//
// Get the keychain master key and invoke the securityd_service
// to stash it in the AppleFDEKeyStore ready for commit to the
// NVRAM blob.
//
void KeychainDatabase::stashDb()
{
CssmAutoData data(Allocator::standard(Allocator::sensitive));
{
StLock<Mutex> _(common());
if (!common().isValid()) {
CssmError::throwMe(CSSMERR_CSP_INVALID_KEY);
}
CssmKey key = common().masterKey();
data.copy(key.keyData());
}
service_context_t context = common().session().get_current_service_context();
int rc = service_client_stash_set_key(&context, data.data(), (int)data.length());
if (rc != 0) CssmError::throwMe(rc);
}
