Security/libsecurity_sd_cspdl/lib/SDCSPSession.h

   1 /*
   2  * Copyright (c) 2004,2011,2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 //
  26 // SDDLSession.h - CSP session for security server CSP/DL.
  27 //
  28 #ifndef _H_SDCSPSESSION
  29 #define _H_SDCSPSESSION
  30
  31 #include "SDCSPDLSession.h"
  32
  33 #include <securityd_client/ssclient.h>
  34 #include <security_cdsa_client/cspclient.h>
  35
  36
  37 class SDCSPDLPlugin;
  38 class SDFactory;
  39 class SDKey;
  40
  41 class SDCSPSession : public CSPFullPluginSession
  42 {
  43 public:
  44         SDCSPDLSession &mSDCSPDLSession;
  45         SDFactory &mSDFactory;
  46         CssmClient::CSP &mRawCsp;
  47
  48         SDCSPSession(CSSM_MODULE_HANDLE handle,
  49                                  SDCSPDLPlugin &plug,
  50                                  const CSSM_VERSION &version,
  51                                  uint32 subserviceId,
  52                                  CSSM_SERVICE_TYPE subserviceType,
  53                                  CSSM_ATTACH_FLAGS attachFlags,
  54                                  const CSSM_UPCALLS &upcalls,
  55                                  SDCSPDLSession &ssCSPDLSession,
  56                                  CssmClient::CSP &rawCsp);
  57
  58         SecurityServer::ClientSession &clientSession()
  59         { return mClientSession; }
  60
  61         CSPContext *contextCreate(CSSM_CC_HANDLE handle, const Context &context);
  62 #if 0
  63         void contextUpdate(CSSM_CC_HANDLE handle, const Context &context,
  64                                            PluginContext *ctx);
  65         void contextDelete(CSSM_CC_HANDLE handle, const Context &context,
  66                                            PluginContext *ctx);
  67 #endif
  68
  69         void setupContext(CSPContext * &ctx, const Context &context,
  70                                           bool encoding);
  71
  72         CSSM_DB_HANDLE getDatabase(CSSM_DL_DB_HANDLE *aDLDbHandle);
  73         CSSM_DB_HANDLE getDatabase(const Context &context);
  74
  75         void makeReferenceKey(SecurityServer::KeyHandle inKeyHandle,
  76                                                   CssmKey &outKey, CSSM_DB_HANDLE inDBHandle,
  77                                                   uint32 inKeyAttr, const CssmData *inKeyLabel);
  78         SDKey &lookupKey(const CssmKey &inKey);
  79
  80         void WrapKey(CSSM_CC_HANDLE CCHandle,
  81                                 const Context &Context,
  82                                 const AccessCredentials &AccessCred,
  83                                 const CssmKey &Key,
  84                                 const CssmData *DescriptiveData,
  85                                 CssmKey &WrappedKey,
  86                                 CSSM_PRIVILEGE Privilege);
  87         void UnwrapKey(CSSM_CC_HANDLE CCHandle,
  88                                 const Context &Context,
  89                                 const CssmKey *PublicKey,
  90                                 const CssmKey &WrappedKey,
  91                                 uint32 KeyUsage,
  92                                 uint32 KeyAttr,
  93                                 const CssmData *KeyLabel,
  94                                 const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry,
  95                                 CssmKey &UnwrappedKey,
  96                                 CssmData &DescriptiveData,
  97                                 CSSM_PRIVILEGE Privilege);
  98         void DeriveKey(CSSM_CC_HANDLE CCHandle,
  99                                 const Context &Context,
 100                                 CssmData &Param,
 101                                 uint32 KeyUsage,
 102                                 uint32 KeyAttr,
 103                                 const CssmData *KeyLabel,
 104                                 const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry,
 105                                 CssmKey &DerivedKey);
 106         void GenerateKey(CSSM_CC_HANDLE ccHandle,
 107                                         const Context &context,
 108                                         uint32 keyUsage,
 109                                         uint32 keyAttr,
 110                                         const CssmData *keyLabel,
 111                                         const CSSM_RESOURCE_CONTROL_CONTEXT *credAndAclEntry,
 112                                         CssmKey &key,
 113                                         CSSM_PRIVILEGE privilege);
 114         void GenerateKeyPair(CSSM_CC_HANDLE ccHandle,
 115                                                 const Context &context,
 116                                                 uint32 publicKeyUsage,
 117                                                 uint32 publicKeyAttr,
 118                                                 const CssmData *publicKeyLabel,
 119                                                 CssmKey &publicKey,
 120                                                 uint32 privateKeyUsage,
 121                                                 uint32 privateKeyAttr,
 122                                                 const CssmData *privateKeyLabel,
 123                                                 const CSSM_RESOURCE_CONTROL_CONTEXT *credAndAclEntry,
 124                                                 CssmKey &privateKey,
 125                                                 CSSM_PRIVILEGE privilege);
 126         void ObtainPrivateKeyFromPublicKey(const CssmKey &PublicKey,
 127                                                                         CssmKey &PrivateKey);
 128         void QueryKeySizeInBits(CSSM_CC_HANDLE CCHandle,
 129                                                         const Context &Context,
 130                                                         const CssmKey &Key,
 131                                                         CSSM_KEY_SIZE &KeySize);
 132         void FreeKey(const AccessCredentials *AccessCred,
 133                                 CssmKey &key, CSSM_BOOL Delete);
 134         void GenerateRandom(CSSM_CC_HANDLE ccHandle,
 135                                                 const Context &context,
 136                                                 CssmData &randomNumber);
 137         void Login(const AccessCredentials &AccessCred,
 138                         const CssmData *LoginName,
 139                         const void *Reserved);
 140         void Logout();
 141         void VerifyDevice(const CssmData &DeviceCert);
 142         void GetOperationalStatistics(CSPOperationalStatistics &statistics);
 143         void RetrieveCounter(CssmData &Counter);
 144         void RetrieveUniqueId(CssmData &UniqueID);
 145         void GetTimeValue(CSSM_ALGORITHMS TimeAlgorithm, CssmData &TimeData);
 146         void GetKeyOwner(const CssmKey &Key,
 147                                         CSSM_ACL_OWNER_PROTOTYPE &Owner);
 148         void ChangeKeyOwner(const AccessCredentials &AccessCred,
 149                                                 const CssmKey &Key,
 150                                                 const CSSM_ACL_OWNER_PROTOTYPE &NewOwner);
 151         void GetKeyAcl(const CssmKey &Key,
 152                                         const CSSM_STRING *SelectionTag,
 153                                         uint32 &NumberOfAclInfos,
 154                                         CSSM_ACL_ENTRY_INFO_PTR &AclInfos);
 155         void ChangeKeyAcl(const AccessCredentials &AccessCred,
 156                                         const CSSM_ACL_EDIT &AclEdit,
 157                                         const CssmKey &Key);
 158         void GetLoginOwner(CSSM_ACL_OWNER_PROTOTYPE &Owner);
 159         void ChangeLoginOwner(const AccessCredentials &AccessCred,
 160                                                 const CSSM_ACL_OWNER_PROTOTYPE &NewOwner);
 161         void GetLoginAcl(const CSSM_STRING *SelectionTag,
 162                                         uint32 &NumberOfAclInfos,
 163                                         CSSM_ACL_ENTRY_INFO_PTR &AclInfos);
 164         void ChangeLoginAcl(const AccessCredentials &AccessCred,
 165                                                 const CSSM_ACL_EDIT &AclEdit);
 166         void PassThrough(CSSM_CC_HANDLE CCHandle,
 167                                         const Context &Context,
 168                                         uint32 PassThroughId,
 169                                         const void *InData,
 170                                         void **OutData);
 171 private:
 172         /* Validate requested key attr flags for newly generated keys */
 173         void validateKeyAttr(uint32 reqKeyAttr);
 174
 175         SecurityServer::ClientSession mClientSession;
 176 };
 177
 178
 179 #endif // _H_SDCSPSESSION