[apple/security.git] / securityd / src / tokenkey.cpp

/*
 * Copyright (c) 2004,2008 Apple Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */


//
// tokenkey - remote reference key on an attached hardware token
//
#include "tokenkey.h"
#include "tokendatabase.h"


//
// Construct a TokenKey from a reference handle and key header
//
TokenKey::TokenKey(TokenDatabase &db, KeyHandle tokenKey, const CssmKey::Header &hdr)
	: Key(db), mKey(tokenKey), mHeader(hdr)
{
	db.addReference(*this);
}


//
// Destruction of a TokenKey releases the reference from tokend
//
TokenKey::~TokenKey()
{
	try {
		database().token().tokend().releaseKey(mKey);
	} catch (...) {
		secdebug("tokendb", "%p release key handle %u threw (ignored)",
			this, mKey);
	}
}


//
// Links through the object mesh
//
TokenDatabase &TokenKey::database() const
{
	return referent<TokenDatabase>();
}

Token &TokenKey::token()
{
	return database().token();
}

GenericHandle TokenKey::tokenHandle() const
{
	return mKey;	// tokend-side handle
}


//
// Canonical external attributes (taken directly from the key header)
//
CSSM_KEYATTR_FLAGS TokenKey::attributes()
{
	return mHeader.attributes();
}


//
// Return-to-caller processing (trivial in this case)
//
void TokenKey::returnKey(Handle &h, CssmKey::Header &hdr)
{
	h = this->handle();
	hdr = mHeader;
}


//
// We're a key (duh)
//
AclKind TokenKey::aclKind() const
{
	return keyAcl;
}


//
// Right now, key ACLs are at the process level
//
SecurityServerAcl &TokenKey::acl()
{
	return *this;
}


//
// The related database is, naturally enough, the TokenDatabase we're in
//
Database *TokenKey::relatedDatabase()
{
	return &database();
}


//
// Generate the canonical key digest.
// This is not currently supported through tokend. If we need it,
// we'll have to force unlock and fake it (in tokend, most likely).
//
const CssmData &TokenKey::canonicalDigest()
{
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}
Commit	Line	Data
d8f41ccd A	1	/*
	2	* Copyright (c) 2004,2008 Apple Inc. All Rights Reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23
	24
	25	//
	26	// tokenkey - remote reference key on an attached hardware token
	27	//
	28	#include "tokenkey.h"
	29	#include "tokendatabase.h"
	30
	31
	32	//
	33	// Construct a TokenKey from a reference handle and key header
	34	//
	35	TokenKey::TokenKey(TokenDatabase &db, KeyHandle tokenKey, const CssmKey::Header &hdr)
	36	: Key(db), mKey(tokenKey), mHeader(hdr)
	37	{
	38	db.addReference(*this);
	39	}
	40
	41
	42	//
	43	// Destruction of a TokenKey releases the reference from tokend
	44	//
	45	TokenKey::~TokenKey()
	46	{
	47	try {
	48	database().token().tokend().releaseKey(mKey);
	49	} catch (...) {
	50	secdebug("tokendb", "%p release key handle %u threw (ignored)",
	51	this, mKey);
	52	}
	53	}
	54
	55
	56	//
	57	// Links through the object mesh
	58	//
	59	TokenDatabase &TokenKey::database() const
	60	{
	61	return referent<TokenDatabase>();
	62	}
	63
	64	Token &TokenKey::token()
65	{
66	return database().token();
67	}
68
69	GenericHandle TokenKey::tokenHandle() const
70	{
71	return mKey; // tokend-side handle
72	}
73
74
75	//
76	// Canonical external attributes (taken directly from the key header)
77	//
78	CSSM_KEYATTR_FLAGS TokenKey::attributes()
79	{
80	return mHeader.attributes();
81	}
82
83
84	//
85	// Return-to-caller processing (trivial in this case)
86	//
87	void TokenKey::returnKey(Handle &h, CssmKey::Header &hdr)
88	{
89	h = this->handle();
90	hdr = mHeader;
91	}
92
93
94	//
95	// We're a key (duh)
96	//
97	AclKind TokenKey::aclKind() const
98	{
99	return keyAcl;
100	}
101
102
103	//
104	// Right now, key ACLs are at the process level
105	//
106	SecurityServerAcl &TokenKey::acl()
107	{
108	return *this;
109	}
110
111
112	//
113	// The related database is, naturally enough, the TokenDatabase we're in
114	//
115	Database *TokenKey::relatedDatabase()
116	{
117	return &database();
118	}
119
120
121	//
122	// Generate the canonical key digest.
123	// This is not currently supported through tokend. If we need it,
124	// we'll have to force unlock and fake it (in tokend, most likely).
125	//
126	const CssmData &TokenKey::canonicalDigest()
127	{
128	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
129	}