OSX/libsecurity_apple_cspdl/lib/SSContext.h

   1 /*
   2  * Copyright (c) 2000-2001,2011-2012,2014 Apple Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18
  19 //
  20 // SSContext.h - Security Server contexts
  21 //
  22 #ifndef _H_SS_CONTEXT
  23 #define _H_SS_CONTEXT
  24
  25 #include <security_cdsa_plugin/CSPsession.h>
  26 #include <securityd_client/ssclient.h>
  27 #include <security_cdsa_utilities/digestobject.h>
  28 #include <security_cdsa_client/cspclient.h>
  29
  30 //
  31 // Parent class for all CSPContexts implemented in this CSP.  Currently the
  32 // only thing we add is a reference to our creator's session.
  33 //
  34 class SSCSPSession;
  35 class SSKey;
  36
  37 class SSContext : public CSPFullPluginSession::CSPContext
  38 {
  39 public:
  40         SSContext(SSCSPSession &session);
  41         ~SSContext() { clearOutBuf(); }
  42         virtual void init(const Context &context, bool encoding);
  43
  44 protected:
  45         SecurityServer::ClientSession &clientSession();
  46         SSCSPSession &mSession;
  47
  48         // mOutBuf provides a holding tank for implied final() operations
  49         // resulting from an outputSize(true, 0). This form of outputSize()
  50         // is understood to only occur just prior to the final() call. To avoid
  51         // an extra RPC (just to perform the outputSize(), most subclasses of
  52         // SSContext actually perform the final() operation at this time,
  53         // storing the result in mOutBuf. At final(), mOutBuf() is just copied
  54         // to the caller's supplied output buffer.
  55         CssmData mOutBuf;
  56
  57         // We remember a pointer to the passed in context and assume it will
  58         // remain a valid from init(), update() all the way though the call to
  59         // final().
  60         const Context *mContext;
  61
  62         void clearOutBuf();
  63         void copyOutBuf(CssmData &out);
  64 };
  65
  66 // context for signature (sign and verify)
  67 class SSSignatureContext : public SSContext
  68 {
  69 public:
  70         SSSignatureContext(SSCSPSession &session);
  71         ~SSSignatureContext();
  72         virtual void init(const Context &context, bool signing);
  73         virtual void update(const CssmData &data);
  74         virtual size_t outputSize(bool final, size_t inSize);
  75
  76         /* sign */
  77         void sign(CssmData &sig);
  78         virtual void final(CssmData &out);
  79
  80         /* verify */
  81         virtual void final(const CssmData &in);
  82
  83         /* for raw sign/verify - optionally called after init */
  84         virtual void setDigestAlgorithm(CSSM_ALGORITHMS digestAlg);
  85
  86 private:
  87         /* stash the context's key for final sign/verify */
  88         SecurityServer::KeyHandle mKeyHandle;
  89
  90         /* alg-dependent, calculated at init time */
  91         CSSM_ALGORITHMS mSigAlg;                // raw signature alg
  92         CSSM_ALGORITHMS mDigestAlg;             // digest
  93
  94         /* exactly one of these is used to collect updates */
  95         NullDigest                      *mNullDigest;
  96         CssmClient::Digest      *mDigest;
  97 };
  98
  99 // Context for GenerateRandom operations
 100 class SSRandomContext : public SSContext
 101 {
 102 public:
 103         SSRandomContext(SSCSPSession &session);
 104         virtual void init(const Context &context, bool);
 105         virtual size_t outputSize(bool final, size_t inSize);
 106         virtual void final(CssmData &out);
 107
 108 private:
 109         uint32 mOutSize;                // spec'd in context at init() time
 110 };
 111
 112 // Context for Encrypt and Decrypt operations
 113 class SSCryptContext : public SSContext
 114 {
 115 public:
 116         SSCryptContext(SSCSPSession &session);
 117         ~SSCryptContext();
 118         virtual void init(const Context &context, bool encoding);
 119         virtual size_t inputSize(size_t outSize);
 120         virtual size_t outputSize(bool final, size_t inSize);
 121         virtual void minimumProgress(size_t &in, size_t &out);
 122         virtual void update(void *inp, size_t &inSize, void *outp,
 123                                                 size_t &outSize);
 124         virtual void final(CssmData &out);
 125
 126 private:
 127         SecurityServer::KeyHandle mKeyHandle;
 128         NullDigest mNullDigest;                                         // accumulator
 129 };
 130
 131 // Digest, using raw CSP
 132 class SSDigestContext : public SSContext
 133 {
 134 public:
 135         SSDigestContext(SSCSPSession &session);
 136         ~SSDigestContext();
 137         virtual void init(const Context &context, bool);
 138         virtual void update(const CssmData &data);
 139         virtual void final(CssmData &out);
 140         virtual size_t outputSize(bool final, size_t inSize);
 141
 142 private:
 143         CssmClient::Digest *mDigest;
 144 };
 145
 146 // common class for MAC generate, verify
 147 class SSMACContext : public SSContext
 148 {
 149 public:
 150         SSMACContext(SSCSPSession &session);
 151         virtual void init(const Context &context, bool);
 152         virtual void update(const CssmData &data);
 153         virtual size_t outputSize(bool final, size_t inSize);
 154
 155         /* sign */
 156         void genMac(CssmData &mac);
 157         virtual void final(CssmData &out);
 158         /* verify */
 159         virtual void final(const CssmData &in);
 160
 161 private:
 162         SecurityServer::KeyHandle mKeyHandle;
 163         NullDigest mNullDigest;                                 // accumulator
 164 };
 165
 166
 167 #endif // _H_SS_CONTEXT