OSX/libsecurity_keychain/lib/KeyItem.h

   1 /*
   2  * Copyright (c) 2002-2011,2013 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 //
  25 // KeyItem.h
  26 //
  27 #ifndef _SECURITY_KEYITEM_H_
  28 #define _SECURITY_KEYITEM_H_
  29
  30 #include <security_keychain/Item.h>
  31 #include <Security/SecKeyPriv.h>
  32
  33 namespace Security
  34 {
  35
  36 namespace KeychainCore
  37 {
  38
  39 class KeyItem : public ItemImpl
  40 {
  41         NOCOPY(KeyItem)
  42 public:
  43         SECCFFUNCTIONS(KeyItem, SecKeyRef, errSecInvalidItemRef, gTypes().KeyItem)
  44
  45         // db item constructor
  46 private:
  47     KeyItem(const Keychain &keychain, const PrimaryKey &primaryKey, const CssmClient::DbUniqueRecord &uniqueId);
  48
  49         // PrimaryKey item constructor
  50     KeyItem(const Keychain &keychain, const PrimaryKey &primaryKey);
  51
  52 public:
  53         static KeyItem* make(const Keychain &keychain, const PrimaryKey &primaryKey, const CssmClient::DbUniqueRecord &uniqueId);
  54         static KeyItem* make(const Keychain &keychain, const PrimaryKey &primaryKey);
  55
  56         KeyItem(KeyItem &keyItem);
  57
  58         KeyItem(const CssmClient::Key &key);
  59
  60     virtual ~KeyItem();
  61
  62         virtual void update();
  63         virtual Item copyTo(const Keychain &keychain, Access *newAccess = NULL);
  64         virtual Item importTo(const Keychain &keychain, Access *newAccess = NULL, SecKeychainAttributeList *attrList = NULL);
  65         virtual void didModify();
  66
  67         CssmClient::SSDbUniqueRecord ssDbUniqueRecord();
  68         CssmClient::Key &key();
  69         CssmClient::CSP csp();
  70
  71         const CSSM_X509_ALGORITHM_IDENTIFIER& algorithmIdentifier();
  72         unsigned int strengthInBits(const CSSM_X509_ALGORITHM_IDENTIFIER *algid);
  73
  74         const AccessCredentials *getCredentials(
  75                 CSSM_ACL_AUTHORIZATION_TAG operation,
  76                 SecCredentialType credentialType);
  77
  78         bool operator == (KeyItem &other);
  79
  80         static void createPair(
  81                 Keychain keychain,
  82         CSSM_ALGORITHMS algorithm,
  83         uint32 keySizeInBits,
  84         CSSM_CC_HANDLE contextHandle,
  85         CSSM_KEYUSE publicKeyUsage,
  86         uint32 publicKeyAttr,
  87         CSSM_KEYUSE privateKeyUsage,
  88         uint32 privateKeyAttr,
  89         SecPointer<Access> initialAccess,
  90         SecPointer<KeyItem> &outPublicKey,
  91         SecPointer<KeyItem> &outPrivateKey);
  92
  93         static void importPair(
  94                 Keychain keychain,
  95                 const CSSM_KEY &publicCssmKey,
  96                 const CSSM_KEY &privateCssmKey,
  97         SecPointer<Access> initialAccess,
  98         SecPointer<KeyItem> &outPublicKey,
  99         SecPointer<KeyItem> &outPrivateKey);
 100
 101         static SecPointer<KeyItem> generate(
 102                 Keychain keychain,
 103                 CSSM_ALGORITHMS algorithm,
 104                 uint32 keySizeInBits,
 105                 CSSM_CC_HANDLE contextHandle,
 106                 CSSM_KEYUSE keyUsage,
 107                 uint32 keyAttr,
 108                 SecPointer<Access> initialAccess);
 109
 110         static SecPointer<KeyItem> generateWithAttributes(
 111                 const SecKeychainAttributeList *attrList,
 112                 Keychain keychain,
 113                 CSSM_ALGORITHMS algorithm,
 114                 uint32 keySizeInBits,
 115                 CSSM_CC_HANDLE contextHandle,
 116                 CSSM_KEYUSE keyUsage,
 117                 uint32 keyAttr,
 118                 SecPointer<Access> initialAccess);
 119
 120         virtual const CssmData &itemID();
 121
 122         void RawSign(SecPadding padding, CSSM_DATA dataToSign, const AccessCredentials *credentials, CSSM_DATA& signedData);
 123         void RawVerify(SecPadding padding, CSSM_DATA dataToVerify, const AccessCredentials *credentials, CSSM_DATA signature);
 124         void Encrypt(SecPadding padding, CSSM_DATA dataToEncrypt, const AccessCredentials *credentials, CSSM_DATA& encryptedData);
 125         void Decrypt(SecPadding padding, CSSM_DATA dataToEncrypt, const AccessCredentials *credentials, CSSM_DATA& encryptedData);
 126
 127         virtual CFHashCode hash();
 128
 129     virtual void setIntegrity(bool force = false);
 130     virtual bool checkIntegrity();
 131
 132     static void modifyUniqueId(Keychain keychain, SSDb ssDb, DbUniqueRecord& uniqueId, DbAttributes& newDbAttributes, CSSM_DB_RECORDTYPE recordType);
 133
 134 protected:
 135         virtual PrimaryKey add(Keychain &keychain);
 136 private:
 137         CssmClient::Key mKey;
 138         const CSSM_X509_ALGORITHM_IDENTIFIER *algid;
 139         CssmAutoData mPubKeyHash;
 140 };
 141
 142 } // end namespace KeychainCore
 143
 144 } // end namespace Security
 145
 146 #endif // !_SECURITY_KEYITEM_H_