[apple/security.git] / Security / libsecurity_sd_cspdl / lib / SDCSPSession.h

/*
 * Copyright (c) 2004,2011,2014 Apple Inc. All Rights Reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */


//
// SDDLSession.h - CSP session for security server CSP/DL.
//
#ifndef _H_SDCSPSESSION
#define _H_SDCSPSESSION

#include "SDCSPDLSession.h"

#include <securityd_client/ssclient.h>
#include <security_cdsa_client/cspclient.h>


class SDCSPDLPlugin;
class SDFactory;
class SDKey;

class SDCSPSession : public CSPFullPluginSession
{
public:
	SDCSPDLSession &mSDCSPDLSession;
	SDFactory &mSDFactory;
	CssmClient::CSP &mRawCsp;
	
	SDCSPSession(CSSM_MODULE_HANDLE handle,
				 SDCSPDLPlugin &plug,
				 const CSSM_VERSION &version,
				 uint32 subserviceId,
				 CSSM_SERVICE_TYPE subserviceType,
				 CSSM_ATTACH_FLAGS attachFlags,
				 const CSSM_UPCALLS &upcalls,
				 SDCSPDLSession &ssCSPDLSession,
				 CssmClient::CSP &rawCsp);

	SecurityServer::ClientSession &clientSession()
	{ return mClientSession; }

	CSPContext *contextCreate(CSSM_CC_HANDLE handle, const Context &context);
#if 0
	void contextUpdate(CSSM_CC_HANDLE handle, const Context &context,
					   PluginContext *ctx);
	void contextDelete(CSSM_CC_HANDLE handle, const Context &context,
					   PluginContext *ctx);
#endif

	void setupContext(CSPContext * &ctx, const Context &context,
					  bool encoding);
	
	CSSM_DB_HANDLE getDatabase(CSSM_DL_DB_HANDLE *aDLDbHandle);
	CSSM_DB_HANDLE getDatabase(const Context &context);

	void makeReferenceKey(SecurityServer::KeyHandle inKeyHandle,
						  CssmKey &outKey, CSSM_DB_HANDLE inDBHandle,
						  uint32 inKeyAttr, const CssmData *inKeyLabel);
	SDKey &lookupKey(const CssmKey &inKey);

	void WrapKey(CSSM_CC_HANDLE CCHandle,
				const Context &Context,
				const AccessCredentials &AccessCred,
				const CssmKey &Key,
				const CssmData *DescriptiveData,
				CssmKey &WrappedKey,
				CSSM_PRIVILEGE Privilege);
	void UnwrapKey(CSSM_CC_HANDLE CCHandle,
				const Context &Context,
				const CssmKey *PublicKey,
				const CssmKey &WrappedKey,
				uint32 KeyUsage,
				uint32 KeyAttr,
				const CssmData *KeyLabel,
				const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry,
				CssmKey &UnwrappedKey,
				CssmData &DescriptiveData,
				CSSM_PRIVILEGE Privilege);
	void DeriveKey(CSSM_CC_HANDLE CCHandle,
				const Context &Context,
				CssmData &Param,
				uint32 KeyUsage,
				uint32 KeyAttr,
				const CssmData *KeyLabel,
				const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry,
				CssmKey &DerivedKey);
	void GenerateKey(CSSM_CC_HANDLE ccHandle,
					const Context &context,
					uint32 keyUsage,
					uint32 keyAttr,
					const CssmData *keyLabel,
					const CSSM_RESOURCE_CONTROL_CONTEXT *credAndAclEntry,
					CssmKey &key,
					CSSM_PRIVILEGE privilege);
	void GenerateKeyPair(CSSM_CC_HANDLE ccHandle,
						const Context &context,
						uint32 publicKeyUsage,
						uint32 publicKeyAttr,
						const CssmData *publicKeyLabel,
						CssmKey &publicKey,
						uint32 privateKeyUsage,
						uint32 privateKeyAttr,
						const CssmData *privateKeyLabel,
						const CSSM_RESOURCE_CONTROL_CONTEXT *credAndAclEntry,
						CssmKey &privateKey,
						CSSM_PRIVILEGE privilege);
	void ObtainPrivateKeyFromPublicKey(const CssmKey &PublicKey,
									CssmKey &PrivateKey);
	void QueryKeySizeInBits(CSSM_CC_HANDLE CCHandle,
							const Context &Context,
							const CssmKey &Key,
							CSSM_KEY_SIZE &KeySize);
	void FreeKey(const AccessCredentials *AccessCred,
				CssmKey &key, CSSM_BOOL Delete);
	void GenerateRandom(CSSM_CC_HANDLE ccHandle,
						const Context &context,
						CssmData &randomNumber);
	void Login(const AccessCredentials &AccessCred,
			const CssmData *LoginName,
			const void *Reserved);
	void Logout();
	void VerifyDevice(const CssmData &DeviceCert);
	void GetOperationalStatistics(CSPOperationalStatistics &statistics);
	void RetrieveCounter(CssmData &Counter);
	void RetrieveUniqueId(CssmData &UniqueID);
	void GetTimeValue(CSSM_ALGORITHMS TimeAlgorithm, CssmData &TimeData);
	void GetKeyOwner(const CssmKey &Key,
					CSSM_ACL_OWNER_PROTOTYPE &Owner);
	void ChangeKeyOwner(const AccessCredentials &AccessCred,
						const CssmKey &Key,
						const CSSM_ACL_OWNER_PROTOTYPE &NewOwner);
	void GetKeyAcl(const CssmKey &Key,
					const CSSM_STRING *SelectionTag,
					uint32 &NumberOfAclInfos,
					CSSM_ACL_ENTRY_INFO_PTR &AclInfos);
	void ChangeKeyAcl(const AccessCredentials &AccessCred,
					const CSSM_ACL_EDIT &AclEdit,
					const CssmKey &Key);
	void GetLoginOwner(CSSM_ACL_OWNER_PROTOTYPE &Owner);
	void ChangeLoginOwner(const AccessCredentials &AccessCred,
						const CSSM_ACL_OWNER_PROTOTYPE &NewOwner);
	void GetLoginAcl(const CSSM_STRING *SelectionTag,
					uint32 &NumberOfAclInfos,
					CSSM_ACL_ENTRY_INFO_PTR &AclInfos);
	void ChangeLoginAcl(const AccessCredentials &AccessCred,
						const CSSM_ACL_EDIT &AclEdit);
	void PassThrough(CSSM_CC_HANDLE CCHandle,
					const Context &Context,
					uint32 PassThroughId,
					const void *InData,
					void **OutData);
private:
	/* Validate requested key attr flags for newly generated keys */
	void validateKeyAttr(uint32 reqKeyAttr);

	SecurityServer::ClientSession mClientSession;
};


#endif // _H_SDCSPSESSION
Commit	Line	Data
b1ab9ed8	1	/*
d8f41ccd	2	* Copyright (c) 2004,2011,2014 Apple Inc. All Rights Reserved.
b1ab9ed8 A	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23
	24
	25	//
	26	// SDDLSession.h - CSP session for security server CSP/DL.
	27	//
	28	#ifndef _H_SDCSPSESSION
	29	#define _H_SDCSPSESSION
	30
	31	#include "SDCSPDLSession.h"
	32
	33	#include <securityd_client/ssclient.h>
	34	#include <security_cdsa_client/cspclient.h>
	35
	36
	37	class SDCSPDLPlugin;
	38	class SDFactory;
	39	class SDKey;
	40
	41	class SDCSPSession : public CSPFullPluginSession
	42	{
	43	public:
	44	SDCSPDLSession &mSDCSPDLSession;
	45	SDFactory &mSDFactory;
	46	CssmClient::CSP &mRawCsp;
	47
	48	SDCSPSession(CSSM_MODULE_HANDLE handle,
	49	SDCSPDLPlugin &plug,
	50	const CSSM_VERSION &version,
	51	uint32 subserviceId,
	52	CSSM_SERVICE_TYPE subserviceType,
	53	CSSM_ATTACH_FLAGS attachFlags,
	54	const CSSM_UPCALLS &upcalls,
	55	SDCSPDLSession &ssCSPDLSession,
	56	CssmClient::CSP &rawCsp);
	57
	58	SecurityServer::ClientSession &clientSession()
	59	{ return mClientSession; }
	60
	61	CSPContext *contextCreate(CSSM_CC_HANDLE handle, const Context &context);
	62	#if 0
	63	void contextUpdate(CSSM_CC_HANDLE handle, const Context &context,
	64	PluginContext *ctx);
	65	void contextDelete(CSSM_CC_HANDLE handle, const Context &context,
	66	PluginContext *ctx);
67	#endif
68
69	void setupContext(CSPContext * &ctx, const Context &context,
70	bool encoding);
71
72	CSSM_DB_HANDLE getDatabase(CSSM_DL_DB_HANDLE *aDLDbHandle);
73	CSSM_DB_HANDLE getDatabase(const Context &context);
74
75	void makeReferenceKey(SecurityServer::KeyHandle inKeyHandle,
76	CssmKey &outKey, CSSM_DB_HANDLE inDBHandle,
77	uint32 inKeyAttr, const CssmData *inKeyLabel);
78	SDKey &lookupKey(const CssmKey &inKey);
79
80	void WrapKey(CSSM_CC_HANDLE CCHandle,
81	const Context &Context,
82	const AccessCredentials &AccessCred,
83	const CssmKey &Key,
84	const CssmData *DescriptiveData,
85	CssmKey &WrappedKey,
86	CSSM_PRIVILEGE Privilege);
87	void UnwrapKey(CSSM_CC_HANDLE CCHandle,
88	const Context &Context,
89	const CssmKey *PublicKey,
90	const CssmKey &WrappedKey,
91	uint32 KeyUsage,
92	uint32 KeyAttr,
93	const CssmData *KeyLabel,
94	const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry,
95	CssmKey &UnwrappedKey,
96	CssmData &DescriptiveData,
97	CSSM_PRIVILEGE Privilege);
98	void DeriveKey(CSSM_CC_HANDLE CCHandle,
99	const Context &Context,
100	CssmData &Param,
101	uint32 KeyUsage,
102	uint32 KeyAttr,
103	const CssmData *KeyLabel,
104	const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry,
105	CssmKey &DerivedKey);
106	void GenerateKey(CSSM_CC_HANDLE ccHandle,
107	const Context &context,
108	uint32 keyUsage,
109	uint32 keyAttr,
110	const CssmData *keyLabel,
111	const CSSM_RESOURCE_CONTROL_CONTEXT *credAndAclEntry,
112	CssmKey &key,
113	CSSM_PRIVILEGE privilege);
114	void GenerateKeyPair(CSSM_CC_HANDLE ccHandle,
115	const Context &context,
116	uint32 publicKeyUsage,
117	uint32 publicKeyAttr,
118	const CssmData *publicKeyLabel,
119	CssmKey &publicKey,
120	uint32 privateKeyUsage,
121	uint32 privateKeyAttr,
122	const CssmData *privateKeyLabel,
123	const CSSM_RESOURCE_CONTROL_CONTEXT *credAndAclEntry,
124	CssmKey &privateKey,
125	CSSM_PRIVILEGE privilege);
126	void ObtainPrivateKeyFromPublicKey(const CssmKey &PublicKey,
127	CssmKey &PrivateKey);
128	void QueryKeySizeInBits(CSSM_CC_HANDLE CCHandle,
129	const Context &Context,
130	const CssmKey &Key,
131	CSSM_KEY_SIZE &KeySize);
132	void FreeKey(const AccessCredentials *AccessCred,
133	CssmKey &key, CSSM_BOOL Delete);
134	void GenerateRandom(CSSM_CC_HANDLE ccHandle,
135	const Context &context,
136	CssmData &randomNumber);
137	void Login(const AccessCredentials &AccessCred,
138	const CssmData *LoginName,
139	const void *Reserved);
140	void Logout();
141	void VerifyDevice(const CssmData &DeviceCert);
142	void GetOperationalStatistics(CSPOperationalStatistics &statistics);
143	void RetrieveCounter(CssmData &Counter);
144	void RetrieveUniqueId(CssmData &UniqueID);
145	void GetTimeValue(CSSM_ALGORITHMS TimeAlgorithm, CssmData &TimeData);
146	void GetKeyOwner(const CssmKey &Key,
147	CSSM_ACL_OWNER_PROTOTYPE &Owner);
148	void ChangeKeyOwner(const AccessCredentials &AccessCred,
149	const CssmKey &Key,
150	const CSSM_ACL_OWNER_PROTOTYPE &NewOwner);
151	void GetKeyAcl(const CssmKey &Key,
152	const CSSM_STRING *SelectionTag,
153	uint32 &NumberOfAclInfos,
154	CSSM_ACL_ENTRY_INFO_PTR &AclInfos);
155	void ChangeKeyAcl(const AccessCredentials &AccessCred,
156	const CSSM_ACL_EDIT &AclEdit,
157	const CssmKey &Key);
158	void GetLoginOwner(CSSM_ACL_OWNER_PROTOTYPE &Owner);
159	void ChangeLoginOwner(const AccessCredentials &AccessCred,
160	const CSSM_ACL_OWNER_PROTOTYPE &NewOwner);
161	void GetLoginAcl(const CSSM_STRING *SelectionTag,
162	uint32 &NumberOfAclInfos,
163	CSSM_ACL_ENTRY_INFO_PTR &AclInfos);
164	void ChangeLoginAcl(const AccessCredentials &AccessCred,
165	const CSSM_ACL_EDIT &AclEdit);
166	void PassThrough(CSSM_CC_HANDLE CCHandle,
167	const Context &Context,
168	uint32 PassThroughId,
169	const void *InData,
170	void **OutData);
171	private:
172	/* Validate requested key attr flags for newly generated keys */
173	void validateKeyAttr(uint32 reqKeyAttr);
174
175	SecurityServer::ClientSession mClientSession;
176	};
177
178
179	#endif // _H_SDCSPSESSION