9d183fba325e
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "crypto/cssm_init.h"
7 #include <Security/SecBase.h>
9 #include "base/logging.h"
10 #include "base/mac/scoped_cftyperef.h"
11 #include "base/memory/singleton.h"
12 #include "base/strings/sys_string_conversions.h"
14 // When writing crypto code for Mac OS X, you may find the following
15 // documentation useful:
16 // - Common Security: CDSA and CSSM, Version 2 (with corrigenda)
17 // http://www.opengroup.org/security/cdsa.htm
18 // - Apple Cryptographic Service Provider Functional Specification
19 // - CryptoSample: http://developer.apple.com/SampleCode/CryptoSample/
21 namespace {
23 void* CSSMMalloc(CSSM_SIZE size, void* alloc_ref) {
24 return malloc(size);
27 void CSSMFree(void* mem_ptr, void* alloc_ref) {
28 free(mem_ptr);
31 void* CSSMRealloc(void* ptr, CSSM_SIZE size, void* alloc_ref) {
32 return realloc(ptr, size);
35 void* CSSMCalloc(uint32 num, CSSM_SIZE size, void* alloc_ref) {
36 return calloc(num, size);
39 class CSSMInitSingleton {
40 public:
41 static CSSMInitSingleton* GetInstance() {
42 return base::Singleton<CSSMInitSingleton, base::LeakySingletonTraits<
43 CSSMInitSingleton>>::get();
46 CSSM_CSP_HANDLE csp_handle() const { return csp_handle_; }
47 CSSM_CL_HANDLE cl_handle() const { return cl_handle_; }
48 CSSM_TP_HANDLE tp_handle() const { return tp_handle_; }
50 private:
51 CSSMInitSingleton()
52 : inited_(false), csp_loaded_(false), cl_loaded_(false),
53 tp_loaded_(false), csp_handle_(CSSM_INVALID_HANDLE),
54 cl_handle_(CSSM_INVALID_HANDLE), tp_handle_(CSSM_INVALID_HANDLE) {
55 static CSSM_VERSION version = {2, 0};
56 // TODO(wtc): what should our caller GUID be?
57 static const CSSM_GUID test_guid = {
58 0xFADE, 0, 0, { 1, 2, 3, 4, 5, 6, 7, 0 }
60 CSSM_RETURN crtn;
61 CSSM_PVC_MODE pvc_policy = CSSM_PVC_NONE;
62 crtn = CSSM_Init(&version, CSSM_PRIVILEGE_SCOPE_NONE, &test_guid,
63 CSSM_KEY_HIERARCHY_NONE, &pvc_policy, NULL);
64 if (crtn) {
65 NOTREACHED();
66 return;
68 inited_ = true;
70 crtn = CSSM_ModuleLoad(&gGuidAppleCSP, CSSM_KEY_HIERARCHY_NONE, NULL, NULL);
71 if (crtn) {
72 NOTREACHED();
73 return;
75 csp_loaded_ = true;
76 crtn = CSSM_ModuleLoad(
77 &gGuidAppleX509CL, CSSM_KEY_HIERARCHY_NONE, NULL, NULL);
78 if (crtn) {
79 NOTREACHED();
80 return;
82 cl_loaded_ = true;
83 crtn = CSSM_ModuleLoad(
84 &gGuidAppleX509TP, CSSM_KEY_HIERARCHY_NONE, NULL, NULL);
85 if (crtn) {
86 NOTREACHED();
87 return;
89 tp_loaded_ = true;
91 const CSSM_API_MEMORY_FUNCS cssmMemoryFunctions = {
92 CSSMMalloc,
93 CSSMFree,
94 CSSMRealloc,
95 CSSMCalloc,
96 NULL
99 crtn = CSSM_ModuleAttach(&gGuidAppleCSP, &version, &cssmMemoryFunctions, 0,
100 CSSM_SERVICE_CSP, 0, CSSM_KEY_HIERARCHY_NONE,
101 NULL, 0, NULL, &csp_handle_);
102 DCHECK_EQ(CSSM_OK, crtn);
103 crtn = CSSM_ModuleAttach(&gGuidAppleX509CL, &version, &cssmMemoryFunctions,
104 0, CSSM_SERVICE_CL, 0, CSSM_KEY_HIERARCHY_NONE,
105 NULL, 0, NULL, &cl_handle_);
106 DCHECK_EQ(CSSM_OK, crtn);
107 crtn = CSSM_ModuleAttach(&gGuidAppleX509TP, &version, &cssmMemoryFunctions,
108 0, CSSM_SERVICE_TP, 0, CSSM_KEY_HIERARCHY_NONE,
109 NULL, 0, NULL, &tp_handle_);
110 DCHECK_EQ(CSSM_OK, crtn);
113 ~CSSMInitSingleton() {
114 CSSM_RETURN crtn;
115 if (csp_handle_) {
116 CSSM_RETURN crtn = CSSM_ModuleDetach(csp_handle_);
117 DCHECK_EQ(CSSM_OK, crtn);
119 if (cl_handle_) {
120 CSSM_RETURN crtn = CSSM_ModuleDetach(cl_handle_);
121 DCHECK_EQ(CSSM_OK, crtn);
123 if (tp_handle_) {
124 CSSM_RETURN crtn = CSSM_ModuleDetach(tp_handle_);
125 DCHECK_EQ(CSSM_OK, crtn);
127 if (csp_loaded_) {
128 crtn = CSSM_ModuleUnload(&gGuidAppleCSP, NULL, NULL);
129 DCHECK_EQ(CSSM_OK, crtn);
131 if (cl_loaded_) {
132 crtn = CSSM_ModuleUnload(&gGuidAppleX509CL, NULL, NULL);
133 DCHECK_EQ(CSSM_OK, crtn);
135 if (tp_loaded_) {
136 crtn = CSSM_ModuleUnload(&gGuidAppleX509TP, NULL, NULL);
137 DCHECK_EQ(CSSM_OK, crtn);
139 if (inited_) {
140 crtn = CSSM_Terminate();
141 DCHECK_EQ(CSSM_OK, crtn);
145 bool inited_; // True if CSSM_Init has been called successfully.
146 bool csp_loaded_; // True if gGuidAppleCSP has been loaded
147 bool cl_loaded_; // True if gGuidAppleX509CL has been loaded.
148 bool tp_loaded_; // True if gGuidAppleX509TP has been loaded.
149 CSSM_CSP_HANDLE csp_handle_;
150 CSSM_CL_HANDLE cl_handle_;
151 CSSM_TP_HANDLE tp_handle_;
153 friend struct base::DefaultSingletonTraits<CSSMInitSingleton>;
156 } // namespace
158 namespace crypto {
160 void EnsureCSSMInit() {
161 CSSMInitSingleton::GetInstance();
164 CSSM_CSP_HANDLE GetSharedCSPHandle() {
165 return CSSMInitSingleton::GetInstance()->csp_handle();
168 CSSM_CL_HANDLE GetSharedCLHandle() {
169 return CSSMInitSingleton::GetInstance()->cl_handle();
172 CSSM_TP_HANDLE GetSharedTPHandle() {
173 return CSSMInitSingleton::GetInstance()->tp_handle();
176 void* CSSMMalloc(CSSM_SIZE size) {
177 return ::CSSMMalloc(size, NULL);
180 void CSSMFree(void* ptr) {
181 ::CSSMFree(ptr, NULL);
184 void LogCSSMError(const char* fn_name, CSSM_RETURN err) {
185 if (!err)
186 return;
187 base::ScopedCFTypeRef<CFStringRef> cfstr(
188 SecCopyErrorMessageString(err, NULL));
189 LOG(ERROR) << fn_name << " returned " << err
190 << " (" << base::SysCFStringRefToUTF8(cfstr) << ")";
193 ScopedCSSMData::ScopedCSSMData() {
194 memset(&data_, 0, sizeof(data_));
197 ScopedCSSMData::~ScopedCSSMData() {
198 if (data_.Data) {
199 CSSMFree(data_.Data);
200 data_.Data = NULL;
204 } // namespace crypto