Beispiel #1
0
QSqlError pki_x509super::lookupKey()
{
	XSqlQuery q;
	unsigned hash = pubHash();

	SQL_PREPARE(q, "SELECT item FROM public_keys WHERE hash=?");
	q.bindValue(0, hash);
	q.exec();
	if (q.lastError().isValid())
		return q.lastError();
	while (q.next()) {
		pki_key *x = db_base::lookupPki<pki_key>(q.value(0));
		if (!x) {
			qDebug("Public key with id %d not found",
				q.value(0).toInt());
			continue;
		}
		x->resetUcount();
		if (compareRefKey(x)) {
			setRefKey(x);
			break;
		}
	}
	return q.lastError();
}
void BSafe::BSafeContext::setKeyFromContext(
	const Context &context, 
	bool required)
{
    CssmKey &key = 
		context.get<CssmKey>(CSSM_ATTRIBUTE_KEY, CSSMERR_CSP_MISSING_ATTR_KEY);
	
	switch(key.blobType()) {
		case CSSM_KEYBLOB_REFERENCE:
			setRefKey(key);
			return;
		case CSSM_KEYBLOB_RAW:
			break;		// to main routine
		default:
			CssmError::throwMe(CSSMERR_CSP_KEY_BLOB_TYPE_INCORRECT);
	}
	
	bool isPubKey;
	switch (key.keyClass()) {
		case CSSM_KEYCLASS_SESSION_KEY:
			/* symmetric, one format supported for all algs */
			switch (key.blobFormat()) {
				case CSSM_KEYBLOB_RAW_FORMAT_OCTET_STRING:
					setKeyFromCssmKey(KI_Item, key);
					return;
				default:
					CssmError::throwMe(CSSMERR_CSP_INVALID_KEY_FORMAT);
			}
		case CSSM_KEYCLASS_PUBLIC_KEY:
			isPubKey = true;
			break;
		case CSSM_KEYCLASS_PRIVATE_KEY:
			isPubKey = false;
			break;
		default:
			CssmError::throwMe(CSSMERR_CSP_INVALID_KEY_CLASS);
	}
	
	/* We know it's an asymmetric key; get some info */
	B_INFO_TYPE infoType;
	CSSM_KEYBLOB_FORMAT expectedFormat;
	
	if(!bsafeAlgToInfoType(key.algorithm(),
		isPubKey,
		infoType, 
		expectedFormat)) {
		/* unknown alg! */
		CssmError::throwMe(CSSMERR_CSP_INVALID_KEY);
	}
	
	/* 
	 * Correct format? 
	 * NOTE: if we end up supporting multiple incoming key formats, they'll
	 * have to be handled here.
	 */
	if(expectedFormat != key.blobFormat()) {
		errorLog1("setKeyFromContext: invalid blob format (%d)\n", 
			(int)key.blobFormat());
		CssmError::throwMe(CSSMERR_CSP_INVALID_KEY_FORMAT);
	}
	
	/*
	 * Most formats can be handled directly by BSAFE. Handle the special cases 
	 * requiring additional processing here. 
	 */
	switch(expectedFormat)  {
		case CSSM_KEYBLOB_RAW_FORMAT_PKCS1:
			/* RSA public keys */
			createBsKey();
			BS_setKeyPkcs1(CssmData::overlay(key.KeyData), bsKey);
			break;
		default:
			setKeyFromCssmKey(infoType, key);
			break;
	}
	
	/* 
	 * One more thing - set mOutSize for RSA keys
	 */
	if(key.algorithm() == CSSM_ALGID_RSA) {
		setRsaOutSize(isPubKey);	
	}	
}