// // Get the keychain master key and invoke the securityd_service // to stash it in the AppleFDEKeyStore ready for commit to the // NVRAM blob. // void KeychainDatabase::stashDb() { CssmAutoData data(Allocator::standard(Allocator::sensitive)); { StLock<Mutex> _(common()); if (!common().isValid()) { CssmError::throwMe(CSSMERR_CSP_INVALID_KEY); } CssmKey key = common().masterKey(); data.copy(key.keyData()); } service_context_t context = common().session().get_current_service_context(); int rc = service_client_stash_set_key(&context, data.data(), (int)data.length()); if (rc != 0) CssmError::throwMe(rc); }