OSX/libsecurity_cdsa_client/lib/wrapkey.h

   1 /*
   2  * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18
  19 //
  20 // wrapkey - client interface for wrapping and unwrapping keys
  21 //
  22 #ifndef _H_CDSA_CLIENT_WRAPKEY
  23 #define _H_CDSA_CLIENT_WRAPKEY  1
  24
  25 #include <security_cdsa_client/cspclient.h>
  26 #include <security_cdsa_client/cryptoclient.h>
  27 #include <security_cdsa_client/keyclient.h>
  28
  29
  30 namespace Security {
  31 namespace CssmClient {
  32
  33
  34 //
  35 // Wrap a key
  36 //
  37 class WrapKey : public Crypt {
  38 public:
  39         WrapKey(const CSP &csp, CSSM_ALGORITHMS alg) :
  40                 Crypt(csp, alg), mWrappedKeyFormat(CSSM_KEYBLOB_WRAPPED_FORMAT_NONE) {}
  41
  42 public:
  43         CSSM_KEYBLOB_FORMAT wrappedKeyFormat() const { return mWrappedKeyFormat; }
  44         void wrappedKeyFormat(CSSM_KEYBLOB_FORMAT wrappedKeyFormat)
  45         { mWrappedKeyFormat = wrappedKeyFormat; set(CSSM_ATTRIBUTE_WRAPPED_KEY_FORMAT, wrappedKeyFormat); }
  46
  47         // wrap the key
  48         Key operator () (Key &keyToBeWrapped, const CssmData *descriptiveData = NULL);
  49         void operator () (const CssmKey &keyToBeWrapped, CssmKey &wrappedKey,
  50                                           const CssmData *descriptiveData = NULL);
  51
  52 protected:
  53         void activate();
  54
  55 private:
  56         CSSM_KEYBLOB_FORMAT mWrappedKeyFormat;
  57 };
  58
  59
  60 //
  61 // Unwrap a key. This creates a new key object
  62 //
  63 class UnwrapKey : public Crypt, public RccBearer {
  64 public:
  65         UnwrapKey(const CSP &csp, CSSM_ALGORITHMS alg) : Crypt(csp, alg) {}
  66
  67 public:
  68         // wrap the key
  69         Key operator () (const CssmKey &keyToBeUnwrapped, const KeySpec &spec);
  70         void operator () (const CssmKey &keyToBeUnwrapped, const KeySpec &spec,
  71                                           CssmKey &unwrappedKey);
  72
  73         Key operator () (const CssmKey &keyToBeUnwrapped, const KeySpec &spec,
  74                                          Key &optionalPublicKey);
  75         void operator () (const CssmKey &keyToBeUnwrapped, const KeySpec &spec,
  76                                           CssmKey &unwrappedKey, const CssmKey *optionalPublicKey);
  77
  78         Key operator () (const CssmKey &keyToBeUnwrapped, const KeySpec &spec,
  79                                          CssmData *descriptiveData);
  80         void operator () (const CssmKey &keyToBeUnwrapped, const KeySpec &spec,
  81                                           CssmKey &unwrappedKey, CssmData *descriptiveData);
  82
  83         Key operator () (const CssmKey &keyToBeUnwrapped, const KeySpec &spec,
  84                                          const Key &optionalPublicKey, CssmData *descriptiveData);
  85         void operator () (const CssmKey &keyToBeUnwrapped, const KeySpec &spec,
  86                                           CssmKey &unwrappedKey, CssmData *descriptiveData,
  87                                           const CssmKey *optionalPublicKey);
  88 };
  89
  90
  91 //
  92 // Derive a key in various and wonderous ways. Creates a new key object.
  93 //
  94 class DeriveKey : public Crypt, public RccBearer {
  95 public:
  96         DeriveKey(const CSP &csp, CSSM_ALGORITHMS alg, CSSM_ALGORITHMS target, uint32 size = 0)
  97     : Crypt(csp, alg), mKeySize(size), mTargetType(target), mIterationCount(0),
  98       mSeed(NULL), mSalt(NULL) { }
  99
 100 public:
 101     CSSM_ALGORITHMS targetType() const { return mTargetType; }
 102     void targetType(CSSM_ALGORITHMS alg) { mTargetType = alg; }
 103     uint32 iterationCount() const               { return mIterationCount; }
 104     void iterationCount(uint32 c)               { mIterationCount = c; }
 105     const CssmCryptoData seed() const   { return *mSeed; }
 106     void seed(const CssmCryptoData &data) { mSeed = &data; }
 107     const CssmData salt() const                 { return *mSalt; }
 108     void salt(const CssmData &data)             { mSalt = &data; }
 109
 110         Key operator () (CssmData *param, const KeySpec &spec);
 111         void operator () (CssmData *param, const KeySpec &spec,
 112                                           CssmKey &derivedKey);
 113
 114     void activate();
 115
 116 private:
 117         uint32 mKeySize;
 118     CSSM_ALGORITHMS mTargetType;
 119     uint32 mIterationCount;
 120     const CssmCryptoData *mSeed;
 121     const CssmData *mSalt;
 122 };
 123
 124 } // end namespace CssmClient
 125 } // end namespace Security
 126
 127 #endif // _H_CDSA_CLIENT_WRAPKEY