]> git.saurik.com Git - apple/security.git/blob - AppleX509CL/AppleX509CLSession.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-30.1.tar.gz
[apple/security.git] / AppleX509CL / AppleX509CLSession.h
1 /*
2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 //
20 // AppleX509CLSession.h - general CL session functions.
21 //
22 #ifndef _H_APPLEX509CLSESSION
23 #define _H_APPLEX509CLSESSION
24
25 #include <Security/CLsession.h>
26 #include "CLCachedEntry.h"
27 #include "DecodedCert.h"
28 #include "LockedMap.h"
29 #include <Security/threading.h>
30
31 class AppleX509CLSession : public CLPluginSession {
32
33 public:
34
35 AppleX509CLSession(
36 CSSM_MODULE_HANDLE theHandle,
37 CssmPlugin &plug,
38 const CSSM_VERSION &version,
39 uint32 subserviceId,
40 CSSM_SERVICE_TYPE subserviceType,
41 CSSM_ATTACH_FLAGS attachFlags,
42 const CSSM_UPCALLS &upcalls);
43
44 ~AppleX509CLSession();
45
46 // ====================================================================
47 // Cert Interpretation
48 // ====================================================================
49
50 void CertDescribeFormat(
51 uint32 &NumberOfFields,
52 CSSM_OID_PTR &OidList);
53
54 // Non-cached
55
56 void CertGetAllFields(
57 const CssmData &Cert,
58 uint32 &NumberOfFields,
59 CSSM_FIELD_PTR &CertFields);
60
61 CSSM_HANDLE CertGetFirstFieldValue(
62 const CssmData &Cert,
63 const CssmData &CertField,
64 uint32 &NumberOfMatchedFields,
65 CSSM_DATA_PTR &Value);
66
67 bool CertGetNextFieldValue(
68 CSSM_HANDLE ResultsHandle,
69 CSSM_DATA_PTR &Value);
70
71
72 // Cached
73
74 void CertCache(
75 const CssmData &Cert,
76 CSSM_HANDLE &CertHandle);
77
78 CSSM_HANDLE CertGetFirstCachedFieldValue(
79 CSSM_HANDLE CertHandle,
80 const CssmData &CertField,
81 uint32 &NumberOfMatchedFields,
82 CSSM_DATA_PTR &Value);
83
84 bool CertGetNextCachedFieldValue(
85 CSSM_HANDLE ResultsHandle,
86 CSSM_DATA_PTR &Value);
87
88 void CertAbortCache(
89 CSSM_HANDLE CertHandle);
90
91 void CertAbortQuery(
92 CSSM_HANDLE ResultsHandle);
93
94
95
96 // Templates
97
98 void CertCreateTemplate(
99 uint32 NumberOfFields,
100 const CSSM_FIELD CertFields[],
101 CssmData &CertTemplate);
102
103 void CertGetAllTemplateFields(
104 const CssmData &CertTemplate,
105 uint32 &NumberOfFields,
106 CSSM_FIELD_PTR &CertFields);
107
108
109 // Memory
110
111 void FreeFields(
112 uint32 NumberOfFields,
113 CSSM_FIELD_PTR &FieldArray);
114 void FreeFieldValue(
115 const CssmData &CertOrCrlOid,
116 CssmData *Value);
117
118 // Key
119
120 void CertGetKeyInfo(
121 const CssmData &Cert,
122 CSSM_KEY_PTR &Key);
123
124 // ====================================================================
125 // CRL Interpretation
126 // ====================================================================
127
128 // Non-cached
129
130 void CrlDescribeFormat(
131 uint32 &NumberOfFields,
132 CSSM_OID_PTR &OidList);
133
134 void CrlGetAllFields(
135 const CssmData &Crl,
136 uint32 &NumberOfCrlFields,
137 CSSM_FIELD_PTR &CrlFields);
138
139 CSSM_HANDLE CrlGetFirstFieldValue(
140 const CssmData &Crl,
141 const CssmData &CrlField,
142 uint32 &NumberOfMatchedFields,
143 CSSM_DATA_PTR &Value);
144
145 bool CrlGetNextFieldValue(
146 CSSM_HANDLE ResultsHandle,
147 CSSM_DATA_PTR &Value);
148
149 void IsCertInCrl(
150 const CssmData &Cert,
151 const CssmData &Crl,
152 CSSM_BOOL &CertFound);
153
154
155 // Cached
156
157 void CrlCache(
158 const CssmData &Crl,
159 CSSM_HANDLE &CrlHandle);
160
161 void CrlGetAllCachedRecordFields(CSSM_HANDLE CrlHandle,
162 const CssmData &CrlRecordIndex,
163 uint32 &NumberOfFields,
164 CSSM_FIELD_PTR &CrlFields);
165
166 CSSM_HANDLE CrlGetFirstCachedFieldValue(
167 CSSM_HANDLE CrlHandle,
168 const CssmData *CrlRecordIndex,
169 const CssmData &CrlField,
170 uint32 &NumberOfMatchedFields,
171 CSSM_DATA_PTR &Value);
172
173 bool CrlGetNextCachedFieldValue(
174 CSSM_HANDLE ResultsHandle,
175 CSSM_DATA_PTR &Value);
176
177 void IsCertInCachedCrl(
178 const CssmData &Cert,
179 CSSM_HANDLE CrlHandle,
180 CSSM_BOOL &CertFound,
181 CssmData &CrlRecordIndex);
182
183 void CrlAbortCache(
184 CSSM_HANDLE CrlHandle);
185
186 void CrlAbortQuery(
187 CSSM_HANDLE ResultsHandle);
188
189
190 // Template
191
192 void CrlCreateTemplate(
193 uint32 NumberOfFields,
194 const CSSM_FIELD *CrlTemplate,
195 CssmData &NewCrl);
196
197 void CrlSetFields(
198 uint32 NumberOfFields,
199 const CSSM_FIELD *CrlTemplate,
200 const CssmData &OldCrl,
201 CssmData &ModifiedCrl);
202
203 void CrlAddCert(
204 CSSM_CC_HANDLE CCHandle,
205 const CssmData &Cert,
206 uint32 NumberOfFields,
207 const CSSM_FIELD CrlEntryFields[],
208 const CssmData &OldCrl,
209 CssmData &NewCrl);
210
211 void CrlRemoveCert(
212 const CssmData &Cert,
213 const CssmData &OldCrl,
214 CssmData &NewCrl);
215
216 // ====================================================================
217 // Verify/Sign
218 // ====================================================================
219
220 // Certs
221
222 void CertVerifyWithKey(
223 CSSM_CC_HANDLE CCHandle,
224 const CssmData &CertToBeVerified);
225
226 void CertVerify(
227 CSSM_CC_HANDLE CCHandle,
228 const CssmData &CertToBeVerified,
229 const CssmData *SignerCert,
230 const CSSM_FIELD *VerifyScope,
231 uint32 ScopeSize);
232
233 void CertSign(
234 CSSM_CC_HANDLE CCHandle,
235 const CssmData &CertTemplate,
236 const CSSM_FIELD *SignScope,
237 uint32 ScopeSize,
238 CssmData &SignedCert);
239
240 // Cert Groups
241
242 void CertGroupFromVerifiedBundle(
243 CSSM_CC_HANDLE CCHandle,
244 const CSSM_CERT_BUNDLE &CertBundle,
245 const CssmData *SignerCert,
246 CSSM_CERTGROUP_PTR &CertGroup);
247
248 void CertGroupToSignedBundle(
249 CSSM_CC_HANDLE CCHandle,
250 const CSSM_CERTGROUP &CertGroupToBundle,
251 const CSSM_CERT_BUNDLE_HEADER *BundleInfo,
252 CssmData &SignedBundle);
253
254 // CRLs
255
256 void CrlVerifyWithKey(
257 CSSM_CC_HANDLE CCHandle,
258 const CssmData &CrlToBeVerified);
259
260 void CrlVerify(
261 CSSM_CC_HANDLE CCHandle,
262 const CssmData &CrlToBeVerified,
263 const CssmData &SignerCert,
264 const CSSM_FIELD *VerifyScope,
265 uint32 ScopeSize);
266
267 void CrlSign(
268 CSSM_CC_HANDLE CCHandle,
269 const CssmData &UnsignedCrl,
270 const CSSM_FIELD *SignScope,
271 uint32 ScopeSize,
272 CssmData &SignedCrl);
273
274 // ====================================================================
275 // Module Specific Pass-Through
276 // ====================================================================
277
278 void PassThrough(
279 CSSM_CC_HANDLE CCHandle,
280 uint32 PassThroughId,
281 const void *InputParams,
282 void **OutputParams);
283
284 private:
285 /* routines in Session_Cert.cpp */
286 void getAllParsedCertFields(
287 const DecodedCert &cert,
288 uint32 &NumberOfFields, // RETURNED
289 CSSM_FIELD_PTR &CertFields); // RETURNED
290
291 /* routines in Session_Crypto.cpp */
292 void signData(
293 CSSM_CC_HANDLE ccHand,
294 const CssmData &tbs,
295 CssmOwnedData &sig); // mallocd and returned
296 void verifyData(
297 CSSM_CC_HANDLE ccHand,
298 const CssmData &tbs,
299 const CssmData &sig);
300
301 /*
302 * Maps of cached certs, CRLs, and active queries
303 * This one holds cached certs and CRLs.
304 */
305 LockedMap<CSSM_HANDLE, CLCachedEntry> cacheMap;
306 LockedMap<CSSM_HANDLE, CLQuery> queryMap;
307
308 CLCachedCert *lookupCachedCert(CSSM_HANDLE handle);
309 CLCachedCRL *lookupCachedCRL(CSSM_HANDLE handle);
310 };
311
312 #endif //_H_APPLEX509CLSESSION
mirror of Security